Finding Customers for VRM Products

From IIW
Jump to: navigation, search

Finding Customers for VRM

Tuesday 1C

Convener: Kevin Cox

Notes-taker(s): Ben Werdmuller

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

One of the most important things is to practice your pitch, on a regular basis, to people outside your space, in order to refine your value proposition.

In VRM at the moment, there's only one sort of customer: the organizations. Individuals are not going to buy at the stage the space is in right now. When organizations have bought in, individuals might.

Organizations will pay, and have the best, most useful data already. They want the personal data they hold to be private. Personal data is closely tied to an organization's bottom line: it is their business. Without it, they're out of business.

Personal data involved in an organization's business is not just the individual's: it's also jointly owned with the business. Both parties can have their own terms for use of that data, which are mutually agreed upon.

Does it work? Yes. Two examples:

Edentiti - Started to make money in late 2008, and is profitable today. Individuals gather information about their own relationships with other entities, and ask those entities to prove that those relationships are valid. Once individuals have done that, they can prove that all their relationships are valid - and can give the result of this process to an organization, who trusts the process and now can trust the individual. Doc Searls says this is called "attestation". Edentiti got into the business by screen scraping third party organization websites in order to prove relationships, which organizations themselves were not prepared to do.

Yodlee - Provides a similar mechanism for proving relationships and identity by screen scraping bank data.

Screen scraping is not a good idea: it violates the principle of jointly agreed terms, and is an unsafe business.

Bridging the dark web might work. Here, you set up an interface to prove relationships with dark web vendors. This is inherently risky for other reasons.

And of course, you can OCR hard copies and PDFs of identity / bank documents.

But: If you give users a view of all their data, and let them make their own connections as part of an easy-to-use dashboard, then the vendor can also see all their organizational data. (Does this violate the personal data ownership principles of VRM?)

When some immigrants enter the country, they have trouble getting credit cards, because they don't have other credit cards to cross-reference with. Banks are interested in mutually sharing information about individuals with the government (eg the immigration department). By creating a public dashboard, and giving the individual the ability to give permission for this information to take place, the individual effectively becomes their own data broker. However, because this is of value to the bank, they effectively become a customer of the VRM vendor.

WelcomeAboard is one such data dashboard. 

Connections are made by content not identity. Pieces of information are syndicated; organizations keep control of the data, as they have liability for leakages. Similar to Digime and Known. Links are made between the copies and the original (again, similar to Known). They're not connected to the central user identity: the data is permanently linked to its other copies.

Communications are made with messages, not sessions. The Internet was meant to work with messages, not circuits. This makes the network more easily scalable.

Access control is set via the applications, not the data. The data is different in different contexts, which are dictated by the applications.

You don't need complicated data structures. Keep it simple. (Similar to the indieweb approach.)

Why do it this way? Kevin says:

  • Organizations will buy.
  • You don't need to make giant changes to existing changes - small pieces are loosely bound.
  • It's more scalable.
  • Doesn't require collaboration or agreement with multiple organizations.
  • Can potentially fit in with work being done by all VRM companies.
  • It's 100% distributed.
  • It removes most perceived legal problems with VRM, because it removes ownership questions, and clarifies ownership.
  • It works best if it's not proprietary.
  • Customers will fund it.

This model gives identity to any thing. And a single model can fit all things. It's simple - in the same way that the indieweb technologies are simple. Applications for specific contexts sit on top of the platform that the model provides. "This gives us a way to put a prefrontal context on the Internet of things!"

You can charge for open source software based on reputation. Banks want to be assured that software they're installing is good software by their definitions: so you sell the most trusted implementation, which happens to be open source. (Known is dubious about this, having found that users confuse "free as in speech" and "free as in beer".)

If you want to sell, the group pointed out, you need to start with the "why". Show people why they should care. Tell them succinctly. Create prototypes, get feedback, and iterate. That's the main way you will get customers: make something that solves a real problem that people will pay for a solution to.