What is the “API of Me”?
When you think about browsing the web on your computer, tablet, or mobile device, you undoubtedly think about the ads presented to you, the information stored by companies whose websites you visit, and the other information they might know about you. If you are are particularly privacy-conscious, you make take additional measures to mitigate the tracking and categorizing of your online activity, or “digital exhaust” in addition to the explicit places you visit.
This tracking presents opportunities and disadvantages for all consumers, and particular benefit or detriment depending upon the consumer involved. If you are a frequent visitor to an outdoor products site that sells skiing equipment and you also visit a ski resort web site, you might not mind seeing an advertisement or a special offer to purchase sporting equipment. If you research a mental health issue that you didn’t wish to share with others, you might be shocked to see relevant content to your search show up in your search results on Facebook. Yet both of those scenarios are technologically possible and increasingly in use as you peruse the Internet from many sources. Add to that data the ability to provide additional context from when and where you view these sites, and retailers and others alike already have deep information stores with which to present us with information.
Is there a way to shape the ads you see and protect your data?
So how can you – the “typical” consumer who would like to get more relevant information while maintaining the privacy and security of your information appropriate to your comfort level – regulate what these companies know about you? Some of this information is regulated (the degree to which your wireless provider can track your movements and share data with advertisers) and a lot of this information – especially that which can be correlated and presented using the techniques of “big data” – is much fuzzier.
I believe that we as consumers have a right to control the data we share about and between the services and products we use, and that the economic benefit of using and sharing that information by companies should be more transparent. “The API of Me” is the name I’d like to propose for a system of capturing, sharing, and limiting information about consumers that presupposes the following ideas:
- The current online identity system is hopelessly fragmented and controlled by companies, not consumers.
- Customers and browsers (people who consume media and do not purchase) have a right to know how their information is being used.
- Companies have a right to make money off of this consumption and have a moral obligation to share with customers how their data is being used to make money.
- A system should exist to allow customers to make their preferences known that allows the customer to maintain the repository of choices and information and to provide some, all, or none of that information to companies who ask; the system should also respond similarly whether there is an account or not.
- We all need a service that can expand our existing electronic identity to other future uses and to allow those future uses to learn more about us and to provide better service, more utility, and societal good while minimizing the possibility of “bad actors” to make inappropriate use of that information.
- This idea needs to support an elegant, multi-factor authentication solution that’s as simple as possible, and no simpler.
And why would anyone use this idea?
Why would customers use The API of Me? There are more and more identity services in use today, and as they cross-reference the items we search, our movements, and the items we consume/read/watch, it’s more important than ever to have the ability to selectively publish information without being overwhelmed by a complicated array of privacy controls (have you looked at your Facebook privacy settings recently?)
Some would say that we shouldn’t have such a comprehensive source for individual information because of the danger of having it compromised when the inevitable lousy passwords are used by people who can’t be bothered to secure their personal data locker. Yet the increasing ubiquity of Facebook, Google, and Twitter-based identity systems make it more and more likely that this is a danger anyway. I’m proposing that some smart people determine a well-designed way for the 80% of us who care and want to solve this problem to be able to do so and gain more control over our data.
And why would businesses care about the API of Me? Consumers are social beings who want to have relationships with the businesses they use. They may not actually want to be contacted by those businesses, but they do want to know how and why their information is being used, and some of them even want to have the option of being paid for the use of this information. Businesses can use this knowledge to open up whole new personalized markets that don’t exist today, and better avoid alienating customers who really want to opt out.
The Future: Personal Data and Micro-segmentation
Right, you say, what if everyone opts out? But they won’t. Businesses built more like the Apple App Store, the Zappos shoe-buying experience, the Amazon online store, and the Nordstrom clothing business will thrive with better, more data-driven relationships with customers. And lower-end, logistics-savvy companies like Wal*Mart are already using Big Data in the aggregate to deliver diapers, beer, and other necessities to communities in advance of a forecasted weather event.
The future of micro-segmentation depends upon the consumer being able to self-segment. And whether that desire is to provide as much information as possible in exchange for payment or to opt-out completely, The API of Me gives consumers the ability to specify what data they will share and how they will share it, and companies a reliable near-infinite segmentation that they can use to better serve customers and open new markets.
Information Maven 
The API of Me opens up tons of ways for organizations to reach lucrative markets….
What if I want to provide my secure API profile through a market place, where organizations could find me and market the products or services to me that will want or be the most interested in?
We could specify the frequency, themes, and types of content we are interested in, almost like a dating service. It’s another take on permission marketing. And yes, in most cases we consumers seek information on things we want before we’re marketed to, but not always. And this could also add some powerful ways for organizations to proactively reach consumers with best-practices to get more value with any kind of product or service.
Cool idea Greg!
Greg, I like the idea of the API of Me, but I think you’ve limited it too much by focusing on ads. It’s not about ads (although that might be a small piece of it). It’s about relationships. Why can’t I have a custom relationship with my bank, my car repair shop, etc.? Largely because there’s no good way for me to relate to them. The API of Me solves that problem. It’s not about what ads they can push at me, but what services they can offer just-in-time and exactly what I need to live better. You kind of get there, but by starting with ads and then talking about “consumers” makes it seem very one-sided. Seeing this through the advertising filter limits it unnecessarily.
Phil –
Thanks for the comment! I focused on the idea around ads because it’s already a well-understood place that defines the value of the browser and of the advertiser who’s hoping to find the right kind of buyer to market to (and who will find that contact welcome.)
The idea that you posit – that banks and car repair places and other merchants can offer superior service to you by taking advantage of the API of Me – sounds awesome. I’m not sure yet how these merchants can get there in the short term – my bank (and some of my car repair places) don’t do a great job communicating other than by phone.
So, I agree with you – I would love to have a more customized relationship with any supplier I use – and look forward to improved service. In the meanwhile, what other well-known relationships do you think exist besides “ad/browser” and “visitor/order” that could be improved by this idea of the API of Me?
I’m trying to envision how this would work for non-geeks. Geeks like me understand that I can use my wordpress blog as my identity provider, or create a gravatar profile that exposes certain information, but not all. For everyday people it seems like you need a trusted broker – Facebook, Amazon, or my iPhone to handle requests for access to my personal profile.
Adam –
You’re completely right – what we need is a trusted 3rd party (perhaps a non-profit or other structure) just to manage the identity provision so that it’s as easy as Facebook identity. App.net is one possibility, and seems scary for people because of the subscription fee.
Greg, check out the Respect Network (http://respectnetwork.com/). It’s an entire network of personal clouds based on open standards, each of which offers an “API of me” for an individual, and can also run a new generation of apps that can use that API to provide powerful new value propositions for both individuals and businesses.
Drummond –
Thanks for the tip – how do you anticipate that a network like this will enter the mainstream? I believe that the “average” user is only likely to use an independent identity provider if that provider allows them some form of access to the current platforms people use (e.g. Facebook, Twitter.) In time, they may become open to the idea of another provider, and there has to be a compelling use case that overcomes the inertia of simply using the substitute.