Más contenido relacionado Personagraph Privacy White paper1. © 2013 Personagraph Corporation. All rights reserved. 1
an Intertrust Company
Privacy at a Crossroads
Phone: 1-800-393-2272 / Inquiries: sales@personagraph.com
2. © 2013 Personagraph Corporation. All rights reserved. 2
Privacy at a Crossroads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
The Problem: Technology outpaces social norms on privacy . . . . . . . . . . . . . 2
A Surprising Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
The Personagraph™ Personal Agent: A trusted intermediary . . . . . . . . . . . . . 2
A trusted intermediary who secures personal privacy . . . . . . . . . . . . . . . . . . .3
Curating the Personagraph: the subtleties of privacy . . . . . . . . . . . . . . . . . . . 3
The PA is discrete, careful, and obedient . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
The PA is the key to efficient consumer commerce on the web . . . . . . . . . . 4
Combining the efficiency of the Internet with Privacy . . . . . . . . . . . . . . . . . . . 4
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Contents
With Mobile Computing and the “Internet of Things” becoming a reality, we are
entering a new phase of hyper connectivity as our consumer devices and home
appliances constantly track activities, locations, and events in our physical and
digital lives. In this paper, we examine issues related to privacy and control of the
increasingly detailed intimate information that marketers collect. Specifically, we
consider the question of whether we need to sacrifice our privacy and give up
control of our digital identity to others in order to take full advantage of all the
services the Internet has to offer. We introduce Personagraph™, a new personal
privacy platform that protects our personal information while letting us benefit
from intelligent devices and associated Internet services, putting us in control of
the content, accuracy, and distribution of that information. We discuss how this
technology can enhance these services and make personal information even more
useful without needing to share that personal information with anyone.
Abstract
3. © 2013 Personagraph Corporation. All rights reserved. 3
The age where ubiquitous “smart” objects automatically capture personal
information is upon us. Devices that we carry or wear on our bodies such as mobile
phones, book readers, and exercise monitors, appliances in our homes such as
thermostats, bathroom scales, refrigerators, and light bulbs, and the vehicles we
drive will contain sensors that collect information about our environment and us.
Moreover, this is often without our knowledge. Already, many of us interact with
dozens of networked sensors every day, and soon we will be constantly enveloped
by thousands of them. Typically, these sensors are directly or indirectly connected
to the Public Internet. Intelligent services then dynamically react to events in our
daily lives and influence us and others in social and environmental contexts, As
we enter this new phase of Internet hyper connectivity and these devices invade
our physical and digital spaces, tracking our daily activities, locations, and even
our moods, a permanent database of highly detailed digital footprints is built about
each of us. This can often be helpful, but it can also be disturbing, and at times
potentially harmful and unfairly discriminatory. This information is becoming part of
our digital identity, and that digital identity is converging with our physical identity
and becoming even more important.
In this paper, we focus on three questions:
1. Who controls the flow of information from our personal devices to the
public Internet?
2. How can technology be used to put individual people back into control
and reverse the current trend of privacy destruction?
3. How can all stakeholders (individual people, marketers, service providers,
and content providers) benefit from a new approach to personal information
protection?
In the physical world, societies across diverse cultures have evolved sophisticated
practices over time to protect their privacy. Protective structures and traditions are
missing in the digital world where technology is moving faster than social practices.
Privacy is being declared dead1
without giving much thought to the far-reaching
implications of a world where individuals have no control over how others view
them and treat them. Marketers have confused people’s desire to take advantage of
social connectivity through the Internet with a desire to expose every aspect of their
being to the world. We posit that consumers do appreciate privacy and it is not too
late to erect a secured identity that protects a consumer’s privacy allowing him/her
to take advantage of innovative services.
Introduction
4. © 2013 Personagraph Corporation. All rights reserved. 4
Technology outpaces social norms on privacy
As we traverse the web and carry on our business, we appreciate it when
information is presented to us in a personalized and uncluttered way. It is also
valuable when that information intelligently anticipates our needs and is presented
at the right time, in the right place, and in the right context for us to act on, What
is not constructive is when the information collected on us is completely outside
our control where we don’t know who is tracking us, what information they have
collected, what they are doing with it, and how they are packaging, archiving, and
reproducing it. When we give up our privacy, we give up our control over how others
use that information to influence us and to influence others’ perception of us.
For some time now, “trackers” have been silently collecting information about
us through our web browsing. This has happened outside our control. These
trackers brag that they know more about each of us than anyone, including our
mothers.2
Things are about to get much worse as more web activity moves to
mobile applications and more everyday objects and services we use, become
connected to the web. When these smart objects and applications get the capacity
to permanently remember almost everything about us, and relate what other people
and institutions believe about us, our loss of privacy has greater consequences
than ever. Moreover, those consequences are more profound than imagined by
those who say we should just get over it.1
The eagerness to destroy traditions that
need to be strengthened is not necessarily motivated by a conscious movement
to get rid of privacy or to change our culture. Instead, it is motivated by a desire to
provide us with personalized products and services we may find helpful, but mostly
to aggressively sell us stuff. However, we are being presented with a false choice:
Privacy versus a richer, more useful Internet.
The Problem
Leading technology CEOs have made public statements that in order to take
advantage of new technologies that offer free information, services, and instant
gratification, we have to give up our privacy. But, suppose we do not provide
our information to anyone and we completely disable third-party tracking, would
we then have to necessarily forego the advantages of web-based technology?
The answer is: No! In fact, we have found ways whereby individuals can extract
substantial value from their personal information without sharing any of that info
with anyone. It is not necessary for individuals to reveal their intimate information
for retailers, content and service providers to effectively use private personal
information to ensure relevant and personalized information about their products
and services.
Another surprising finding is that we can construct a much more efficient system
for personal recommendations, personal merchandising, and targeted advertising
when we keep personal information safe, protected, and governed by the individual
consumers whose personal information it is. This innovation in efficiency is a result
of arranging the flow of information and controlling it in a manner similar to how
the Internet itself works, as we explain below. This understanding is applied to the
trusted intermediary technology that Personagraph Corporation has developed.
A Surprising
Discovery
1. Readwrite, Facebook’s Zuckerberg says the Age of Privacy is over, January 9, 2010
2. WSJ series, “What They Know”
5. © 2013 Personagraph Corporation. All rights reserved. 5
A trusted intermediary
The Personagraph™ Personal Agent (PA) is a distributed software component
that works for an individual consumer and is controlled by her. It is a distributed
component because it consists of software that runs on various devices that a
consumer owns and on secure Personagraph servers. The PA system architecture
allows it to be associated with an email address or with a non-personally identifiable
pseudonym.
The PA collects digital footprints but does not share them with anyone. The PA
connects with the Personagraph™ Platform to match attributes derived from the
footprint to find relevant content, advertisements, and merchandise without
revealing any information to third parties. The following section explains the
subtleties of personal privacy and demonstrates how the PA functions as a trusted
intermediary.
A trusted intermediary who secures personal privacy
A trusted intermediary is an agent that stakeholders rely upon to perform certain
actions that benefit them. A Personagraph PA has three classes of stakeholders:
1. The individual consumer whose information the PA protects
2. Marketers who want to inform consumers about their products and services
3. Content providers who provide content that is paid for by advertisers
A PA computes a sophisticated personal profile of a consumer’s interests and
demographics. A consumer can choose to curate and/or enhance his/her personal
profile. The PA matches ads, merchandise, and content based on a consumer’s
interests as reflected in his/her Personagraph.
Example: A PA can run a real-time auction for ad slots in a TV program based on
whether the content providers wants to increase engagement, revenue or both.
The Personagraph platform satisfies all stakeholders’ requirements as follows:
• Protects consumer information and any attributes derived from it
• Never reveals consumer information to any other stakeholder
• Represents a consumer’s preferences and provides an interface to curate
interest inferences
Advertisers, merchandisers, and other recommenders can trust the Personal Agent
to do the following:
• Match their objective to inferences based on a consumer’s profile
• Leverage a partner’s monetization goals in relevant contexts (auctions, ad
relevance, deals, personalized content, etc.)
The
Personagraph™
Personal Agent
6. © 2013 Personagraph Corporation. All rights reserved. 6
The Personagraph platform presents aggregated consumer context and inferences
to partners to measure engagement and interaction. The PA anonymizes a
consumer’s information and eliminates any personally identifiable information, which
might tie an individual’s interaction to his/her identity. For example, a consumer may
choose to watch a free movie from a service provider in exchange for viewing highly
targeted video ads filled by leveraging his/her Personagraph profile. The content
provider generates revenue by leveraging their revenue sharing relationship with
the advertiser. In addition, the micro transaction might even generate a revenue
slice for the consumer, device manufacturer, as well as the movie distributor. The PA
is the intermediary that the actors trust to manage this transaction.
Curating the Personagraph: the subtleties of privacy
Protecting consumer privacy is the core function of the PA. This includes giving a
consumer the ability to control who leverages what personal information, and how
it is used. The PA uses user information to infer interests and demographics, which
can be leveraged by advertisers to target consumers. However, consumers might
not want all their information to be used as fair game for targeted advertising. For
example, if a consumer is an active stock investor and does not want any marketer
targeting her with investment-related opportunities, she can choose to mark the
investment interest as an interest she is not willing to share with partners.
This ability to curate the Personagraph is crucial to the promise of privacy. The PA
provides an easy-to-use interface to curate (add, edit, delete, confirm) inferences.
Partners can choose to leverage interests a consumer declares, or interests that are
inferred. For example: A consumer might have declared an interest to hike on the
weekends, but the personal agent might have not seen any corroborating events to
confirm that interest, an outdoors specialty merchandiser could choose to ignore the
consumer declared interest in favor of targeting people whose PA has inferred that
the individual likes hiking.
The PA is discrete, careful, and obedient
Given permission, a consumer’s PA collects information across location, in-app
usage, clicks, and transaction from their device. Over time and with the right
permission, the PA builds a rich profile resembling a person’s real and digital life.
The PA manages personal privacy by:
• Discarding information not required for making additional inferences (i.e.,
historical location)
• Does not retain information or inferences about which a person may feel
uncomfortable for any reason (a person can delete their profile)
• Stores all information in highly secure but personally controlled environments
• Does not send a person’s information to others
On request, the PA will delete a consumer’s Personagraph: raw information and
every inference derived from it. A consumer can create a new profile from scratch,
and the PA will not leverage any information it learnt from a prior profile. The PA
acts as a discrete agent on behalf of its consumer. It anonymously searches for
information for the consumer, without revealing whose behalf it is doing so.
7. © 2013 Personagraph Corporation. All rights reserved. 7
In order to ensure that consumer information is not accidentally shared or divulged
as a result of malicious attacks on the Personagraph infrastructure, we employ data
security methods and processes that meet the highest commercial standards and
are reviewed by highly experienced security experts. Additionally, Personagraph’s
systems are periodically audited to ensure compliance with privacy and security
policies. Personagraph’s privacy policies are also available at www.personagraph.
com for consumers and privacy experts to examine.
The PA is the key to efficient consumer commerce on the web
Even with sophisticated tools that organizations use to track consumer activities
in web browsers, advertising on the web is much less efficient than it could be.
Today, there is a little personalization as trackers collect consumer clicks on PC
browsers; however, there is a lot of intrusion with relatively little benefit. The
recommendations that sites offer are endless reminders of products that consumers
shopped for, and either already purchased elsewhere, or decided not to buy. In
addition, consumers use multiple devices to browse and shop, a growing number
of which are mobile devices that don’t allow cookies. In contrast, a consumer’s PA
is available on all his/her devices and constantly looks for items of interest to that
individual. It understands how and when to alert the consumer, and how to present
the information in the proper context on their current device. In contrast trackers
extract personal information, control its use, and give consumers no access to that
information. It is time for a whole new approach that helps out everyone: consumers,
advertisers, service providers, and content providers.
Personagraph’s PA approach is more efficient because it works well with other
technologies that make the web more efficient. The PA can be used by services
and applications to find advertising that is most appropriate to a consumer in
their current context (time, place, device, and content or activity being used).
Efficiency is derived from this arrangement of millions of PAs, each operating from
multiple devices, independently providing personalized services. PAs can cache
personalized and contextualized ads for use on many devices, not just the device
where a cookie is stored.
Another aspect of the efficiency of this system is the diversity and decentralization
of methods for determining relevance and for personalizing ads and
recommendations. Personagraph publishes SDKs and APIs on its website to foster
building of a platform which allows third parties to plug in their recommendation
and matching methodologies to rank a consumer preferences in the PA. These
algorithms can be used for auctions as well as for non-competitive relevance
ranking, and effectively makes each PA learn and become smarter over time.
Personagraph further enables a partner to publish and refer to standardized
taxonomies for interests and personal attributes along with ontologies for products
and services. In this way, consumers and partners can make each PA smarter.
8. © 2013 Personagraph Corporation. All rights reserved. 8
Combining the efficiency of the Internet with Privacy
The Internet is efficient because its architecture allows optimal allocation of
communication bandwidth and computational resources. Information can be pulled,
selectively pushed, and broadcast. On the Internet, information sinks can selectively
pull from information sources, and the architecture supports means for identifying
specific sources, narrowing the communication bandwidth needed: information is
pre-filtered at the source but the filter control is at the destination. Personagraph’s
architecture provides support for resource and information identification and
optimally points a consumer’s attention towards relevant information using
information discrimination and bidding techniques. A satisfied consumer is one who
is notified by accurate information when it is relevant and contextual.
Personagraph’s rich knowledge and interest graphs, and its massively distributed,
intelligent methods for inferring contextually relevant information in a personally
protected and controlled manner can provide people with exceptionally
personalized and timely services. These innovations are not yet widely deployed
yet, but given their potential, they have a good chance to replace the current,
less efficient methods that violate consumers’ rights to privacy control over their
information.
The excuse that the Internet cannot support privacy if it is going to efficiently
support commercial consumer activity is not valid. We are at a crossroads where
we can begin to introduce protocols and protective structures for consumer activity
that are much more efficient even as they protect privacy. We believe that now is
the time to make the change, as we hook up a vast, all-encompassing network of
human activity sensors to the Internet. The social implications are clear. The human
race can either evolve into a predominantly passive network of human-nodes with
interfaces that react to stimuli controlled by powerful special interests, or we can
arrange for individuals to maintain real control over their digital identities and allow
them to actively protect the images projected by their online presence.
Conclusion