Privacy on the Wireless Web (mCommerce is getting personal) Privacy on the Wireless Web (mCommerce is getting personal) Marc Le Maitre – Nextel Communications 12/6/2000

Taxonomy of Commerce n eCommerce –Performing commercial transactions on the Internet n Wireless eCommerce –Performing the same commercial transactions on the Internet over wireless n mCommerce –Performing commercial transactions on the Internet over wireless using real-time context-sensitive, personalized information such as location, state and intent nState defines the customer’s availability

Why Must mCommerce Get Personal? n Data deals with transmission of bytes n Information is the presentation of data n Knowledge addresses the relationship of information in context of other information n Wisdom is the prediction of knowledge and is learned or “mined” Presentation Context Prediction Data Information Knowledge Wisdom Increasing value and Increasing need for privacy

The Privacy Challenge n The privacy challenge is not primarily a technology issue, not primarily a governance issue but a business issue –Passing too little control to the user will result in low take up users because of trust issues –Passing too much control to the user will result in low take up by business because of inadequate marketing opportunities

Privacy Is Not a Point but a Continuum Don’t tell anyone Tell these people on these terms Advertise it to everyone Never reveal information about me If I request as service or authorize access Give it to anybody, but give me a good deal I’ll pay you to advertise my information

What Does Privacy Mean to Businesses? n It is fundamental to gaining the customer’s trust and building valuable relationships n It will require a re-think in their existing CRM and marketing practices –Access to personal information is increasingly under the control of the customer n The good news is; If businesses address privacy concerns in the right way they will accelerate the delivery of value added services not hold them back

What Businesses Must Do to Exceed the Customer’s Privacy Requirements n Start building a privacy framework now –Consumers are already educated to the threat –Before you are required to do so by law n Ensure that the framework –places the customer in complete control of how their privacy is managed and is… –open –controllable –extensible and flexible –enforceable

Building a Privacy Framework

The Way Privacy Policies Work Today PC Browser or WAP gateway Service provider’s web site Phone User browses to site requiring information or service 2 Site provides hypertext link to a human readable privacy policy 3 User has to manually read the policy in its entirety Human readable privacy policies are not effective. Very few users (less than 0.05% according to a recent survey) actually read the policy and therefore cannot realistically be considered to have given their informed consent to its terms

The Way P3P Policies Will Work PC Browser or WAP gateway Service provider’s web site Phone P3P plug-in module containing user’s privacy preferences 1 User browses to site requiring information or service 2 Site serves the client with its privacy policy 3 Client passes site privacy policy to a P3P plug-in which matches the sites policy with the preferences of the user. 4If site’s policy does not violate user’s preferences the site is displayed as normal. If the site’s policy violates the user’s preferences the user is alerted by the plug-in and can choose their next action 4 P3P requires that the client device be fitted with a dedicated plug-in module to interpret the site’s machine- readable privacy policy. Once personalized, this plug-in module is only available on the device in which it is installed and cannot be moved to other devices, that is to say a user’s privacy preferences do not follow them

What is Missing From P3P? n Negotiation when privacy terms are at variance n Signed copies of agreed privacy contract n Storage of the resulting contract in the user’s control n Support for bi-directional requests for information n Support for multi device access (i.e. PC, PDA, Phone) n Dispute resolution

Anatomy of the desired Privacy Framework 1 User selects a service requiring information 2 Site re-directs client to their agent because personal information is required 3 Client instructs agent to establish contact with service provider’s agent 4 Client's agent asks for details of information requested and the SP’s privacy contract 5 SP’s agent responds 6 Client’s agent supplies the information or negotiates variance to contract (can request client intervention if needed) 7 SP’s agent passes information to web site 8 Web site acknowledges receipt 9 SP’s agent returns receipt together with signed privacy ‘s contract to client agent where it is stored 10 & 11 Client's agent redirects client to the web site for service fulfillment PC Browser or WAP gateway Client’s agent Containing User-information and privacy Contract defaults Service provider’s web site Service Provider’s agent Containing business forms and privacy contract defaults Phone External databases or directories linked to client agent

Examining the Impact of Privacy on the Business Model

Recognizing the Current Business Model n The current business model for wireless eCommerce is based on the following….. –The merchant/portal/ service provider will pay slotting fees to gain access to a wireless carrier’s customers nThis only succeed whilst there is a wireless “walled garden” –The wireless carrier can secure a share of the revenue from the eCommerce transaction as a finder’s or broker’s fee nThis is lucrative whilst there is a sufficient margin to be shared or mCommerce is not a commodity service

Meeting the Business Plan For mCommerce n The business desires a relationship with a wireless carrier’s customers n The carrier hosts the customer’s agent under the customer’s control n The carrier allows businesses to extend links to the customer’s agent –Charges service providers a relationship fee for links to the customer’s agent –Linking (relationship) fees can be adjusted based on value of the information being shared between customer and business –Both customer and business can break the link at any time if the relationship becomes unprofitable or undesirable

The solution we are investigating n eXtensible Naming Service –Open source, open standard via XNSORG n Agent to Agent architecture –Auto/evoked transfer of data between agents –Privacy rules transferred with every data exchange –Linking and synchronization of exchanged data –Addressing scheme to allow agent discovery

How we see this Meeting our Privacy Challenge n Privacy of information under the customer’s control deprives the business –They currently have access and ownership of customer data with very few rules n Having moved that data into the customer’s control we can then provides mechanisms for the business to access it under rules dictated by the customer n In doing so, we creates links (synchronized) between customer and businesses –Provides businesses with a powerful customer retention tool and us a method of monitizing the relationship

Conclusions n Without adequate privacy, services requiring increasingly personal information will not succeed –Customers will become aware of the threat n Businesses must deploy a privacy framework before delivering context-sensitive value added services in order to avoid a user-revolt n Existing P3P privacy protocol does not sufficiently meet the needs expressed by our customers n We are investigating XNS as a the solution whereby we host the customer’s “agent” and develop profitable relationships by monitizing links between our customers and external businesses