an Intertrust Company         Privacy at a Crossroads Phone: 1-800-393-2272 / Inquiries:© 2013 Pers...
Abstract   With Mobile Computing and the “Internet of Things” becoming a reality, we are           entering a new phase of...
Introduction   The age where ubiquitous “smart” objects automatically capture personal               information is upon u...
The Problem    Technology outpaces social norms on privacy               As we traverse the web and carry on our business,...
The              A trusted intermediaryPersonagraph™Personal Agent   The Personagraph™ Personal Agent (PA) is a distribute...
The Personagraph platform presents aggregated consumer context and inferencesto partners to measure engagement and interac...
In order to ensure that consumer information is not accidentally shared or divulgedas a result of malicious attacks on the...
Combining the efficiency of the Internet with Privacy             The Internet is efficient because its architecture allow...
Upcoming SlideShare
Loading in …5

Personagraph - Privacy at a Crossroad


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Personagraph - Privacy at a Crossroad

  1. 1. an Intertrust Company Privacy at a Crossroads Phone: 1-800-393-2272 / Inquiries:© 2013 Personagraph Corporation. All rights reserved. 1
  2. 2. Abstract With Mobile Computing and the “Internet of Things” becoming a reality, we are entering a new phase of hyper connectivity as our consumer devices and home appliances constantly track activities, locations, and events in our physical and digital lives. In this paper, we examine issues related to privacy and control of the increasingly detailed intimate information that marketers collect. Specifically, we consider the question of whether we need to sacrifice our privacy and give up control of our digital identity to others in order to take full advantage of all the services the Internet has to offer. We introduce Personagraph™, a new personal privacy platform that protects our personal information while letting us benefit from intelligent devices and associated Internet services, putting us in control of the content, accuracy, and distribution of that information. We discuss how this technology can enhance these services and make personal information even more useful without needing to share that personal information with anyone. Contents Privacy at a Crossroads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 The Problem: Technology outpaces social norms on privacy . . . . . . . . . . . . . 2 A Surprising Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 The Personagraph™ Personal Agent: A trusted intermediary . . . . . . . . . . . . . 2 A trusted intermediary who secures personal privacy . . . . . . . . . . . . . . . . . . .3 Curating the Personagraph: the subtleties of privacy . . . . . . . . . . . . . . . . . . . 3 The PA is discrete, careful, and obedient . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 The PA is the key to efficient consumer commerce on the web . . . . . . . . . . 4 Combining the efficiency of the Internet with Privacy . . . . . . . . . . . . . . . . . . . 4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 © 2013 Personagraph Corporation. All rights reserved. 2
  3. 3. Introduction The age where ubiquitous “smart” objects automatically capture personal information is upon us. Devices that we carry or wear on our bodies such as mobile phones, book readers, and exercise monitors, appliances in our homes such as thermostats, bathroom scales, refrigerators, and light bulbs, and the vehicles we drive will contain sensors that collect information about our environment and us. Moreover, this is often without our knowledge. Already, many of us interact with dozens of networked sensors every day, and soon we will be constantly enveloped by thousands of them. Typically, these sensors are directly or indirectly connected to the Public Internet. Intelligent services then dynamically react to events in our daily lives and influence us and others in social and environmental contexts, As we enter this new phase of Internet hyper connectivity and these devices invade our physical and digital spaces, tracking our daily activities, locations, and even our moods, a permanent database of highly detailed digital footprints is built about each of us. This can often be helpful, but it can also be disturbing, and at times potentially harmful and unfairly discriminatory. This information is becoming part of our digital identity, and that digital identity is converging with our physical identity and becoming even more important. In this paper, we focus on three questions: 1. Who controls the flow of information from our personal devices to the public Internet? 2. How can technology be used to put individual people back into control and reverse the current trend of privacy destruction? 3. How can all stakeholders (individual people, marketers, service providers, and content providers) benefit from a new approach to personal information protection? In the physical world, societies across diverse cultures have evolved sophisticated practices over time to protect their privacy. Protective structures and traditions are missing in the digital world where technology is moving faster than social practices. Privacy is being declared dead1 without giving much thought to the far-reaching implications of a world where individuals have no control over how others view them and treat them. Marketers have confused people’s desire to take advantage of social connectivity through the Internet with a desire to expose every aspect of their being to the world. We posit that consumers do appreciate privacy and it is not too late to erect a secured identity that protects a consumer’s privacy allowing him/her to take advantage of innovative services. © 2013 Personagraph Corporation. All rights reserved. 3
  4. 4. The Problem Technology outpaces social norms on privacy As we traverse the web and carry on our business, we appreciate it when information is presented to us in a personalized and uncluttered way. It is also valuable when that information intelligently anticipates our needs and is presented at the right time, in the right place, and in the right context for us to act on, What is not constructive is when the information collected on us is completely outside our control where we don’t know who is tracking us, what information they have collected, what they are doing with it, and how they are packaging, archiving, and reproducing it. When we give up our privacy, we give up our control over how others use that information to influence us and to influence others’ perception of us. For some time now, “trackers” have been silently collecting information about us through our web browsing. This has happened outside our control. These trackers brag that they know more about each of us than anyone, including our mothers.2 Things are about to get much worse as more web activity moves to mobile applications and more everyday objects and services we use, become connected to the web. When these smart objects and applications get the capacity to permanently remember almost everything about us, and relate what other people and institutions believe about us, our loss of privacy has greater consequences than ever. Moreover, those consequences are more profound than imagined by those who say we should just get over it.1 The eagerness to destroy traditions that need to be strengthened is not necessarily motivated by a conscious movement to get rid of privacy or to change our culture. Instead, it is motivated by a desire to provide us with personalized products and services we may find helpful, but mostly to aggressively sell us stuff. However, we are being presented with a false choice: Privacy versus a richer, more useful Internet.A Surprising Leading technology CEOs have made public statements that in order to takeDiscovery advantage of new technologies that offer free information, services, and instant gratification, we have to give up our privacy. But, suppose we do not provide our information to anyone and we completely disable third-party tracking, would we then have to necessarily forego the advantages of web-based technology? The answer is: No! In fact, we have found ways whereby individuals can extract substantial value from their personal information without sharing any of that info with anyone. It is not necessary for individuals to reveal their intimate information for retailers, content and service providers to effectively use private personal information to ensure relevant and personalized information about their products and services. Another surprising finding is that we can construct a much more efficient system for personal recommendations, personal merchandising, and targeted advertising when we keep personal information safe, protected, and governed by the individual consumers whose personal information it is. This innovation in efficiency is a result of arranging the flow of information and controlling it in a manner similar to how the Internet itself works, as we explain below. This understanding is applied to the trusted intermediary technology that Personagraph Corporation has developed. 1. Readwrite, Facebook’s Zuckerberg says the Age of Privacy is over, January 9, 2010 2. WSJ series, “What They Know” © 2013 Personagraph Corporation. All rights reserved. 4
  5. 5. The A trusted intermediaryPersonagraph™Personal Agent The Personagraph™ Personal Agent (PA) is a distributed software component that works for an individual consumer and is controlled by her. It is a distributed component because it consists of software that runs on various devices that a consumer owns and on secure Personagraph servers. The PA system architecture allows it to be associated with an email address or with a non-personally identifiable pseudonym. The PA collects digital footprints but does not share them with anyone. The PA connects with the Personagraph™ Platform to match attributes derived from the footprint to find relevant content, advertisements, and merchandise without revealing any information to third parties. The following section explains the subtleties of personal privacy and demonstrates how the PA functions as a trusted intermediary. A trusted intermediary who secures personal privacy A trusted intermediary is an agent that stakeholders rely upon to perform certain actions that benefit them. A Personagraph PA has three classes of stakeholders: 1. The individual consumer whose information the PA protects 2. Marketers who want to inform consumers about their products and services 3. Content providers who provide content that is paid for by advertisers A PA computes a sophisticated personal profile of a consumer’s interests and demographics. A consumer can choose to curate and/or enhance his/her personal profile. The PA matches ads, merchandise, and content based on a consumer’s interests as reflected in his/her Personagraph. Example: A PA can run a real-time auction for ad slots in a TV program based on whether the content providers wants to increase engagement, revenue or both. The Personagraph platform satisfies all stakeholders’ requirements as follows: • Protects consumer information and any attributes derived from it • Never reveals consumer information to any other stakeholder • Represents a consumer’s preferences and provides an interface to curate interest inferences Advertisers, merchandisers, and other recommenders can trust the Personal Agent to do the following: • Match their objective to inferences based on a consumer’s profile • Leverage a partner’s monetization goals in relevant contexts (auctions, ad relevance, deals, personalized content, etc.) © 2013 Personagraph Corporation. All rights reserved. 5
  6. 6. The Personagraph platform presents aggregated consumer context and inferencesto partners to measure engagement and interaction. The PA anonymizes aconsumer’s information and eliminates any personally identifiable information, whichmight tie an individual’s interaction to his/her identity. For example, a consumer maychoose to watch a free movie from a service provider in exchange for viewing highlytargeted video ads filled by leveraging his/her Personagraph profile. The contentprovider generates revenue by leveraging their revenue sharing relationship withthe advertiser. In addition, the micro transaction might even generate a revenueslice for the consumer, device manufacturer, as well as the movie distributor. The PAis the intermediary that the actors trust to manage this transaction.Curating the Personagraph: the subtleties of privacyProtecting consumer privacy is the core function of the PA. This includes giving aconsumer the ability to control who leverages what personal information, and howit is used. The PA uses user information to infer interests and demographics, whichcan be leveraged by advertisers to target consumers. However, consumers mightnot want all their information to be used as fair game for targeted advertising. Forexample, if a consumer is an active stock investor and does not want any marketertargeting her with investment-related opportunities, she can choose to mark theinvestment interest as an interest she is not willing to share with partners.This ability to curate the Personagraph is crucial to the promise of privacy. The PAprovides an easy-to-use interface to curate (add, edit, delete, confirm) inferences.Partners can choose to leverage interests a consumer declares, or interests that areinferred. For example: A consumer might have declared an interest to hike on theweekends, but the personal agent might have not seen any corroborating events toconfirm that interest, an outdoors specialty merchandiser could choose to ignore theconsumer declared interest in favor of targeting people whose PA has inferred thatthe individual likes hiking.The PA is discrete, careful, and obedientGiven permission, a consumer’s PA collects information across location, in-appusage, clicks, and transaction from their device. Over time and with the rightpermission, the PA builds a rich profile resembling a person’s real and digital life.The PA manages personal privacy by: • Discarding information not required for making additional inferences (i.e., historical location) • Does not retain information or inferences about which a person may feel uncomfortable for any reason (a person can delete their profile) • Stores all information in highly secure but personally controlled environments • Does not send a person’s information to othersOn request, the PA will delete a consumer’s Personagraph: raw information andevery inference derived from it. A consumer can create a new profile from scratch,and the PA will not leverage any information it learnt from a prior profile. The PAacts as a discrete agent on behalf of its consumer. It anonymously searches forinformation for the consumer, without revealing whose behalf it is doing so.© 2013 Personagraph Corporation. All rights reserved. 6
  7. 7. In order to ensure that consumer information is not accidentally shared or divulgedas a result of malicious attacks on the Personagraph infrastructure, we employ datasecurity methods and processes that meet the highest commercial standards andare reviewed by highly experienced security experts. Additionally, Personagraph’ssystems are periodically audited to ensure compliance with privacy and securitypolicies. Personagraph’s privacy policies are also available at for consumers and privacy experts to examine.The PA is the key to efficient consumer commerce on the webEven with sophisticated tools that organizations use to track consumer activitiesin web browsers, advertising on the web is much less efficient than it could be.Today, there is a little personalization as trackers collect consumer clicks on PCbrowsers; however, there is a lot of intrusion with relatively little benefit. Therecommendations that sites offer are endless reminders of products that consumersshopped for, and either already purchased elsewhere, or decided not to buy. Inaddition, consumers use multiple devices to browse and shop, a growing numberof which are mobile devices that don’t allow cookies. In contrast, a consumer’s PAis available on all his/her devices and constantly looks for items of interest to thatindividual. It understands how and when to alert the consumer, and how to presentthe information in the proper context on their current device. In contrast trackersextract personal information, control its use, and give consumers no access to thatinformation. It is time for a whole new approach that helps out everyone: consumers,advertisers, service providers, and content providers.Personagraph’s PA approach is more efficient because it works well with othertechnologies that make the web more efficient. The PA can be used by servicesand applications to find advertising that is most appropriate to a consumer intheir current context (time, place, device, and content or activity being used).Efficiency is derived from this arrangement of millions of PAs, each operating frommultiple devices, independently providing personalized services. PAs can cachepersonalized and contextualized ads for use on many devices, not just the devicewhere a cookie is stored.Another aspect of the efficiency of this system is the diversity and decentralizationof methods for determining relevance and for personalizing ads andrecommendations. Personagraph publishes SDKs and APIs on its website to fosterbuilding of a platform which allows third parties to plug in their recommendationand matching methodologies to rank a consumer preferences in the PA. Thesealgorithms can be used for auctions as well as for non-competitive relevanceranking, and effectively makes each PA learn and become smarter over time.Personagraph further enables a partner to publish and refer to standardizedtaxonomies for interests and personal attributes along with ontologies for productsand services. In this way, consumers and partners can make each PA smarter.© 2013 Personagraph Corporation. All rights reserved. 7
  8. 8. Combining the efficiency of the Internet with Privacy The Internet is efficient because its architecture allows optimal allocation of communication bandwidth and computational resources. Information can be pulled, selectively pushed, and broadcast. On the Internet, information sinks can selectively pull from information sources, and the architecture supports means for identifying specific sources, narrowing the communication bandwidth needed: information is pre-filtered at the source but the filter control is at the destination. Personagraph’s architecture provides support for resource and information identification and optimally points a consumer’s attention towards relevant information using information discrimination and bidding techniques. A satisfied consumer is one who is notified by accurate information when it is relevant and contextual. Personagraph’s rich knowledge and interest graphs, and its massively distributed, intelligent methods for inferring contextually relevant information in a personally protected and controlled manner can provide people with exceptionally personalized and timely services. These innovations are not yet widely deployed yet, but given their potential, they have a good chance to replace the current, less efficient methods that violate consumers’ rights to privacy control over their information.Conclusion The excuse that the Internet cannot support privacy if it is going to efficiently support commercial consumer activity is not valid. We are at a crossroads where we can begin to introduce protocols and protective structures for consumer activity that are much more efficient even as they protect privacy. We believe that now is the time to make the change, as we hook up a vast, all-encompassing network of human activity sensors to the Internet. The social implications are clear. The human race can either evolve into a predominantly passive network of human-nodes with interfaces that react to stimuli controlled by powerful special interests, or we can arrange for individuals to maintain real control over their digital identities and allow them to actively protect the images projected by their online presence. © 2013 Personagraph Corporation. All rights reserved. 8