Choco privacy dilemma: Are you too sweet?

If you are constantly hearing how sweet you are – be aware: it could be literal truth! Your face or even whole body can be 3D printed in chocolate form but will it be sweet to you to, that’s a whole new story…

Image courtesy of KitKat
Image courtesy of KitKat

Would you like to lick and bit choco-stick or lollipop version of Beyonce? Or you prefer such sweets in Robert Pattinson‘s look and feel? Or both? Or what ever you prefer…

Well, 3D printers are going to make your fantasy come true.

But it also means that somebody will be able to 3D print you in chocolate not just for fantasy but also to make profit out of your personal identity.

Or even to 3D print you in plastic or other materials to make a mask or a doll that resembles you for use in illegal activities.

Do you still think that’s sweet?

This disruptive innovation will first hit companies that create tangible, three-dimensional objects that are no longer immune to the risks of file sharing that the music and film industries have dealt with for more than a decade according to San Francisco law firm Morrison & Foerster.

It will impact personal identity brands and question privacy laws in next decade or so. It will question right-of-publicity.

“A bobble-head doll of your favorite athlete or actor could be yours at the click of a button, with no control by or compensation to the celebrity whose image is being misappropriated”, said Craig Whitney, a senior litigation associate at Morrison & Foerster.

And we aren’t talking about distant future.

Since 2012. in Tokyo, New York (in London also) and South Africa you can 3D print yourself and get pocket-size mini-me copy starting from $260 (price is dropping constantly).

In Tokyo it’s a regular service just like taking photo at professional.

We are talking about even bigger trend in the next few years. Patent for 3D printing has expired and tech companies are heading towards mass production of 3D printers.

For now privacy industry is just thinking of new solutions for 3D printing industry.

They could be sweet.

Privacy industry: Measure of Quality for SaaS

If you thought that Middle Ages could only happen on Earth you would be wrong. This days they are happening in cloud but not for long.

Image courtesy of Computer Economics
Image courtesy of Computer Economics

Just think Google or Facebook and their stand on data ownership, protection and retention and its pretty clear that software-as-service’s (SaaS) market has Data Feudalism written all over.

And Google and Facebook aren’t exceptions.

More of a rule on how current internet industry is preferring to handle user data, their privacy and security.

Gartner predicts that this will continue not only through 2014. but also year after as well.

It states that 80% of IT procurement professionals in companies that work in other industries will remain dissatisfied with SaaS contract language and protections that relate to security. Among other things because of lack of meaningful financial compensation for losses of security, service or data.

But this is just a piece of puzzle.

“Concerns about the risk ramifications of cloud computing are increasingly motivating security, continuity, recovery, privacy and compliance managers to participate in the buying process led by IT procurement professionals,” said Alexa Bona, vice president and analyst at Gartner.

As it seems companies are buying more and more of SaaS services regardless.

Public cloud market grew overall in 2012, with 49 percent of organizations having systems in place compared to 47 percent in 2011. according to report by Computer Economics(CE).

CE expects that by 2018. new SaaS application sales will exceed new on-premises application sales.

For now this is how many companies is interested to use these apps in SaaS:
37% Email and calendaring
32% Human resources applications
25% ERP (enterprise resource planning)
11% Expense reporting
24% Other
(multiple answers query)

Adoption of SaaS is boosted primarily by speed of implementation, reduced IT infrastructure, scalability and easier upgrades. Availability, disaster recovery and lower costs are marked as less important.

But CE points that what adds more value to SaaS are in good order:

  1. data privacy
  2. security
  3. control over processes
  4. integration
  5. and performance.

These are major concerns that companies have with public cloud services. That is also way Compliance Officer and compliance in general (regulatory and non-mandatory) is going to play major roll in the future of SaaS.

Like in other things US and EU have opposite approach on how to boost consumer trust in public cloud services (particularly SaaS) and how to end Data Feudalism and internet industry’s Middle Ages.

US is in favor of industry self regulation and EU of regulatory compliance.

In both ways this is a win-win for Privacy industry and consumers.

These trends aren’t going to play such a big roll in adoption rate of SaaS services but are going to play major roll in product differentiation.

In other words, privacy is becoming crucial measure of quality for SaaS.


Snowden it… or Not: How to sell privacy services?

Privacy industry is on a rise. But primitive sales tactics like scare, guilt and priming won’t make your services be more appealing to consumers. Quite the opposite. Here are few tips…

Image courtesy of debspoons /
Image courtesy of debspoons /

I stumble upon two excellent posts The privacy industry: Scare and sell (by Jeff Jarvis) and Post-Snowden, the online privacy industry is booming (by  Aaron Sankin, The Daily Dot) who are describing sales tactics of an emerging privacy industry with one commonality: scare as a prime motivator for growth.

That is just plain wrong sales tactic in today’s world.

Also costly and unproductive.

Selling privacy means targeting smart consumers.

Although is true that only smart beings can feel fear it is also true that only smart people know when they are manipulated. Some like to be terrified from time to time.

But nobody likes to be manipulated.

Tactics like The Fear-Then-Relief Procedure, Exchanging favors by forcing guilt upon somebody and The Foot-in-the-Door Technique are manipulation.

Those are very evil ways of selling.

But you can sell privacy services in a different way: through education.

Write about real world.

Write what’s really happening in the world.

Have you heard of Edward Snowden and NSA, Julian Assange and WikiLeaks, Google One Account, Facebook terms and conditions of user’s data ownership etc.?

Nowadays stories that privacy consumers can relate to are practically writing themselves.

Write such stories because they are a powerful sales tool in attracting smart buyers. Write them in you brochures, blogs, corporate web site and so on.

There is also Snowden effect!

Thanks to Snowden these days people and companies have sense of urgency to boost their privacy right away. You can boost it even more by limiting supply or by limiting the amount of time.

To enhance your sales further you can offer a guarantee, offer proof that your service is effective and pre-qualify your prospects by conducting consumer segmentation.

Scare tactics don’t work. Manipulation doesn’t work.

Truth does. Stories do.


6 Drivers of €1.000 Billion Identity Industry

Personal data as a new kind of currency will create €1 trillion market in EU by 2020 but the main challenge will be to establish the trust that keeps this information flowing. BCG explains why.

Evolutionary path of digital identity value creation
Image courtesy of The Boston Consulting Group

In process automation, User enablement, Personalization, Enhanced delivery, Personal data-driven R&D, and Secondary monetization — are six major trends of Identity industry according to The Boston Consulting Group report The Value of Our Digital Identity.

All of these trends will impact all of today’s industries by 2020 and all of them as a foundation have personal data which BCG describes as a new form of currency.

BCG predicts that by 2020 Identity industry, as a part of Privacy industry, will be a €1 trillion Market only in Europe, not counting rest of the World.

But as BCG states that realizing the full potential of Identity industry is not a given. People are worried about loss of privacy and the improper use of their personal information. Companies fear the backlash that could result if they approach managing personal information in the wrong way.

The challenge is to establish the trust that keeps this information flowing.

For EU businesses and governments, the use of of personal data will deliver an annual benefit of €330 billion by 2020.

For individuals, the value will be more than twice as large: €670 billion. Much of that will be due to online services (i.e. Facebook, Google…) thanks to business models that monetize personal data and are highly valued by consumers.

Identity industry will emerge over three phases – Digitization, Internal enhancement, External applications – that will in most EU countries be simultaneous.

Digitization is a process of creation of basic digital product experience specially in public sector and traditional production. Basic digital identities are used as secure authentication.

In fact, it is the public sector and health care that are expected to profit the most, realizing 40 percent of the total organizational benefit.

Internal enhancement is a process of leveraging personal data internally. Personal data will be used for R&D, delivery optimisation etc. and most active in this phase will be telco and media companies and financial services.

External applications is a phase in which companies will start tapping data ecosystem opportunities like sharing data with third parties in both directions. The most active will be internet sectors and retail.

TOP5 remarks on Data Privacy by Leading EU Academics

According to leading EU Academics, proposed new EU regulation is boosting privacy industry with its start-ups that are creating out-of-the-box privacy tools, software companies that are creating anonymization, pseudonomizetion and encrypting tools and new market need for security and privacy experts and consultancies. And this is why…

Image courtesy of Feelart /
Image courtesy of Feelart /

More than 100 leading senior academics from across Europe, from disciplines such as Computer Science, Law, Economics and Business Administration signed a position regarding proposed European Data Protection Regulation.

Economic, administrative and social processes in Europe are starting to be influenced by invisible net of newly created value as a result of automatic processing of personal data. This is not something that is happening in EU but throughout the world.

Users are paying for nominally free cloud services by providing personal data.

Like checks, shares, bounds, bitcoins, euros or dollars so are personal data becoming generally accepted as payment for goods and services although they are lacking some of characteristics of money.

They are becoming valuable not only for marketing purposes but also for optimization of development, production and distribution of products and services. Further on for enhancing sales and search for better employees and many more things. All of that is packed in virtual databases that are like wallets of our personal identities.

Leading EU Academics stand for more robust data protection laws and are  pointing to arguments that are created by lobbyist aimed to weaken data protection in Europe. They stand for…

1. Innovation and competition are not threatened

Regulation of data protection will impact innovation and competition in positive way, not negatively as some may suggest. They say that for example regulation has promoted innovation in the areas of road safety, environmental protection, and energy.

For data protection, we already see start-ups throughout Europe that offer European citizens solutions to protect their personal data “out-of-the-box”.

Security and privacy experts are selling consulting services to companies to help them manage their IT infrastructures more securely.

For many important business processes, it is not data protection regulation that prevents companies from adopting cloud computing services; rather it is uncertainty over data protection itself.

2. On informed consent

For the last 18 years usage of personal data in the European Union has relied on the principle of informed consent and that is a practices that needs to continue.

It is true that formulating data protection terms for some is viewed as a costly exercise but it protects consumers from blindly consenting to whatever does cloud provider wants to offer, as is experienced today in the USA (opt-out principle).

But EU practice boost new business. European companies are producing technical tools that will help users manage their privacy decisions automatically or with very little effort. Furthermore, technologies are being developed that interpret privacy terms for users and summarize the terms to facilitate decision-making.

3. On ‘legitimate interest’

By proposed EU data protection regulation companies are required not only to claim a legitimate interest, but also justify it. Moreover, the draft report of the European Parliament’s rapporteur now outlines legitimate interests of citizens and it determines where the interests of citizens outweigh company interests and vice-versa.

Citizens have a legitimate interest that profiles are not created about them without their knowledge and that their data is not shared with a myriad of third parties that they do not know about.

4. When to apply the regulation? When is data ”personal“?

Although some internet companies are claiming that they are collecting a lot of user data only for statistical purposes and therefore are not engaging in any re-identification practices, realty is that can be very lucrative. And technically, re-identification is possible even with dynamic identifiers.

That’s way anonymized, pseudonomized and encrypted data are still sort of personal data. They are just processed by useful instruments for technical data protection but are not tools for permanent anonymization.

Encryption helps to keep data confidential. Pseudonyms restrict knowledge about individuals and their sensitive data like concealing of the relation between the medical data of a patient. Anonymization goes even further but complete anonymization takes all the value from the personal data and it is a big question is it ever really done.

5. Who should determine data protection requirements?

Leading EU Academics are against the plan that the European Commission establish itself as the institution that would later define details about data privacy rules through ‘delegated’ and ‘implementing’ acts.

They think that only details that are less critical from the perspective of politics and fundamental rights may be left to the Commission’s discretion. Everything else is above EC position according to European constitutional requirements and should be a responsibility of the European legislative bodies to make such decisions by themselves.


How much will Identity And Access Management be worth in 2018?

Identity And Access Management Market hit $5,13 billion in 2013 at is expected to double in the next three years in some surprising new areas

Image courtesy of Wikipedia
Image courtesy of Wikipedia

The Global Identity and Access Management (IAM) market is worth $5.13 billion in 2013 according to two online reports Global Privileged Identity Management Market 2014-2018 and IAM Market – Global Advancements, Forecast & Analysis (2013–2018). It’s a booming market that is expected to double in size at $10.39 billion by 2018.

That is CAGR 15.1%. And according to first report the CAGR will be even higher, at 26.6% over the period 2013-2018. So there are plenty of new business opportunities there based on identity i.e. privacy industry.

Identity and Access Management market consist of on premise and cloud IAM divided in components like provisioning, directories, SSO, Advanced authentication, Password Management, Audit, and Compliance & Governance. Wikipedia describes Identity management as the management of individual principals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks.

What we are really talking about are businesses related to  Active Directory, Service Providers, Identity Providers, Web Services, Access control, Digital Identities, Password Managers, Single Sign-on, Security Tokens, Security Token Services, Workflows, OpenID, WS-Security, WS-Trust, SAML 2.0, OAuth, RBAC etc.

Second report states that the main driver of IAM Market are cloud IAM services which are lowering cost and complexity of IAM projects implementations. Cloud IAM services have open this market for Small- and Medium-sized Enterprises (SMEs) based on new attractive pricing models like monthly subscriptions, usage-based pricing etc.

The biggest market in terms of revenue will be North America and the biggest growth is expected in Asia Pacific.

The key vendors dominating this market space are BeyondTrust Software Inc., CA Inc., IBM Corp., and Lieberman Software Corp. But there are also Dell’s Quest Software Inc., Cyber-Ark Software Inc., Novell Inc., Xceedium Inc., Fischer International Identity LLC, NetWrix Corp. and Acceleratio Ltd.


New valuables in the Digital age

There is lot of online petition these days but one makes you wonder what are you missing from your pocket and you would never-ever think of it as a value.

Image courtesy of Idea go /
Image courtesy of Idea go /

As of today international online petition A stand for democracy in digital age which was started by 562 authors, including 5 Nobel Prize laureates, from over 80 countries gained 178 thousand supporters. Not so impressive numbers compared to 7,1 billion people living on Earth according to US Census Bureau. But we are talking about authors i.e. creative people who are among those who are creating the biggest value in digital age.

Let’s consider who are these authors. Five Nobel Prize Winners who signed are Orhan Pamuk, J.M. Coetzee, Elfriede Jelinek, Günter Grass and Tomas Tranströmer. And on the petition page you can find that among the signatories are also Umberto Eco, Margaret Atwood, Don DeLillo, Daniel Kehlmann, Nawal El Saadawi, Arundhati Roy, Henning Mankell, Richard Ford, Javier Marias, Björk, David Grossman, Arnon Grünberg, Angeles Mastretta, Juan Goytisolo, Nuruddin Farah, João Ribeiro, Victor Erofeyev, Liao Yiwu and David Malouf.

There are others but this group here that consist of 24 names already is worth millions of dollars and their valuables are not only creative masterpieces that they made but also their tools which enabled that to do so.

Their tools are not only their brains but also their personal environments in which their are creating. And what better describes that than – their privacy.

According to Wikipedia, privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively. The boundaries and content of what is considered private differ among cultures and individuals, but share basic common themes.

Just think what would you need to do to create software that can mimic a Nobel Prize winning author’s (like Orham Pamuk’s) writing. Would it be enough to absorb everything that he has written so far or would that software be much more persuasive if it would be enriched by his private information? Isn’t that his digital identity?

Although online petition A stand for democracy in digital age is in its nature a political initiative, I on the other hand am not interested in it in that sense. I care about its other value.

We share the same message: state surveillance of personal data is theft.

My message is even brother:  surveillance of personal data is theft.

And the reason is that personal data are your valuables. This is so not only because in digital age your privacy is integral part of your digital identity, but is also a tool, even something that you can call goods in economic sense, that only you have and that is enabling you to be uniquely creative.

Personal data have economic value and that is one of the pillars of privacy industry and new valuables in the digital age.

Privacy industry blog