Every so often, it is useful not having a computer science degree. As a liberal arts undergraduate, with an MBA and JD, I am liberated to ask questions that may seem trite to the most seasoned veterans of technology. One of those questions is about email, and with Walgreens and McDonald's email marketing lists being hacked recently and Angela Levin of the Daily Mail asking deeper questions about privacy and Google's free email, now seems like a good time to think about email from a CLOUD point of view.
The "Hamburgling" of McDonald's and Walgreen's email lists speaks to security and where data is stored, while the article on Google's free email points to far deeper issues about how we view and use the Internet. In the case of Walgreens and McDonald's, the information for communicating with me is stored in their databases. In the case of Google, not only is my email address stored in their database but all of my emails are on their servers, too. None of this is unique to these specific companies. The problem is we have replicated our approach to information in the paper-based era with similar views of information in the Internet era. The virtual world is simply not the same as the physical world, and this recent incident with emails shows how CLOUD's view of the Internet can completely change the approach that allowed these hackers to be successful.
The issue to be addressed here is not so much how the hackers were able to succeed in their theft but instead what CLOUD's future model for the Internet can mean to our communications in general. At the general level, we have a 2 X 2 matrix by which we communicate. There are synchronous and asynchronous conversations, and there are one to one or one to many communications. Whether through physical means or electronic ones, the matrix is still relevant to describing the paths by which we connect and receive messages.The examples in this matrix are not meant to be exhaustive but illustrative.
For each of these communication "vectors," we have a tag. We may have a phone number, a Skype name, an email address, our physical residence or mailing address, or a Twitter name. Interestingly, each of these tags has one thing in common. Us. No matter what the communication vector or path, the message still leads to us. So, really all someone needs to know about me to communicate with me is me. Call it the ultimate version of ME 1.0!
At this point, you may be asking what any of this has to do with the hacking of the marketing databases at Walgreens, McDonald's and others. In today's model for communicating on the Internet, everybody that wants to communicate with me has to store each and every one of my unique tags to do so. Whether it is email or phone or Twitter, this means that each of my addresses or "tags" has to be stored in every database at every company that wants to send me a message, which leads to the outcomes that McDonald's describes as a "Unauthorized Customer Data Access."
What if the various mechanisms for communicating with me were in my control? What if all you needed to know about me to communicate with me was me. In a CLOUD-enabled world, local ownership and use of data extends to our communication vectors. In each case, phone number, Twitter handle, email address or physical address, these "tags" are associated with me and are in my control. As a result, I am able to decide how these tags are managed. Walgreens would never need to know nor store any of this information.
Let's think through how this might work. Since Walgreens is the "pharmacy that America trusts," I may have decided to enter into a relationship with them on multiple fronts. Let's suppose I've placed an order for photos. Obviously, photos are physical items, and as a result, Walgreens will need to mail them to my physical address. If I have shared this "tag," when they print out their mailing label for shipment, my physical address gets printed. No need for them to store it, because I'm managing this communication vector on my terms. Now let's suppose that I've also entrusted Walgreens with my pharmaceutical needs. Depending on the urgency of these communications, I may have allowed Walgreens access to multiple points of access to me. They don't need to know which ones, because I'm managing it. If there is a recall on a drug, I may choose to have such a message sent to me in three ways: text, phone call and email. Walgreens doesn't need to worry about which one I have chosen, they just need to send out the urgent message, and, for audit purposes, know that I've received the message, no matter which channel I have chosen to receive it through.
A world of ME 1.0 not only changes privacy, security and data portability, but it can change communications, too. When the Internet starts with us, communications are no longer pushed but pulled. As a result, there are no longer databases scattered everywhere with my information in it, and no "unauthorized data access customer notices" to send. Even if a hacker gets one of the tags to one of my communication vectors, it doesn't matter. I'm not in relationship with them, so even with my "tag," they can't push a communication to me, because I'm not pulling it.
Part 2 will explore this new concept of communication vectors in more detail, as well as unpack the issues raised by Angela Levin with those creepy ads we get when we are on mail.google.com.