bredemarket

Addressing “How” and “Why” in That Order

This is my last chance to squeeze in a Bredemarket blog post before the end of the month, so I’ll just recycle some thoughts that I previously posted on LinkedIn.

Based on some thoughts originally shared by Taylor “Taz” Rodriguez about the perils of “me-too” marketing.

Let’s all be unique

Steve Martin on stage in the 1970s. (And yes I used the “let’s get small” version of this image.) By Jim Summaria – WP:Contact us – Licensing, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=5578555

Years ago, Steve Martin had a routine in which he encouraged his audience to say, in unison, that they promise to be different and they promise to be unique.

Get it?

Apparently some present-day marketers don’t, according to Rodriguez.

If you want to SERIOUSLY grow a service-based company, you need to STOP with the generic social media captions!

We see it all day long, even on paid ads which is sad…

❌ “We help our clients stand out from the crowd!”

❌ “Our experienced team of _____ help to elevate your business!”
From https://www.linkedin.com/posts/madebytaz_marketingandadvertising-paidadvertising-socialmediamarketing-activity-7168953109514280960-9H1N/.

No, repeating the canned phrase about standing out from the crowd does NOT make you stand out from the crowd.

But wait. It gets worse.

The authenticity bot

When I reshared Rodriguez’s post, I wanted to illustrate it with an image that showed how many people use the phrase “stand out from the crowd.”

But while I couldn’t get that exact number on my smartphone search (a subsequent laptop search revealed 477 million search results), I got something else: Google Gemini’s experimental generative AI response to the question, bereft of irony just like everything else we’ve encountered in this exercise.

You see, according to Gemini, one way to stand out from the crowd is to “be authentic.”

Yes, Google Gemini really said that.

Google search results, including generative AI results.

Now I don’t know about a bot telling me to “be authentic.”

Rodriguez addresses “how” and “why”

Going back to Taylor “Taz” Rodriguez’s post, he had a better suggestion for marketers. Instead of using canned phrases, we should instead create original answers to these two questions:

HOW do you help your clients stand apart from the competition?

WHY have your past & current clientele chosen to work with you?
From https://www.linkedin.com/posts/madebytaz_marketingandadvertising-paidadvertising-socialmediamarketing-activity-7168953109514280960-9H1N/.

Why not “why” and “how”?

Now I know what my Bredemarket groupies are saying at this point.

Only one of these three groupies will survive. (And I shudder to think about what Bredemarket groupies would wear.) By Mike – Flickr: DSC_0657, CC BY 2.0, https://commons.wikimedia.org/w/index.php?curid=26475397

(There aren’t any Bredemarket groupies, but pretend for the moment that there are.)

Taz, “You’re Doing It Wrong™.” Because Simon Sinek insists that “why” is the most important question, “why” should take precedence over “how.”

From https://blog.hubspot.com/customers/3-takeaways-from-start-with-why

To which I respond:

Sinek Schninek.

BOTH questions are important, both need to be addressed, and it really doesn’t matter which one you address first.

In fact, there are some very good reasons to start with the “how” question in this case. It’s wonderful for the marketer to focus on the question of how they stand apart from the competition.

And as a wildebeest lover who grasps a keyboard with my cold dead hands, and with an onboarding process that ensures Bredemarket’s content is the right content for my customers, I can certainly agree with this focus.

Even if my onboarding process does start with “why.”

My “seven questions” as of January 18, 2024. To see the latest version of the e-book on my seven questions, visit https://bredemarket.com/7qs/.

But hey, if you want to address my first two questions in reverse order, go for it.

Find out more here.

Why Knowledge-Based Authentication Fails at Authentication

In a recent project for a Bredemarket client, I researched how a particular group of organizations identified their online customers. Their authentication methods fell into two categories. One of these methods was much better than the other.

Multifactor authentication

Some of the organizations employed robust authentication procedures that included more than one of the five authentication factors—something you know, something you have, something you are, something you do, and/or somewhere you are.

From Krishamurty Pammi, https://krishnamurtypammi-technology.blogspot.com/p/security-management-two.html.

For example, an organization may require you to authenticate with biometric data, a government-issued identification document, and sometimes some additional textual or location data.

From IDmission, https://www.idmission.com/identity-solutions/identity-verification.

Knowledge-based authentication

Other organizations employed only one of the factors, something you know.

Not something as easy to crack as a password.
Instead they used the supposedly robust authentication method of “knowledge-based authentication,” or KBA.

The theory behind KBA is that if you ask multiple questions of a person based upon data from various authoritative databases, the chance of a fraudster knowing ALL of this data is minimal.

From Alloy, “Why knowledge-based authentication (KBA) is not effective,” https://www.alloy.com/blog/answering-my-own-authentication-questions-prove-that-theyre-useless.

Steve Craig found out the hard way that KBA is not infallible.

The hotel loyalty hack

Steve Craig is the Founder and CEO of PEAK IDV, a company dedicated to educating individuals on identity verification and fraud prevention.

From PEAK IDV, https://www.peakidv.com/.

Sadly, Craig himself was recently a victim of fraud, and it took him several hours to resolve the issue.

I’m not going to repeat all of Craig’s story, which you can read in his LinkedIn post. But I do want to highlight one detail.

When the fraudster took over Craig’s travel-related account, the hotel used KBA to confirm that the fraudster truly was Steve Craig, specifically asking “when and where was your last hotel stay?”
Only one problem: the “last hotel stay” was one from the fraudster, NOT from Craig. The scammer fraudulently associated their hotel stay with Craig’s account.
This spurious “last hotel stay” allowed the fraudster to not only answer the “last hotel stay” question correctly, but also to take over Craig’s entire account, including all of Craig’s loyalty points.

And with that one piece of knowledge, Craig’s account was breached.

The “knowledge” used by knowledge based authentication

Craig isn’t the only one who can confirm that KBA by itself doesn’t work. I’ve already shared an image from an Alloy article demonstrating the failures of KBA, and there are many similar articles out there.

The biggest drawback of KBA is the assumption that ONLY the person can answer all the knowledge corrections correctly is false. All you have to do is participate in one of those never-ending Facebook memes that tell you something based on your birthday, or your favorite pet. Don’t do it.

Why do organizations use KBA?

So why do organizations continue to use KBA as their preferred authentication method? Fraud.com lists several attractive, um, factors:

Ease of implementation. It’s easier to implement KBA than it is to implement biometric authentication and/or ID card-based authentication.
Ease of use. It’s easier to click on answers to multiple choice questions than it is to capture an ID card, fingerprint, or face. (Especially if active liveness detection is used.)
Ease of remembrance. As many of us can testify, it’s hard to remember which password is associated with a particular website. With KBA, you merely have to answer a multiple choice quiz, using information that you already know (at least in theory).

Let me add one more:

Presumed protection of personally identifiable information (PII). Uploading your face, fingerprint, or driver’s license to a mysterious system seems scary. It APPEARS to be a lot safer to just answer some questions.

But in my view, the risks that someone else can get all this information (or create spurious information) and use it to access your account outweigh the benefits listed above. Even Fraud.com, which lists the advantages of KBA, warns about the risks and recommend coupling KBA with some other authentication method.

But KBA isn’t the only risky authentication factor out there

We already know that passwords can be hacked. And by now we should realize that KBA could be hacked.

But frankly, ANY single authentication can be hacked.

After Steve Craig resolved his fraud issue, he asked the hotel how it would prevent fraud in the future. The hotel responded that it would use caller ID on phone calls made to the hotel. Wrong answer.
While the biometric vendors are improving their algorithms to detect deepfakes, no one can offer 100% assurance that even the best biometric algorithms can prevent all deepfake attempts. And people don’t even bother to use biometric algorithms if the people on the Zoom call LOOK real.
While the ID card analysis vendors (and the ID card manufacturers themselves) are constantly improving their ability to detect fraudulent documents, no one can offer 100% assurance that a presented driver’s license is truly a driver’s license.
Geolocation has been touted as a solution by some. But geolocation can be hacked also.

In my view, the best way to minimize (not eliminate) fraudulent authentication is to employ multiple factors. While someone could create a fake face, or a fake driver’s license, or a fake location, the chances of someone faking ALL these factors are much lower than the chances of someone faking a single factor.

You knew the pitch was coming, didn’t you?

If your company has a story to tell about how your authentication processes beat all others, I can help.

Drive content results with Bredemarket Identity Firm Services.

Cross-Functional Collaboration and the Wannabe PMP

Catalan *castellers* collaborate, working together with a shared goal. By Eric Sala & Tània García (uploaded to Commons by Baggio) – https://web.archive.org/web/20070529054035/http://www.nooficial.com/index.php, CC BY-SA 2.5, https://commons.wikimedia.org/w/index.php?curid=1115767

Whether you’re an employee or a sole proprietor, at some point you’re going to have to play well with others to get things done.

Bredemarket has performed this (fancy phrase: “cross-functional collaboration”), both as part of Bredemarket’s services and outside of it.

As an employee, I’ve managed SaaS proposal projects and other projects that needed the input of many.
Within Bredemarket, I’ve managed proposal and other projects of similar complexity.

Even though I’m not formally certified to do this, I do it anyway.

Pre-Bredemarket: I get SaaSy

Long before I started Bredemarket, I was managing products and proposals associated with an on-premise technology solution.

This solution had a long sales cycle (longer than Cloudflare’s, for example) and a long implementation time. After contract signature, it might take a year or more to lock down the requirements, procure the hardware and third-party software, configure the solution, perform a factory acceptance test, deliver the solution to the customer’s premises, perform one or more rounds of on-site testing, and obtain final acceptance.

But my employer wasn’t lacking in revenue during implementation, because it received partial payments as it passed various milestones. Perhaps a small percentage of the total price would be paid upon requirements completion. Another percentage at delivery. Additional percentages at different points in the implementation, with the final large payment upon acceptance.

By Sam Johnston – Created by Sam Johnston using OminGroup’s OmniGraffle and Inkscape (includes Building icon.svg by Kenny sh), CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=6089457

But then I was the proposal manager for a prospect desiring a SaaS implementation.

The Request for Proposal (RFP) made it very clear that the prospect would not pay a dime to the successful bidder until AFTER the system was accepted and in productive use. Because that’s how SaaS implementations work.

From Regiondo, https://pro.regiondo.com/blog/saas-vs-on-premise/. Note the difference in set-up costs (for the purchasser) between the on-premise and SaaS models.

This would have a major financial impact on my employer, since it would take a much longer time to recoup the initial costs of the implementation.
Without going into details…we didn’t, um, “win” the bid.

Several years later, the, um, SITUATION had changed, and my employer was more willing to accept the financial risks associated with SaaS implementations. I was still a proposal manager at the time and was able to work on my employer’s first successful SaaS bids. But that assumption of risk wasn’t the only barrier to success, because I had to work with a lot of different cross-functional collaborators to get those bids out.

The salespeople who wants to sell the SaaS systems to their prospects.
The engineers who had to do the heavy lifting to transition our on-premise solution to a SaaS solution.
The program managers who had to keep an eye on the costs of the implementation to ensure that our employer’s financial risk was minimized.
The customer support people who had to manage the system after final acceptance, even though much of the system was in a cloud center somewhere instead of at the customer’s site.
The finance and pricing people who had to adjust to this new way of doing business.
The legal people who had to develop a brand new contract that encompassed the new reality.
Finally, the executives who were willing to take the risk to enter the SaaS market and who wanted to succeed without losing money.

I think this is when I made my observation about managers of large proposals. In a large project, the proposal manager is the only one who spends 100% of their time on the project. The salespeople are selling other deals, the engineers are engineering other stuff, and so forth. Therefore, it was up to me to ensure that everything continued to move forward, because while these bids were important to the others, they were critically important to me.

From https://bredemarket.com/2023/10/26/do-you-know-the-three-levels-of-importance-tloi/.

Anyway, these later bids had a much happier ending, the employer successfully entered the SaaS market, and as more customers moved from on-premise to SaaS models, thus evening out my employer’s income stream, the financial risk from SaaS proposals was reduced significantly.

That cross-functional collaboration experience, exercised on these bids and in many other instances over the years, would be put to the test a few years later when I started Bredemarket.

Bredemarket: herding cats

From Fallon (not Jimmy) 2000 “Cat Herders” advertisement for EDS, https://www.fallon.com/cat-herder.

It’s one thing for a company employee to manage a project with a ton of people, none of whom report to you and most of whom outrank you.

It’s another thing when an outside contractor has to manage a project of inside employees.

One of my Bredemarket projects, which happened to be another proposal project, required me to do just that. While the proposal was much simpler than the bids constructed at my former employer, the effort still required a lot of shepherding to get all the pieces put together, obtain all the approvals, and get someone to submit the final proposal since I, as a non-employee, couldn’t do it myself.

Everything worked out, and the employees were great, but there were times when it seemed like I was the only one to keep an eye on all the tasks.

Something that I had never been formally trained to do.

Today’s acronym is PMP

Eventually I (temporarily) stopped working on finger/face projects for Bredemarket because I was employed by a finger/face company. And I found myself managing projects of similar complexity (the 80+ battlecard project, for example).

And that’s when I realized that I was a de facto project manager.

Even though I didn’t have the fancy certification to attest to this.

The Project Management Institute offers several certifications, including:

A “starter” certification, the Certified Associate in Project Management (CAPM)^® certification.
The next-level certification, the well-known Project Management Professional (PMP)^® certification.
Additional certifications, listed here.

I toyed around with the idea of starting the certification progression in 2023, and even though my employer didn’t have the rigorous annual goal-setting processes that larger organizations have, I set a personal goal in one of my employer’s Asana projects to advance to CAPM by the end of 2023.

And then…things happened.

Perhaps at some point I’ll get the official piece of paper that I can flash around, but until then I’ll learn on my own, both by coursework and by…well…actual managing projects.

From https://www.linkedin.com/in/jbredehoft/details/skills/.

When You Come to a Fork in the Road, DON’T Take It

From https://www.brainyquote.com/quotes/yogi_berra_100084.

Yes, I know that Yogi Berra said that “when you come to a fork in the road, take it.”

I followed that advice almost two years ago, and I was wrong.

I explained why this advice was wrong, and what my revised advice means for the future of Bredemarket.

The people who subscribe to the Bredemarket mailing list already know the why, the how, and the what about fork etiquette.

If you’d like to know the same, subscribe to the Bredemarket mailing list and check out the past issues.

Subscribe to the Bredemarket mailing list: http://eepurl.com/hdHIaT

(Image from brainyquote.)

Personally Protected: PII vs. PHI

(Part of the biometric product marketing expert series)

Before you can fully understand the difference between personally identifiable information (PII) and protected health information (PHI), you need to understand the difference between biometrics and…biometrics. (You know sometimes words have two meanings.)

The definitions of biometrics

To address the difference between biometrics and biometrics, I’ll refer to something I wrote over two years ago, in late 2021. In that post, I quoted two paragraphs from the International Biometric Society that illustrated the difference.

From https://www.biometricsociety.org/about/what-is-biometry.

Since the IBS has altered these paragraphs in the intervening years, I will quote from the latest version.

The terms “Biometrics” and “Biometry” have been used since early in the 20th century to refer to the field of development of statistical and mathematical methods applicable to data analysis problems in the biological sciences.

Statistical methods for the analysis of data from agricultural field experiments to compare the yields of different varieties of wheat, for the analysis of data from human clinical trials evaluating the relative effectiveness of competing therapies for disease, or for the analysis of data from environmental studies on the effects of air or water pollution on the appearance of human disease in a region or country are all examples of problems that would fall under the umbrella of “Biometrics” as the term has been historically used….

The term “Biometrics” has also been used to refer to the field of technology devoted to the identification of individuals using biological traits, such as those based on retinal or iris scanning, fingerprints, or face recognition. Neither the journal “Biometrics” nor the International Biometric Society is engaged in research, marketing, or reporting related to this technology. Likewise, the editors and staff of the journal are not knowledgeable in this area.
From https://www.biometricsociety.org/about/what-is-biometry.

In brief, what I call “broad biometrics” refers to analyzing biological sciences data, ranging from crop yields to heart rates. Contrast this with what I call “narrow biometrics,” which (usually) refers only to human beings, and only to those characteristics that identify human beings, such as the ridges on a fingerprint.

The definition of “personally identifiable information” (PII)

Now let’s examine an issue related to narrow biometrics (and other things), personally identifiable information, or PII. (It’s also represented as personal identifiable information by some.) I’ll use a definition provided by the U.S. National Institute of Standards and Technology, or NIST.

Information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other information that is linked or linkable to a specific individual.
From https://csrc.nist.gov/glossary/term/PII.

Note the key words “alone or when combined.” The ten numbers “909 867 5309” are not sufficient to identify an individual alone, but can identify someone when combined with information from another source, such as a telephone book.

Yes, a telephone book. Deal with it.

By © 2010 by Tomasz Sienicki [user: tsca, mail: tomasz.sienicki at gmail.com] – Photograph by Tomasz Sienicki (Own work)Image intentionally scaled down., CC BY 3.0, https://commons.wikimedia.org/w/index.php?curid=10330603

What types of information can be combined to identify a person? The U.S. Department of Defense’s Privacy, Civil Liberties, and Freedom of Information Directorate provides multifarious examples of PII, including:

Social Security Number.
Passport number.
Driver’s license number.
Taxpayer identification number.
Patient identification number.
Financial account number.
Credit card number.
Personal address.
Personal telephone number.
Photographic image of a face.
X-rays.
Fingerprints.
Retina scan.
Voice signature.
Facial geometry.
Date of birth.
Place of birth.
Race.
Religion.
Geographical indicators.
Employment information.
Medical information.
Education information.
Financial information.

Now you may ask yourself, “How can I identify someone by a non-unique birthdate? A lot of people were born on the same day!”

But the combination of information is powerful, as researchers discovered in a 2015 study cited by the New York Times.

In the study, titled “Unique in the Shopping Mall: On the Reidentifiability of Credit Card Metadata,” a group of data scientists analyzed credit card transactions made by 1.1 million people in 10,000 stores over a three-month period. The data set contained details including the date of each transaction, amount charged and name of the store.

Although the information had been “anonymized” by removing personal details like names and account numbers, the uniqueness of people’s behavior made it easy to single them out.

In fact, knowing just four random pieces of information was enough to reidentify 90 percent of the shoppers as unique individuals and to uncover their records, researchers calculated. And that uniqueness of behavior — or “unicity,” as the researchers termed it — combined with publicly available information, like Instagram or Twitter posts, could make it possible to reidentify people’s records by name.
From https://archive.nytimes.com/bits.blogs.nytimes.com/2015/01/29/with-a-few-bits-of-data-researchers-identify-anonymous-people/.

So much for anonymization. And privacy.

Now biometrics only form part of the multifarious list of data cited above, but clearly biometric data can be combined with other data to identify someone. An easy example is taking security camera footage of the face of a person walking into a store, and combining that data with the same face taken from a database of driver’s license holders. In some jurisdictions, some entities are legally permitted to combine this data, while others are legally prohibited from doing so. (A few do it anyway. But I digress.)

Because narrow biometric data used for identification, such as fingerprint ridges, can be combined with other data to personally identify an individual, organizations that process biometric data must undertake strict safeguards to protect that data. If personally identifiable information (PII) is not adequately guarded, people could be subject to fraud and other harms.

The definition of “protected health information” (PHI)

In this case, I’ll refer to information published by the U.S. Department of Health and Human Services.

Protected Health Information. The Privacy Rule protects all “individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information “protected health information (PHI).”¹²

“Individually identifiable health information” is information, including demographic data, that relates to:

the individual’s past, present or future physical or mental health or condition,

the provision of health care to the individual, or

the past, present, or future payment for the provision of health care to the individual,

and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.¹³ Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).

The Privacy Rule excludes from protected health information employment records that a covered entity maintains in its capacity as an employer and education and certain other records subject to, or defined in, the Family Educational Rights and Privacy Act, 20 U.S.C. §1232g.
From https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html

Now there’s obviously an overlap between personally identifiable information (PII) and protected health information (PHI). For example, names, dates of birth, and Social Security Numbers fall into both categories. But I want to highlight two things are are explicitly mentioned as PHI that aren’t usually cited as PII.

Physical or mental health data. This could include information that a medical professional captures from a patient, including biometric (broad biometric) information such as heart rate or blood pressure.
Health care provided to an individual. This not only includes written information such as prescriptions, but oral information (“take two aspirin and call my chatbot in the morning”). Yes, chatbot. Deal with it. Dr. Marcus Welby and his staff retired a long time ago.

Robert Young (“Marcus Welby”) and Jane Wyatt (“Margaret Anderson” on a different show). By ABC TelevisionUploaded by We hope at en.wikipedia – eBay itemphoto informationTransferred from en.wikipedia by SreeBot, Public Domain, https://commons.wikimedia.org/w/index.php?curid=16472486

Because broad biometric data used for analysis, such as heart rates, can be combined with other data to personally identify an individual, organizations that process biometric data must undertake strict safeguards to protect that data. If protected health information (PHI) is not adequately guarded, people could be subject to fraud and other harms.

Simple, isn’t it?

Actually, the parallels between identity/biometrics and healthcare have fascinated me for decades, since the dedicated hardware to capture identity/biometric data is often similar to the dedicated hardware to capture health data. And now that we’re moving away from dedicated hardware to multi-purpose hardware such as smartphones, the parallels are even more fascinating.

U.S. Sports Betting Tax Revenue

On Tuesday, February 13, Adam Grundy (supervisory statistician in the U.S. Census Bureau’s Economic Management Division) published an article entitled “Quarterly Survey of State and Local Tax Revenue Shows Which States Collected the Most Revenue from Legalized Sports Betting.”

From https://www.census.gov/library/stories/2024/02/legal-sports-betting.html

According to Grundy:

New York was the state with the largest share of the nation’s tax revenue in the (third) quarter of 2023: $188.53 million or more than 37% of total tax revenue and gross receipts from sports betting in the United States. Indiana ($38.6 million) and Ohio ($32.9 million) followed.
From https://www.census.gov/library/stories/2024/02/legal-sports-betting.html.

Are you wondering why populous states such as California and Texas don’t appear on the list? That’s because sports betting is only legal in 38 states and the District of Columbia.

Sports betting in any form is currently illegal in California, Texas, Idaho, Utah, Minnesota, Missouri, Alabama, Georgia, South Carolina, Oklahoma, Alaska and Hawaii.
From https://www.forbes.com/betting/legal/states-where-sports-betting-is-legal/#states_where_sports_betting_is_illegal_section.

Sports betting was not legal in Florida during the 3rd quarter of 2023, but was subsequently legalized.

Which returns us to California and Texas, opposites in many ways, who are agreed in the opinion that sports betting is undesirable.

But the remaining states that allow sports betting need to ensure that the gamblers meet age verification requirements. (Even though they have a powerful incentive to let underage people gamble so that they receive more tax revenue.)

“Looks like the over-under for the NBA All-Star Game is 400, Mikey.” By Adrian Pingstone – Transferred from en.wikipedia, Public Domain, https://commons.wikimedia.org/w/index.php?curid=112727

If your identity/biometric firm offers an age verification solution, and you need content to publicize your solution, contact Bredemarket.

Spotify for Podcasters Removing Recording and Editing Features

I received an email from Spotify for Podcasters (formerly Anchor) last Thursday. Here’s what the pertinent part of the email said.

Beginning June 2024, we are discontinuing Spotify for Podcasters’ proprietary creation capabilities as we refocus our attention on building the next generation of podcast tools. Specifically, the following features from Spotify for Podcasters will no longer be available for use:

Web recording and editing

Mobile recording and editing

Music + Talk

No changes will be made to already published episodes. These changes will only remove the ability to edit content of published episodes, drafts or publish new episodes with these specific features. As always, you can continue to use Spotify for Podcasters to publish upload-ready audio and video episodes on the web.
From received email.

From https://podcasters.spotify.com/pod/show/bredemarket

Ever since I started the Bredemarket podcast, I’ve used Anchor’s and Spotify’s web/mobile recording features, including its “Jupiter” sound effect.

Obviously I could record and edit audio on my own and upload it.

But is it worth it? I still have several months to decide.

Now let me repurpose this post as a podcast episode. (With the Jupiter sound effect.)

Why Customers Benefit: Bredemarket Asks the Right Questions

Whether I’m creating content for Bredemarket or creating product marketing material for an employer (past or future), it’s important to ask some critical questions first.

My LinkedIn profile contains the three simple words “why customers benefit.” Not “what producers feature”—why customers benefit. Those three words encapsulate my approach to marketing…well, until I come up with three different words. Or two.

Song by Annie Lennox. Original reel on the Bredemarket Instagram account.

Bredemarket asks the right questions.

Why Am I a 21st Century Charles Dickens?

I’m enjoying my latest project with one of Bredemarket’s clients, because it allows me to do something I normally don’t do as a consultant.

Write emails.

From https://giphy.com/gifs/email-aol-youve-got-mail-f0tufxEr372ZLuA07V.

Normally it’s not economically feasible for me to write emails for Bredemarket, since I (for once) agree with the experts and keep my emails in the 100-word range. Because my normal minimum word length is 400 words, I usually don’t write emails for clients.

Except when the demand generation director on this client’s project envisions AN ENTIRE SEQUENCE of emails.

The demand generation director’s desired email sequence

From https://www.howtosaas.com/blog/holistic-demand-gen.

You see, the demand generation director…um…demanded that I write an entire email sequence.

The first email in the sequence introduces the client.
The second one provides more information about why the client’s services benefits their customers.
Further emails build upon the previous information.
At the end of the sequence is the final email, with a clear call to action for the prospect to visit the client’s “landing page” and request a meeting with the client.

By the way, did you know that you can request a meeting with Bredemarket? Just go to https://calendly.com/bredemarket/ if you’d like to meet with me for a “content needs assessment.”

Actually, EVERY email in the sequence includes a link to go to the landing page and request a meeting. These are called “discovery meetings” in the trade, but you don’t have to call them that if you don’t want to. As noted above, I refer to my client meeting as a “content needs assessment.” Call the meetings wildebeests if you feel like it.

Back to my client’s demand generation director. The sequence of emails they requested tells a story. But rather than telling a short story in a single email, this sequence includes multiple emails, in which the content in each email builds upon the previous email, like chapters in a book.

Which leads me to Charles Dickens.

Charles Dickens gave birth to your marketing email sequence

By Jeremiah Gurney – Heritage Auction Gallery, Public Domain, https://commons.wikimedia.org/w/index.php?curid=8451549

When 20th and 21st century readers encounter the works of Charles Dickens, we are handed a complete novel.

But that’s not how Dickens published his stories. Dickens’ tales were published in serial form.

Most of the novels, including Nicholas Nickleby, Dombey and Son, David Copperfield, Bleak House, Little Dorrit, and Our Mutual Friend, appeared in monthly parts following a very specific formula developed by Dickens and his publishers with the release of Dickens’s first full-length novel The Pickwick Papers (1836 – 37). The Pickwick Papers appeared in 20 parts over a period of 19 months. (The last part was a “double issue” that included parts 19 and 20). Each part contained 32 pages of letter press, 2 illustrations, various advertisements, and came wrapped in a flimsy green-paper front and back cover. The price for each part was one shilling (except for the last “double issue,” which was two). This price was very cheap compared to the standard price of a book, which at the time was 31 shillings 6 pence.
From https://dickens.ucsc.edu/resources/faq/by-the-word.html.

From https://alumni.duke.edu/magazine/articles/pickwick-papers-rubenstein.

Other than cost savings, why did Dickens and his publishers share his content in serial form?

Dickens’s 20-part formula was successful for a number or reasons: each monthly number created a demand for the next since the public, often enamored of Dickens’s latest inventions, eagerly awaited the publication of a new part; the publishers, who earned profits from the sale of numbers each month, could partially recover their expenses for one issue before publishing the next; and the author himself, who received payment each time he produced 32 pages of text (and not necessarily a certain number of words), did not have to wait until the book was completed to receive payment.
From https://dickens.ucsc.edu/resources/faq/by-the-word.html.

And there was one other extremely personal benefit for Charles Dickens.

It was largely on the strength of his generous monthly stipend for The Pickwick Papers that Dickens was able to marry Catherine Hogarth in 1836.
From https://dickens.ucsc.edu/resources/faq/by-the-word.html.

By Daniel Maclise – Transferred from en.wikipedia to Commons.. Original uploader was Jack1956 at en.wikipediaOriginal text: http://www.antiquemapsandprints.com/p-14230.jpg, Public Domain, https://commons.wikimedia.org/w/index.php?curid=36862813

So serialization helped Charles Dickens create demand, generate wealth, AND get the girl. Can’t argue with that. (Although they subsequently separated.)

What about your stories?

I am not Charles Dickens, but I’m trying to incorporate storytelling into Bredemarket’s work.

For example, the email sequence I created for the demand generation director shares details about how the problems the prospects may face, and how the client has helped their customers overcome these problems.

It all fits into the client story.

What’s the most important question to ask before telling a client story?

It seems to me they give these technology products now-a-days very peculiar names. By Public Domain – Snapshot Image – https://archive.org/details/ClassicComedyTeams, Public Domain, https://commons.wikimedia.org/w/index.php?curid=25914575

No, what ISN’T the most important question.

As I’ve said before, WHY is the most important question.

If you’d like to see all seven of the questions that your content creator should ask you, look below. And no, it’s not in seven serial mini-books, but in a single volume.

Seven Questions Your Content Creator Should Ask You (October 22, 2023)Download

Although I did serialize the questions on Instagram. Chuck would be proud.

The Pros and Cons of California Senate Bill 988, the Freelance Worker Protection Act

The Freelancers Union wants me to write my state senator and voice my support for California Senate Bill 988, called either the “Freelance Isn’t Free Act” or the “Freelance Worker Protection Act” depending upon who you ask.

I’m not sure if that’s a good thing.

This post talks about:

Freelancing, sometimes known by other terms.
The Freelancers Union, and some of its activities such as local SPARK groups.
One of the union’s initiatives, the first Freelance Isn’t Free law in New York City.
Story time, about a guy whom I refer to as “Cliff.”
The proposed California version of the Freelance Isn’t Free law, SB 988.
How SB 988 will help me get paid.
How SB 988 may prevent California freelancers from working.

What is a freelancer?

Semantics are semantics.

I do not choose to refer to myself as a “freelancer”—my preferred term is “sole proprietor.” But for practical purposes there is no real difference between a non-incorporated freelancer, sole proprietor, independent contractor, or whatever word you want to use to describe people who conduct business on their own without creating a partnership, a limited liability company, or some type of corporation. (If I incorporated, I’d have to pay the state of California $800 a year, as we will see later.)

But in certain circles, the term “freelancer” is in vogue, and I really don’t have a problem with it.

Look for the union label

There’s even a union. Sort of.

The Freelancers Union, based in Brooklyn, New York, advocates for freelancers. My major point of contact with the Freelancers Union has been the SPARK groups that host meetings on a monthly basis. Between 2020 and 2022 I was regularly attending the virtual (COVID-imposed) meetings of the Orange County, California SPARK group. The meetings have definitely been helpful; that’s where I learned about brand archetypes, and it’s where I learned about the business-to-business exemptions for classifying workers as employees or non-employees in California. For example, I learned that California Assembly Bill 5 (AB 5) was superseded by Assembly Bill 2257 (AB 2257).

While Orange County is changing, it still has a reputation as a not-so-leftist place, so our local SPARK chapter didn’t march around and create rhymes and call people scabs.

To my knowledge there are no Freelancers Union chapters in France. This is probably a good thing. By Siciliathisma – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=129832260

Actually, the Freelancers Union isn’t really a union. We don’t pay dues (although the Freelancers Union accepts donations), and we don’t picket against clients who don’t support the union. For obvious reasons, since a single picketing freelancer can’t shut down a company in the same way that a mass of picketing employees can shut down, say, a Starbucks. (Or try to.)

But while the Freelancers Union can’t strike, it can impact legislation.

The first “Freelance Isn’t Free” law

The Freelancers Union’s initial target jurisdiction was its home city of New York, where the first “Freelance Isn’t Free” law was passed in 2017.

Several of the new rights granted under the law include a right to a written contract and timely payment for work performed and freedom from retaliation and discrimination when they exercise their rights. In addition, the law provides for an award of double damages and attorneys’ fees to freelancers who prevail on their claims in court.
From https://blog.freelancersunion.org/2018/05/15/how-to-file-a-nonpayment-claim-with-the-nyc-department-of-consumer-affairs/

The Freelancers Union and the city of New York define “timely payment” as net 30 terms.

Which reminds me of a bandleader I used to know.

California knows how to party

As some of you know, my 25-year history with IDEMIA stretches back a long way. I started with a company called Printrak International, at the time an independent company first privately owned, then traded on NASDAQ. Despite its lofty position as a publicly traded company, it was a pretty small, informal outfit.

Until Printrak was acquired by Motorola, a huge multinational firm with almost 150,000 employees and a presence in police radios, cellular telephones, and many other industries. While the company shrunk during the years I was an employee, it was still a pretty big outfit.

One thing that didn’t change was the annual Users Conference held for the law enforcement agencies that used our software. By the time Motorola acquired Printrak, that software was called Omnitrak, and would later be renamed Printrak BIS.

The Users Conferences (which IDEMIA continues to this day) have always been a mixture of education and entertainment. Education in the form of training in the use of Omnitrak/Printrak BIS and in forensic techniques, and entertainment in the form of a midweek party and an end-of-week banquet.

That’s where my coworker comes in. I’m not going to refer to him by name; for purposes of this blog post I’ll refer to him as “Cliff.”

By Paramount Pictures – Netflix, Fair use, https://en.wikipedia.org/w/index.php?curid=50708166

Now Cliff, who had been with the company longer than I had, thought he’d do a favor for his employer Motorola. He’d assemble a band to play at the midweek party and bill Motorola for the band’s services.

That’s when Cliff learned just how big Motorola is.

Motorola Solutions (formerly Motorola) previous headquarters on the Schaumburg, Illinois campus. Motorola Solutions subsequently moved to the city of Chicago. By CacioPepeLePu – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=137584046

You see, if you want to do business with a big company like Motorola, you have to play by Motorola’s rules. And in the case of Motorola, that meant net 45 terms.

So Cliff wouldn’t get paid for 45 days, but he’d have to pay his band members long before that.

Ouch.

California knows how to legislate

Now if the Freelance Isn’t Free Act provisions had applied at the time, Motorola would have been required to pay Cliff within 30 days. However, this incident occurred long before the Freelance Isn’t Free act was passed, and the incident occurred outside of the jurisdiction of New York City.

While versions of the Freelance Isn’t Free Act have been passed in a few other jurisdictions, including the city of Los Angeles, the state of California was not governed by such a law.

That may change.

We have some exciting news! Just last week California State Senator Scott Wiener introduced Senate Bill 988 (SB 988) or as we like to call it, the Freelance isn’t Free Act. As in other parts of the country, where we have been successful in implementing similar laws, it aims to ensure fundamental protections for freelance workers, enforced by the State Labor Commissioner and the Attorney General. These protections include the right to a contract, prompt payment within 30 days of completing work, and the right to double damages for non-payment.
From https://blog.freelancersunion.org/2024/02/08/new-legislation-introduced-to-expand-freelance-protections-to-california-state/.

It turns out that Senator Wiener didn’t adopt the Freelancers Union’s preferred branding, and instead called his bill the “Freelance Worker Protection Act.” I don’t know if this means that I’m supposed to picket the Senator, but the bill title is what it is.

From https://legiscan.com/CA/text/SB988/2023.

Why do we need a bill covering all of California when there’s already a bill in Los Angeles? The Freelancers Union addresses this:

Similar legislation was passed in the City of Los Angeles in February 2023, but it has limitations, notably covering only work performed within county limits. Given the rise of remote freelancing, especially due to the pandemic, this loophole disincentivizes hiring freelance workers residing and working in Los Angeles.
From https://blog.freelancersunion.org/2024/02/08/new-legislation-introduced-to-expand-freelance-protections-to-california-state/.

We’ll come back to this in a minute.

The pros of CA SB988

As a freelancer, CA SB988 obviously benefits me, primarily because it helps me get paid. If a client stiffs me, I can sic lawyers on them and then the client will REALLY have to pay.

Enough said.

The cons of CA SB988

However, not all is rosy for freelancers if SB988 passes, and it potentially impacts me personally.

A couple of years ago, I signed a contract with another multinational company. And this contract has net 90 terms. I’m not all that happy about it, but if this is what it took for me to do business with that company, then this is what it took.

If SB988 passes, then I will need to go to this multinational and inform them that since I am a California resident, those 90 day terms are now illegal, and you will have to amend these to net 30 terms if you wish to enjoy the marketing and writing services of Bredemarket.

And of course I’m sure that the multinational will readily agree…

…that because of the requirements imposed by the state of California, perhaps the multinational doesn’t need to do business with Bredemarket any more. There are certainly talented writers in South Dakota or India who can write things that are “good enough” for this particular multinational.

At this point it is impossible to predict the number of freelancers who will lose some income because their clients insist on terms greater than net 30. Because the similar Illinois law won’t go into effect until July 1, and appears to only affect contracts executed after that date, it’s too early to tell whether large companies will refrain from doing business with freelancers in Illinois due to the state’s “onerous” conditions. The same could hold true in California.

Could freelancers in certain states be shut out of contracts? It’s already happening with employees. And one person who employed someone from California found out the hard way that California labor requirements can be onerous:

From https://ccleve.com/p/dont-hire-remote-employees-living.

You’d think that I could simply tell them (the California Employment Development Department) that I’m not doing business in California and be done with it. No — California defines “doing business” in a number of ways, one of which is to have more than 25% of your payroll in California. Which I had, because I had only one employee.

So now, because I employed one of their residents, I’m fully subject to California regulation. I have to file all of the employment-related forms, including those pertaining to withholding and unemployment insurance (which I expected). I also have to register my company with the California Secretary of State and renew my information every year or face penalties, and apparently I have to file a corporate income tax return

You’d think I’d be able to file a simple return, file zeroes on it, and be done with it. But no — I had to pay my accountant to do it, and the form is literally 42 pages long. That cost a few hundred dollars. And in the end, I still owed them $800. For 2019 alone; I’ll also owe them for 2020 and 2021.

I owe $800 for the “minimum franchise tax”. California charges this fee to everyone for the “privilege” of “doing business” in California, whether they have revenue or not. Only a few states have a business franchise tax, and California’s is wildly higher than anywhere else. This is in addition to California’s generally out of control taxes.
From https://ccleve.com/p/dont-hire-remote-employees-living.

So if California ends up being marked with a big red X by employers, will California also end up being marked with a big red X by companies hiring independent contractors?

Time will tell.