Users are not stupid; systems are

For years, I have been working with computer systems that are used by people. Sometimes I forget that, but then someone like Mike Rathwell reminds me of this fact. Just like Jake Kuramoto reminded me of that fact 12 years ago. It’s all about customer focus, after all.

Mike Rathwell says that users are not stupid

Mike, a former coworker of mine whom I’ve mentioned before, just wrote an article fpr Modus Create entitled “Why ‘Techsplaining’ is a Bad Idea for System Admins.”

Rathwell begins by asking why people administer Atlassian systems (or, frankly, any system).

…the real reason we are around to administer this particular system is because real humans are using this system to do real things. Without humans using this system to do real things, administering it is purely an academic exercise. As such, we are here to ensure that this particular system supports, and continues to support, doing these things.

From https://moduscreate.com/blog/system-admin/?utm_content=221412142

Fine, and water is wet. So what?

Perhaps there are those that think that the users of an Atlassian system are required to serve the needs of the system. That’s backwards. The Atlassian system is required to serve the needs of its users.

Even if they do stupid things and ask stupid questions.

For those who think “Dumb and Dumber” is too complicated, there’s always the panned prequel. The poster art can or could be obtained from New Line Cinema. Fair use, https://en.wikipedia.org/w/index.php?curid=3132477

Except they don’t.

Rathwell emphasizes that users do NOT ask stupid questions.

Be sure to read the rest of the article, which states that “techsplaining” is a bad idea also.

But I’m going to travel back in time to another instance in which users were called “stupid.”

Jake Kuramoto says that users are not stupid

Perhaps some of you remember this one.

Most of us access social platforms by performing some type of “login” process. Now logins can take many different forms (password, fob, biometric, whatever), but the process is basically the same.

  • You go to a place on the Internet.
  • You “login.”
  • You are now able to access your social platform of choice.

Now some of us intuitively understand how to “go to a place on the Internet” and “login.”

And back in 2010, there was a group of people who had a sure-fire method of doing this. Specifically, they would go to this thing on their computer (they didn’t know what it was called, but it was on the computer), type “facebook login,” click on the link that came up, type in their login and password, and access Facebook.

Now “this thing on their computer” was the Google search page in their web browser of choice. And they would search for “facebook login,” and the first search result would happen to be facebook.com. Once they made it to facebook.com, they would type in their login and password.

This was a method that people had perfected, and it worked 100% of the time.

Until it didn’t.

Here’s Jake’s summary of what happened:

The short version is:

ReadWriteWeb posted “Facebook Wants to Be Your One True Login“.

Google indexed the post.

The post became the top result for the keywords “facebook login”.

People using Google to find their way to Facebook were misdirected to the post.

The comments on the post were littered with unhappy people, unable to login to Facebook.

From http://theappslab.com/2010/02/11/these-are-our-users/

(Incidentally, if you go to Kuramoto’s post, you’ll find a link to the ReadWriteWeb article. That link no longer works, primarily because ReadWriteWeb is now ReadWrite. Maybe the spiders sued. The current link as of 2022 is https://readwrite.com/facebook_wants_to_be_your_one_true_login/.)

So what broke down? When a new page became the top search result, people would NOT end up at facebook.com, but would instead end up at a ReadWriteWeb blog post. This blog post did NOT have anywhere to enter your Facebook login and password. So…Facebook is broken!

Now most if not all of the people reading my post right now know that you need to go to the facebook.com URL to log in to Facebook, and that you cannot log in to Facebook via (then) readwriteweb.com. But then again, the people that are reading my post right now actually know what the acronym “URL” means. (If you don’t, it stands for Uniform Resource Locator.)

Now find someone who doesn’t know the difference between a computer monitor and a web browser and explain to that person what a Uniform Resource Locator is.

Now there were two schools of thought on the whole ReadWriteWeb / Facebook login episode.

The one school of thought maintained that anyone who thought that they could login to Facebook via ReadWriteWeb was stupid, and that everybody should know to bookmark the facebook.com URL or type it into their browser rather than searching and running into an unbelievably successful SEO campaign.

But that school assumed that everyone knew what a URL is, or what SEO is. (Search engine optimization. Try explaining that one while you’re explaining Uniform Resource Locator.)

And Jake, despite his technical chops (he was with the Oracle AppsLab when he wrote this post), stated the same thought that Mike Rathwell would echo twelve years later.

I think it’s fair to say that computers shouldn’t make people feel stupid. 

From http://theappslab.com/2010/02/11/these-are-our-users/

I say that users are not stupid

If you want to get to your favorite social platform, you shouldn’t have to know acronyms like SEO or URL or HTTPS. The only thing that you need to know is the name of the platform you want to access. (Otherwise you’ll end up at MySpace. Or Grindr.)

I’ll take it one step further. If the myriad of systems that make up your computer can’t figure out what you want to do, then it’s the computer and its many systems that are stupid, not you.

Now I just have to take Rathwell’s message to heart and avoid “techsplaining” myself.

And when I write, I need to continuously keep my customers (or, more accurately, my customers’ customers) in mind. I’m writing for them, not for me. Create messages that resonate with them. And if the audience is non-technical, don’t assume that they know what SEO and URL and HTTPS mean.

Five of my identity information sources that I have created over the years (and no, most of you can’t see the fifth one)

Back in January 2021, I wrote a post on the Bredemarket blog entitled “Four of my identity information sources that I have created over the years, including one that you can access in the next ten seconds.”

This post is an update to my January 2021 post about the four identity information services. Yes, I just created a fifth one. (But most of you can’t see it.)

The first three services

The first three were created for the benefit of employees at (then) Motorola, (then) MorphoTrak, and IDEMIA. Briefly, those three were:

  • A Motorola “COMPASS” intranet page entitled “Biometric Industry Information.”
  • A MorphoTrak SharePoint intranet page entitled “Identity Industry Information.” (Note the change in wording.)
  • An IDEMIA (and previously MorphoTrust and L-1) daily email newsletter.

The fourth service

Of course, since I wrote the January 2021 post in the Bredemarket blog, the main purpose of the post was to tout the fourth identity information source, the (then) newly-created “Bredemarket Identity Firm Services” LinkedIn showcase page.

January 2021 screen shot of a post in the Bredemarket Identity Firm Services LinkedIn showcase page.

I subsequently created a companion Bredemarket Identity Firm Services Facebook group, which like the LinkedIn showcase page (and unlike my previous efforts for Motorola, MorphoTrak, and IDEMIA) were publicly accessible.

Why did I do this?

I marvel at the thought that I kept on doing this over and over again for four different companies, including Bredemarket. Why did I have this pressing need to reinvent the wheel as I traveled from company to company?

Habitually I’ve been a reader, and have found myself reading a lot of information about the biometric industry or the wider identity industry. Of course it’s not enough just to read something, you have to do something with it. COMPASS, SharePoint, email, LinkedIn, and Facebook allowed me to do two things with all of the articles that I read:

  • Save them somewhere so that I could find them in the future.
  • Share them with other people who may be interested in them.

I didn’t collect information on my impact to others in versions 1.0 and 2.0, but by the time I started managing the IDEMIA email list, I not only received comments from people who appreciated the articles, but I was also able to grow the subscriptions to the email list. (People had to opt in to receive the emails; we didn’t cram them into the inboxes of every IDEMIA employee.)

Similarly, I’ve received comments from people on LinkedIn who follow the showcase page, stating that they appreciated what I was sharing there.

And while COMPASS and the MorphoTrak SharePoint are long gone, and IDEMIA’s Daily News may or may not still be in publication, I can assure you that the Bredemarket Identity Firms services LinkedIn page and Facebook group still continue to operate for your reading pleasure.

And that’s the end of the story.

No it’s not.

The fifth service

As some of you know, Bredemarket has become a side gig because of my new day job, which is with a company in the identity industry. During my first days on the new job, I set up subscriptions to my new company email account so that I could receive information from Crunchbase and Owler, as well as relevant Google Alerts on the identity industry.

And as I began receiving these subscriptions, as well as performing my usual scans of other news sources…

…well, you can guess what happened.

“I need to store these stories and share them with my coworkers,” I thought to myself.

Finally, I created a new identity information service using the well-worn title “Identity Industry Information.” (Hey, it’s easy for me to remember.)

Now I can’t actually SHARE this service with you, because it’s just for the employees at my new company.

And THIS iteration takes advantage of a technology that’s slightly newer than COMPASS.

It’s a Slack channel.

P.S. to employees at my current company – if you’d like to access this Slack channel, DM me on Slack and I’ll send you an invite.

Bredemarket Inland Empire B2B Services: Iterating LinkedIn/Facebook Page/Group Names

Author’s Note: this is one of two seemingly unrelated Bredemarket blog posts that form a cohesive whole. Actually PART of a cohesive whole.

Introduction

It would be nice if my initial plans for my consultancy Bredemarket were perfect and addressed my consulting needs for years to come. But my plans are NOT perfect, in part because I can’t anticipate what will happen in the future.

And so I iterate. Which is why I’m renaming the Bredemarket General Business Services Facebook group and the Bredemarket Local Firm Services LinkedIn showcase page.

In this post I examine why I created Facebook groups and showcase pages in the first place, why I originally named the Facebook group “Bredemarket General Business Services,” why I subsequently named the LinkedIn showcase page “Bredemarket Local Firm Services,” and why I’m changing things.

Why create Facebook groups and LinkedIn showcase pages?

When I established Bredemarket in 2020, I knew that I wanted to target multiple customers. This sentence on the Bredemarket home page has remained unchanged since 2020:

Bredemarket presently offers its services to identity/biometrics, technology, and general business firms, as well as to nonprofits.

From https://bredemarket.com/

These four customer groups have some different needs. A nonprofit’s concerns differ from those of a fingerprint identification software vendor. Because of this, I wanted to find a way to talk directly to these customers.

Back in November 2020, I started by creating a LinkedIn showcase page entitled Bredemarket Identity Firm Services. I started with this one because I had a need to communicate with just my identity customers. As of April 21, 2022, 186 people are following this showcase page to receive identity-only content.

Why I created the Bredemarket General Business Services Facebook group

I didn’t stop with that one LinkedIn showcase page. By July 2021, I had created a second LinkedIn showcase page devoted to technology, but was also creating Facebook groups.

So Bredemarket…has Facebook groups that are somewhat similar to the Bredemarket LinkedIn showcase pages. One difference is that I have three groups on Facebook. In addition to the identity and technology groups, I also have a general business group. At this point it didn’t make sense to create a LinkedIn showcase page for general business, but it did make sense for Bredemarket to have such a group on Facebook.

From https://bredemarket.com/2021/07/16/how-and-why-a-company-should-use-linkedin-showcase-pages/

You can see how these Facebook groups (and LinkedIn showcase pages) are derived from my original 2020 statement of Bredemarket’s target markets. To a point; as I noted, I didn’t create a general business showcase page on LinkedIn, and even today I don’t have a nonprofit LinkedIn showcase page or a nonprofit Facebook group.

But I would begin to pivot Bredemarket’s business that summer.

Why I created the Bredemarket Local Firm Services LinkedIn showcase page

By September 2021, I was questioning my market segmentation.

As I write this, Bredemarket has no clients in my hometown of Ontario, California, or in any of the nearby cities. In fact, my closest clients are located in Orange County, where I worked for 25 years.

It’s no secret that I’ve been working to rectify that gap and drum up more local business.

From https://bredemarket.com/2021/09/03/shattering-my-assumptions-by-using-linkedin-for-local-marketing/

After attending Jay Clouse’s September 2021 New Client Challenge, I determined to pursue this local market more aggressively and determined how I was NOT going to pursue Inland Empire West customers.

So when I market to local businesses, I’ll want to do that via relevant Facebook Groups. Obviously I won’t market the local services via LinkedIn or Twitter, because those services are not tailored to local service marketing.

From https://bredemarket.com/2021/09/03/shattering-my-assumptions-by-using-linkedin-for-local-marketing/

Let me draw out the implied assumption in that statement above, that even the Facebook marketing would be via groups created by other people. It wasn’t like I was going to create my OWN local Facebook group or anything like that. I was going to post in the Facebook groups created by others.

Anyway, proving that my initial plans are NOT perfect, I fairly quickly changed my mind regarding LinkedIn, deciding to create a LinkedIn showcase page devoted to local services, even though I didn’t have (or need) a parallel Facebook group.

And in fact I’d cheat by adapting the artwork for the Bredemarket General Business Services Facebook group and repurpose it for use in the Bredemarket Local Business Services LinkedIn showcase page.

This appeared to be a brilliant idea, and the new local LinkedIn showcase page was successful. Not as successful as the Bredemarket Identity Firm Services LinkedIn page, but it certainly provided me with an avenue to speak just to the local community.

Aren’t I brilliant?

Why I’m changing the names of the Facebook group and LinkedIn showcase page

Well, maybe not so brilliant.

Time went on, and I would share identity stuff to the “Identity Firm Services” showcase page and group, and I would share technology stuff to the “Technology Firm Services” showcase page and group. When I wanted to share local stuff, I’d obviously share it on the Bredemarket Local Firm Services LinkedIn showcase page, and sometimes I’d also share it on the Bredemarket General Business services Facebook group.

But this raised two questions.

What is the Bredemarket General Business Services Facebook group?

The third market category that I created in 2020 isn’t making sense in 2022. If you go to the Bredemarket General Business Services Facebook group today, it’s kind of vague. In fact, you could say it’s, um, general.

If you scroll through the group posts, you’ll see a lot of posts from me that have to do with businesses in California’s Inland Empire.

Because I do not moderate the posts in the group, other people like to post, and their posts can be, um, general. For example, there is one person who occasionally posts things like this.

Now I have no reason to reject the post, because the poster isn’t violating any group rule. However, this person could use the services of a marketing and writing professional. The company is doing SOME things right. such as advertising the services provided, including illustrative pictures, and incorporating a call to action. The call to action, of course, is to call…

…061 531 5144?

For those who aren’t familliar with geography, Kempton Park is outside of Pretoria, in South Africa. Which means that if I had wanted the company to provide a quote when my own roof was damaged by winds, I would have to call the country code 27 first, THEN call the local area code 61 and the local number 531 5144.

Somehow I doubt that Ontario, California is in this company’s service area.

Now I could have posted a comment along the lines of “You idiot! Do you really think that people in this group are going to contract with a roofer on another continent?” But I didn’t do that. Instead, I simply commented with this question:

Where is the service located?

From https://www.facebook.com/groups/bredemarketbusiness/posts/1034813817123791/

Over a week later, the original poster hasn’t responded to my question. I guess the poster is too busy writing “Thought the group would like this” posts on every “general business service” Facebook group. (Terrible waste of the poster’s time, when you think about it.)

And that’s what can happen when you create a group for “general business services.” It’s too general.

What is the Bredemarket Local Firm Services LinkedIn showcase page?

Thankfully I avoided this same problem when I created the Bredemarket Local Firm Services LinkedIn showcase page.

Or did I?

If you don’t know me or my background and encounter a showcase page devoted to “local firm services,” what are you going to think?

That’s right. The page name doesn’t mention the locality that is the focus of the page.

Next thing I know, my roofing friend is going to discover my Linkedin showcase page and start posting weekly, with an equal lack of success.

How do I make these better?

So it’s obvious that both the LinkedIn showcase page and Facebook group would benefit from a refocus and a rename.

But what name?

If you had asked me this question in September 2021, I would have chosen the name “Bredemarket Inland Empire West Firm Services.” My local marketing target at that point was businesses in Ontario, California and the surrounding cities. “Inland Empire” was too broad a term for those cities, but “Inland Empire West” is a real estate term that fits nicely in my target market area.

This also tied in with a marketing promotion that I was running at the time, in which I would offer a discount for customers in this immediate area. However, I recently rescinded that promotion (as part of the numerous changes I’m currently making to Bredemarket’s business). Since I wasn’t making money (from an opportunity cost perspective) with my regular package pricing, I certainly wouldn’t make money with DISCOUNTED package pricing.

At the same time, I was getting less strict about keeping my target within the Inland Empire West, and was therefore open to extending throughout the Inland Empire. Although most of my online collateral is currently targeted to the Inland Empire West, I won’t turn down business from Moreno Valley or Redlands.

So perhaps I could use the name “Bredemarket Inland Empire Firm Services,” without the “West.”

But I didn’t like that either.

While “Firm” implies that I work with businesses and not individuals (I don’t write resumes), I figured it would be clearer if I used “B2B” instead of firm. “Business-to-Business” would be better, but that would make the page/group title awfully long. Of course some people don’t know what “B2B” means, but that could be an effective filter; if you don’t know what “B2B” means, you’re not going to use Bredemarket’s services anyway.

Having settled on the title “Bredemarket Inland Empire B2B Services,” it was now a matter of making the title change. (Without changing the legacy URLs and potentially breaking existing links.)

So now I can formally re-announce…

…the Bredemarket Inland Empire B2B Services LinkedIn showcase page.

And…

…the Bredemarket Inland Empire B2B Services Facebook group.

Bredmarket Inland Empire B2B Services Facebook group
From https://www.facebook.com/groups/bredemarketbusiness

Again, the URLs don’t match the page/group titles because of legacy issues, but I think it’s better than what was before. And hopefully this will focus the content and make it more relevant.

Unless you’re a Pretoria homeowner with a leaky roof.

What if your business has no website or web page?

In January of this year, I wrote a couple of posts about websites with outdated content.

The posts were obviously self-serving (since Bredemarket happens to sell services to update website text), but the second post backed my points up with data.

Specifically, a study noted that when people want to research a solution, 53% of them perform a web search for the solution, and 41% of them go to vendor web sites.

I used this data to make the point that your website had better be up to date, if you want your potential customers to have a good impression of your business.

An outdated website looks bad.

But I just ran across something even worse.

Worse than an outdated website

I’m not going to provide specifics, but I just saw a Facebook post in a local business group that promoted a service. This happens to be a service that is popular with individuals and businesses. The Facebook post stated that the service provider was the best provider in the local area, and was better than the competition. The post then gave the company name of the service provider, and…

…a local phone number.

You can guess what I did next. Like 53% of you, I searched for information on this particular company. I started on Facebook itself; since the individual made the post on Facebook, I figured that the company had a Facebook page.

It didn’t. The company had no Facebook presence.

So I got out of Facebook and went off into the World Wide Web and (like 41% of you) searched for the company’s web page.

I found no company web page with that name in California, but I did find a company with that name in another part of the country that coincidentally provided the same service. But I could tell that this was a separate company.

So I went back to the original Facebook post and asked a question.

Does [COMPANY NAME] have a website, or just a phone number?

I received a response from the original poster.

Bredemarket, no, just a number.

I made no further comment, but it got me thinking.

What’s worse than a website with outdated content?

No website or web page at all.

And I’m not talking about a fancy-dancy website. If you’ve seen Bredemarket’s website, it’s not fancy-dancy.

I’m just talking about a simple page. It doesn’t have to be on your own domain; it could be on wordpress.com (like my jebredcal site) or wix.com even facebook.com (Bredemarket has one of those too). Just something that ideally tells you the company name, the person who runs the company, the address of the company (yes, UPS Store addresses are acceptable; I know), a phone number, and an email address.

When all of these elements are available, and they’re present on a website, you have at least some assurance that the company is a viable concern. (I’ll grant that this can be faked, like Abdul Enterprises was faked, but at least a name, address, email, and phone number suggest that the company is real.)

A company name and a phone number with no website, no email address, and no company ownership information is…well, it’s sketchy.

So how does a company without an online presence establish one?

There are a variety of ways to establish a company online presence. You could pay for a website, you could set up a free website via a variety of service providers, or you could simply set up a social media page such as a Facebook page.

Now Bredemarket doesn’t create websites, and Bredemarket doesn’t create Facebook business pages. Facebook offers step-by-step instructions on how to create a Facebook business page, and there are guides on how to create complete websites such as a Wix site (and you can do it for free if you don’t need a custom domain and use accountname.wixsite.com/siteaddress).

Creating the site, however, is only part of the story.

Bredemarket can help you establish the initial content for a website or a Facebook page. (And if you desire, I can help you refresh the content also.)

Let’s look at the simplest example, where you just want to establish a presence with a few hundred words (say 400 to 600 words).

I’ll start by asking you a bunch of questions.

  • Topic. Well, the topic is your business, of course, but how would you summarize your business in one sentence?
  • Goal. What is the goal of your site or page? Do you want people to immediately buy something online? Do you want people to rush to your business location and buy something? Or do you just want people to talk to you about your product or service?
  • Benefits. I’ve talked about this ad nauseum, but it’s important to explain why people should want your product or service. If your explanation results in a “so what?” from the potential customer, then you need to refine your benefit statement.
  • Target audience. The message on your site or page is obviously affected by your target audience. A page intended for forensic scientists will have different messaging than a page intended for high school students who want an after school snack.
  • Other questions. These are going to vary from engagement to engagement, but it’s important to ask these questions up front to minimize any misunderstandings later.

After you and I have talked through these questions, I’ll start creating the text to place on your website. By the time we’ve gone through the process and we’re done, you’ll have an initial website presence for your business. People will be able to find your business, find out what it’s about, contact you, and give you lots of money.

But that won’t happen until the people can find out what you offer.

And it won’t happen if they only have a business name and a phone number.

If you want Bredemarket to help you establish an online presence with the correct words to woo customers:

Inland Empire West businesses should visit https://bredemarket.com/local/ for a special “locals only” discount.

Meta-repurposing

I like to publish “in case you missed it” (ICYMI) posts over the weekend, just in case my Facebook, LinkedIn, or Twitter followers might have missed something that I originally published in the preceding week.

Last weekend I tried something a little different. Now that Bredemarket has been a going concern for over a year, I chose to publish some items that my followers might have missed when I originally published them in the preceding YEAR.

Although there are some parts of 2020 that aren’t fun to revisit.

But this past weekend, I went back to October 2020 for my latest #ICYMI offerings. I want to talk about two of these offerings in particular.

The first #ICYMI item

The first item that I shared last weekend was a Bredemarket blog post from October 17, 2020 entitled “You go back, Jack, do it again” that talked about repurposing content. Here’s a brief excerpt that links to a Neil Patel post.

Why repurpose content?

To reach audiences that you didn’t reach with your original content, and thus amplify your message. (There’s data behind this.)

If you’re a data lover, check the link.

The second ICYMI item

Waylon Jennings promotional picture for RCA, circa 1974. By Waylon_Jennings_RCA.jpg: RCA Records derivative work: GDuwenTell me! – This file was derived from:  Waylon Jennings RCA.jpg:, Public Domain, https://commons.wikimedia.org/w/index.php?curid=17091525

The second item that I shared last weekend was a Bredemarket Spotify podcast episode from the same period entitled “A special episode for Spotify subscribers, with Waylon Jennings’ ‘Do It Again.'” You can probably guess that it was about repurposing content.

To answer a few questions about the podcast:

  • Yes, it was a repurposing of the blog post.
  • Yes, this particular podcast episode was only on Spotify because it included a song sample.
  • Yes, I chose Waylon’s version of the song rather than Steely Dan’s because I like Waylon’s version better.
  • Yes, you have to be on Spotify Premium to hear the whole song, rather than a 30-second snippet. (I’m not on Spotify Premium, so even I haven’t heard the entire podcast as envisioned.)

I don’t really have anything profound to say about repurposing that hasn’t been said already, so treat this as a reminder that you can easily repurpose content on new platforms to reach new readers/listeners.

As I just did.

Again.

Postscripts

For the record, I haven’t created any other Spotify-only podcast episodes with music since that initial one a year ago. So all of the other podcast episodes that I’ve recorded are available on ALL of my platforms, including Anchor.

By the way, there was a third #ICYMI item that I re-shared last weekend on Facebook, LinkedIn, and Twitter. But it didn’t deserve its own re-blog.

(You gotta know when to hold ’em. Yes, that’s Kenny, not Waylon.)

In this post, “NGI” stands for Non-Governmental Identity

I admit to my biases.

As a former long-time employee of a company that provides finger and face technology for the Federal Bureau of Investigation’s Next Generation Identification (NGI) system, as well as driver’s license and passport technology in the United States and other countries, I am reflexively accustomed to thinking of a proven identity in governmental terms.

Because the government is always here to help.

From World War II. By Packer, poster artist, Artist (NARA record: 8467744) – U.S. National Archives and Records Administration, Public Domain, https://commons.wikimedia.org/w/index.php?curid=16929857

What this means in practice is that whenever I see a discussion of a proven identity, I reflexively assume that the identity was proven through means of some type of governmental action.

  • Perhaps the identity was tied to a driver’s license identity maintained by a state agency (and checked against other states via AAMVA’s “State to State” to ensure that there are no duplicate identities).
  • Or perhaps the identity was proven via the use of a database maintained by a government agency, such as the aforementioned NGI or perhaps a database such as the CODIS DNA database.

However, I constantly have to remind myself that not everyone thinks as I do, and that for some people an identity proven by governmental means is the worst possible scenario.

Use of DNA for humanitarian efforts

Take an example that I recently tweeted about.

I recently read an article from Thermo Fisher Scientific, which among other things provides a slew of DNA instruments, software, and services for both traditional DNA and rapid DNA.

One of the applications of DNA is to prove family relationships for migrants, especially after families were separated after border crossings. This can be done in a positive sense (to prove that a separated parent and child ARE related) or in a negative sense (to prove that a claimed parent and child are NOT related). However, as was noted in a webinar I once attended, DNA is unable to provide any verification of legitimate adoptions.

By Nofx221984 – Own work, Public Domain, https://commons.wikimedia.org/w/index.php?curid=7429871

Regardless of the purpose of using DNA for migrants, there is a certain level of distrust among the migrants when the government says (presumably in Spanish), “We’re the government. We’re here to help.” You don’t have to be a rabid conspiracy theorist to realize that once DNA data is captured, there is no technical way to prevent the data from being shared with every other government agency. Certain agencies can establish business rules to prevent such sharing, but those business rules can include wide exceptions or the rules can be ignored entirely.

Therefore, Thermo Fisher Scientific decided to discuss humanitarian DNA databases.

As a result of migration, human trafficking and war, humanitarian databases are a relatively new concept and are often completely separate from criminal databases. Research has shown that family members may distrust government databases and be reluctant to report the missing and provide reference samples (1). Humanitarian databases are repositories of DNA profiles from reported missing persons, relative reference samples, and unknown human remains and may be managed by non-governmental organizations (NGOs), though in some instances they may be managed by a governmental institution but kept separate from criminal databases. Examples of humanitarian databases can be found in the United States (NamUsUniversity of North Texas HDID), Canada (Royal Canadian Mounted Police), Australia (National DNA Program for unidentified and missing persons) and internationally via the International Commission on Missing Persons (ICMP).

As you can see from the list, some of these databases ARE managed by government police agencies such as the RCMP. But others are not. The hope, of course, is that migrants would be willing to approach the humanitarian folks precisely BECAUSE they are not the police. Reluctance to approach ANY agency may be dampened by a desire to be reunited with a missing child.

And these non-governmental efforts can work. The Colibri Center claims to have performed 142 identifications that would not have been made otherwise.

Reluctance to set national standards for mobile driver’s licenses

Because of my (biased) outlook, mobile driver’s licenses and other applications of government-proven digital identity seem like a wonderful thing. The example that I often bore you with is the example of buying a drink at a bar. If someone does this with a traditional driver’s license, the bartender not only learns the drinker’s birthdate, but also his/her address, (claimed) height and weight, and other material irrelevant to the “can the person buy a drink?” question. With a mobile driver’s license, the bartender doesn’t even learn the person’s birthdate; the bartender only learns the one important fact that the drinker is over 21 years of age.

Some people are not especially wowed with this use case.

The DHS Request for Comment has finally closed, and among the submissions is a joint response from the American Civil Liberties Union, Electronic Frontier Foundation (EFF), & Electronic Privacy Information Center (EPIC). The joint response not only warns about potential misuse of government digital identities, but also questions the rush of establishing them in the first place.

We believe that it is premature to adopt industry standards at this time as no set of standards has been completed that fully takes advantage of existing privacy-preserving techniques. In recent decades we have seen the emergence of an entire identity community that has been working on the problems of online identity and authorization. Some within the identity community have embraced centralized and/or proprietary systems…

You can imagine how the ACLU, EFF, and EPIC feel about required government-managed digital identities.

Is a Non-Governmental Identity (NGI) feasible and reliable?

Let’s return to the ACLU/EFF/EPIC response to the DHS Request for Comment, which mentions an alternative to centralized, proprietary maintenance of digital identities. This is the alternative that I’m referring to as NGI just to cause MAC (massive acronym confusion).

…others are animated by a vision of “self-sovereign
identity” that is decentralized, open source, privacy-preserving, and empowering of individuals. That movement has created a number of proposed systems, including an open standard created by the World Wide Web Consortium (W3C) called Verifiable Credentials (VCs)….

DHS should refuse to recognize IDs presented within centralized identity systems. If a standard digital identity system is to be accepted by the federal government, it must be created in an open, transparent manner, with the input of multiple stakeholders, and based upon the self-sovereign identity concept. Such a system can then be used by federal government agencies to view identity credentials issued by state departments of motor vehicles (DMVs) where doing so makes sense. If standards based on self-sovereign identity are not considered mature enough for adoption, efforts should be directed at rectifying that rather than at adopting other systems that raise privacy, security, and autonomy risks.

For all practical purposes, the chances of the ACLU/EFF/EPIC convincing the Department of Homeland Security to reject government-proven identities are approximately zero. And since DHS controls airport access, you probably won’t see an airport security agent asking for your Verifiable Credentials any time soon. Self sovereign identities are just as attractive to government officials as sovereign citizens.

Who issues Verifiable Credentials?

As ACLU/EFF/EPIC noted, Verifiable Credentials are still under development, just as the centralized system standards are still under development. But enough advances have been made so that we have somewhat of an idea what they will look like. As Evernym notes, there is a trusted triangle of major players in the Verifiable Credentials ecosystem:

There are a number of directions in which we can go here, but for the moment I’m going to concentrate on the Issuer.

In the current centralized model being pursued in the United States, the issuers are state driver’s license agencies that have “voluntarily” consented to agree to REAL ID requirements. Several states have issued digital versions of their driver’s licenses which are recognized for various purposes at the state level, but are not yet recognized at the federal level. (The purpose of the DHS Request for Comment was to solicit thoughts on federal adoption of digital identities. Or, in the case of some respondents, federal NON-adoption of digital identities.)

Note that in the Verified Credentials model, the Issuer can be ANYBODY who has the need to issue some type of credential. Microsoft describes an example in which an educational institution is an Issuer that represents that a student completed particular courses.

Without going into detail, the triangle of trust between Issuers, Verifiers, and Holders is intended to ensure that a person is who they say they are. And to the delight of the ACLU et al, this is performed via Decentralized Identifiers (DIDs), rather than by centralized management by the FBI or the CIA, the BBC, B. B. King, Doris Day, or Matt Busby. (Dig it.)

But NGIs are not a cure-all

Despite the fact that they are not controlled by governments, and despite that fact that users (at least theoretically) control their own identities, no one should think that digital identities are the solution to all world problems…even when magic paradigm-shifting words like “blockchain” and “passwordless” are attached to them.

Here’s what McKinsey has said:

…even when digital ID is used with good intent, risks of two sorts must be addressed. First, digital ID is inherently exposed to risks already present in other digital technologies with large-scale population-level usage. Indeed, the connectivity and information sharing that create the value of digital ID also contribute to potential dangers. Whether it is data breaches and cyber-intrusions, failure of technical systems, or concerns over the control and misuse of personal data, policy makers around the world today are grappling with a host of potential new dangers related to the digital ecosystem.

Second, some risks associated with conventional ID programs also pertain in some measure to digital ID. They include human execution error, unauthorized credential use, and the exclusion of individuals. In addition, some risks associated with conventional IDs may manifest in new ways as individuals newly use digital interfaces. Digital ID could meaningfully reduce many such risks by minimizing opportunity for manual error or breaches of conduct.

In addition, many of these digital identity initiatives are being pursued by large firms such as IBM and Microsoft. While one hopes that these systems will be interoperable, there is always the danger that the separate digital identity systems from major firms such as IBM and Microsoft may NOT be interoperable, in the same way that the FBI and DHS biometric systems could NOT talk to each other for several years AFTER 9/11.

And it’s not only the large companies that are playing in the market. Shortly after I started writing this post, I ran across this LinkedIn article from the Chief Marketing Officer at 1Kosmos. The CMO makes this statement in passing:

At 1Kosmos, we’ve taken our FIDO2 certified platform one step further with a distributed identity based on W3C DID standards. This removes central administration of the database via a distributed ledger for true “privacy by design,” putting users in sole access and control of their identity.

1Kosmos, IBM, and Microsoft know what they’re talking about here. But sadly, some people only think these technologies are “cool” because they’re perceived as anti-government and anti-establishment. (As if these companies are going to call for the downfall of capitalism.)

Which identiy(ies) will prevail?

Back to governmental recognition of NGI.

Don’t count on it.

Anticipated DHS endorsement of government-issued digital identities doesn’t mean that NGI is dead forever, since private companies can adopt (and have adopted) any identity system that they wish.

So in truth we will probably end up with a number of digital identities like we have today (I, for example, have my WordPress identities, my Google identities, and countless others). The difference, of course, is that the new identities will be considered robust – or won’t be, when centralized identity proponents denigrate decentralized identities and vice versa.

But frankly, I’m still not sure that I want Facebook to know how much I weigh.

(Although, now that I think about it, Apple already knows.)

Technology without a revenue plan will not survive

This tweet is trending.

And while Confidently Zay is missing the old MySpace, I myself run in circles that miss the former social service FriendFeed.

So what happened to these two innovative services?

  • Well, Tom may be long gone, but MySpace still exists today. It is branded as part of the “People / Entertainment Weekly Network.” And there are a number of people on the network, like a guy with the name Kanye, another guy with the name Avicii (yes I know he’s dead, but he has a MySpace profile), and others.
  • As for FriendFeed, if you try to go to friendfeed.com you end up at facebook.com. The service survived for several years after Facebook acquired it, but Facebook finally shut down the servers in 2015.

Let’s dig into the details of why these services are not what they used to be.

So what happened to MySpace?

At one point MySpace was the king of all social media, having acquired the title from Friendster. After being founded in 2003, it boasted one million members in 2004 and 16 million users in 2005, and was recognized as the social network until Facebook surpassed it in users in 2008.

MySpace offered several advances over Friendster, including an emphasis on scalability and the inclusion of various tools to allow people to build their own personal communities.

Yet MySpace’s founders chose to sell the service to News Corp. (Rupert Murdoch’s outfit) in 2005 for $580 million. A few years later, in 2011, News Corp. sold it again…for only $35 million. Tom, who stayed with the company after News Corp. acquired it, retired in 2009.

Why did Tom et al sell the service to News Corp. in the first place? And why did News Corp. buy it?

  • For the owners of Intermix (the company that ran MySpace), the attraction was money. MySpace wasn’t a big money-maker; recorded monthly revenues in March 2004 were $135,000. Presumably it made more money in future months, but even as late as December 2004 the service was only valued at $46 million. After the sale to News Corp., Tom Anderson signed an employment agreement giving him $30 million.
  • As for News Corp., it didn’t acquire MySpace for MySpace. It acquired MySpace because it added value to the Fox properties.

“Intermix is an important acquisition for News Corp., instantly doubling the number of visitors to our sites and providing an ideal foundation on which to meaningfully increase our Internet presence,” News Corp.’s Chairman and CEO Rupert Murdoch said in a statement.

Basically, MySpace was worth more as a feeder to Fox Sports et al than it was as a standalone service. And it became worth even more when it inked a lucrative $900 million advertising deal in 2006.

But as MySpace enjoyed the profitability it never had in its first year, its original users were being driven away.

MySpace became inundated with intrusive ads, many of which led to dubious pages asking users to sign up for credit cards and other services. Money was hemorrhaged out of developer resources as a “massive spaghetti-ball mess” of sections were created to try and generate revenue that would meet News Corp’s unattainable targets. Ultimately, a failure to focus on what its community wanted and the usability of the site saw users leave for other platforms.

Now the common version of the story is that Confidently Zay’s MySpace utopia was ruined by Murdoch’s takeover. In this version of the tale, Moneygrubbing Murdoch killed the golden goose.

The truth, however, is that the utopia of MySpace was ruined by its founders BEFORE Murdoch came on the scene. After all, if the original MySpace had enjoyed nice profits, Tom et al would never have had to sell the service to Murdoch in the first place.

Let’s face it: the Confidently Zay version of MySpace that had no ads was never going to survive anyway, unless the founders had come up with another monetization method. They didn’t.

When Murdoch’s company sold the firm, and when it was sold again, MySpace was rebranded as a music site, and survives as such today. But Tom’s out taking scenic photos, so he’s happy. Maybe he even bought a new t-shirt.

Whoops, I guess he didn’t.

And what happened to FriendFeed?

As News Corp. was working on monetizing MySpace, and Mark Zuckerberg was planning for Facebook world domination, other social media services entered into the fray.

In 2006 and 2007 alone, three notable services were launched: Twitter, Tumblr, and FriendFeed. Today Twitter is by far the most popular of the three, Tumblr is still around somewhere, and FriendFeed no longer exists.

Even those of us who used FriendFeed often forget this, but FriendFeed actually started as a feed aggregator. It wasn’t known for content creation, but was instead known as the place where you could share all of your social content from other services. The benefit was that readers didn’t have to visit every single walled social service to see your content; they could see all of it on FriendFeed. This in itself was a relatively new concept, as “lifestreaming” became a thing.

Eventually FriendFeed expanded from resharing content from other places began to host original content…coupled with new innovations:

When I post something to FriendFeed, all of my friends see it. If one of them comments on it or “likes” it, then two things happen that don’t happen on Facebook. First, our conversation suddenly appears in the news feed of all the friends of the person who commented on my item – whether they know me or not. That doesn’t happen on Facebook. I can see the names of people who comment on my friends’ items – but if my friends comment on items shared by their friends I don’t know – there’s no notification of that in my news feed.

Second, whenever anyone comments on or “likes” any item that’s appeared in my stream of friends’ updates – it’s pushed back up to the top of my FriendFeed page. That makes it all the more likely that I will comment on it again or for the first time.

This 2009 comment highlights two things that are common in social media today, but were rarities 12 years ago.

  • Liking things. Yes, FriendFeed pioneered the “Like” button, although other companies (including Facebook) quickly copied it. There used to be a video that noted one FriendFeed user had amassed tens of thousands of likes. Now everyone does it.
  • Dynamic feeds. Previously, feeds were chronological and static, but FriendFeed advanced some changes to the feed, including one that was very unpopular with certain segments of the FriendFeed community: updating of those static feeds as new content was posted. And, as noted above, comments and likes could also push old content to the top of the feed.

When dynamic feed updates, Michael Arrington (who was still with TechCrunch at the time) talked about it.

Of course, the impact of the innovation is dampened somewhat when you read the post today, because FRIENDFEED NO LONGER EXISTS. But you get the drift.

So FriendFeed was clearly innovative. In addition to the advances that I noted above, FriendFeed was also extremely stable, especially when compared to “fail whale” Twitter.

Revenue-wise, however, FriendFeed was subpar. During its existence before its acquisition by Facebook, FriendFeed had only participated in one funding round, and in that case the funding was from the founders. In terms of establishing a constant revenue stream, FriendFeed claimed to be ahead of other “lifestreaming” services (Plaxo, Iminta, Socialthing, Lifestream.fm and Zude). But FriendFeed had other competition:

However, Facebook, MySpace and Google are all ahead in the battle to become the preferred aggregators of social data, which is crucial if they are to build any significant revenue streams.

And while MySpace wasn’t exactly innovating at the time, Facebook and Google definitely WERE, with Facebook experimenting with the like and eventually acquiring FriendFeed itself. Google, of course, would launch Google+ in 2011 in an attempt to create a social network that united all of Google’s disparate services.

As it turned out, FriendFeed’s founders decided to cash out rather than try to keep FriendFeed independent. The founders stayed with Facebook for a while before leaving, but worked on projects other than FriendFeed for their new corporate overlords: Facebook’s acquisition of FriendFeed was clearly a talent acquisition, although most of the talent (Benjamin Golub being a notable exception) has long since departed.

FriendFeed’s founders were clearly cool technologists. Ironically, they were such cool technologists that they could have lived on their past glories (Gmail, Google Maps) and didn’t NEED for FriendFeed to make money. Perhaps that’s why a revenue model never really entered the equation.

How Facebook was different

In the Internet world, companies fail more often than not. Those companies that survive and thrive for years are rare. For every Microsoft and Apple (formerly Apple Computer) there is an Ashton-Tate or Lotus.

And in the world of social networking, Facebook (and probably Twitter) are unusual.

Why did Facebook survive while MySpace declined and FriendFeed disappeared?

While technological advances and scalability obviously contributed, the important thing about Facebook is that it established a recurring revenue stream. Five years after Facebook was founded in a dorm, it turned a profit from “from applications sold through the website and online advertising.” This ability to generate its own profits, rather relying on funding from outsiders, allowed Facebook to continue to expand. While short-term profits were bumpy around the time of Facebook’s IPO, the company weathered this storm. These days, revenues are…pretty good.

The founders of MySpace and FriendFeed could only dream of such revenue numbers.

Or, more accurately, they DIDN’T dream of those revenue numbers.

This is just a reminder of something that I’ve seen in a lot of situations: the coolest technology won’t amount to anything if it doesn’t produce revenue.

How and why a company should use LinkedIn showcase pages

This post explains what LinkedIn showcase pages are, how Bredemarket uses LinkedIn showcase pages, and (a little more importantly) how YOUR company can use LinkedIn showcase pages.

What are LinkedIn showcase pages?

LinkedIn offers a variety of ways to share information. Two of those ways are as follows:

  • A personal LinkedIn page. This allows an individual to share their job history and other information. Here’s an example.
  • A company LinkedIn page, which contains information about a company, including “about” details, jobs, employees, and other facts. Here’s another example.

A third method is a LinkedIn showcase page. This is tied to a company page, but rather than telling EVERYTHING about the company, a showcase page allows the company to zero in on a PARTICULAR aspect of the company’s product/service offering.

How Bredemarket uses LinkedIn showcase pages

Most companies, even very small ones like Bredemarket, can segment their products and services in various ways. In Bredemarket’s case, the company offers some prepackaged services, such as a “short writing service” and a “medium writing service.”

However, it didn’t make sense for me to segment my services in this way. The people who are interested in 400 word written content are not dramatically different from the people who are interested in 2800 word written content. So instead of segmenting by service, I chose to segment by market.

I started by addressing one of my potential markets, the identity market (biometrics, secure documents, and other identity modalities). Back in November, I created a Bredemarket Identity Firm Services showcase page on LinkedIn, which eventually became a place for me to share information about the identity industry, both content generated by me and content generated by others.

Bredemarket Identity Firm Services on LinkedIn. https://www.linkedin.com/showcase/bredemarket-identity-firm-services/

Since then I’ve expanded my offerings. On LinkedIn, I presently have TWO showcase pages, one concentrated on the identity market, and one concentrated on the more general technology market.

Bredemarket Technology Firm Services on LinkedIn. https://www.linkedin.com/showcase/bredemarket-technology-firm-services/

These concentrations made the most sense to me, although I could segment even further if I chose to do so (separate showcase pages for fingers and palms, anyone?).

An aside for Facebook users

Incidentally, you can perform similar segmentation in Facebook. In Facebook terms, you can have a page associated with a particular company, and then (rather than showcase pages) you can have groups that link to the company page and delve into topics in more detail.

So Bredemarket (which is committed to disseminating information via multiple communication streams; see my goal number 3 here) has Facebook groups that are somewhat similar to the Bredemarket LinkedIn showcase pages. One difference is that I have three groups on Facebook. In addition to the identity and technology groups, I also have a general business group. At this point it didn’t make sense to create a LinkedIn showcase page for general business, but it did make sense for Bredemarket to have such a group on Facebook.

Enough about me. What about you?

Obviously Bredemarket is an unusual case, although for some of you it may make sense to segment based on markets.

Most companies, however, will choose to segment based upon products or product lines. This especially makes sense for multinational companies that offer a slew of products. However, even smaller companies with multiple product lines may benefit from showcase page segmentation. If a potential customer is only interested in your square blue widgets, but doesn’t care about your other widgets, a showcase page allows the customer to read about blue widgets without having to wade through everything else.

Some of you may have received a pitch from me suggesting how a showcase page can help you highlight one product or product line in this way.

Perhaps it’s best to show an example. I’ve previously highlighted Adobe as an example of a company with showcase pages, but for now I’d like to highlight another company with a similar issue.

Let’s look at Microsoft, which has an obvious interest in using LinkedIn to its fullest potential. Microsoft’s product and service lines have expanded over the years, and while some Microsoft entities (such as LinkedIn itself) have their own regular LinkedIn pages, Microsoft uses showcase pages for other entities, products, and services.

For example, Microsoft has a showcase page for Microsoft Dynamics 365.

But here’s a showcase page that has nothing to do with a product, service, or market: “Microsoft On the Issues.”

So there are a variety of ways that a company can slice and dice its communications, and LinkedIn showcase pages provide an ideal way to do that.

Does this interest you?

Of course, setting up a LinkedIn showcase page is only the beginning of the battle. If you set up a showcase page and don’t publish anything to it, your efforts are wasted. Potential customers look at your company’s online presence, after all.

If your company has established a showcase page, has set goals for how the showcase page will benefit the company, and now needs to generate content at a regular clip, Bredemarket can assist with the creation of the content, working with internal company subject matter experts as needed. If this service interests you, contact me. We will collaborate to ensure that your LinkedIn showcase page includes the best possible content.

Will the Kami Doorbell Camera sell in Illinois?

There was a recent press release that I missed until Biometric Update started talking about it two days later. The January 19 press release from Kami was entitled “Kami Releases Smart Video Doorbell With Facial Recognition Capabilities.” The subhead announced, “The device also offers user privacy controls.”

And while reading that Kami press release, I noticed a potential issue that wasn’t fully addressed in the press release, or (so far) in the media coverage of the press release. That issue relates to that four-letter word “BIPA.”

This post explains what BIPA is and why it’s important.

  • But it starts by looking at smart video doorbells.
  • Next, it looks at this particular press release about a smart video doorbell.
  • Then we’ll look at a competitor’s smart video doorbell, and a particular decision that the competitor made because of BIPA.
  • Only then will we dive into BIPA.
  • Finally, we’ll circle back to Kami, and how it may be affected by BIPA. (Caution: I’m not a lawyer.)

What is a smart video doorbell?

Many of us can figure out what a smart video doorbell would do, since Kami isn’t the first company to offer such a product. (I’ll talk about another company in a little bit.)

The basic concept is that the owner of the video doorbell (whom I’ll refer to as the “user,” to be consistent with Kami’s terminology) manages a small database of faces that could be recognized by the video doorbell. For example, if I owned such a device, I would definitely want to enroll my face and the face of my wife, and I would probably want to enroll the faces of other relatives and close friends. Doing this would create an allowlist of people who are known to the smart video doorbell system.

However, because technology itself is neutral, I need to point out two things about a standard smart video doorbell implementation:

  • Depending upon the design, you can enroll a person into the system without the person knowing it. If the user of the system controls the enrollment, then the user has complete control over the people that are enrolled into the system. All I need is a picture of the person, and I can use that picture to enroll the person into my smart video doorbell. I can grab a picture that I took from New Year’s Eve, or I could even grab a picture from the Internet. After all, if President Joe Biden walked up to my front door, I’d definitely want to know about it. Now there are technological solutions to this; for example, liveness detection could be used to ensure that the person who is enrolling in the system is a live person and not a picture. But I’m not aware of any system that requires liveness detection for this particular use case.
  • You can enroll a person into the system for ANY reason. Usually consumer smart video doorbells are presented as a way to let you know when friends and family come to the door. But the technology has no way of detecting whether you are actually enrolling a “friend.” Perhaps you want to know when your ex-girlfriend comes to the door. Or perhaps you have a really good picture of the guy who’s been breaking into homes in your neighborhood. Now enterprise and government systems account for this by supporting separate allowlists and blocklists, but frankly you can put anyone on to any list for any reason.

So with that introduction, let’s see what Kami is offering, and why it’s different.

The Kami Doorbell Camera

Let’s return to the Kami press release. It, as well as the description of the item in Kami’s online store, parallels a lot of the features that you can find in any smart video doorbell.

Know exactly who’s at your door. Save the faces of friends and family in your Kami or YI Home App, allowing you to get notified if the person outside your front door is a familiar face or a stranger.

And it has other features, such as an IP-65 rating stating that the camera will continue to work outdoors in challenging weather conditions.

However, Yamin Durrani, Kami’s CEO, emphasized a particular point in the press release:

“The Kami Doorbell Camera was inspired by a greater need for safety and peace of mind as people spend more time at home and consumers’ increasing desire to reside in smart homes,” said Yamin Durrani, CEO of Kami. “However, we noticed one gaping hole in the smart doorbell market — it was lacking an extremely advanced security solution that also puts the user in complete control of their privacy. In designing our video doorbell camera we considered all the ways people live in their homes to elegantly combine accelerated intelligence with a level of customization and privacy that is unmatched in today’s market. The result is a solution that provides comfort, safety and peace of mind.”

Privacy for the user(s) makes sense, because you don’t want someone hacking into the system and stealing the pictures and other stored information. As described, Kami lets the user(s) control their own data, and the system has presumably been designed from the ground up to support this.

But Kami isn’t the only product out there.

One of Kami’s competitors has an interesting footnote in its product description

There’s this company called Google. You may have heard of it. And Google offers a product called Nest Aware. This product is a subscription service that works with Nest cameras and provides various types of alerts for activities within the range of the cameras.

And Nest even has a feature that sounds, um, familiar to Kami users. Nest refers to the feature as “familiar face detection.”

Nest speakers and displays listen for unusual sounds. Nest cameras can spot a familiar face.4 And they all send intelligent alerts that matter.

So it sounds like Nest Aware has the same type of “allowlist” feature that allows the Nest Aware user to enroll friends and family (or whoever) into the system, so that they can be automatically recognized and so you can receive relevant information.

Hmm…did you note that there is a footnote next to the mention of “familiar face”? Let’s see what that footnote says.

4. Familiar face alerts not available on Nest Cams used in Illinois.

To the average consumer, that footnote probably looks a little odd. Why would this feature not be available in Illinois, but available in all the other states?

Or perhaps the average consumer may recall another Google app from three years ago, the Google Art & Culture app. That app became all the rage when it introduced a feature that let you compare your face to the faces on famous works of art. Well, it let you perform that comparison…unless you lived in Illinois or Texas.

So what’s the big deal about Illinois?

Those of us who are active in the facial recognition industry, or people who are active in the privacy industry, are well aware of the Illinois Biometric Information and Privacy Act, or BIPA. This Act, which was passed in 2008, provides Illinois residents control over the use of their biometric data. And if a company violates that control, the resident is permitted to sue the offending company. And class action lawsuits are allowed, thus increasing the possible damages to the offending company.

And there are plenty of lawyers that are willing to help residents exercise their rights under BIPA.

One early example of a BIPA lawsuit was filed against L.A. Tan. This firm offered memberships, and rather than requiring the member to present a membership card, the member simply placed his or her fingerprint onto a scanner to verify membership. But under BIPA, that could be a problem:

The plaintiffs in the L.A. Tan case alleged that the company, which used customers’ fingerprint scans in lieu of key fobs for tanning membership ID purposes, violated the BIPA by failing to obtain the customers’ written consent to use the fingerprint data and by not disclosing to customers the company’s plans for storing the data or destroying it in the event a tanning customer terminated her salon membership or a franchise closed. The plaintiffs did not claim L.A. Tan illegally sold or lost customers’ fingerprint data, just that it did not handle the data as carefully as the BIPA requires.

L.A. Tan ended up settling the case for over a million dollars, but Illinois Policy wondered:

This outcome is reassuring for anyone concerned about the handling of private information like facial-recognition data and fingerprints, but it also could signal a flood of similar lawsuits to come.

And there certainly was a flood of lawsuits. I was working in strategic marketing at the time, and I would duly note the second lawsuit filed under BIPA, and then the third lawsuit, and the fourth…Eventually I stopped counting.

As of June 2019, 324 such lawsuits had been filed in total, including 161 in the first six months of 2019 alone. And some big names have been sued under BIPA.

Facebook settled for $650 million.

Google was sued in October 2019 over Google Photos, again in February 2020 over Google Photos, again in April 2020 over its G Suite for Education, again in July 2020 over its use of IBM’s Diversity in Faces algorithm, and probably several other times besides.

So you can understand why Google is a little reluctant to sell Nest Aware’s familiar face detection feature in Illinois.

So where does that leave Kami?

Here’s where the problem may lie. Based upon the other lawsuits, it appears that lawyers are alleging that before an Illinois resident’s biometric features are stored in a database, the person has to give consent for the biometric to be stored, and the person has to be informed of his or her rights under BIPA.

So such explicit permission has to be given for every biometric database physically within the state of Illinois?

Yes…and then some. Remember that Facebook and Google’s databases aren’t necessarily physically located within the state of Illinois, but those companies have been sued under BIPA. I’m not a lawyer, but conceivably an Illinois resident could sue a Swiss company, with its databases in Switzerland, for violating BIPA.

Now when someone sets up a Kami system, does the Kami user ensure that every Illinois resident has received the proper BIPA notices? And if the Kami user doesn’t do that, is Kami legally liable?

For all I know, the Kami enrollment feature may include explicit BIPA questions, such as “Is the person in this picture a resident of Illinois?” Then again, it may not.

Again, I’m not a lawyer, but it’s interesting to note that Google, who does have access to a bunch of lawyers, decided to dodge the issue by not selling familiar face detection to Illinois residents.

Which doesn’t answer the question of an Iowa Nest Aware familiar face detection user who enrolls an Illinois resident…