If you plan to develop a profiling system that allows you to provide personalization services, where do you begin? Figure 7.2 shows an example profiling process and gives you an idea of the type of data that could be collected and used.
A more detailed and specific study of data that can be collected can be found in John Hagel and Marc Singer's 1999 book, Net Worth. User mobility allows you to capture and profile location data, which could range from tracking a user to categorizing them based on their patterns of travel to storing favorite places (so a user does not have to reenter locations constantly), favorite routes (so a user can quickly check traffic conditions), and even favorite maps.
Provided that a user agrees in advance, it is possible to subsidize these sophisticated and personalized product enhancements. Marketers often know which type of person is likely to buy a product or service, and they find that investment returns on direct marketing are much higher than investment returns on broadcast advertising. The more specific the targeting is, the more a marketer is willing to pay. Different marketing services that could make use of location-based profiles include targeted direct marketing, market research, targeted advertising, agent services, and message filtering.
As discussed in Chapter 5, there are many different methods employed to locate mobile devices in a mobile network. There is an increasing shift away from pure network-based positioning methods to handset-based positioning (e.g., E-OTD) or hybrid positioning (e.g., A-GPS) systems because they are fast, accurate, and involve the least cost to the mobile operators. To protect user privacy, most handset-based positioning systems allow the user to disable or mute it. The Qualcomm gpsOne product allows a user to set the positioning unit to operate either by default, on a per-use basis, or only in emergency situations.
There is often a debate about who owns or controls the customer's location data. This is particularly true in telematics, as in-vehicle navigation involves both the automotive company who provides the applications and physical infrastructure and the mobile operator who carries the signals. The answer is that the customers own their data, and they might or might not be willing to share it based on the value they receive for doing so. If customers feel uncomfortable with the way their data is used, as, for example, having to worry about getting automatic fines if they drive their rental car 5 miles per hour over the speed limit, they will simply not use a product. Trust is critical in the relationship between the location-based service provider and the customer, and it is up to the service provider to develop a product that both parties are comfortable with and benefit from.
As we've discussed, profiling and personalization in the context of mobile location services can be much more than traditional customer relationship management (CRM). Leading CRM providers such as Siebel (http://www.siebel.com) are installed in many communications and automotive organizations today, and provide open interfaces to integrate with the application server used in your location services infrastructure. Solutions are increasingly integrated to meet the needs of large carrier-class solutions, as shown by the increasing synergies between Portal Software's (http://www.portal.com) billing platform and Siebel's CRM environment. More specialized products and services designed specifically for the type of profiling and personalization discussed in this chapter are available from niche providers such as Personify (http://www.personify.com) and DoubleClick (http://www.doubleclick.com). Additional resources on CRM can be found at http://www.crmcommunity.com/.
One of the challenges in personalization and profiling is providing a simple method for users to tell service providers which information they're willing to share and under which conditions they're willing to share it. Similar to having a multitude of user names and passwords, imagine having hundreds of profiles. How many times have you typed your name and address into an e-commerce Web site? Clearly, it would be better if at the time you were ready to purchase an item, a vendor could make one request: "Please provide your address." Your mobile device could allow you to scroll a list of addresses and submit one with a single click. You might be willing to type your address many times at a Web site, but anyone who has ever keyed a full address into a mobile device, especially a mobile phone, will agree it is not something they would like to do often. To make this a reality requires a standard platform for storing and sharing profiles. P3P is an attempt to provide this standard for the Web. Its principles can be applied to mobile devices and location service applications.
P3P is an emerging industry standard promoted by the World Wide Web Consortium (W3C) for automating and giving users more control over the use of personal information at the Web sites they visit. The basics of P3P involve a standardized set of multiple-choice questions covering the major aspects of a typical Web site's privacy and profiling policies. Web sites that are P3P-enabled make this information available so that a user's browser can read it and compare it with the user's own set of privacy preferences before delivering a Web page.
P3P covers nine aspects of online privacy, five of which are related to the data the site is tracking:
Who is collecting the data?
Specifically what information is being collected?
What purpose is the information being collected for?
What information is being shared with others?
Who are the recipients of the information being shared?
The other four topics involve the Web site's internal privacy policies:
Is it possible for users to make changes in how their data is used?
How are disputes resolved?
How long is data retained for?
Where can the site's privacy policies be found in "human-readable" form?
Figure 7.3 gives a basic overview of what is required to make a site compliant with P3P. A simple P3P transaction is shown in Figure 7.4.
The developers and participants sponsoring and involved in creating P3P include the following international organizations:
Center for Democracy & Technology
Direct Marketing Association
Electronic Network Consortium
Gesellschaft für Mathematik und Datenverarbeitung (GMD)
International Security, Trust, and Privacy Alliance
Ontario Office of the Information and Privacy Commissioner
Privacy Commission of Schleswig-Holstein, Germany
The specifications for P3P can be found in Appendix D, as can an explanation of how to implement P3P in your mobile location services application. Additional reading on P3P is available on the Web at http://www.w3.org/P3P/.
One of the most ambitious projects to address the problem of user profile and authentication management is Microsoft's .NET initiative. Microsoft recognizes the challenges inherent in providing single sign-on access across the multitude of disparate and unrelated Web sites, and has offered Microsoft Passport to provide a single sign-on service. Furthermore, Microsoft has recognized the power of transactive content in making applications more valuable, and that applications are increasingly being delivered via the Internet as a service. This new development minimizes the value of a Microsoft desktop and server operating system platform and therefore many software developers who would otherwise be building Windows applications are building Web applications.
The idea of an initiative like Microsoft's .NET is to view the entire Internet as a large network operating system. All network operating systems need a basic set of infrastructure services that systems within the network require to be valuable and efficient. Microsoft has proposed a set of such services, which it calls Hailstorm. These services provide an enabling infrastructure and make it much easier to develop and deploy applications on the network. Hailstorm Web services are delivered using the XML-based SOAP, and can embed content in HTML, WAP, or Windows Forms Applications. Microsoft Passport provides a standard platform for authentication and profile preferences, similar to P3P.
The basic set of Web services include MyAddress, MyProfile, MyContacts, MyNotifications, MyInbox, MyCalendar, MyDocuments, MyApplicationSettings, MyFavoriteWebSites, MyWallet, MyDevices, and of greatest interest to us, MyLocation.
MyLocation is designed to store basic information such as a user's favorite routes, favorite maps, and favorite locations. We have already discussed how this information can be valuably leveraged, but when you consider that many applications require additional location-oriented operations, such as GetUserPosition(), GeocodeAddress(), CalculateRoute(), or LookupPOIs(), there is an opportunity to provide these operations as a more sophisticated pay-as-you-go package to application developers. Figure 7.5 shows how you might implement a pay-per-use or subscription-based system to provide a more sophisticated service to a mobile location-based application.
Additional technical details on Microsoft .NET and Microsoft Passport can be found at http://www.passport.com/sdkdocuments/sdk21/default.htm and http://www.microsoft.com/net/whitepapers.asp.