Companies with established business models – those with large customer bases, legacy investments and trusted brands – typically possess vast amounts of customer data but are legally constrained on its use for commercial purposes. Given those legal constraints, established players are generally conservative in their approach to the market and deeply concerned about unclear liabilities and legal inconsistencies.On the other hand, many new services and applications are more innovative in their approach and typically use personal data as a central component in their business models. By definition, they tend to fall outside the purview of legacy legal restrictions and typically innovate at the edges of what can be legally done with personal data.
As personal data increasingly becomes a critical source of innovation and value, business boundaries are being redrawn. Profit pools, too, are shifting towards companies that automate and mine the vast amounts of data we continue to generate. Far from certain, however, is how much value will ultimately be created, and who will gain from it. The underlying regulatory, business and technological issues are highly complex, interdependent and ever changing.
Personal data services provide the safe means by which an end user can store, manage, share and gain benefit from his or her personal data. These data can range from such self-asserted attributes as the individual’s likes, preferences and interests to such managed and verified attributes as a person’s age, credit score or affiliations, and histories with external entities like firms, government agencies and the like.
Personal data services consolidate end users’ digital identity, allowing them to control which third parties are entitled to access – along with how, when and at what price. VRM extends this control to the realm of realising direct value – monetary or in kind – from the personal data stored and managed by personal data services providers.