Recently, Mark Zuckerberg wrote a letter sharing his frustration with the government’s stance on online privacy and security. While the focus is more a response to the recent activity of the NSA, for me it brings to the forefront the underlying issue of consumer privacy as a whole on the web and shines a spotlight on other government attempts to control consumer data through regulatory and legislative means.


As public concern surrounding online consumer privacy grows, industry leaders and Government have attempted to provide solutions to the problem. Everything from self-regulation by corporations to privacy seal programs to new legislation have been instituted, and yet the problem still persists. The reason for this may be that in a global economy, this plethora of “solutions” is not only ineffective but also stifling in their ability to further enable online interaction, communication and commerce across borders.  A single solution on which industry, governments and consumers could all agree, would address this conflict. It would need to ensure that a unified framework would be adaptable no matter the geography, demographic or situation; a solution that would establish a single trust layer across the web and allow businesses, users and governments, no matter where they are in the world, to seamlessly engage online.

So what is the answer?  In my opinion, the concept of “User as Owner” should be pushed to the forefront due to its simplicity and overarching philosophy. The idea that one’s data is one’s own, dismantles the need for customized privacy policies, legislative solutions and privacy seal programs by shifting responsibility from business and government to the individual. “User as Owner” combines personal rights with technology and turns a blind eye to geography, age, income level and citizenship in order to place everyone on a level playing field.  This approach is in line with the fundamental nature of the Internet.

Facebook has been accused of a blithe stance on privacy many times.  However, I believe they have actually been instrumental in implementing a type of “User as Owner” expectation online that protects the rights and desires of the consumer. Due to Facebook’s adoption of a technology called OAuth, billions of people and millions of businesses are now familiar and comfortable with an “Allow” button placed in front of a user before personal information is released. In contrast to the status quo, this technology allows people to accept full responsibility for their own data and empowers them with the ability to make educated and overarching decisions on whether or not to share it with others. For Facebook, this behavior has empowered their users, maintained privacy, and kept ridged, stifling regulation out of online interactions and commerce.

Inspired, in 2010 when I started Trulioo, an online identity verification service, I aimed for similar impact on privacy.  However, I had worked in the consumer data industry for over a decade previously, and I knew some potential customers might not feel the same way. I was right; it was a tough sell with many customers saying they might be interested “one day in the future”, if the way they were doing things ever became an issue.  Since then we have worked to promote OAuth’s use among our users, customers, governments and industry leaders. From day one, Trulioo’s own user data has been protected with OAuth to ensure that the user has permitted the release of their data to websites or mobile apps using our service to verify them. This requirement has differentiated the company from traditional providers in our field, and I believe has helped to usher in a new era of consumer privacy in our industry.

Mr. Zuckerburg has said that he fears that change in the status quo is still far off; and when it comes to government regulation he may be right.  But I would say judging by an explosion in revenues at Trulioo this year, for many of our customers that “one day in the future” quoted to me back in 2010 – has finally come.

By Stephen Ufford, CEO @ Trulioo