I’m curious as to what’s happening to certain of our online form entries. Most of them comprise of address, email, or other information that is plugging directly into a back-end database and either serve as query against or populate preset tables. These are permission-based entries which we, as consumers, thoughtfully offer and generally understand use.
There’s another set of entries, though, that’s interesting as accident or “personal query.” A couple specific examples:
1) The errant password entry - many of us now utilize multiple passwords for our online services and occasionally input one mismatched to the service we’re accessing. In a worst case scenario, we try every one of our standard passwords unsuccessfully, then click the “Forgot Your Password?” link, a clear indication to the company that we’ve just handed over a personal skeleton key of data. Such entries are logged, of course, but then what? Is there value to a company in holding onto or mining this data? What happens when we accidentally offer companies personal information?
2) Domain name registration checks - I’ve often wondered whether a domain name registration site such as GoDaddy logs domain checks that go unpurchased and considers whether to buy them (and, let’s say, sell them in the domain after-market). In other words, the company is in a position to leverage the creativity of its site’s visitors, but at risk, perhaps, of sacrificing trust and the core business. These are “personal queries” which we implicity share with the registrar by utilizing them as intermediary. Google actually organizes and publishes this kind of information (our searches) in aggregated form; see Google Trends.
There’s been a fair amount of discussion this year surrounding the “implicit web,” which Fred Wilson says, “is all about the value that will accrue to an Internet user when their every action is tracked, recorded, and used to provide value back to that user. There is also a second order play when that clickstream activity is shared with the user’s permission with everyone else.”
So is it in GoDaddy’s interest to suggest interesting domains that are queried but go unpurchased for, let’s say a month post-query, to other visitors? I’d think so, but the company should probably send an email to the visitor (assuming they’ve captured it) giving them a last-minute buy opportunity before recommending it to the masses. That’d be good business. And the errant password entry? It’s got to be tossed. But just in case, get LifeLock.
Other thoughts on the dark side (or silver lining therein) of the “implicit web”?
__________
Graphic credit: the walls have ears, originally uploaded by Norma Desmond
***New to punctuative? Consider subscribing to my RSS feed (subscribe here), or sign up for email updates in the box to the right.
Hey Matt - great post! I think that most companies do not collect errant passwords, but I agree that this could be extremely valuable information. I’m surprised that with module-type languages like Ruby on Rails that there isn’t one standard password module/app that has come forth.
A company making a killer open source, protected password system is much needed by the web community. Maybe there already is one?
Glad to see you posting more often
Sam
http://www.leveragingideas.com
Sam: Rails has a fairly standard password module (acts_as_authenticated). OpenID is a more interesting element to the conversation though in terms of a real “standard” that is language-independent.
Personally, I’d love to peek through the logs of, say Comcast’s DNS servers to get a list of domains that people tried to hit which didn’t resolve. I bet that would make for a fine list of ideas for common domain name misspellings (which can be easily monetized).
Hey Tom - It’s not quite the same, but I know that some SEO guys mine websites for expiring domains with high PR and backlinks, which they then buy and monetize or use to increase the PR of their own sites.
Sam
http://www.leveragingideas.com
Sam and Tom, great adds. A number of ISPs do sell aggregated traffic data to folks such as Hitwise that structure it and sell services. The raw data, of course, would be something else. I suppose it’s in the interest of Comcast’s venture arm to invest in a domain aggregator. And Sam, thanks for the words of encouragement!
Best,
Matt
Hi Matt,
There’s a lot of interesting concepts in this post. As far as domain aggregation, I always wondered about the tips Whois providers received based on searches. Finally ICANN is investigating that — http://www.circleid.com/posts/icann_idomain_name_front_running/ . As far as clickstream data, password information, and all the other implicit data out there, there’s clearly big opportunity here. When we sold our company to Root Markets (Seth Goldstein’s company), we were really excited about the Root Vaults. I’d be interested to see how that turns up in the next generation of Internet products.
Cheers, Atul
Atul,
Thanks so much for stopping by, and for the article tip - can’t believe the timing. Would love to hear more online or off regarding the Root Markets opp.
Best,
Matt