Consumer research has focused on discovering user information such as demographic, personal or identifying information and using this information to provide the user with products or services tailored to his geographic area, age, gender, nationality or preferences. Typically such information can be obtained through the use of cash-registers, kiosks, telephones, televisions and computers. While information is often obtained for marketing purposes, such information is also useful for other purposes.
A system for obtaining demographic information is described in U.S. Pat. No. 5,369,571 to Metts, in which a store clerk enters data relating to consumer socio-demographic characteristics while ringing consumer's purchases at a cash register. In U.S. Pat. No. 5,237,157 to Kaplan, discovery of marketing information relative to the tastes of music buyers is carried out while a user interacts with a music sampling kiosk in a music store. In U.S. Pat. No. 5,515,098 to Carles, marketing data previously obtained and recorded on a central database is used to target specific commercial messages to on-demand television subscribers. The operation of a central database is a common characteristic of the above systems. Personalized interactions based on user-dependent data, if present, require a user to provide user information for this database as a condition to obtaining the benefit of any privileges provided thereby.
In other systems used to obtain identifying information from a user, all interactions between a user and the system are localized, including user-dependent discovery, storage and use of the information. In U.S. Pat. No. 5,555,074 to Jacobs disclosed is a system for delivering personalized greeting cards to consumers interacting with a kiosk. The system is able to query a consumer for user-dependent data, store it for the duration of the interactive session and use it to propose a selection of personalized products for purchase. Although this system does not provide for permanent recording of user-dependent data, its ability to perform data discovery and exploitation relative to a plurality of users is similar to the above systems that retain such data in a central database.
In U.S. Pat. No. 4,899,373 to Lee, a system providing personalized, location-independent telephone services is disclosed, in which user-dependent data is transmitted from a credit card and temporarily stored on the local exchange that services the telephone picked up by the user. In U.S. Pat. No. 5,552,586 to Kalman, a memory card is used to store user data relative to the interactions of the user with a plurality of social agencies. While this system provides access codes to allow for the protection of confidential data against disclosure to an unauthorized agency, when access is granted to an authorized agency, user data is unprotected as data is recorded in the computer of this case worker. These and other systems that record user-dependent data on a local medium, particularly a removable medium such as a disc drive, typically allow others to access this data independently of user control. Often, access is obtained by providers of the card or storage medium, as well as others with whom the user-dependent data was discovered in the first place.
Similar observations can be made relative to the use of the Internet. Hypertext markup language HTML and Java applets can be used in a discovery phase to report their findings to a central database. Similarly, cookies and executable code for push technology can record user-dependent data locally to avoid repetitive data entry by the user. Such processes can be thought of as a local extension of the central server, as typically they provide no privacy protection besides a possible declaration of intent to preserve information in confidence.
The proposal by Firefly, Inc. for an "Open Profiling Standard" (OPS) presents a framework for such "before disclosure" user control. Within its scope, attention is given to important issues such as identification of entities and parties and security of communications between them. The OPS describes how an entity may negotiate access to confidential information on a party for the sake of offering a personalized service to this party. While the OPS gives an excellent description of the disclosure process and allows for party-dependent data to be kept locally under the party's control, its spirit is still to trade disclosure for personalization. It would be advantageous to break this link so as to reduce the need for disclosure while potentially increasing its economic value.