I read it on Yahoo! News, so it must be true! ;-) I now work for email reputation services firm Habeas!

I’ve known the folks at Habeas for a long time and I’m really excited to finally get the chance to work with them directly. As Director of Email Policy, I’ll be working directly for Habeas’s CEO Des Cahill in revising (or in some cases, establishing) the policies that will drive Habeas’s new and existing products and services in the growing market for reputation services. I’ll also be bringing my experience in building privacy and security related services and technologies as Habeas expands its offerings into some new and exciting directions.

This move also represents something of a homecoming for me — after several years of work on security and authentication startups, I’m coming back to the issues of spam and email marketing where I first started almost fifteen years ago. A lot has changed in that time, and one of the things I’m able to bring to Habeas is that perspective on the past (a/k/a where all the bodies are buried) along with my experiences in related issues facing other industries.

Here’s the press release which went out this week and was picked up on Yahoo! Business.

Habeas Appoints Ray Everett-Church as Director of Email Policy
Privacy Guru to Lead Habeas’s Email Policy and Compliance Services for Volume Senders

MOUNTAIN VIEW, CA–Jul 17, 2007 — Habeas, Inc. (www.habeas.com), the industry leader in email reputation services, today announced Ray Everett-Church has joined the company as Director of Email Policy.

In this role, Everett-Church will be responsible for the ongoing stewardship of Habeas’s email policy, as well as maintaining working relationships with ISP abuse desks, blocklists and anti-spam technology providers.

The addition of Everett-Church allows Habeas to expand its excellent support services to email senders and educate them on email best practices. In addition, the appointment further enhances Habeas’ ability to provide leadership and guidance on policy and sender requirements for audit, Safelist and compliance services for volume senders.

“Ray is an amazing addition to the Habeas family. His industry experience and qualifications make him the perfect person to help drive our compliance and best practices efforts,” said Des Cahill, CEO of Habeas. “As we continue to provide support and expert analysis for senders that will help them deliver email, Ray’s expertise will bolster our effectiveness in communicating the company’s compliance message to our many constituencies.”

Everett-Church is an internationally recognized expert on privacy law and Internet-related public policy, having served as founder and principal of PrivacyClue LLC and Vice President of Consulting with ePrivacy Group LLC.

Widely recognized as the “dean of corporate privacy officers,” he has provided consulting services to numerous companies such as Microsoft, AOL, Comcast, Pfizer, HSBC and Kimberly-Clark. Everett-Church co-authored “Internet Privacy for Dummies,” and continues to be a frequent commentator on legal and technology issues involving Internet privacy and security.

Prior to practicing law, Everett-Church worked as an independent consultant to the online services industry regarding legal, technical and policy issues.

About Habeas, Inc.
Habeas is an email Reputation Services Provider that offers solutions for legitimate senders to monitor and manage their email reputation to ensure maximum deliverability. Habeas sender reputation services include Habeas Audit for reputation assessment, Habeas Delivery Monitor for managing reputation information, and Habeas SafeList, the most broadly referenced Internet whitelist. Habeas also enables enterprises and ISPs to more efficiently process their inbound email and make better delivery decisions via its Reputation Network. This network is comprised of sender reputation information collected from four and a half million receiving systems in over 190 countries. For more information, visit www.habeas.com.

Some of you might be asking what this means for my involvement with AGLOCO. With the successful release of the AGLOCO Viewbar, the reality is that there is much less need for a full-time Privacy Officer, especially at this stage of the company when the team is so small and resources are tight. Of course there remain many privacy-related issues facing AGLOCO, and that is why I’ll be sticking around, just in a different way. I will become chairman of AGLOCO’s Privacy Advisory Council.

Later this Summer, we hope to be announcing the names of a few more people who will be joining me on the Privacy Advisory Council. Together, this body will be on-call to advise and counsel the AGLOCO executive team as they continue to build out the service. We’ll meet regularly with the executive and technical teams to review current practices, look forward to new services, and tackle the challenges that inevitably arise in trying to deliver the best value to members. I believe very strongly in the future prospects of AGLOCO (heck, I’ve got 38,000 referrals!!! Thanks David Lawrence! ;-) ), and am committed to doing everything I can to see that AGLOCO continues on is excellent trajectory towards success.

In an interesting article on Monday, privacy activist Lauren Weinstein issued a call for an “At-Large Public Ombudsman” at Google, to help them address their ongoing privacy and other matters.

Since then, some discussion has been going on via Dave Farber’s “Interesting People” (”IP”) mailing list.

On a number of occasions I’ve had strong disagreements with Lauren, but I’m with him on this one. Unfortunately though, I just don’t see it happening. Why? Here is my response to the discussion thread on IP:

What Lauren has described is in many ways the essence of a Chief Privacy Officer… someone who minds the store on privacy matters in a proactive way, moving easily between technical, marketing, strategic, and legal matters, and making sure the hard questions are asked (and answered) long before products launch. At many large consumer-facing companies the CPO heads a team of privacy professionals who become a central resource for executives and front-line personnel alike, across the entire company, across all business units and at all levels of the organization.

When I created the first corporate CPO position and dedicated corporate privacy team back during the dotcom boom days, some people scoffed at whether a dedicated privacy person (much less a whole team) was really necessary. Yet one need only look at the evolution of the industry over the last decade to see that the need for a CPO role and/or team at many organizations has been proven beyond any shadow of doubt.

My work in evangelizing the importance of the CPO role led me to a fascinating meeting at Google back in about 2001. I was told that they were hiring a lawyer to work on privacy matters, but I was somewhat surprised that they defined that “privacy” role as mostly limited to responding to subpoenas and other similar procedural matters. When I inquired about how they were intending to address the bigger privacy issues that were already starting to nip at their heels, I was told that privacy was so deeply engrained in the corporate ethos that they really didn’t see the need for a role like a Chief Privacy Officer.

Apparently they still don’t.

I walked away from the interview shaking my head, knowing then that privacy was going to be an ongoing headache for Google. The last six years have proven me right: with almost every major product/service release, glaring privacy issues have been evident and the company always seems shocked and surprised that anybody raises the issue. Time after time, it’s clear that stuff is going out the door without any evidence of serious attention to, or mitigation of, those glaring problems.

I think Lauren’s proposal is sound. But when I made a similar pitch directly to senior level executives at Google back in 2001, and again in 2004, the concept was met with such resounding indifference that I was forced to conclude that privacy at Google was evolving from a blind spot into an elephant in the room.

Today, I fear that acceding to a proposal such as Lauren’s would require them to admit that they’d gotten this one fundamentally wrong. Unfortunately, the hubris that led them into this blind alley will probably prevent them from escaping it anytime soon.

Regards,
-Ray Everett-Church
http://www.privacyclue.com

As many astute readers of this blog may notice, I’ve not been blogging too much lately. And if you’re also a listener to The David Lawrence Show, you will have a good idea why: I’ve been up to my eyeballs with the launch of my new company, AGLOCO.

AGLOCO — which is an acronym of sorts, short for “A Global Community” — is a modern incarnation of the Infomediary concept that I helped to pioneer back during the “dotcom” days with AllAdvantage. At AGLOCO, I am a co-founder (along with a couple of former AllAdvantage founders and a new cast of thousands*) and Chief Privacy Officer. Oh, and de facto General Counsel (at least until we have enough money to hire a better lawyer). ;-)

( * Okay, not a cast of thousands… But we’ve got about a dozen Stanford students that are running most of the operations. Actually, we may very well be the largest single employer of the Stanford Graduate School of Business Class of 2007…)

What is AGLOCO?

At it’s core, AGLOCO is an Infomediary. What’s that?

On the Internet, advertisers and marketers are eagerly and greedily gathering information about you, your interests, your shopping patterns, and other pieces of your personal information. They use this information to build a “profile” which can be used to target advertisements to you. In fact, some “data brokerage” companies will sell that profile information — your information! — to the highest bidder.

An infomediary turns this equation upside down by working as an agent on behalf of consumers to gather the same kind of data profile, but this time the profile is kept private and under the ultimate control of the consumer. The infomediary then pays consumers a share of the advertising revenue. As the community of users grows, and the quality of the targeting profile improves, the infomediary can provide advertisers with a richer and more valuable advertising audience and in turn the infomediary can deliver more value back to the community.

If you look today at the most vibrant communities on the Internet, places like MySpace, YouTube, Flickr and del.icio.us, the members of those communities have made those sites into incredible successes. When MySpace sold to News Corp. for $580 Million, how much money did the users of MySpace make? When YouTube sold to Google for $1.65 Billion, how much of that money went to those lip-syncing Korean guys and the other thousands of users who made the site such a success?

Don’t get me wrong: I think the folks who create exciting websites and think up innovative “Web 2.0″ concepts deserve to be rewarded for their creativity and their vision. But so do the users, without whom those sites would be nothing more than cute little ideas with no audience. Now, some will say that the users of YouTube or MySpace get value because they get the enjoyment of participating in the community and creating wacky webpages… all of which they get for the low, low price of FREE!

Yeah, well… one of our founding team stumbled upon a quote that sums up my feelings: Sometimes “Free” is Too Expensive!

AGLOCO will be the only (at least until somebody swipes the idea) Internet community where all the Members who come together to make it a success will actually share in the wealth created by their hard work and dedication. If “Web 2.0 is all about user empowerment, AGLOCO is empowering a virtual revolution!

For more information, please check out AGLOCO and if you want to sign up, please use my referral number: AGLO-0009. You can also learn more about AGLOCO by checking out my exclusive Podcast Interview with David Lawrence. I did a written interview for the AGLOCO website, too.

Listen to the Podcast here.

To read more about AGLOCO you can also check out the following blogs where AGLOCO’s launch is already generating a lot of interest:

AllAdvantage Is Back - GigaOM (11/03/2006)

AGLOCO launches - will pay you to surf the Web - VentureBeat (11/20/2006)

Web 1.0 Undead Rise: AGLOCO - TechCrunch

AGLOCO – AllAdvantage team launches new(ish) business - E-Consultancy (11/20/2006)

AllAdvantage 2.0, AGLOCO Launches - GigaOM (11/20/2006)

Now I like AGLOCO even more - McCall’s Notes (11/20/2006)

Today Google launched “Google Spreadsheets,” the latest in a long line of ideas tossed out the door before it was done cooking — I think the term is “half-baked” — and slapped with the “beta” complaint-deflector. Already the uncritical fawning has begun, with predictions of mass self-immolations in Redmond, WA, soon to follow.

According to C|Net’s News.com, it’s Google’s intent to make Microsoft quake in its boots, fearing that an advertising-littered web-based spreadsheet will be more attractive to consumers than Microsoft’s overpriced Office suite. So the theory goes, once Google can win over millions of consumers, enterprises will be forced to adopt it, and then the days of the villainous paperclip will finally be over.

Setting aside for a moment the abysmal history of consumer-oriented web companies who tried to create enterprise versions of their products, I think the deeper question is: Who in their right mind would trust their critical personal and financial data to the data mining machinery of Google? And assuming you could find individual takers, what company would do the same?

Google makes its money by sifting through the world’s data and dotting it with advertisements. Assuming you want to be bombarded with ads while you’re wrestling with some amortization formula (and no doubt thinking to yourself, “wow, a mocking advertisement for lessons in using spreadsheets would be handy right about now!”), all that data will be residing on Google’s servers, where it can be sifted through looking for advertising opportunities.

Even if you assume that Google keeps true to its “don’t be evil” mantra, there’s still the small matter that systems get hacked, employees get greedy and larcenous, and government investigators get overzealous and demand service providers keep data for two years.

Will that data include your “undos”? Think about the time when you entered in bogus tax data into a spreadsheet, just to see what your finances would look like if you didn’t report some extra taxable income. Would that be introduced as evidence of intent to defraud?

What if their algorithms, while searching through your spreadsheet to find relevant ads to serve, discover you have indeed been cheating on your taxes? Will they serve up ads for tax attorneys and bail bondsmen before the Feds come after you? Will they know the Feds are coming because they turned over your records to the IRS in one of the government’s regular subpoena “fishing expeditions” and illegal warrantless search and surveillance schemes?

These are not insignificant questions, and Google doesn’t have a track record of inspiring faith in their foresight and thoughtfulness on the tough questions of how data will stay private and secure. These are critical questions that Google will have to answer, not only to the satisfaction of clueless consumers and analysts but also to corporate privacy and security experts, before Google Spreadsheets can be taken as a credible alternative — much less a threat — to Microsoft Excel.

I’ve been critical of Google on many scores, but I’m happy to hear that they’re fighting an attempt by the Department of Justice to cough up a bunch of log data for a fishing expedition.

Check out today’s scoop by the San Jose Mercury News, in which I’m quoted:

“This is exactly the kind of case that privacy advocates have long feared,” said Ray Everett-Church, a South Bay privacy consultant. “The idea that these massive databases are being thrown open to anyone with a court document is the worst-case scenario. If they lose this fight, consumers will think twice about letting Google deep into their lives.”

This should be an interesting fight! Kudos to Google for taking a stand.