I'd like to see this applied to online advertising, making cross-site tracking against the law and forcing advertisers to bid per real-time request for user data and the money is paid to the user themselves. Currently advertising platforms make more money by allowing advertisers to better target their ads. I have nothing against this as long as I'm paid for access to my data at the price I think is right (might be MAX_INT, to each their own).
1. Each user would have a "data pod" configured in their browser, storing has as much structured information about the user as the user wants (can be empty, or it can have all the structured data fields you want to insert).
2. The user can update any fields at any point and how access to the data pod is done.
3. The user can setup a BID MINIMUM or MARKET value for access to its data pod, perhaps even having different bid values for each set of data. For example, an advertiser wants to know my name? $0.000001 per request. You want to know my address and what TV shows I like? $0.001 per request. Want my bank data? $1000 per request.
Further this data could be authenticated cryptographically by certain authoritative entities. My government could authenticate that I am indeed from country A, and my pod's data would be signed by them (netflix and spotify could authenticate my media consuming history, etc). From that point onwards advertisers know that this field has been validated and can be incentivised to pay more. This should get rid of the incentives where everyone will self-report as being a US citizen just so their requests have larger bids.
>My government could authenticate that I am indeed from country A, and my pod's data would be signed by them
This is gonna happen sooner or later, but I really don't like it. Once most users have a cryptographically signed national ID on their PC, a lot more websites will require you to provide it. Sites like Netflix that region lock media will force you to show your ID just to sign up
Won't be long before companies get away with the invasive crap they tried and failed to do in the past: "Users Revolt Over Blizzard's Requirement Of 'Real Names' In Forum Comments": https://www.techdirt.com/articles/20100708/03054610123.shtml
Won't stop massive copyright holders like Disney from forcing their licensees to region lock. Their actions have shown that they don't give a damn if their policies encourage piracy
Netflix region locks content that they have to license, not their original content. Sometimes content is restricted because of previous exclusive licenses given to traditional channels (e.g. cable).
I imagine that as everything moves to “streaming first”, and old licenses expire, we ‘ll leave región locking behind. Video games are not región locked, even though prices are adjusted for different markets.
Movies and series should move more and more towards a global market. When I was a kid movies took months to arrive to theaters in my country (for various reasons, like reusing celluloid or making better predictions of performance)... now big blockbusters premier simultaneously everywhere because a good portion of marketing is global.
The problem is someone making good money will likely not bother with that system - they will just say “my info is not for sale” instead of trying to figure out settings which would earn them them 0.1% of their regular income.
So this system will mostly be used by the people with little disposable income, enthusiasts who enjoy gaming the system, and scammers with tricks to maximize earnings. Those people are not going to spend much money on buying expensive products, so the advertisers will find out that this bidding thing is just not bringing any results.
I have a unique ID to netflix, I can be authenticated through that because I know my netflix credentials. They do not need to know my "data pod" ID for this - the server just needs to reply to the data pod that queried it with the right credentials.
Depending on "data pod" implementation you could also have the "netflix.com" managed fields only be editable by a call from "netflix.com" API, which I then decide to approve for bidding or not and at which price, without me being able to directly edit those fields. Basically write-only from the vendor side to prove authenticity.
I think you could do something like this with web.dev/trust-tokens (same idea as PrivacyPass), where the server can vouch for you without saying who you are.
1. Each user would have a "data pod" configured in their browser, storing has as much structured information about the user as the user wants (can be empty, or it can have all the structured data fields you want to insert).
2. The user can update any fields at any point and how access to the data pod is done.
3. The user can setup a BID MINIMUM or MARKET value for access to its data pod, perhaps even having different bid values for each set of data. For example, an advertiser wants to know my name? $0.000001 per request. You want to know my address and what TV shows I like? $0.001 per request. Want my bank data? $1000 per request.
Further this data could be authenticated cryptographically by certain authoritative entities. My government could authenticate that I am indeed from country A, and my pod's data would be signed by them (netflix and spotify could authenticate my media consuming history, etc). From that point onwards advertisers know that this field has been validated and can be incentivised to pay more. This should get rid of the incentives where everyone will self-report as being a US citizen just so their requests have larger bids.
What have I missed?