Nicknamed MyTerms, the new 7012-2025 IEEE standard defines mechanisms for exchanging personal information between individuals and online service providers, and specifies how individuals can enforce their privacy requirements during transactions.
The new standard was launched at a recent event in London where Doc Searls, editor-in-chief of Linux Journal and author of The Intention Economy: When Customers Take Charge as well as one of the original proponents of MyTerms and co-chair of its committee, presented it as a way to reconcile the concept of privacy as we know it in the real world with the online world.
According to Searls, MyTerms is "a complete script flip", in which customers are first party controlling how they interact with service and product providers, the second party, by selecting from a "roster of terms" or using a default agreement that does not change moving from site to site.
For example, terms can cover ongoing relationships, such as "service delivery only" or "service delivery only with data portability", as well as one-time data contributions, such as "AI training and operations", "sharing intent data", and more. Once accepted by the second party, a term becomes a contract, legally binding them to use the first party’s data as stipulated.
MyTerms agreements are defined in machine-readable format and may be transmitted via HTTP headers or other mechanisms. Both parties to an agreement keep identical records to the it.
obsolesces cookie notice, and establishes much more solid grounds for relationships between people and organizations, customers and companies, demand and supply.
Jamie Smith, founder of Customer Futures Ltd., a company focused on digital identity and customer-controlled personal data, noted that "we're reaching the limit of what is acceptable online. We are clicking terms and conditions without reading them. [...] They are not doing what the need to do".
MyTerms is even more relevant in our age, Smith says, where AI agents increasingly automate internet activity on our behalf, including shopping, making reservations, handling complaints, interacting with institutions, and so on. Cookies will not be suitable for agentic commerce. Instead each agent will have its own identity and publish its own terms, a.k.a. contracts.
I really believe that as agents become the new customer channel, MyTerms is going to be a cornerstone of how we can trust those agents and how business are going to interact with them.
Dan Leninger, head of experimental engineering at Consumer Reports presented a future scenario where a customer uses an online recommendation system to purchase an appliance. The customer specifies their own terms along with additional conditions, such as a maximum price, a latest delivery date, and so on. The recommender systems then presents a selection of stores that have accepted the customer's term, so they can complete the purchase.
John Abbott, chief commercial officer at age verification platform Yoti, discussed the impact MyTerms can have on children, specifically around age verification. He believes that MyTerms provides a more appropriate way for individuals to specify how their data should be used based on their age, and that it will help companies meet the growing regulatory requirements worldwide.
The development of the standard took approximately eight years since its Project Authorization Request (PAR) was proposed and approved in December 2017. For a deeper dive into MyTerms, you can read Searls' extensive writing on the topic.