I first noticed this thought in the recently published book, The New Polymath, by my friend and associate Vinnie Mirchandani.
Vinnie writes in a section about a leading SaaS provider, NetSuite:
"We have some of the best leading indicators on the economy. We can aggregate order value, cash flow, and several other metrics instantly in our base of over 6,000 customers and watch trends," gushes Zach Nelson, CEO of NetSuite.... Soon, those customers will be able to benchmark themselves against aggregated data of their peers. That would obviate the need for mailed-in surveys. That capability has been the domain of benchmarking firms like Hackett, not of the software industry, so that is another innovation NetSuite is working to deliver. Nelson explains: "Take those benchmarks and some of the creative BPO [business process outsourcing] partnerships we are exploring, ...and the industry could see SLAs [service-level agreements] that don’t just monitor technical metrics like systems availability but business process metrics that have been elusive to codify."Dennis Howlett then picked up the thought in his post on ZDNet last month, where he wrote about the value of SaaS being beyond lower total cost-of-ownership. He wrote (emphasis mine):
I have long argued that multi-tenant architectures offer transformational benefits from the ability to aggregate data. That is not possible in a single tenancy situation. Workday isn’t ready to contemplate that notion just yet any more than any other vendor. Except perhaps NetSuite and a small handful of the very small business apps vendors that are building in these capabilities. I recall a conversation where it was said that NetSuite saw the recession coming before it became public knowledge by virtue of the transaction trends it saw in its customer portfolio. Try doing that from your single tenant application.This seemed like a bit of an overstretch to me, so I commented on Dennis's post:
How about selling anonymized data to banks, other financial institutions, telcos, insurance companies, healthcare organizations…the list goes on. Why would they buy these data? Application tech vendors tend to specialize in certain business sectors. Multi-tenant SaaS vendors are collecting prime data that has genuine value third parties cannot get.
A bank may see ins and outs of bank accounts but those numbers are meaningless without context. A first step I am seeing is where some vendors are suggesting giving client bank managers shared access to aggregated financial data in real-time. Why? Because the bank can marry what they are told with what they see and so make much better informed lending decisions. Add in the ability to offer comparative trend data and you’ve got something extremely powerful....
Long term, I believe the ability to powerfully slice, dice, form and reform data out of multi-tenant systems will become the place where customers see huge value that is way beyond TCO. If I can benchmark performance in real-time or spot trends and compare, again in real-time, then my ability to take corrective or revenue enhancing action is vastly improved. Do I maintain a competitive edge? Of course because it isn’t the availability of data that matters but the ability to execute plans against what I am seeing.
Does this require careful handling to ensure that confidentiality is not breached? You betcha. But just as in the consumer world we have forgone privacy in the name of getting help from Google, there is no reason to believe the same won't hold true in the enterprise. The upside potential for benefit is simply too big to ignore.
I am fully in agreement that multi-tenancy is in the client's best interest, for the simple reason that there is no way a vendor can deliver the service as cost effectively under a single tenant model.Now stirred up about this matter, I tweeted:
However...I am having a bit of a problem with this concept of "selling anonymized data to banks, other financial institutions, telcos, insurance companies, healthcare organizations." Whose data is it? It's the customer's. The vendor has no more right to take that data in any form, shape, or level of aggregation than a telco vendor has the right to intercept my phone call. The MT vendor is a carrier of the data, that's all.
I'm pretty sure vendors who want to do this have something in their contracts to allow it. But if I'm a customer of such a vendor, I'd either say no, or demand compensation for it.
Having a problem with @dahowlett's view of MT vendors aggregating and selling customer data.An off-the-cuff, poorly-chosen example. NetSuite--monitoring Twitter--promptly called me about it, and assured me they are doing no such thing. So, I corrected the record on Twitter: NetSuite is not poking around customers' accounts receivable files.
Seriously, ppl go ballistic about Google showing ads based on content of Gmail. Now it's OK for NetSuite to poke around cust's AR files?"
Actual practices of SaaS providers
That out of the way, the folks at NetSuite then offered to brief me on their actual practices as well as how their customer contracts are written. NetSuite was even kind enough to let me review its standard contract, which I won't directly quote here out of respect for confidentiality. But I did tear into it pretty aggressively. In addition, I interviewed two other SaaS providers (Workday, plus one other) to gain a broader understanding of this issue. As you'll see, the actual practice lags far behind the vision of what's possible.
Obligatory disclaimer: I am not a lawyer, I do not practice law, and nothing in this post should be construed as legal advice.
Here's what I what I've been told, based on interviews with these SaaS providers:
- Currently, NetSuite is only looking a customer activity in terms of usage: how many users are being added or removed and how often do they log-in, for example. NetSuite has nothing in place to look at actual customer transaction data (e.g. customer A/R files).
- NetSuite has considered the opportunity to let customers benchmark their own key metrics (e.g. average days sales outstanding in A/R) with those of other customers in aggregate, but it has not yet moved forward to do so. If it were to do so, it would allow customers to opt-in or opt-out of this service.
- NetSuite's standard contract for customers includes prohibitions against unauthorized disclosure of customer data and against unauthorized "use" of customer data by NetSuite. Anything that NetSuite would do in the future in the way of new services to aggregate customer data would be done in a way that is consistent with its customer contracts.
- Workday takes a similar approach. It considers customer data at three levels: (1) performance monitoring--e.g. response time, service levels, (2) usage data--e.g. what features customers use most often in the system, and (3) best practices--e..g. what is the average time for a customer to bring a new employee on-board.
- The only customer data that Workday accesses today is performance data, as described above. Workday is considering services that would involve aggregation of customer usage data and best practices, and under Workday's standard customer contract, this would require customers to opt-in.
- The third SaaS provider, who will remain unnamed, says the investment community has encouraged them strongly to develop customer data aggregation services, as they see this as increasing shareholder value. This provider has no current plans to develop such services, however.
- This third SaaS provider indicated that its standard contract explicitly gives them the right to aggregate customer data and report aggregate statistics. However, this clause often gets stricken by customers in contract negotiations.
Data aggregation not a new idea
This does not mean that there is no precedent for customer data aggregation, however. NetSuite pointed out to me that ADP, for example, has been reporting employment trends for many years, based on actual customer data in its payroll and HR systems. The description of ADP's National Employment Report shows the value of being able to aggregate a large sample of customer's day-to-day operational data.
In addition, Coremetrics, an online marketing SaaS provider, recently acquired by IBM, aggregates its retailer customers' data to provide its Coremetrics Benchmark, which it describes as follows:
[A] peer-level benchmarking solution that measures online marketing results, including commerce data, against those of the competition. More than 500 leading U.S. retailers, contribute their analytics data to Benchmark. All data is aggregated and anonymized.Coremetrics also uses this data to provide its widely-quoted next-day flash results of sales from so-called Black Friday. ("Black Friday" is the major shopping day that occurs each year in the U.S. on the day after the Thanksgiving holiday, when many retailers finally can report sales "in the black" for their year-to-date results.)
So, in fact, the aggregation of customer data by SaaS providers is not a new idea. It's just somewhat new to most new enterprise SaaS providers.
I agree there can be great value in reporting statistics based on aggregated customer data. But that value should be shared between providers and customers.
In reviewing SaaS contracts, therefore, customers should consider the following:
- Non-disclosure. At a minimum, be sure your SaaS contract ensures confidentiality of your data. Most if not all providers appear already to have addressed this point. But verify.
- Fair consideration. If your SaaS provider wants the right to aggregate your data with that of other customers, be sure that there is some quid pro quo for your participation. If the provider is somehow preparing benchmarks based on your data, you should be able to received the benchmarks either at a discount or at no charge in exchange for your participation. If the provider is proposing to sell aggregated statistics to third-parties, and this wasn't contemplated at the time you originally signed up, you should receive a discount against your subscription fees in exchange for your participation.
- Opt-out provisions. If you are not comfortable participating in data aggregation, you should have the right to opt out. You should also have the right to opt out of future aggregation after having previously opted-in. This is an important check against providers getting too creative in how they use aggregated data, for example, segmenting the data so finely that it becomes uncomfortably close to identifying specific customers.
Although I count myself as a SaaS proponent, first and foremost I am a customer advocate. Know what you're getting into with a SaaS provider and be sure you agree.
Considering a SaaS solution? Let me know if you would like assistance in evaluating SaaS providers or reviewing proposed agreements. My email is in the right-hand column.
Workday pushing high-end SaaS for the enterprise
SaaS contingency plans need more than software escrow
SaaS: plan to get out before you get in