I already mentioned this topic last summer (in What is the future of Content Management? #6 Your Personal Digital Filing Cabinet for your entire Lifecycle) and in my 2010 predictions (#8: Personal Web Filing Cabinet is the next Content Shadow IT), but I have not really taken the time to detail it much more yet.

PCM/PKM: The Next Shadow IT?

 Everyone knows about Personal File Management. Everybody manages its own collection of documents either stored in your local hard drives or in a private directory available as part of a shared network drive. We are now assisting to the rise of a new generation of “Cloud Content Management” with the fast growth of DropBox and similar offerings (the so long waited GDrive for example). If you combine these document oriented applications with other notes taking, web scrapping utilities (e.g: Evernote, ReadItLater or Webnotes kind of tools) or personal social decks (Seesmic, TweetDeck and similar), we are assisting to an explosion of personal productivity tools.

These tools are being downloaded and used by millions of individuals and the spectrum of features is quite large and goes from:

-         Personal Storage and Backup services on the Cloud

-         Web-based groupware, email, mailing lists, word processor, spreadsheets or presentation applications.

-         Social Bookmarking

-         Page Ripping / Web Scraping

-         Personal Notetaking Software

-         Personal Wiki

-         Personal Blog

-         Feed Reader and Aggregator

-         PIM

-         Personal Social Decks

-         Instant Messaging

to many others…

Clearly speaking the usage of these tools is not limited to your personal usage or to the sharing of personal data with your friends or your family members any more. More and more people are today using them as part of their daily business life.

We can then reasonably ask if those tools are not rapidly becoming the next shadow IT? Are they a danger for your business organization? Should they simply be forbidden (knowing the fact that this is becoming today quite hard to forbid the use of an iPhone in your offices)? Or should your rather consider that your IT department was slow or unable to foresee the needs of a certain category of your employees to use such personal applications as a business productivity and efficiency booster? Or perhaps your favorite ECM is guilty of having spent a bit too much time in the last 10 years to try to unify all your company content assets while completely stopping taking care of the individual employee needs?

But finally who cares? What is sure is that there is a strong market need for these personal applications and they already proved to be useful in many business oriented use cases. The ECM/CMS industry has then no other choice than to deal with it.

From a more general perspective, all these applications are related to Personal Content Management (PCM) and to Personal Knowledge Management (PKM). According to Wikipedia, the PKM definition is the following: “Personal knowledge management (PKM) refers to a collection of processes that an individual carries out to gather, classify, store, search, retrieve, and share knowledge in his/her daily activities and how these processes support work activities. It is a response to the idea that knowledge workers increasingly need to be responsible for their own growth and learning and represents a bottom-up approach to knowledge management, as opposed to more traditional, top-down KM”

 In his latest book (only available in French: Le nouveau management de l’information) Christophe Deschamps demonstrated that Individual Intelligence should take precedence over Collective Intelligence. This is based on the simple following paradigm: You can not share what you still do not know.

“If the 2.0 technologies are a recipe for increased collective efficiency, there are needs of knowledge workers they do not address directly. For example while wikis allow the collaborative drafting of a document, this way of working is still rare in the business. Most of the time the employee finds himself alone with his work, forced to move at any cost. 2.0 technologies certainly will help locate the "material" required to complete his task, as they will allow him to remain in contact with other experts in the organization. Yet the drafting stage and the skills it requires in terms of time management, use of gathered information and writing often remain the sole responsibility of the knowledge worker finally considered as an isolated individual who must self-learn to organize himself to deliver on time his best job. In summary, the 2.0 technologies can take advantage of the network but don’t do the work for us ...” (in French in the original text)

Traditional KM was mainly a monolithic approach about documenting processes or pushing employees to formalize knowledge on their extra-time. KM2.0 and E2.0 solutions were mainly “social” and people-centric. They are helping you build more rapidly your social business ecosystem. KM3.0 should reintroduce personal efficiency and productivity at the heart of the system.

This graph summarizes pretty well the situation:

Graph source: KM3.0: This time it’s personal

Some of the problems raised by PCM/PKM

The fast growth of this new generation of PCM/PKM tools may however cause several problems within a business organization including (non exhaustive list):

a)      Privacy concerns

I recently read a blog post called: “Evernote for Doctors Revisited: Privacy Issues and Yet More Uses”. The key question which directly came to my mind was about: “Is it really the goal of applications like Evernote to store protected health information?” Or is Evernote only a convenient workaround for some Doctors to store business data and use a pretty nice productivity tool by bypassing their IT department and the other internal policies already in place?

With the fast raise of mobile and other free hosted services available on the cloud and often combined with the lack of proactivity, budget or risk awareness programs from the internal IT department, employees tend to easily forget the reasons why certain internal procedures have initially been put in place. Nowadays this is just so easy and convenient to install DropBox-like services to store patient-related information and to have the opportunity to check them out later on at home rather than having to ask for similar services to the IT department and having to initiate an often long, costly and time-consuming internal project.

But in many business use cases, such PCM/PKM tools are raising some severe content privacy flaws. I would not be surprised to see some big law suites in the next couple of months after some lawyers, consultants or doctors who were unofficially using such hosted services to store sensible data with poor password schema and no other privacy policies in place.

Briefly speaking ease of use of such tools should not take precedence on content privacy especially for business related information.

b) Lack of Control on Data

Another concern with all these personal services is about the lack of control your company can get on remotely hosted data. Most of the time those PCM/PKM solutions are still young and immature and mainly focus themselves on the front-end user experience rather than on a back-end enterprise-grade content platform.

This is for example quite hard to know how data is backuped or if any contingency plan was put in place (do you remember what happened to the Magnolia social bookmarking system last year?). Most of the time you can not control the life cycle of content hosted in such systems (File Plan oriented kind of features). You also do not have any guarantee if such or such new and still heavily VC-funded SaaS providers will still be here in 5 years or will go bankrupt with all your data? Classical source code escrow or other kinds of “automatic conversion to Open Source in case of bankruptcy” clauses are most of the time absent from the contract.

Clearly the question is not to debate here about the pros and cons of hosting data on the cloud and if this level is not finally better than the one of your company. This is just about ensuring that your company knows precisely which applications are being in use, where precisely data is stored and if such hosting services fit with your current IT policies. Lots of SaaS services are today enterprise-grade and are really providing a nice alternative to on site applications. But in the field of PCM/PKM I must say that most services still lack a proper level of enterprise-readiness. And these are typically the applications that your employees will start installing on their own and which will rapidly become the next shadow IT.

c) DataPortability and integration of PCM/PKM tools in your enterprise ecosystem

Even if the main goal of personal productivity tools is to foster Individual Intelligence, the final goal of your company is to boost Collective Intelligence. Otherwise speaking PCM/PKM tools are necessary but not sufficient. These tools need to be integrated with your traditional knowledge bases or with your newly acquired E2.0 social networks. Else your information workers, taken one by one individually, will of course become more productive but this will finally not benefit to the overall organization.

If your company doesn’t have any problem to use hosted PCM/PKM services such as Evernote or Dropbox, do not hesitate and go for it. These are great solutions that I am personally using on a daily basis. But perhaps your company will also have to investigate how it wants to manage all this corporate knowledge which is bit by bit going away, to find perhaps on site alternatives or to figure out how to integrate such solutions with your existing information system.

Data Portability should then become one of your top concern (e.g: the DataPortability Project). Very few PCM/PKM vendors are now also embracing content interoperability standards such as CMIS. There is a light in the night as most SaaS PCM/PKM tools are now bit by bit opening access to their underlying platform API. But most of the time there are no connectors available within your other enterprise systems yet and each of these Platform API remains very specific to each SaaS vendors. So do not underestimate the costs of connecting to these remote services and maintaining them afterwards. Finally once connected, you risk to face another serie of feature-oriented problems. For example how will you map all the personal tags used by every of your employees on these PCM/PKM services with your corporate taxonomies? How will you observe events performed by your employee on the remotely hosted PCM/PKM systems and map this on your internal activity streams? How will you manage the duplication of your employees‘profiles? Etc.

Note that these issues are not only related to content hosted on the cloud but to any kind of PCM/PKM-oriented content silos. The problem is that PCM/PKM applications used in a business-context are mainly a sub-system which should be part of a larger E2.0 initiative. This is not the case for all enterprise software. For example this is better to have a CMR integrated with your ERP or a WCM connected to your ECM but most of the time you can perfectly live without such a level integration. This is however harder to separate PCM/PKM tools from your overall Intranet initiative. Before providing such 2.0 personal productivity tools to all your employees, check how you will be able to integrate them, or at least synchronize data, with your other enterprise applications.

d)      Legal Issues on Content Reuse

Most of these PCM/PKM utilities and especially the ones offering some levels of web scraping (bookmarking with offline copy of the clipped information; read it later kind of tools,…) offer easy ways to collect information over the web and to share results with colleagues.

Even if those tools could also perfectly be only applied on large intranets, they are better exploited when mixing data coming from the public web and from your private information spaces. This trend is confirmed by a recent post from IBf Intranet Life: “The borders between internal and external are coming down: Employees will be able to aggregate external content such as Facebook alongside internal content such as corporate news”

One could then question the legality of this clipped information. Most of the time, harvested information is neither copyable nor redistributable without the prior consent (or sale) of the original author. Personal bookmarking systems look like being today an accepted practice. Perhaps because of the American Fair Use doctrine. Or simply because this is still mainly used today as a personal backup system and this does not really impact advertisement revenues from the original content producer.

But this legal problem may rapidly become much more complex when such personal backups suddenly become more “social” and will let your share all your personal archives with your whole organization. One of the main goal of social bookmarking program is to let you look for information within the bookmarklets of your friends before having to make a standard search query based on the assumption that content harvested by your business network is more relevant than a classical keyword search. But if those articles are archived there will be suddenly a propagation of “stolen” articles within your company without the proper payment of the syndication fees.

WCM/E2.0 tools associated with content syndicators (Yellowbrix, Newscred,…) could then act as a your new internal infomediary which will help your webmasters ensure that non-legal content is stored or exchanged within your company. With the growing number of external content sources, integrated copyright infringement auditing tools could rapidly become a nice to have option.

e) Ownership of personal data

Evernote CEO mentioned: “We want to be the permanent, trusted and ubiquitous place for all of your memories”. As an extension of this sentence we can then ask ourselves: Should an employee keep his personal data all-along his life? Can he leave a company with his “personal space”? What is a “business memory” and does he belong to the employer or the employee?

I already mentioned the typical use case of a student leaving the university and usually loosing his personal account with most of his data. This problem will become more important as students are using more and more different content-enabled web applications (LMS; Collaborative Wikis, Personal blogs,…). Students can not simply backup a UNIX directory onto a CD-Rom archive any more. Most of the data they learned or created over the years, even if they belong to them, are now locked into some Web2.0 applications.

Clearly speaking the situation could be easily extended to all information workers. The rise of personal spaces on intranets, the installation of improved E2.0 tools and a trend towards a more digital and paperless world (digital post-its and comments, digital quote highlighting,…) will impact our old personal knowledge practices. Could you imagine a lawyer taking another job in another consulting firm and leaving behind him all his personally annotated law books?

This situation rises important and often under debated questions such as: which personal data an employee could take with him by leaving a company? Or what is a personal data and how interoperable it is? Most of the time employee can not take any corporate data by leaving the company they work for. That is for the official policies in place. In real-life scenario most of the employees are keeping some backups of their previous jobs. And I do not include other legal constraints which are local to each country such as the ones specifying the level of privacy of your personal mailbox for instance.

So wouldn’t be a saner approach to more precisely define which data are the exclusive property of the company, which ones belongs only to the information worker and which one belongs to both along with how an employee could export his personal data (cf: the PortableData initiative mentioned above)? But by not taking into consideration the human factor (e.g: Why should I bookmark all my knowledge on the company intranet when I know that I will certainly leave this company in the next couple of years?) rapidly risks to become a counter-productivity problem: employees will simply install Evernote-like services in parallel of your company internal bookmarking system and duplicate all their bookmarking efforts. Or perhaps they will use their own personal wiki and not share their content with other employees which is exactly the opposite goal than the one originally planned.

In a knowledge economy the definition and ownership of personal data will rapidly become a hot topic which will need to be better clarified.

Conclusion:

Most Intranet initiatives are still following a classical top-down approach. We are still asking employees to “put on paper” (today “to put on the intranet”) their knowledge from a classical Command and Control manner. Enterprise Social Networks and generally-speaking E20-driven initiatives tend to add a new social dimension. But there are high risks that all these enterprise social networks fail if they do not first better manage “Individual Intelligence” before trying to address the “Collective Intelligence” one.

So the question you should ask yourself is: Will your next E2.0 initiative succeed without a proper PCM/PKM approach? The answer is probably no.

This globally means that:

a) PCM/PKM tools should be taken into consideration in your next E2.0 / Intranet 2.0 project

This illustration comes from the CSC Next Generation KM white paper and perfectly summarizes the Personal vs Communities focus for the next generation of intranets.

Personal content management solutions (either hosted on the cloud or on site) will have to rapidly become part of your next Intranet strategy. You will have to envision how they will impact your intranet and your workspaces. Most of these tools are also supporting mobile devices and this will automatically raise question about if and how your employees could access to all or part of your intranet from their mobile. Finally all these PCM/PKM utilities are suffering from non standard API. Personal content interoperability could rapidly become a show-stopper you will have to assess carefully.

b) PCM will become an important part of Enterprise Information Portal.

Enterprise Portals have always been considered as a unified layer on top of all your enterprise applications.

But most of the time Portals do not include personal content management (cf: graph above). If we consider Portals has an aggregated information dashboard mixing all your data sources, it makes then a lot of sense to also federate your PCM/PKM content and tools in there.

What is sure is that PCM/PKM is currently a complex and often neglected enterprise paradigm. Before investing too much time and money in collaborative workspaces, enterprise microblogging systems or other shared wikis, be sure to correctly assess the personal dimension of your intranet. Do not forget that employees can not share knowledge that they do not have.

Finally you could be surprised to know how the introduction of PCM/PKM-oriented productivity tools could offer much more added values to your employees than many other and often much more expensive knowledge systems.

P.S: For additional information, please refer to:

• In French only : 28 fiches pratiques pour mettre en place votre système de PKM
• An interesting chat retranscript from KMers.org : http://www.jarche.com/2010/02/talking-about-pkm/
• Semantic PCM article
• PersonalKnowledge.org