Menu

Getting Personal With CPExchange

June 14, 2000

Edd Dumbill

On Wednesday afternoon at XML Europe 2000, Brad Husick of Vignette introduced the work being done by the CPExchange group on exchange formats for customer profiles.

Under the umbrella of IDEAlliance, a framework organization for vertical standards development, the CPExchange group has over 40 companies in its working group, and nearing 100 involved in the wider activity. The group was formed in September 1999, and hopes to be delivering implementations by the end of this year.

Husick introduced the aim of the group as "creating global standards for privacy-enabled exchange" -- dealing with how companies handle their customer information, both internally and in exchange with outside organizations. The motivation for CPEX lies in research that showed that while over 90% of companies want a single, integrated view of their customers, only 2% actually have one -- and those that wanted one had little idea of how to get there.

The CPExchange group is developing a vendor-neutral XML-based description language for customer information, as well as protocols for the exchange of that information. Their aim is to reuse and interoperate with existing work, rather than reinvent. Husick also stressed the importance of the privacy element of CPEX strongly, and set its importance in a global context. Adoption of CPEX in an organization would facilitate system-wide use of privacy safeguards.

So what's inside CPEX? There are three main components to the activity: a data model for customer information, whether gathered in real-time or batched; a transport architecture for query and interchange; and a privacy model. As well as a specification, the group intends to deliver an open source reference implementation, and a set of implementation guidelines. Asked about a conformance suite, Husick expressed the hope that some independent organization would take on conformance testing, but he had nothing definite to report on that yet.

Inevitably, with such concepts as "privacy" and "transport" there are overlaps with many existing initiatives. The transport mechanism area already has solutions in ICE, BizTalk and SOAP; while the data model has implementation in LDAP and DSML (Directory Services Markup Language). CPExchange is attempting to work with, rather than duplicate, such technologies.

As far as privacy is concerned, CPEX is being geared up to accept many privacy schemes, and they are coordinating with P3P, IETF, and the EU among others. Although CPExchange has a global focus, Husick admitted that the group would benefit greatly from more non-US involvement, and that he was actively seeking more participation from the European Union.

The perils of developing standard vocabularies always lie at their interface with neighboring initiatives. There was a vivid example of this in the Q&A session at the end, where a representative of the OpenTravel Alliance reported that they had already done much work on profiling the customer -- dialog is now being kicked off between the two groups. OASIS, another organization developing XML vocabularies, is also considering a technical committee for Customer Information Quality, which seems to have some overlap with the CPEX work.

CPEX is one of many applications of XML now in development to underpin data exchange within companies and industries. Its wholesale adoption by organizations would have a radical effect on their customer management -- how radical will depend on the vendor uptake of CPEX. The provision of an open source reference implementation is a positive move in this regard.

Although apparently an innocuous data format, XML has the habit of shining light into an organization's information technology infrastructure and revealing conflicts and inefficiencies. Initiatives such as CPEX are organized attempts to fix at least some of the most fundamental problems. While CPExchange is working quickly to improve the situation for customer information, the attitude of companies to their own information infrastructure and the knock-on consequences of introducing new systems remain key factors.