The light is dawning for respondents to the new Pew survey on personal data

This topic contains 4 replies, has 4 voices, and was last updated by  Eve Maler 4 years, 3 months ago.

  • Author
    Posts
  • #1172
     Eve Maler 
    Moderator

    Everyone is talking about this new survey: “Your control of your personal info is all but dead, Pew respondents fear.” In the post-Snowden era, people are rationally coming to the conclusion that the status quo is pretty dire. A key premise of UMA is that the resource owner (the person who manages their personal data or content at an UMA-protected site) directs sharing proactively rather than in response to being badgered to (over)share by online services. What do y’all think about how this selective-sharing model might change the privacy conversation? What sorts of features should we be baking into “digital footprint dashboards” that make central user control both meaningful and convenient?

    • This topic was modified 4 years, 5 months ago by  Eve Maler.
    #1186
     RobertLapes 
    Participant

    As more and more disruptive services appear it seems there is no end to the Interweb’s divergence. It is not surprising that privacy and other controls are having a hard time keeping up. So it is great to see UMA picking up the torch and moving things forward. I did a lot of research into similar issues of Trust, Identity, Privacy and Consent for the European GUIDE project back in 2006.

    From my research notes:

    A fundamental concept of consent that is frequently misunderstood is: consent is not the same as choice.

    Choice – relates to the decision a person makes about whether or not to accept an offer, whereas, consent relates to a person expressing their decision to accept or decline the offer. A simplified explanation is “choice is what was chosen” and “consent is how you arrived at the choice”.

    At the time my research found twenty two different forms of consent, so there is more to it than meets the eye. Since consent is decision related, decision theory will provide useful input too.

    My advice is start with some simple use cases and get the usability right. Get the basic fundamental patterns in and working, and then extend the model to more complex use cases.

    #1197
     Aron Kozak 
    Spectator

    Thanks @robertlapes
    From a feature perspective, what do you see as being more important (and less important) when considering making user control more meaningful?

    #2241
     johan 
    Participant

    Extremely interesting @robertlapes, thank you. Regarding the distinction between choice and consent, and also the twenty two types of consent you mention, I’m very curious concerning the ethics of consent here. Do you think this is perhaps worth exploring in this context?

    I’m thinking that visibility (transparency) and interaction in such areas may prove to be fundamental to the relationships in play, and therefore the overall adoption/success, of these emerging (UMA) processes.

    #2255
     Eve Maler 
    Moderator

    Thanks @johan for keeping this thread warm over the holidays! I would love to get more of a sense of how @robertlapes‘s consent taxonomy can help us increase individuals’ autonomy. It sounds like there’s decisional autonomy (the choice part) and then there has to be a mechanism for recording the decision. In case you guys haven’t seen it, some exciting work is going on in Kantara’s Consent and Information Sharing Work Group around “consent receipts” (the recording part) that could intersect nicely with UMA for delivering more of an end-to-end solution for these pieces.

    By the way, in recent times (as @robertlapes knows!) we have formally defined UMA’s proactive sharing capability as an OAuth asynchronous authorization grant, so in colloquial terms we’re referring to this as asynchronous consent. Some find this natural (e.g. those who talk about “consent directives” in healthcare), but I talked to an ethicist who preferred to simply label this as “authorization”. Thoughts?

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?