[Log In] []

Exploring the science and magic of Identity and Access Management
Monday, October 15, 2018

Protect Privacy to Build Trust in the Age of Context

Privacy
Author: Mark Dixon
Monday, November 4, 2013
4:04 pm

Wetrust

My recent post about the book, “Age of Context: Mobile, Sensors, Data and the Future of Privacy,” by Robert Scoble and Shel Israel, began to explore the benefits that might accrue from converging technologies of the “perfect storm” of mobile devices, social media, big data, sensors and location-based services. But what effect will this have on personal privacy?

Scoble and Israel provide these comments in the final chapter of the book, entitled “Trust is the New Currency”:

We have spoken to hundreds of people and looked at hundreds of technologies, and we firmly believe that adding context will make the world an easier, more efficient, cleaner and more productive place.

However, we’d be negligent if we didn’t point out that the price we pay for many of these benefits is our personal privacy. Every new piece of technology we adopt requires us to consider that price and how it will be exacted.

The book proposes the follow principles that need to be wrestled with in this area.  These are not the exact order or terminology used in the book, but my interpretation of what is needed.

  1. Transparency and candor.  Service providers don’t attempt to cover up impacts to privacy made by choices consumers make.
  2. Freedom to choose.  Consumers are always able to opt in and out at will – choosing what privacy they may be willing to sacrifice for other benefits.
  3. The right to know.  Consumers can know what data services providers maintain, and what that data is used for.
  4. The right to go silent.  Consumers retain the right to “go silent,” or opt out of any attempts to monitor or track that consumer.
  5. Data ownership.  Personal data remains property of the consumer, event when the service provider is a steward of that data.
  6. Human override.  Humans can always over ride automatic processes.
Do other principles apply?  Probably.  But figuring out the implication of this list will take some concerted effort.

Scoble and Israel propose that online service providers that get it right will gain advantage over those that don’t – that privacy will become a valuable asset, not just for consumers, but those who hope to deliver services to them.

This was echoed in a recent Huffington Post article:

Today there is a new business currency. It can’t be found at the local bank, or purchased for any price. The new commodity is trust. And while I speak of trust as a commodity it can’t be bough or sold. It has to be earned. … A shift is underway in how businesses and consumers interact, both online and in person, and the businesses that recognize the value of building trust and dare I say “wow” with each transaction will set themselves apart from the competition.

“Protect privacy to build trust” can and must become a powerful mantra for modern business.

 

 

Comments Off on Protect Privacy to Build Trust in the Age of Context . Permalink . Trackback URL
WordPress Tags: , ,
 

Reputation, Street Cred and Identity Assurance

Identity
Author: Mark Dixon
Friday, December 2, 2011
5:55 am

Reputation is what men say about you on your tombstone; character is what the angels say about you before the throne of God.” (William Hersey Davis)

I find it almost magical how seemingly unrelated events can trigger a cascade of intellectual epiphanies …

A couple of nights ago, I watched an episode of “Cold Case” where a man confessed to three murders to protect his “Street Cred” as a really bad guy.  He hadn’t really killed the people, but for some reason, protecting his reputation, evil as it was, was more important that the truth.

Yesterday, I exchanged some email messages about the new service connect.me with Bill Nelson, an Identity Management colleague.  He suggested that some of the vouches he had received on connect.me were more “Street Cred” than identity-confirming reputation.

Could it be that the same desire for “Street Cred” that motivated the cold case guy to admit to something he didn’t do, would drive people trying to game the system on “Connect.me”?

Last night, I read an article suggested on Facebook by Jamie Lewis and Dave Kearns, “How to Force a Friendship on Facebook in Three Easy Steps.”  The article described how a person used a fraudulent Facebook account to secure enough un-suspecting “friends” to convince a targeted girl to friend him.  My Facebook comment: “So much for the much-ballyhooed ‘Identity Assurance by Reputation’ concept Facebook has touted.”

This morning, Drummond Reed, founder of connect.me, provided a more reasoned response to the Facebook thread started by Jamie and Dave: “nothing is completely foolproof, but the top trust level in the Respect Trust Framework is human trust anchors, and it’s designed to provide much stronger protection against this kind of attack. Happy to discuss in more detail.”

I must admit that I hadn’t yet studied Drummond’s proposed “Respect Trust Framework,” upon which connect.me is based, so I looked it up.  I recommend that you read Drummond’s recent blog post, “Trust Levels and Trust Anchors” and the referenced paper, “Building Lasting Trust: The Game Dynamics of the Respect Trust Framework.”

I found it particularly interesting to read the five basic principles upon which the trust framework is based.  It is clear that the Cold Case guy, the connect.me gamers and the Facebook charlatan had violated at least four of the basic principles:

  1. Promise (We will respect each other’s digital boundaries). Every Member promises to respect the right of every other Member to control the identity and personal data they share within the network and the communications they receive within the network.
  2. Permission (We will negotiate with each other in good faith). As part of this promise, every Member agrees that all sharing of identity and personal data and sending of communications will be by permission, and to be honest and direct about the purpose(s) for which permission is sought.
  3. Protection (We will protect the identity and data entrusted to us). As part of this promise, every Member agrees to provide reasonable protection for the privacy and security of identity and personal data shared with that Member.
  4. Portability (We will support other Members’ freedom of movement). As part of this promise, every Member agrees to ensure the portability of the identity and personal data shared with that Member.
  5. Proof (We will reasonably cooperate for the good of all Members). As part of this promise, every Member agrees to share the reputation metadata necessary for the health of the network, including feedback about compliance with this trust framework, and to not engage in any practices intended to game or subvert the reputation system.

Respect, Good Faith, Trusted Protection, Freedom and Cooperation.  I agree that these fundamental principles will engender trust among people and allow people to interact in a safe, trusting way.  It reminds me of one of my favorite quotations from one of our Founding Fathers, James Madison:

To suppose that any form of government will secure liberty or happiness without any virtue in the people, is a chimerical idea.

I propose that success of the Trust Framework will be based on essentially the same foundation – the moral virtue of people who participate.

The Trust Anchor concept and Complaint process within the Trust Framework are safeguards against the bad apples who will inevitably try to game the system, just like police officers and the justice system attempt to enforce the rule of law in our society.  However, as there will never be enough police officers, lawyers and judges to enforce the law unless the people of our society are largely trying to act, on their own accord, in civil, moral ways, I suspect that success of the Trust Framework will depend on the vast majority of people voluntarily acting in accordance with the basic principles outlined above.

So, what about Reputation, Street Cred and Identity Assurance?  A few parting thoughts.

  1. I like the idea of connect.me.  It would nice to have some sort of badge on my blog that shows my connect.me “score” – my living tombstone, as it were – an indicator of my reputation.
  2. I will always try to abide by the foundation principles of the Trust Framework, just like I try to live the underlying moral principles of our civil society. I like to think that someday, angels will declare that Mark Dixon was an upright kind of guy.
  3. I will always be wary of the “Street Cred” or so-called reputation of someone I don’t know, unless I receive a positive assurance from “Trust Anchors” that I personally know and trust.
  4. I will keep my eyes wide open for people who try to game the system.
  5. Will connect.me emerge as a viable solution to the elusive demands of a universal Identity Assurance system?  We’ll wait and see.

My two cents for the day …

 
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.