Generallly this is what I and some others have been describing
as the problem of "Privacy Beyond First Disclosure"... That is:
- One way to express it is to say that privacy is not the same as
secrecy... I can achieve secrecy by keeping everything to myself
- [viz. "There's no such thing as a shared secret".... ;^)] but
privacy is actually about how I retain control over data which I
disclose.
- At one level, as Bob Blakley put it, you cannot control the
narrative which others construct about you. To that extent you
have to accept that total privacy cannot co-exist with social
interaction. Even a hermit can't stop other people gossiping
about him.
- If you try to retain control over disclosed data by technical
means alone, then as Ben said below, it implies a working and
ubiquitous DRM infrastructure - which is neither technically
realistic nor (probably) socially desirable. The opportunities
such an infrastructure would create for abuse might well outweigh
the potential privacy-related benefit.
- Realistically, a privacy architecture would have to consist,
then, of a combination of technical and non-technical measures...
In other words, part of your privacy protection will come from
factors such as contractual provisions and legal recourse.
- I think that for those factors to work, the technology layer
has to do a better job of providing an audit trail which is
transparent to the right stakeholders, and which introduces a
real possibility of accountability.
- I suspect that something DRM-like has a role to play in that
architecture, if only in the form of something analogous to
watermarking. In other words, if I give my address to two online
merchants and one of them passes it on, against my will, to a
third party, I really neeed to be able to tell which is the leaky
merchant.
Hope this helps -
Robin
On Thu, 13 Jan 2011 12:12 +1300, "Colin Wallis"
wrote:
I agree you cannot prevent it as in a 100% guarantee, but privacy
aware technical design and the use of pseudonymity can make it
darn hard and potentially not worth the effort …. vs. legal
interception for example…
But that's a different realm - law enforcement. It's not user
centric identity management. you design so these two cannot
intersect.
Cheers
Colin
From: community-bounces@kantarainitiative.org
[mailto:community-bounces@kantarainitiative.org] On Behalf Of Ben
Laurie
Sent: Thursday, 13 January 2011 6:01 a.m.
To: Graham Sadd
Cc: community@kantarainitiative.org; Frank Wray;
community@lists.idcommons.net; trutkowski@netmagic.com; Rob
Marano
Subject: Re: [Kantara - Community] [community] an interesting
question
On 12 January 2011 16:49, Graham Sadd <[1]graham.sadd@paoga.com>
wrote:
Trust requires a 2-way interaction and there are considerable
benefits to organisations, public and private, from sharing the
load of Personal Information Management with the subject. Given
that appropriate authentication and Verification procedures are
followed then there are mutual advantages in a record being
accurate and up-to-date, reduced costs and automatic legal
compliance among them.
I do not dispute this, but you should not ask for the impossible:
"What I don’t want is any organisation, public or private,
passing it on without my knowledge or consent.". You cannot
prevent this. You can penalise people who do, but you can't
prevent it.
Graham Sadd
Chairman & CEO
paoga document header
Trusted Relationship Management
T: [2]+44 (0) 1628 510777
M: [3]+44 (0) 7958 056171
E: [4]graham.sadd@paoga.com
W: [5]www.paoga.com
B: [6]blog.grahamsadd.com
From: Ben Laurie [mailto:[7]benl@google.com]
Sent: 12 January 2011 15:58
To: Graham Sadd
Cc: Frank Wray; [8]trutkowski@netmagic.com; Drummond Reed; Mary
Ruddy; Walsh, Alan J; Rob Marano;
[9]community@lists.idcommons.net;
[10]community@kantarainitiative.org
Subject: Re: [community] an interesting question
On 12 January 2011 15:35, Graham Sadd <[11]graham.sadd@paoga.com>
wrote:
What I don’t want is any organisation, public or private, passing
it on without my knowledge or consent.
In order to achieve this you have to make DRM work - and persuade
everyone you interact with to use the hardware required for DRM.
Both seem to be impossible.
Notice/Disclaimer
Internet communications are not secure and the company (PAOGA
Limited) does not accept legal liability for the integrity of the
contents of this message. This email is confidential and the
contents may not be disclosed or used by anyone other than the
intended recipient. If you are not the intended recipient and
receive this email, please immediately contact the sender at the
above location.
Whilst PAOGA Limited attempts to sweep email and attachments for
viri and other malware. It does not guarantee that either virus
or malware-free and PAOGA Limited accepts no liability for any
damage sustained as a result of viral or other similar
infections. Anyone who communicates with us by email is taken to
accept these risks.
PAOGA Limited. Registered Office in UK No: 4572417, Registered
Office: Moor Place, Moorlands Drive, Pinkneys Green, Maidenhead,
Berkshire. SL6 6QS
====
CAUTION: This email message and any attachments contain
information that may be confidential and may be LEGALLY
PRIVILEGED. If you are not the intended recipient, any use,
disclosure or copying of this message or attachments is
strictly prohibited. If you have received this email message
in error please notify us immediately and erase all copies of
the message and attachments. Thank you.
====
_______________________________________________
Community mailing list
Community@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/community
References
1. mailto:graham.sadd@paoga.com
2. tel:+441628510777
3. tel:+447958056171
4. mailto:graham.sadd@paoga.com
5. http://www.paoga.com/
6. http://blog.grahamsadd.com/
7. mailto:benl@google.com
8. mailto:trutkowski@netmagic.com
9. mailto:community@lists.idcommons.net
10. mailto:community@kantarainitiative.org
11. mailto:graham.sadd@paoga.com
Robin Wilton
+44 (0)705 005 2931