Article: "Why protecting privacy is a losing game today—and how to change the game"
Dear UMAnitarians, You might find this article interesting: "Why protecting privacy is a losing game today—and how to change the game". https://www.brookings.edu/research/why-protecting-privacy-is-a-losing-game-t... Best -- thomas --
Thanks Thomas; There are also a couple of new books that UMAnitarians might look at: Hartzog's Privacy's Blueprint <https://www.amazon.com/Privacys-Blueprint-Battle-Control-Technologies/dp/0674976002> Waldman's Privacy as Trust <https://www.cambridge.org/core/books/privacy-as-trust/C5F22BAD9EB53AF6C4098D8FC5B64C81> (a prior paper is available on SSRN <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2309632>) John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN> *Privacy Tools* Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification> JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/> "The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534> On 14 July 2018 at 10:41, Thomas Hardjono <hardjono@mit.edu> wrote:
Dear UMAnitarians,
You might find this article interesting: "Why protecting privacy is a losing game today—and how to change the game".
https://www.brookings.edu/research/why-protecting- privacy-is-a-losing-game-today-and-how-to-change-the-game/
Best
-- thomas --
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Cam Kerry’s call for a better approach to privacy and data security is important and timely. Some time ago, I put his Consumer Privacy Bill of Rights into prose object format and did a sketch of how it could be directly adopted between consumers and companies in the format of a privacy policy. That uses contract law to effect micro-legislation, the “law of the parties.” More generally, the World Economic Forum and others are working on this in the context of data sharing for epidemic response. We are exploring using work by Chatham House as a base for a universal, federated approach. I’ve written this up in the Google Doc below. It mentions some of the challenges of a legislative approach and can be understood to be a kind of crowd-source, internet-speed version of “common law” alternative Cam discusses. The Golden Rule hammered into very specific shapes by parties, advocates, groups, governments making decisions at their own levels. UMA seems an important part of this. Colin also pointed out the fit with the Consent Receipt project. Jim A federated approach to the rules of data sharing: https://docs.google.com/document/d/1rpmMPAbdEEKRGDCuZpA4AShTxYF1jJCHG8iudvMr... <https://docs.google.com/document/d/1rpmMPAbdEEKRGDCuZpA4AShTxYF1jJCHG8iudvMrTXk/> Cam Kerry’s CPBR - older work, and very relevant: http://www.commonaccord.org/index.php?action=list&file=Wx/gov/whitehouse/OMB/Legislative/Letters/cpbr-act-of-2015/ <http://www.commonaccord.org/index.php?action=list&file=Wx/gov/whitehouse/OMB/Legislative/Letters/cpbr-act-of-2015/>
On Jul 14, 2018, at 9:20 AM, John Wunderlich <john@wunderlich.ca> wrote:
Thanks Thomas;
There are also a couple of new books that UMAnitarians might look at:
Hartzog's Privacy's Blueprint <https://www.amazon.com/Privacys-Blueprint-Battle-Control-Technologies/dp/0674976002> Waldman's Privacy as Trust <https://www.cambridge.org/core/books/privacy-as-trust/C5F22BAD9EB53AF6C4098D8FC5B64C81> (a prior paper is available on SSRN <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2309632>)
John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN>
Privacy Tools
Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification> JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/>
"The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534>
On 14 July 2018 at 10:41, Thomas Hardjono <hardjono@mit.edu <mailto:hardjono@mit.edu>> wrote:
Dear UMAnitarians,
You might find this article interesting: "Why protecting privacy is a losing game today—and how to change the game".
https://www.brookings.edu/research/why-protecting-privacy-is-a-losing-game-t... <https://www.brookings.edu/research/why-protecting-privacy-is-a-losing-game-today-and-how-to-change-the-game/>
Best
-- thomas --
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org <mailto:WG-UMA@kantarainitiative.org> https://kantarainitiative.org/mailman/listinfo/wg-uma <https://kantarainitiative.org/mailman/listinfo/wg-uma>
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
I like that he talks a lot about IoT and how it demands new thinking; it's an area I've become very familiar with. Looking at the Consumer Privacy Bills of Rights language (Accordified <http://www.commonaccord.org/index.php?action=doc&file=Wx/gov/whitehouse/OMB/Legislative/Letters/cpbr-act-of-2015/Bill/CPBR_Act_Of_2015.md>), I see a framework that is aspirational, but it's still pretty familiar. It doesn't have a lot of needed specifics (as the author seems to agree). As I've been pointing out for a while -- I may have shared my Nov 2016 Gartner talk on this subject at some point in a WG or legal subgroup call, see attachment for a relevant snippet -- we already have lots of sets privacy principles. Also, its enforcement provisions have no private right of action; it would all be down to a government agency, somewhat EU GDPR-style, which wouldn't be my preference. It was my understanding that it's the different bases for privacy rights in the EU vs. US, human vs. property rights, that leads to the GDPR enforcement regime. Maybe somebody can explain why I'm wrong... GDPR, of course, starts to get into what my talk called "sharper-edged criteria", deciding numerical boundaries and such (breach notification deadlines! fines! what consent means!), which of course is where arguments tend to crop up. That's where the US would have to go to have something meaningful. I do think and hope that the UMA business model -- suitably abstracted away from UMA technology as required -- could usefully influence legislators and regulators when it comes to identifying some of the necessary sharper-edged criteria. As we noted on the last WG call <https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2018-07-12>, *"...UMA can provide value in separating "personal information" services from "protection" services"* -- and most laws have no conception that this is even possible or important. p.s. You can check out my Identiverse slides on how consent needs to be retooled for IoT and the connected car era, involving UMA and IRM and potentially even AI, here <https://www.dropbox.com/s/sxwl4rjm5lnqs6f/Identiverse%20Don%27t%20Pave%20Privacy%20Cow%20Paths%202018-06-27.pdf?dl=0>. (Worth uploading this to the UMA wiki home page?) *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl On Sat, Jul 14, 2018 at 11:11 AM, James Hazard <james.g.hazard@gmail.com> wrote:
Cam Kerry’s call for a better approach to privacy and data security is important and timely. Some time ago, I put his Consumer Privacy Bill of Rights into prose object format and did a sketch of how it could be directly adopted between consumers and companies in the format of a privacy policy. That uses contract law to effect micro-legislation, the “law of the parties.”
More generally, the World Economic Forum and others are working on this in the context of data sharing for epidemic response. We are exploring using work by Chatham House as a base for a universal, federated approach. I’ve written this up in the Google Doc below. It mentions some of the challenges of a legislative approach and can be understood to be a kind of crowd-source, internet-speed version of “common law” alternative Cam discusses. The Golden Rule hammered into very specific shapes by parties, advocates, groups, governments making decisions at their own levels.
UMA seems an important part of this. Colin also pointed out the fit with the Consent Receipt project.
Jim
A federated approach to the rules of data sharing: https://docs.google.com/document/d/1rpmMPAbdEEKRGDCuZpA4AShTxYF1j JCHG8iudvMrTXk/
Cam Kerry’s CPBR - older work, and very relevant: http://www.commonaccord.org/index.php?action=list&file=Wx/ gov/whitehouse/OMB/Legislative/Letters/cpbr-act-of-2015/
On Jul 14, 2018, at 9:20 AM, John Wunderlich <john@wunderlich.ca> wrote:
Thanks Thomas;
There are also a couple of new books that UMAnitarians might look at:
Hartzog's Privacy's Blueprint <https://www.amazon.com/Privacys-Blueprint-Battle-Control-Technologies/dp/0674976002>
Waldman's Privacy as Trust <https://www.cambridge.org/core/books/privacy-as-trust/C5F22BAD9EB53AF6C4098D8FC5B64C81> (a prior paper is available on SSRN <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2309632>)
John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN>
*Privacy Tools*
Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification>
JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/>
"The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534>
On 14 July 2018 at 10:41, Thomas Hardjono <hardjono@mit.edu> wrote:
Dear UMAnitarians,
You might find this article interesting: "Why protecting privacy is a losing game today—and how to change the game".
https://www.brookings.edu/research/why-protecting-privacy- is-a-losing-game-today-and-how-to-change-the-game/
Best
-- thomas --
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
Thanks for these recommendations, John. Do you have these books yet? If so, would love for you to share a few "book club" type notes on a call or here so (speaking selfishly here!) I can decide where to spend my buying and reading budget... *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl On Sat, Jul 14, 2018 at 9:20 AM, John Wunderlich <john@wunderlich.ca> wrote:
Thanks Thomas;
There are also a couple of new books that UMAnitarians might look at:
Hartzog's Privacy's Blueprint <https://www.amazon.com/Privacys-Blueprint-Battle-Control-Technologies/dp/0674976002>
Waldman's Privacy as Trust <https://www.cambridge.org/core/books/privacy-as-trust/C5F22BAD9EB53AF6C4098D8FC5B64C81> (a prior paper is available on SSRN <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2309632>)
John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN>
*Privacy Tools*
Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification>
JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/>
"The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534>
On 14 July 2018 at 10:41, Thomas Hardjono <hardjono@mit.edu> wrote:
Dear UMAnitarians,
You might find this article interesting: "Why protecting privacy is a losing game today—and how to change the game".
https://www.brookings.edu/research/why-protecting-privacy- is-a-losing-game-today-and-how-to-change-the-game/
Best
-- thomas --
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
I've put them in my queue. Will get back to you in a couple of weeks. John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN> *Privacy Tools* Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification> JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/> "The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534> On 17 July 2018 at 13:36, Eve Maler <eve@xmlgrrl.com> wrote:
Thanks for these recommendations, John. Do you have these books yet? If so, would love for you to share a few "book club" type notes on a call or here so (speaking selfishly here!) I can decide where to spend my buying and reading budget...
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Sat, Jul 14, 2018 at 9:20 AM, John Wunderlich <john@wunderlich.ca> wrote:
Thanks Thomas;
There are also a couple of new books that UMAnitarians might look at:
Hartzog's Privacy's Blueprint <https://www.amazon.com/Privacys-Blueprint-Battle-Control-Technologies/dp/0674976002>
Waldman's Privacy as Trust <https://www.cambridge.org/core/books/privacy-as-trust/C5F22BAD9EB53AF6C4098D8FC5B64C81> (a prior paper is available on SSRN <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2309632>)
John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN>
*Privacy Tools*
Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification>
JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/>
"The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534>
On 14 July 2018 at 10:41, Thomas Hardjono <hardjono@mit.edu> wrote:
Dear UMAnitarians,
You might find this article interesting: "Why protecting privacy is a losing game today—and how to change the game".
https://www.brookings.edu/research/why-protecting-privacy-is -a-losing-game-today-and-how-to-change-the-game/
Best
-- thomas --
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Thanks everyone for such an interesting thread. I was working through my long list of 'to do's'. Next up was 'Share Jim Hazards email thread from a week or so ago with the Consent and Info Sharing WG'. As I search my overflowing email box for emails from Jim, I find this one I had not had a chance to open, and see one of the two data driven/data sharing links from Jim. The linkage building out from Thomas's post of the Brookings article that traverses history to get to the Consumer Privacy Bill (an excellent read BTW) plus extra context thrown in from Jim and Eve has been great. To those on the CIS WG, advance apologies when you see some of Jim's links again. Kind regards Colin Executive Director Cell: +44 (0)7490 266 778 @KantaraColin Kantara Consent Receipt and UMA are 2 of the top 5 <https://identiverse.com/2017/12/18/five-identity-trends-watch-2018/> Kantara Initiative Inc <https://kantarainitiative.org/> & Kantara Initiative, Europe On Tue, Jul 17, 2018 at 8:17 PM, John Wunderlich <john@wunderlich.ca> wrote:
I've put them in my queue. Will get back to you in a couple of weeks.
John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN>
*Privacy Tools*
Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification>
JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/>
"The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534>
On 17 July 2018 at 13:36, Eve Maler <eve@xmlgrrl.com> wrote:
Thanks for these recommendations, John. Do you have these books yet? If so, would love for you to share a few "book club" type notes on a call or here so (speaking selfishly here!) I can decide where to spend my buying and reading budget...
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Sat, Jul 14, 2018 at 9:20 AM, John Wunderlich <john@wunderlich.ca> wrote:
Thanks Thomas;
There are also a couple of new books that UMAnitarians might look at:
Hartzog's Privacy's Blueprint <https://www.amazon.com/Privacys-Blueprint-Battle-Control-Technologies/dp/0674976002>
Waldman's Privacy as Trust <https://www.cambridge.org/core/books/privacy-as-trust/C5F22BAD9EB53AF6C4098D8FC5B64C81> (a prior paper is available on SSRN <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2309632>)
John Wunderlich, BA, MBA @PrivacyCDN <https://twitter.com/PrivacyCDN>
*Privacy Tools*
Kantara Initiative <https://kantarainitiative.org/>: Consent Receipt Specification <https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification>
JLINC Labs <https://www.jlinclabs.com/>: Data Provenance Solutions <https://www.jlinclabs.com/solutions/>
"The sad truth is that most evil is done by people who never make up their minds to be good or evil.” ― Hannah Arendt <https://www.goodreads.com/author/show/12806.Hannah_Arendt>, The Life of the Mind <https://www.goodreads.com/work/quotes/122534>
On 14 July 2018 at 10:41, Thomas Hardjono <hardjono@mit.edu> wrote:
Dear UMAnitarians,
You might find this article interesting: "Why protecting privacy is a losing game today—and how to change the game".
https://www.brookings.edu/research/why-protecting-privacy-is -a-losing-game-today-and-how-to-change-the-game/
Best
-- thomas --
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma
participants (5)
-
Colin Wallis Kantara -
Eve Maler -
James Hazard -
John Wunderlich -
Thomas Hardjono