28032012 Jan Peter Bergfeld, 10 Aandachtspunten voor ePortfoliosystemen op ba...
19032013 Jacques Bus user controlled personal data management
1. De Burger Bediend
User-controlled Personal Data Management
Jacques Bus
Digital Enlightenment Forum
ePortfolio Expert Meeting
19 Maart 2013, Utrecht, NL
2. For a sustainable digital society in which:
• position and rights of the individual in good relation to the rest of society are
supported
• digital technology helps us to express our identities
• the core societal values we cherish now are taking into account
To find game-changing solutions that stimulate innovation and sustainable
evolution and therefore are beneficial to all.
www.digitalenlightenment.org
Board: Jacques Bus, Kim Cameron, Malcolm Crompton, Willie Donnelly, Mireille Hildebrandt,
George Metakides, Björn Ottersten, Elly Plooij– van Gorsel, Reinhard Posh, Kai Rannenberg
Honorary members: Sir Tim Berners Lee (MIT), Ann Cavoukian
(DPC Ontario), Masao Horibe (JP), Michael Kirby (AU)
Hamadoun Touré (ITU)
3. Digital Enlightenment - Activities
Our activities aim at:
• better understanding of social impact and policy implications of rapidly
developing digital technologies
• facilitate novel forms of multi-stakeholder, multi-level and multi-disciplinary
collaborations
• align technology with basic values and social needs and engage key scientists,
industrialists and policy- and decision makers in the process.
• strengthen trust and acceptance of products, services and digital infrastructure.
A movement, aiming at a broader audience advocating for and modeling a digital
democracy.
We call for members (persons and organisations) to participate in this movement
and contribute to its mission.
• DEF Forum 2013 in Brussels (18-20 Sep): Personal Data and Citizenship in the
Digital Society
• DEF Yearbook 2013: The Value of Personal Data
info@digitalenlightenment.org
4. User-controlled
Personal Data Management (PDM)
• Privacy and PD protection is not the same
• PDM: Managing the flow of data to ensure that it can
deliver the perceived value to the individual
• Identity, multiple IDs, Attribute-based credentials.
“Appropriate PDM”:
• Individual controls access and use for sufficient autonomy
to form identity (in broad sense)
• Can present attributes depending on context of transaction
• Enables constraints relevant to culture and social and legal
norms
5. User-controlled
Personal Data Management (PDM)
Three layers:
1. Trustworthy Infrastructure - architecture, interoperability,
platforms for ABC, audit structure, policy compliance,
(trust) governance
2. Data management - incl. data flow control, access and
use; new business models of SP leaving PD control to end
user; new models and management of storage
3. User Interaction –enabling users to specify permissions or
policies simply and intuitively. Consideration for user’s
mental model, personal preferences, cultural differences
and norms and judiciary
6. User-controlled
Personal Data Management (PDM)
Many perspectives:
1. Technical- Trust environments and networks, data vaults, multiple ID and
ABC management, PbD, PIA, policy compliance, auditing and logging, ...
2. Economical – Valorisation, propertisation of PD. New innovative business
models based on other relationship SP-user (Life Management Platforms).
Service innovation.
3. Legal – privacy as human right, dignity, liberty, ... . New EU DP regulation,
law enforcement. Code = Law, inscrutable systems that impose constraints
without democratic control, legal governance and liability
4. Socio-Political – trustworthiness of infrastructure, institutions and
applications; are people involved and do they have confidence and find
their place as respected members of the changing society?
5. International – the role of national (jusridictional) borders, international
agreements , standards and cooperation
...
7. User-controlled PDM and
ePortfolio management
All 3 levels must be considered in ePortfolio management:
• Trusted infrastructure: architecture, platform, standards,
interoperability, (e.g. incl. ABC, data minimisation and claim
management, purpose binding of data); trust governance;
policy compliance
• Data management: instruments to control data flow: access
(authentication), integrity and use of PD.
New business models for relation between service provider
(broker) and clients (potential employers and employees).
Will existing brokers change or be moved out?
• User interaction: cultural, sectorial rules, norms; educational
level of user, searching a job or posting availability; relevance of
certain data; personal preferences
8. User-controlled PDM and
ePortfolio management
Many Perspectives to be considered:
• Technical: Available technology (Trust platforms or architectures;
policy enforcement, ABC, PbD, PIA, …)
• Economical: Business models, change patterns, resistence of
existing stakeholders, new market actors
• Legal: Governance, EU regulation on DP and ID, authentication
and signature; national laws on employee protection, education, …
• Socio-political: Acceptance by stakeholders, social innovation,
political pressure
• International: cross-border activities on labour and education
market (Web universities, international job competition)
9. Conclusions
• PDM systems innovation and introduction need a layered and
multi-facetal approach;
• It is necessary to include all stakeholders on the market,
incl. existing companies that use old structures or technology
• Try to start on a sectorial basis:
many-to-many for job matching or eHealth: Trust platform?
one-to-many approach in HR management: QIY-type architecture?
one-to-many in education: web-based learning
10. Thank you
for your
Attention
QUESTIONS ?
DigiTrust.EU
Trust in the Digital Society
www.digitrust.eu