Your SlideShare is downloading. ×
PowerPoint slides
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

PowerPoint slides


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. E-Consent A Critical Element of Trust in e-Business Roger Clarke , Xamax Consultancy Pty Ltd ... .../EC/eConsent.html, eConsent02.ppt 15th Bled Electronic Commerce Conference, Bled, Slovenia, 17-19 June 2002
  • 2. E-Consent A Critical Element of Trust in e-Business Agenda
    • Trust in e-Business
    • Consent
      • Definition
      • Contexts
      • Characteristics
    • e-Consent
      • Process
      • Object
      • Implementations
      • Implementability
  • 3. Fundamental Risks in All Markets That Are Perceived to Be Greater in Marketspaces
    • Seller Default
    • Buyer Default
    • Market Operator Default
    • Intermediary Default
    • Service-Provider Default
    • Tradable Item Quality
    • Fulfilment Quality
  • 4. Trust as an e-Business Enabler
    • Cyberspace adds to Uncertainties, Risk
      • Lack of Information
      • Jurisdictional Issues
    • What are you doing with my money?
    • Will you really deliver the goods?
    • What are you going to do with my data?
  • 5. Trust confident reliance by one party about the behaviour of the other parties
    • Origins in kinship groups
    • Extensible to cultural affinity (i.e. friends)
    • Not directly extensible to business relationships
    • In business, it’s merely what a party has to depend on when no other form of risk amelioration strategy is available
  • 6. Sources of Trust
    • Direct Relationship
    • kinship, mateship, principal-agent, contract, multiple prior transactions
    • Direct Experience
    • prior exposure, a prior transaction or trial
    • Referred Trust
    • 'word-of-mouth', reputation, accreditation
    • Symbols of Trust or Images of Trust
    • brands, meta-brands
  • 7. Latest in a Long Line of Marketer Manoeuvres Dynamic Consumer Profiling
    • Self-Identifying Data, consensually provided
    • ‘ the click-trail’
    • Self-Identifying Data, acquired by trickery
    • e.g. pseudo-surveys, cookies, web-bugs, ...
    • Server-Driven Client-Side Processing
    • JavaScript, Java Applets, CaptiveX, spy-ware, ...
    • Self-Identifying Personal Profile Data
    • aka 'Identity Management'
    • esp. MS Passport / wallets, but also Liberty Alliance
  • 8. Trust Through Buyer Protection
    • Service Longevity and Reliability
    • Transparency of Data About the Seller
    • Fairness of Marketspace Processes
    • Security of Tradable Items and Funds
    • Risk Allocation / Clarity of Risk Exposure
    • Safeguards such as Warranties, Recourse, Insurance, a Credible Insurer of Last Resort
    • Protections for the Buyer’s Data
  • 9. Consent
    • concurrence
    • by a party
    • with an action
    • to be taken by another party
  • 10. Consent Context: The Human Body
    • medical procedures
      • drug prescription, innoculation, surgery
    • acquisition and use of body fluids/tissue/organs
      • donations of blood, semen, bone marrow, kidneys
      • organ donations from the dead
    • acquisition and testing of body tissue/fluids
      • health care diagnostics
      • substance abuse testing
      • suspect identification and suspect ‘elimination’
  • 11. Consent Contexts: e-Business
    • Promotion and Marketing
    • Price, and Terms of Contract
      • (Invitation to Treat)
      • Offer
      • Acceptance
    • Payments
    • Handling of Purchaser Data
      • Commercial Confidence
      • Privacy
  • 12. Consent and Consumer Marketing Practices
    • on the street
    • via mass media
    • at an exhibition site
    • the telephone
    • physical mail-box
    • email-box
  • 13. Contracting and Payments
    • Declaration of Offer
    • Signification of Acceptance
    • Consumer Choice
    • Evidence of Offer and Acceptance
    • Consent to Use Credit-Card Details:
      • Once and Destroy?
      • Once and Retain?
      • Once and Retain, and Re-Use?
  • 14. Consent and Personal Data
    • Consumer Expectations
      • privacy is a 'fundamental human right'
      • excited (and/or numbed) by abuses
      • excited by advocates and the media
    • Particularly Serious Concerns
      • anti-discrimination categories
      • taxation and financial data
      • health data
      • household data
      • location data for persons-at-risk
  • 15. Consent , Personal Data and the Law
    • General Privacy Laws :
      • OECD Guidelines as a framework, 1980
      • EU Directive on Data Protection, 1995/98
      • US – a scatter of laws, but intransigence re a general law, hence 'safe harbor'/FCC
    • Specific Laws , e.g.
      • Spam
      • EU Directive on Cookies?
    • Standards , e.g. Cookies RFCs 2964, 2965
  • 16. Consent, Personal Data and Australian Law
    • Under the Privacy Act 1988 as amended by the Privacy Amendment (Private Sector) Act 2000, wef 21 Dec 01:
      • collection, use and disclosure of personal data are all subject to controls based on consent
      • direct marketing is subject to some specific provisions (much less than the EU demands)
      • what it all means in particular contexts is far from clear; but a level of expectation has been created
  • 17. Characteristics of Consent – 1 of 2
    • {express in writing OR
      • express unrecorded OR
        • implied OR
          • inferred}
    • {declared by 'opt-in' OR
      • presumed with 'opt-out', but
        • subject to the absence of express denial}
  • 18. Characteristics of Consent - 2 of 2
    • legal capacity
    • physical and intellectual capacity
    • informed
      • what scope of actions
      • who may take such action
      • for what purpose may it be taken
      • over what time-period does it apply
    • freely-given
    • revocable and variable
    • delegable
  • 19. e-Consent signification by recorded electronic means of concurrence or otherwise with an action to be taken by another party
    • To achieve trust in the e-business context, recording is essential, in order to enable authentication
    • Recording by electronic means is highly desirable, so as to use the same facilities as the e-business transaction, and to enable automated processing of the consent
  • 20. The e-Consent Process
  • 21. (1) Initiation
    • two parties enter into some form of information interchange, resulting in an intention by one party to provide consent to an action by another
    • possibilities include:
      • email-interchange
      • an exchange between browser and web-server
      • telephone conversation
      • personal contact
  • 22. (2) Declaration of the Consent
    • could be performed on the consent-giver’s own computing facility, or through interactions between the facilities of the two parties
    • possibly an email-interchange, or an exchange between a browser plug-in and web-server script
    • possibly on the site of the marketer or an agent (accountant, solicitor, financial adviser, health care professional), with a signature on an office-copy of the printed document, or a keystroke on a computer
  • 23. (3) Expression of an e-Consent Object (e.g. for the Specific Purpose of Data Access)
    • Access to < data >
    • by <one or more entities or identities , or categories thereof>
    • for <one or more purposes >
    • in <a context >
    • is [consented to | denied]
    • by <an identity >
  • 24. (4) Transmission of the e-Consent Object
    • Transmission Security:
      • virtual private networks (VPNs)
      • channel-encryption measures e.g. SSL/TLS
      • message-encryption tools such as PGP
  • 25. (5) Authentication of the e-Consent
    • Authentication of Individual Identity
      • possibly digital signature, perhaps using a secure token and even biometrics
      • more easily password / PIN / passphrase
    • Alternatives:
      • Anonymity
      • Pseudonymity
      • Authentication of Attributes / Credentials
      • Authentication of Value
  • 26. Conventional X.509-Based PKI
    • the maths makes lots of unjustifed assumptions
    • private key generation is insecure
    • private key storage is insecure (and unsecureable)
    • X.509 certificates are privacy-hostile
    • acquiring a certificate is utterly privacy-hostile
    • fine print in CAs' contracts denies all liability
    • key revocation is largely unsupported
    • the industry is built on mythology
    • no effective open, public schemes exist
    • if they ever did, they'd be highly privacy-invasive
  • 27. What Conventional PKI Does
    • It provides
    • to the recipient of a message
    • zero assurance about the identity of the sender
    • It provides assurance only that
    • the device that signed the message
    • had access to a particular private key
  • 28. (6) Application of the e-Consent
    • Display-Only ; but with logging, log-analysis, exception-reporting, powers, action against abuses
    • Authorisation / Access Control :
      • permission to access a resource (data, a process) based on consent (or legal authority, or power)
      • absence of permission results in
        • denial of access ('gatekeeper'); or
        • qualified access (with controls as above)
  • 29. Subtleties in an e-Consent Object
    • specific, operational definitions of domains on which data-items are defined, e.g. which data, which other party or which category of parties, which purpose
    • supplementary data (e.g. re power of attorney)
    • general consent with specific denial (all except ...)
    • general denial with specific consent (none except ...)
    • a hierarchy of such qualifications
    • reliable date-time stamps, to support authentication
  • 30. Existing Implementations?
    • 'I accept' buttons (which deny consumer choice)
    • Info-mediaries as agents (are there any?)
    • MS Open Profiling Standard (OPS) (RIP?)
    • So-called ‘Identity Management’ schemes:
      • MS XP, .NET, Passport, wallet, web-services
      • AOL Screen Name, and Quick Checkout
      • Liberty Alliance -
    • W3C Platform for Privacy Preferences (P3P) - or just Platform for Publishing Privacy Policies (P4P)
  • 31. Implementability
    • Marketer uses P3P-like syntax to declare terms, in XML format, in a document on the web-site
    • Consumer uses a browser to access it, and a plug-in to analyse the content and display it
    • Consumer uses a browser plug-in and templates to express a consent in XML format
    • Consumer transmits the consent using SSL
    • Marketer uses a CGI script to analyse it, and either accept, reject, or enter into negotiations
  • 32. e-Consent CONCLUSIONS
    • a critical element of trust in e-business
    • requires maturation beyond old-fashioned 'consumer as prey' marketing philosophies
    • requires inversion of current thinking about 'identity management' and marketer-controlled storage of personal data
    • implementable using existing technologies
    • a research opportunity
    • a business opportunity