The document discusses digital responsibility and trust issues in the digital age, highlighting three main contexts: the corporate sector, entertainment and media, and cloud computing. It emphasizes the need for a paradigm shift towards user trust, rather than distrust, in information management, and calls for socially responsible management of personal information within social networks. The author posits that digital literacy and participation are essential for shaping a sustainable digital society.

1. Digital Responsibility:
Towards a New World Order ?
National Information Society Agency
Seoul, South Korea
Prof. Jean-Henry Morin
University of Geneva – HEC
Institute of Services Science
Jean-Henry.Morin@unige.ch
http://jean-henry.com/
Seoul, November 9, 2011

2. Outline
• Intro & Context
• Example #1 : Trust in the Digital Age
• 1 Paradox
• 3 situations
• Enterprise & Corporate Sector
• Entertainment & Media
• Cloud Computing
• 1 Discussion
• Example #2 : Personal Information in the Digital
Age
• Discussion and Open Issues
J.-H. Morin

3. Context

4. Smart Society (NIA 2011)
Beyond Web 2.0
Core Values for a Sustainable Future:
Openness
Sharing
Cooperation
Are we ready for this ?
Ludwig Gatzke
J.-H. Morin

5. Example #1
Trust in the Digital Age

6. A Paradox
We talk about Trust and Trusted Computing in
the digital age…
…but everything relies on a distrust
assumption
http://zatoichi.homeip.net/~brain/TrustedComputing.jpg
J.-H. Morin

7. Situation #1
Enterprise & Corporate Sector

8. Who has NEVER « worked around » security
policies to legitimately complete work that systems
Prevented from doing ?
J.-H. Morin

9. 53 % !!!
J.-H. Morin

10. Enterprise & Corporate Sector:
Corporate Security Policies
• 53% admit circumventing corporate security policies
to get the work done (EMC RSA Security, 2008)
• Among the most cited reasons justifying
circumventing corporate security policies (Cisco,
2008)
a) Doesn’t correspond to the operational reality nor to what is
required to get the work done
b) Need to access applications not belonging to or authorized by
corporate IT policies to work
• Consequences: increase in risks and costs
• Requires « creativity » to get the job done !
• Increased stress due to unauthorized actions
• Inefficiencies
• Untraceable transgressions / violations
J.-H. Morin

11. Situation #2
Entertainment & Media

12. New Media Warrants New Thinking
© Chappatte in "Le Temps" (Geneva), Jan 21, 2006
J.-H. Morin

13. How did we get here…
… a dystopian scenario ?
http://www.flickr.com/search/?q=DRM
J.-H. Morin

14. Some Popular Misconceptions
• Information Wants to be “free”
• DRM is Evil : “Digital Restriction
Management” (FSF, EFF, etc.)
• Users are Criminals : 12 year old
girl sued by RIAA
• P2P is “bad” : File Sharing &
Downloading is a Crime
Etc.
J.-H. Morin

15. Remix & ©
Ted Talks, Mars 2007
Larry Lessig: How creativity is being strangled
by the law
http://www.ted.com/index.php/talks/view/id/187
Universal Music VS dancing toddler
Fair Use ?

16. RIAA Scum Bird
J.-H. Morin http://bit.ly/akxivr

17. Extremism
• Larry Lessig Speech at Italian
Parliament: Internet is Freedom
http://blip.tv/file/3332375/
VS 2 M iPads sold in 60 days !!!
J.-H. Morin

18. The Legal haystack!
Three Strikes Graduated Response
French HADOPI Three-Strikes Graduated
Response invites itself to the land of
Shakespeare
J.-H. Morin

19. Doomed initiatives !
• Fundamental Rights:
• Internet access has been recognized as a fundamental
right, EU Parliament massively rejects three strikes
graduated responses (481 votes against 25, in 2010)
• Technically inapplicable:
• Deep Packet Inspection and false positives
http://dmca.cs.washington.edu/
• Legally inapplicable:
• Territorial nature of such laws VS global media
• ACTA
J.-H. Morin

20. Entertainment & Media
• Consequences :
• Criminalizing ordinary people (no impact on organized
crime)
• Loss of hard fought rights ! (Fair Use, private copy,
etc.)
• Presumption of guiltiness ! (onus probandi ?)
• Internet access is increasingly recognized as a
fundamental right (EU parliament)
• Exclusion, Inapplicability technical and legal
• Etc.
J.-H. Morin

21. Situation #3
Cloud Computing

22. Cloud Computing
• The World is Changing: PaaS, IaaS, SaaS
Etc.
J.-H. Morin

23. Cloud Computing
• So are customers
J.-H. Morin Etc.

24. Discussion
What do these 3 situations teach us
about Trust in the digital age ?

25. Discussion
• Situations 1 et 2 :
• Enterprise and Corporate
• Entertainment and Media
Rely on an fundamental assumption:
« Distrust »
Time for a mindset change ?
J.-H. Morin

26. Security is bypassed not
attacked
Inspired by Adi Shamir, Turing Award lecture, 2002!
J.-H. Morin

27. The Human Factor
IMG: J. Anderson
J.-H. Morin

28. Discussion
• Situation 3
• Cloud : There’s Hope!
Is it an Emerging sign of
« Trust »
?
J.-H. Morin

29. People will dominate your future
Information Security
!"#$%&'(')$%*&%+,&*)-.(/*,%0$1')/(2%/3%4/,5%
.,6%&7'&&28
Debi Ashenden
UK Defence Academy
!"
David Lacey, Managing the human factor in information security, John Wiley & Sons, 2009
J.-H. Morin

30. Discussion
• Is it enough ?
Most likely Not !
• We need to put Trust back to where it belongs :
People !
• Not in « computational » terms
• Reinstate people in their Roles, Rights and Obligations
Digital Responsibility
J.-H. Morin

31. Can we fix “it” ?
• Assuming :
• Security is needed (managed content)
• Total Security is neither realistic nor desirable
• Given the right User Experience and Business Models
most users smoothly comply (e.g., iTunes)
• Most users aren’t criminals
• We need to take a step back to :
• Critically re-think “it”
• Reconsider the debate outside the either/or extremes of
total vs. no security
• Re-design “it” from ground up
J.-H. Morin

32. Rethinking & Redesigning DRM
• Acknowledge the Central role of the User and User
Experience
• Reinstate Users in their roles & rights
• Presumption of innocence & the burden of proof
• Fundamental guiding principle to Rethink and Redesign
DRM : Feltens’ “Copyright Balance” principle (Felten,
2005)
“Since lawful use, including fair use, of copyrighted works is in the
public interest, a user wishing to make lawful use of copyrighted
material should not be prevented from doing so by any DRM
system.”
• Claim and Proposition :
• Put the trust back into the hands of the users
• Reverse the distrust assumption
• Requires a major paradigm shift
J.-H. Morin

33. Rethinking & Redesigning DRM
(cont.)
• Exception Management in DRM environments, mixing
water with fire ? Not necessarily !
• Reversing the distrust assumption puts the user “in
charge”, facing his responsibilities
• Allow users to make Exception Claims, granting them
Short Lived Licenses based on some form of logging and
monitoring
• Use Credentials as tokens for logging to detect and
monitor abuses
• Credential are Revocable in order to deal with abuse and
misuse situations
• Mutually acknowledged need for managed content while
allowing all actors a smooth usability experience
(Morin and Pawlak, 2007, 2008); (Morin 2008, 2009)
J.-H. Morin

34. Technology Transfer
Partnership with Fasoo.com
• June 2011, Integration of the Exception Management
model as « Provisional Licensing »
34
J.-H. Morin

35. Example #2
Personal Information Management
in Social Networks

36. “The Digital Human”
Digital Crumbs
Source : http://samatman.com/
J.-H. Morin

37. Personal Information
Serious Games
• http://www.2025exmachina.net/
J.-H. Morin

38. A “Serious” problem in Social
Networks and Services
Socially-Responsible Management of
Personal Information
• Personal Information
• Different from Personally Identifying Information (PII)
• Subject to legal frameworks in most countries
• Increasingly shared on social networks
• Blurring boundaries between private and public life
Legitimate concern (i.e., rights) over our
information in terms of lifetime, usage
purposes, access, etc.
J.-H. Morin

39. Privacy Made in Google
http://current.com/shows/supernews/91659341_the-google-toilet.htm
J.-H. Morin

40. Problems and Issues
• Publish / share once, publish / share
forever
• Indexing and searching
• Who “owns” and manages YOUR
information (SLAs) ? Raging debates.
• Who’s information is it ?
• Do you retain control ?
• Semantic searching capabilities
J.-H. Morin

41. The Right to Forget
• Right to Forget : fundamental
human right threatened by the digital
nature of information (i.e., searchable)
• Traditional Media (i.e., non digital)
“Memory” erodes over time
• Labor and cost intensive
• Digital Media, requires explicit human
intervention to “make forget” information
(Rouvroy, 2007)
J.-H. Morin

42. France : Legal Approach
(again!)
• French Minister of Forward Planning
and Development of the Digital
Economy
• Public consultation on the issue… …
towards a law on digital forgetfulness…
Finally a “best practice” agreement
J.-H. Morin

43. Anonymity and Privacy
• Anonymity and Privacy are fundamental
to social networking
• It’s not a “bug”, it’s a feature !
• It’s not schizophrenia !
• Multiple legitimate personas (e.g., work, family,
communities, etc.)
• How do we deal with it in a socially-
responsible and ethically sustainable way ?
• Cyber bullying (e.g., Akple in Korea)
Requires traceability and accountability of
information (i.e., managed information)
J.-H. Morin

44. Key Question
• Is Privacy and personal information
threatened by current social
networking services ?
• We contend there is a need for
Managed Personal Information
• Socially-responsible and sustainable
How can we retain an acceptable (by all) level of
control over our personal information ?
J.-H. Morin

45. Proposition
(Morin, 2010)
• Personal Information should be
augmented with a layer accounting for its
management
• Alongside other metadata increasingly
used in addressing the semantic
dimension of our electronic services
• We argue DRM combined with Exception
Management may be a promising path
towards :
• Socially-Responsible management of personal
information in social networks and services
J.-H. Morin

46. From Identity to Personal Information
http://identityblog.com/
J.-H. Morin

47. Argument & Discussion
• What do these Examples tell us ?
• Emerging notion of “ Informed Trust and
Accountability ” : Digital Responsibility
• Cost : Major mindset change + transparency
J.-H. Morin

48. To Summarize
• Web 2.0 has reshuffled the powers
• eParticipation is here to stay
• Change is happening (not something ahead of us)
• Many problems have become global by nature
(thus usual institutions approaches and remedies
are obsolete)
• Responsibility is emerging as a basis for
sustainable digital societal evolution
• Digital Literacy is KEY in shaping the future of our
now digital lives
Join the conversation...
J.-H. Morin

49. Designing the Smart Society
Technology is a means serving practices
and society. Being able to assess and
evaluate the risks as well as the
opportunities is key in enabling a
responsible and sustainable
participative, service oriented society.
In the XXI century, Digital Literacy,
Critical Thinking and Participation are
key elements to Design and shape the
Future of our Smart society
J.-H. Morin

50. … Q & A
Contacts:
@jhmorin Prof. Jean-Henry Morin
University of Geneva – CUI
http://ch.linkedin.com/in/jhmorin Institute of Services Science
http://iss.unige.ch/
http://jean-henry.com/ Jean-Henry.Morin@unige.ch
http://www.slideshare.net/jhmorin