Difference between revisions of "Personal Information Agent"

From MgmtWiki
Jump to: navigation, search
(Context)
(Problems)
Line 6: Line 6:
  
 
==Problems==
 
==Problems==
* Decentralized IDs were created to give user's control of their identifiers, but at the cost of posting those identifiers on a publicly resolvable public ledger. The result is that any user of the the DID can be correlated with any other use of the same DID. Once sufficient correlations have been accumulated against that DID, the person is uniquely identifiable.
+
* Decentralized IDs were created to give user's control of their identifiers, but at the cost of posting those identifiers on a publicly resolvable public ledger. The result is that any usage of the the DID can be correlated with any other use of the same DID. Once sufficient correlations have been accumulated against that DID, the person is uniquely identifiable.
 +
* Most identifier authentication services on the web now offer a [[Service Endpoint]] that can provide information about the identifier. If the user is hosting their identifier on there smartphone, no service endpoint on that phone could be always available for query.
  
 
==Solutions==
 
==Solutions==

Revision as of 14:34, 30 June 2020

Full Title or Meme

Support for a personal assistant to help users control access to their personal information.

Context

  • Relationships on the internet are mostly asynchronous where users would like to have some privacy, but demand that organization a fully transparent about themselves and the motives in accumulating user personal information. This page is concerned solely with natural persons and their desire to not have all of their personal information on display to all enterprises where they interchange information.
  • Researchers at Carnegie Mellon University's CyLab Security and Privacy Institute assessed the degree of autonomy that people would feel comfortable giving to personalized privacy assistants (PPAs).[1] The team surveyed users on three increasingly autonomous versions of PPAs; most participants reacted positively to the first version, which would simply let users know that devices were around them, while a few said it would make them anxious. A second version that knows users' personal privacy preferences, and makes recommendations from that information, also found wide favor, while the third PPA, which would exclude users from decision-making entirely, provoked mixed reactions. CyLab's Jessica Colnago said, "We found that people are definitely interested in having some sort of assistance like that provided by a PPA, but what that assistance looks like varies across the board. In different scenarios with different people, they want different ways of interacting with the system.”

Problems

  • Decentralized IDs were created to give user's control of their identifiers, but at the cost of posting those identifiers on a publicly resolvable public ledger. The result is that any usage of the the DID can be correlated with any other use of the same DID. Once sufficient correlations have been accumulated against that DID, the person is uniquely identifiable.
  • Most identifier authentication services on the web now offer a Service Endpoint that can provide information about the identifier. If the user is hosting their identifier on there smartphone, no service endpoint on that phone could be always available for query.

Solutions

Personal Smartphone Agent

Web based Agent

References

Cataegory:Privacy
  1. Daniel Tkacik, How Much Control Are People Willing to Grant to a Personal Privacy Assistant? (2020-06-18) Carnegie Mellon University CyLab Security and Privacy Institute https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-25b42x32309fx079946&