Difference between revisions of "Consent Manifesto"

From MgmtWiki
Jump to: navigation, search
(Context)
(Context)
Line 11: Line 11:
 
# The relationship needs some sort of continuity over time for the benefit of both parties.<blockquote>In order for a corporate entity to be able to notify the user of problems, or for the user to change the terms of the relationship (aka [[Recovery]] and [[Redress]], it must be possible to reconnect at future times. If that is not possible, then the terms of most privacy legislation is also impossible.</blockquote>
 
# The relationship needs some sort of continuity over time for the benefit of both parties.<blockquote>In order for a corporate entity to be able to notify the user of problems, or for the user to change the terms of the relationship (aka [[Recovery]] and [[Redress]], it must be possible to reconnect at future times. If that is not possible, then the terms of most privacy legislation is also impossible.</blockquote>
 
# The human may chose some pseudonym for the relationship.<blockquote>Again, recovery and redress demand that a notification channel remains open.</blockquote>
 
# The human may chose some pseudonym for the relationship.<blockquote>Again, recovery and redress demand that a notification channel remains open.</blockquote>
# The best case allows the human to establish the terms of the relationship.<blockquote>The California legislation, for one example, demands that user not be required to enter any information that is not required. The implication is that the Web site must be honest in specifying which user attributes are essentail and not blocking access if non-essential attributes are omitted.</blockquote>
+
# The best case allows the human to establish the terms of the relationship.<blockquote>The California legislation, for one example, demands that users not be required to enter any information that is not required. The implication is that the Web site must be honest in specifying which user attributes are essential and not blocking access if non-essential attributes are omitted.</blockquote>
# I call this establishment a "consent to create a binding", others call it registration.
+
# This wiki defines this as this establishment a [https://wiki.idesg.org/wiki/index.php/Consent_to_Create_Binding "consent to create a binding"], others call it registration.
 
# The continuity of binding is established through some sort of "secret credential."
 
# The continuity of binding is established through some sort of "secret credential."
 
# the simplest form of cred is the cookie placed on a device by a advertisement.
 
# the simplest form of cred is the cookie placed on a device by a advertisement.

Revision as of 17:54, 4 November 2019

Full Title or Meme

The all-too-human users of the World Wide Web have had too little control of their own destiny when interacting with gigantic enterprises either commercial or governmental.

Context

  • The context is the World Wide Web as it exists today. Enterprises, both governmental and corporate have taken control in spite of all the grass roots attempts to enforce anarchy.
  • Theses presented as propositions for debate concerned with the question of user consent in a connected collection of web interactions. It is past time for a reformation of the WWW.
  1. While the internet was constructed as a fully distributed communications ecosystem, identity was only available from the fully centralized DNS.
  2. What has happened since commercial enterprises were admitted to the internet with the .com top-level-domain is the total domination by a few gigantic enterprises.
  3. The requirement for user consent to their interaction is this fully monopolized system needs to be enforced on those gigantic enterprises.
  4. Consent is nearly always part of some other activity which almost always involves some sort of extended relationship between a human and a corporation.
    Note that extended in this sense is relative as the protocol theoretically can span several seconds to several millennia. As a practical matter, there is no reason to worry about web connections that are less than, say, 30 minutes or longer than a lifetime. Also sovereign entities are left out as they can unilaterally change the rules of the game.
  5. The relationship needs some sort of continuity over time for the benefit of both parties.
    In order for a corporate entity to be able to notify the user of problems, or for the user to change the terms of the relationship (aka Recovery and Redress, it must be possible to reconnect at future times. If that is not possible, then the terms of most privacy legislation is also impossible.
  6. The human may chose some pseudonym for the relationship.
    Again, recovery and redress demand that a notification channel remains open.
  7. The best case allows the human to establish the terms of the relationship.
    The California legislation, for one example, demands that users not be required to enter any information that is not required. The implication is that the Web site must be honest in specifying which user attributes are essential and not blocking access if non-essential attributes are omitted.
  8. This wiki defines this as this establishment a "consent to create a binding", others call it registration.
  9. The continuity of binding is established through some sort of "secret credential."
  10. the simplest form of cred is the cookie placed on a device by a advertisement.
  11. humans have here-to-fore hand little control of cookies, It is time to change this is some manner.
  12. there are (at least) two levels of assurance of the continuity (aka AAL1 and AAL2) in the first the human is very casual about the re-establishment of connectivity, in the second the human is purposeful in the re-establishment of connectivity
  13. The humans have better control as well as better security in AAL2.
  14. Looking at the way to make aal2, like FIDO & FIDO2 are useful, but cater to the company.
  15. human-centric purposeful connection re-establishment methods give the human the best opportunity to control the on-going consent process.
  16. The best method for achieving purposeful human-centric connection (IMHO)) is the smart phone (actually any internet connect device under the users intimate control)
    '

References

Other Material

  • Consent on Campus: A Manifesto (2018-09-04) by Donna Freitas ISBN 978-0190671150 is a completely different view of consent that is eerily similar to the relationship between users and corporations.
    A 2015 survey of twenty-seven elite colleges found that twenty-three percent of respondents reported personal experiences of sexual misconduct on their campuses. That figure has not changed since the 1980s, when people first began collecting data on sexual violence. What has changed is the level of attention that the American public is paying to these statistics. Reports of sexual abuse repeatedly make headlines, and universities are scrambling to address the crisis. 2015 survey of twenty-seven elite colleges found that twenty-three percent of respondents reported personal experiences of sexual misconduct on their campuses. That figure has not changed since the 1980s, when people first began collecting data on sexual violence. What has changed is the level of attention that the American public is paying to these statistics. Reports of sexual abuse repeatedly make headlines, and universities are scrambling to address the crisis.A 2015 survey of twenty-seven elite colleges found that twenty-three percent of respondents reported personal experiences of sexual misconduct on their campuses. That figure has not changed since the 1980s, when people first began collecting data on sexual violence. What has changed is the level of attention that the American public is paying to these statistics. Reports of sexual abuse repeatedly make headlines, and universities are scrambling to address the crisis.