Consent Manifesto
From MgmtWiki
Full Title or Meme
The all-too-human users of the World Wide Web have had too little control of their own destiny when interacting with gigantic enterprises either commercial or governmental.
Context
- The context is the World Wide Web as it exists today. Enterprises, both governmental and corporate have taken control in spite of all the grass roots attempts to enforce anarchy.
- Theses presented as propositions for debate concerned with the question user consent in a connected collection of web interactions.
- While the internet was constructed as a fully distributed communications ecosystem, identity was only available from the fully centralized DNS.
- What has happened since commercial enterprises were admitted to the internet with the .com top-level-domain is the total domination by a few gigantic enterprises.
- The requirement for user consent to their interaction is this fully monopolized system needs to be enforced on those gigantic enterprises.
- Consent is always part of some other activity which almost always involves some sort of long term relationship between a human and a corporation.
- The relationship needs some sort of continuity over time for the benefit of both parties.
- The human may chose some pseudonym for the relationship.
- The best case allows the human to establish the terms of the relationship.
- I call this establishment a "consent to create a binding", others call it registration.
- The continuity of binding is established through some sort of "secret credential."
- the simplest form of cred is the cookie placed on a device by a advertisement.
- humans have here-to-fore hand little control of cookies, It is time to change this is some manner.
- there are (at least) two levels of assurance of the continuity (aka AAL1 and AAL2) in the first the human is very casual about the re-establishment of connectivity, in the second the human is purposeful in the re-establishment of connectivity
- The humans have better control as well as better security in AAL2.
- Looking at the way to make aal2, like FIDO & FIDO2 are useful, but cater to the company.
- human-centric purposeful connection re-establishment methods give the human the best opportunity to control the on-going consent process.
- The best method for achieving purposeful human-centric connection (IMHO)) is the smart phone (actually any internet connect device under the users intimate control)