My Digital FootPrint

How many people do you need before identity has value - two! How come, as an industry where 3.2bn ( McKinsey ) people have a digital identity, are we so fragmented, uncoordinated and disagreeable?  It is evident that our ongoing discussions about identity, ethics, bias, privacy and consent revolve around a lot of noise (opinions) but little signal (alignment), but why?  Recognising that in 30 years of digital identity, we still lack coherent and coordinated action to make it work for everyone is a reality. Perhaps it is time to recognise that it is “us”, the industry, who are the problem.  We continue in our self confirming opinions, righteous products and determination to win at all costs.  I am not saying we have not made progress or done amazing things, but we have not done as well as we should have! As identity now takes several forms insomuch that it emerges from interactions with a system (say payment & reputation), is foundational (given by an authority, a credential), and

The purpose of this post is to explore the topic of CONSENT, which I have been writing about for over 6 years. I have unpacked consent in many articles and have concluded that as we unpack each layer of consent, we find that it is not what you thought it was. CONSENT is a mix of technology, ethics, policy, law, requirements, economics, data, marketing and trust to name a few. There are three paths leading from consent being requested to consent being agreed by the user. Path 1 is that you use your design skills to manufacture the users consent, using colour, fonts, buttons, processes with the intent to gain consent without interfering with the real business purpose. Lowest possible barrier. Path 2 is where we depend on each team (marketing, sales, operations and tech) doing their own thing and determine their own methods to gain and confirm consent to satisfy their requirements. Confusion often becomes evident Path 3 is where the organisation designs consent to be aligned to its own

#facebook published “ Charting a Way Forward on Privacy and Data Portability ” on 4/10/19 however it is *not* a white paper but a document seeking free guidance and input. In their own words “To address these challenges, we’re seeking feedback and guidance from a wide range of stakeholders about how to build portability in a way that empowers people and fosters competition while maintaining their trust in online services” I have, like many others, given a lot of input over the years to Facebook for free via invites to brainstorms, private sessions and roundtables. In all cases massive promises are made by #Facebook about what next but they never deliver. No papers, no summary, no write up, no thanks – nothing. I set out my thinking on the #facebook data portability paper at the end as interest to those who might also read the paper. I have been exploring the topic of data portability for some time. This piece explores the strategic opinions for market models and the regulators stanc

peeling back the layers — thanks to  James Abell  for the minecraft illustration. We love the model or analogy about peeling an onion. We peel back one layer to reveal a new similar layer, each layer enabling us to offer a new idea or thinking and adding complexity. Often we use this model for ourselves to get to our inner core and what values drive us. C onsent:  in digital context is being explored in many places by many people.  Kantara  and MEF are two good examples. However, I am finding that as I peel, explore and uncover the “onion” of layered consent, I find that the next layer is not more onion [ with deeper inner meaning driving me to a core philosophy ] but rather I find something totally new, indeed I don;t start with an onion but a coconut. Inside my coconut I find an orange, then a Kiwi, then a grapefruit, passing a passion fruit and then a dragon fruit. Peeling this inner core, I hope to find inner meaning but it only reveals a two spouted teapot! Why use di

I am just unaware of how consent has become either of these two options?   Which director at either of these businesses has (any) viability of what their companies have done.  I have explored here why optin/ optout needs to come back to the board and these both show great reasons why? How is liking something informed consent ? @sportaustralia How is no option - apart from agree - consent ? @ITV and when I follow the links what do I get - a right old mess.  Change the settings that then gets ignored when I come back to agree, I get the default everything and far far more than you get a better experience - surveillance and tracking goodies. If this not mis-leading I have no idea what qualifies for mis-leading. 

Consent is complex , however it has to be solved - so what would a user experience look like? Given that we have to convey an awful lot of messages in a very small space, in a short about of time and be sure we have done our best efforts to make the user aware of what they are agreeing to. Given that under the ideals of data portability/ sharing the user should be able to choose, any system cannot favour or stop the user from doing anything, but we should enable the user to make an informed decision.  This is not a solution, but presented as a conceptual framework of what we need to achieve.  sets out the red, amber, green or some other colour base format. The colour itself would be calculated from answering a set of questions, and the answers to those questions will be key to informing the user about what the company can and will do with their data if the users agrees. A company cannot pick their colour, it is be calculated and provable based on a standard me

For sometime it has been a wrestle as to why "consent" could be the wrong word.  I have looked at a number of ways of exploring this thinking, but have failed to nail the "why."  Here are a few previous blog exploring the thinking: Why the portability of consent is important is  explored here   Layered consent is like peeling an onion, only to find it is not an onion is explored here Why opt-in and opt-out are the beginnings of consent is explored here What level of consent is reasonable the balance of forgiveness vs approval is explored here So this thinking got me looking at when consent ends in the traditional sense of the word.  Consent being that you provide your approval for something to happen. In the context it is used in law, consent is most often interrupted for the next action, next event or next period of time and once the event, time or action has passed the original consent is lapsed and new consent is sort. Consent cannot be assumed o

The economic argument and case for data portability (mobility) is set out here. Running with the assumption that you agree that data portability/ mobility will create value for the data economy, we need to also think about the thorny issue of layered consent. Some posts that have explored areas of consent Layered Consent: like peeling the onion, only to find it is not an onion! Why “#Privacy-by-Design” is more than playing the game of #ethics of opt-in or the #morals of opt-out. What level of consent is reasonable ..... However in this post, the purpose is to explore what happens when a copy of the data has arrived at the new home, where is consent.  Define :     User                                   [an individual who has agreed to the T&Cs’ to access or use a Data_Holder’s service] Define :    UserData                           [data collected by a Data_Holder from a user] Define :    Data_Holder                     [the entity that has collected UserData fro

Key message : decisions regarding the right type of initial explicit and informed “consent” sort from customers is currently a delegated authority from the board. This article argues that there is an imperative to bring back “consent” decisions to the board; at least for a while. The board needs to debate “consent” in light of ideas such as “privacy by design”, ethical AI, brand values, privacy policy, cookie policy and culture; given that consistency across these critical business areas are increasingly core differentiators. - - As a context, much of the classic(al) thinking and definition(s) of consent are here on wikipedia . There is excellent technical work on consent from Kantara for both the user interface and back office processes based on new consent thinking. MEF is publishing really helpful thinking on UI/UX. In the idea of implementing “privacy by design”, I published this blog exploring the concept of Approval vs Forgiveness as the method of gaining consent when consid

Image: https://cdn-grid.fotosearch.com/CSP/CSP462/opt-out-vs-in-marketing-consent-agree-clip-art__k60530152.jpg Key message : the simple decision about seeking the right “consent” is currently an unseen delegated authority. There is a need to bring back consent decisions to the board. At the board we need to debate consent in light of the ideals such as “privacy by design” and brand position; given that consistency across a business is now more important than a single commercial decision. - o - As a context, much of the classic(al) thinking and definition(s) of consent are here on wikipedia . There is excellent technical work on consent from Kantara for both the user interface and back office processes based on new consent thinking. In the idea of implementing “privacy by design”, I published this blog exploring the concept of Approval vs Forgiveness as the method of gaining consent when considering, specifically, innovation. We explored that the purity of a positio