My Digital FootPrint

For sometime it has been a wrestle as to why "consent" could be the wrong word.  I have looked at a number of ways of exploring this thinking, but have failed to nail the "why."  Here are a few previous blog exploring the thinking: Why the portability of consent is important is  explored here   Layered consent is like peeling an onion, only to find it is not an onion is explored here Why opt-in and opt-out are the beginnings of consent is explored here What level of consent is reasonable the balance of forgiveness vs approval is explored here So this thinking got me looking at when consent ends in the traditional sense of the word.  Consent being that you provide your approval for something to happen. In the context it is used in law, consent is most often interrupted for the next action, next event or next period of time and once the event, time or action has passed the original consent is lapsed and new consent is sort. Consent cannot be assumed o

Image: https://cdn-grid.fotosearch.com/CSP/CSP462/opt-out-vs-in-marketing-consent-agree-clip-art__k60530152.jpg Key message : the simple decision about seeking the right “consent” is currently an unseen delegated authority. There is a need to bring back consent decisions to the board. At the board we need to debate consent in light of the ideals such as “privacy by design” and brand position; given that consistency across a business is now more important than a single commercial decision. - o - As a context, much of the classic(al) thinking and definition(s) of consent are here on wikipedia . There is excellent technical work on consent from Kantara for both the user interface and back office processes based on new consent thinking. In the idea of implementing “privacy by design”, I published this blog exploring the concept of Approval vs Forgiveness as the method of gaining consent when considering, specifically, innovation. We explored that the purity of a positio

The purpose of this post is to explore the topic of CONSENT, which I have been writing about for over 6 years. I have unpacked consent in many articles and have concluded that as we unpack each layer of consent, we find that it is not what you thought it was. CONSENT is a mix of technology, ethics, policy, law, requirements, economics, data, marketing and trust to name a few. There are three paths leading from consent being requested to consent being agreed by the user. Path 1 is that you use your design skills to manufacture the users consent, using colour, fonts, buttons, processes with the intent to gain consent without interfering with the real business purpose. Lowest possible barrier. Path 2 is where we depend on each team (marketing, sales, operations and tech) doing their own thing and determine their own methods to gain and confirm consent to satisfy their requirements. Confusion often becomes evident Path 3 is where the organisation designs consent to be aligned to its own

when considering how your personal digital data should be used by others? The purpose of this post is to explore the ideologies in a digital context, about when should Forgiveness or Approval be used as an appropriate consent method.  Specifically, when a third party needs permission to use/ has used your data.   Consent : opening pandora's box with a familiar scenario.  Imagine a friend needed to borrow your car, would you expect them to ask for your approval or forgiveness and would that change if there was an emergency.  Imagine someone asking to borrow your credit card but then spending more or twice. Which consent method appears appropriate; Forgiveness or Approval. Would the amount spent cloud your opinion or the closeness of the relationship?  In human to human relationships we believe that we have a clear set of boundaries for consent irrespective of approval and forgiveness. However, outside of the very few extreme cases there is a personal judgement

The economic argument and case for data portability (mobility) is set out here. Running with the assumption that you agree that data portability/ mobility will create value for the data economy, we need to also think about the thorny issue of layered consent. Some posts that have explored areas of consent Layered Consent: like peeling the onion, only to find it is not an onion! Why “#Privacy-by-Design” is more than playing the game of #ethics of opt-in or the #morals of opt-out. What level of consent is reasonable ..... However in this post, the purpose is to explore what happens when a copy of the data has arrived at the new home, where is consent.  Define :     User                                   [an individual who has agreed to the T&Cs’ to access or use a Data_Holder’s service] Define :    UserData                           [data collected by a Data_Holder from a user] Define :    Data_Holder                     [the entity that has collected UserData fro

peeling back the layers — thanks to  James Abell  for the minecraft illustration. We love the model or analogy about peeling an onion. We peel back one layer to reveal a new similar layer, each layer enabling us to offer a new idea or thinking and adding complexity. Often we use this model for ourselves to get to our inner core and what values drive us. C onsent:  in digital context is being explored in many places by many people.  Kantara  and MEF are two good examples. However, I am finding that as I peel, explore and uncover the “onion” of layered consent, I find that the next layer is not more onion [ with deeper inner meaning driving me to a core philosophy ] but rather I find something totally new, indeed I don;t start with an onion but a coconut. Inside my coconut I find an orange, then a Kiwi, then a grapefruit, passing a passion fruit and then a dragon fruit. Peeling this inner core, I hope to find inner meaning but it only reveals a two spouted teapot! Why use di

Key message : decisions regarding the right type of initial explicit and informed “consent” sort from customers is currently a delegated authority from the board. This article argues that there is an imperative to bring back “consent” decisions to the board; at least for a while. The board needs to debate “consent” in light of ideas such as “privacy by design”, ethical AI, brand values, privacy policy, cookie policy and culture; given that consistency across these critical business areas are increasingly core differentiators. - - As a context, much of the classic(al) thinking and definition(s) of consent are here on wikipedia . There is excellent technical work on consent from Kantara for both the user interface and back office processes based on new consent thinking. MEF is publishing really helpful thinking on UI/UX. In the idea of implementing “privacy by design”, I published this blog exploring the concept of Approval vs Forgiveness as the method of gaining consent when consid

Via Olswang The Information Commissioner's Office has published guidance to give businesses a "starting point for compliance" with new rules requiring opt-in consent to the use of cookies. The new UK legislation comes into force on 26 May. The Government continues to work with browser manufacturers on a browser-based solution, but the ICO stresses that businesses do need to take compliance steps now, not simply wait and see. The new rules and ICO guidance: what three steps should businesses take now? The background to these changes will now be familiar to many of our readers - but for a quick recap please see our April 2011 update here . In short, the obligation on websites using cookies is being "upped" from a requirement for clear and comprehensive information about cookie use (and the opportunity to refuse cookies) to a requirement for opt-in consent. The new rules are set out in Regulation 6 of the Privacy and Electronic Communications (EC Directive)

Consent is complex , however it has to be solved - so what would a user experience look like? Given that we have to convey an awful lot of messages in a very small space, in a short about of time and be sure we have done our best efforts to make the user aware of what they are agreeing to. Given that under the ideals of data portability/ sharing the user should be able to choose, any system cannot favour or stop the user from doing anything, but we should enable the user to make an informed decision.  This is not a solution, but presented as a conceptual framework of what we need to achieve.  sets out the red, amber, green or some other colour base format. The colour itself would be calculated from answering a set of questions, and the answers to those questions will be key to informing the user about what the company can and will do with their data if the users agrees. A company cannot pick their colour, it is be calculated and provable based on a standard me

Our personal worldview is based on experience but that experience has a bias; the way we make sense of things produces bias ( The Mind is Flat ) and in the end we have no idea just how biased we are in our own opinions, delivery, views or ideas.  However a joy of the Freedom is Speech is that we are entitled to have a biased opinion and express it. Human brains are wired to make all kinds of mental mistakes which can impact our ability to make sense of what our senses are telling us. In total, there are 188 cognitive biases that mess with how we process data, think critically, and perceive reality.   This is the big picture at the end. The School of Thought , a non-profit dedicated to spreading critical thinking has the construct below to help us, it puts the most common ideas in a simple form. Why is this important : a big idea in GDPR and other consumer protection rights /ideas is that of informed consent. The idea falls down at many levels as a complex consent therefore need