Track summaries

Track 4 - BCS
Chair: Louise Bennet, BCS

The World Bank Group and Centre for Global Development have recently published Ten Principles on Identification on behalf of a large number of UN organisations and other International bodies. These principles cover inclusion, design and governance. BCS will focus on the Governance principles that cover building trust by protecting privacy and user rights. They hope to convince delegates that these are global principles that all organisations should sign up to. Identification systems must be built on a legal and operational foundation of trust and accountability between government agencies, international organisations, private sector actors and individuals.  People must be assured of the privacy and protection of their data, the ability to exercise control and oversight over its use, and processes for independent oversight and the redress of grievances. Only then will every individual and organisation both feel and be safe online.

Track 10 - Mobile Ecosystem Forum
Chair: Andrew Bud, Chair, MEF

Personal data is a valuable asset but it can only be used in a meaningful value exchange between service providers and end-users if there is a trusted relationship. Core data privacy principles including consent, control and transparency as well as identity and security are key to building consumer trust.  Mobile as the ultimate personal platform is driving much of this innovation around emerging data management solutions and business models that enable users to take control of their data and gain value from sharing it with service providers.  The session will share global consumer insights to understand behaviours, sensitivities and motivations when it comes to personal data and features use cases from different sectors that are creating business opportunities from building a fair and trusted data value exchange.

Session C - Privacy vs Identity - Sustainable Solutions
Richard Gomer, University of Southampton

Consent remains an important issue in both data protection regulation and b2c trust-building.  However, current guidelines on how consent should be collected – for instance those provided by data protection authorities – are subjective, often tied to particular interaction modalities, and lack an empirical basis.

These limitations of current consent guidelines and best practice limit industry’s ability to innovate around consent, to apply consent in new situations (for instance “screenless” IoT applications) and limit our ability to conduct empirical research into what does, and doesn’t, work in practice.

In this talk, I’ll outline a “surprise management” approach to thinking about consent, and an empirical measure, which we call consentfulness, which can be used to measure how well a particular interaction collects meaningful consent from a particular group.

An empirical measure of consent has the potential to promote safe, regulatorily compliant innovation around novel consent interactions, provides a more objective tool for organisations to base their decisions on, and potentially simplifies enforcement action.