I agree, its great to see some of these issues getting air time.
On 4 Sep 2012, at 17:05, S Moonesamy <sm+i...@elandsys.com> wrote:
>> This is (again) an excellent airing of the issues, I think. One theme it
>> exposes is the difficulty of balancing two factors:
>>
>> 1 - achieving informed consent, when the target audience doesn't have a
>> mature understanding of the problem, or isn't motivated to act on such
>> understanding as they have;
>
> Yes.
I think it would be a mistake to blame the target audience for a lack of mature
understanding of the problem. In fact, I think the audience has an incredible
understanding of the problems. People can understand how much privacy
practices impact them physically at the moment (immediately) and respond
accordingly. Is expecting more from people too much to expect? It is the
integrity of the consent mechanisms at offer, their lack of continuing context
or meaningfulness that might be more worthy of responsibility.
Perhaps achieving informed consent should be looked upon as an iterative
process? At the moment we have a one time policy (consent) infrastructure based
on (or to facilitate) contracts of adhesion (TOS, EULA etc), in which informed
consent is most often no-longer informed as soon as the service (or even the
service user) evolves the use of the service. (online informed consent lacks
real meaning)
P3P has a lot to offer in terms of ways to approach the issues of consent,
perhaps - a focus on preferences may have been too ambitious and a narrow focus
of website policies too limiting.
Likewise, I wonder if protocol and identifier privacy considerations should
(also) be understood in the greater social context of privacy. Food for
thought.
Mark
_______________________________________________
ietf-privacy mailing list
ietf-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy