Hi Mark,
At 15:56 04-09-2012, Mark Lizar wrote:
I think it would be a mistake to blame the target audience for a
lack of mature understanding of the problem. In fact, I think the
audience has an incredible understanding of the problems. People
can understand how much privacy practices impact them physically at
the moment (immediately) and respond accordingly. Is expecting more
from people too much to expect? It is the integrity of the consent
mechanisms at offer, their lack of continuing context or
meaningfulness that might be more worthy of responsibility.
The wording could have been improved but then it discourages
lightweight discussion. I didn't read it as blaming the target
audience. I'll put it another way. The target audience might not be
that interested in a discussion about "informed consent" but they do
have an understanding of what they would not like to see. People are
expected to make a split-second decision; i.e. it should be easy for
the person to make the decision.
Perhaps achieving informed consent should be looked upon as an
iterative process? At the moment we have a one time policy (consent)
infrastructure based on (or to facilitate) contracts of adhesion
(TOS, EULA etc), in which informed consent is most often no-longer
informed as soon as the service (or even the service user) evolves
the use of the service. (online informed consent lacks real meaning)
"Privacy policies usually end up as disclaimers of liability instead
of policies aimed at protecting privacy."
A person might not remember all the details of what he/she consented
to after a while. It may be easier for the person if the consent
request is contextual. That doesn't mean flooding the person with
questions as it turns into an automated yes (or no).
Regards,
S. Moonesamy
_______________________________________________
ietf-privacy mailing list
ietf-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy