Hi Robin,
At 02:33 04-09-2012, Robin Wilton wrote:
This is (again) an excellent airing of the issues, I think. One
theme it exposes is the difficulty of balancing two factors:
1 - achieving informed consent, when the target audience doesn't
have a mature understanding of the problem, or isn't motivated to
act on such understanding as they have;
Yes.
2 - dealing with stakeholders who react as some did to Microsoft's
"DNT by default" decision... i.e. by saying 'if you set a privacy
feature to 'on' by default, it is not reliable because it can't be
interpreted as an explicit user choice (and hence as an indication if consent).
Section 5 of the draft contains the following sentence:
"If the intention of the person is not clear, he/she may have to
be asked for consent."
Now, does that mean that DNT can be turned on by default (re: the
above comment)? I would base the argument on the following sentence:
"There is a reasonable expectation that the person will be provided
with a cautionary notice to which he/she must consent to if the
information being disclosed may adversely affect the person."
I like your point about design never being value-neutral...
Wondering if there's a sense in which designers can acknowledge that
and say "of course not; and these privacy-enhancing design values
are legitimately preferable to those privacy-eroding ones"...
The term comes from the "Tussle" paper. That question came up during
a presentation within the Security Area. It was also indirectly
raised during a discussion on apps-discuss. The argument I heard is:
this is how we solved the technical problem; if you have a better
solution, we would like to hear it. My take is that the two sides
are talking past each other.
Regards,
S. Moonesamy
_______________________________________________
ietf-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-privacy
