go to home page | go to navigation | go to page content | go to contact | go to sitemap
Home > Cases > Service provision through TV for seniors > Ensuring Consent and Revocation
practice Ensuring Consent and Revocation

Ensuring Consent and Revocation

806 Visits
| 0 Comments |
starstarstarempty starempty starIn order to vote, you need to be logged in!

Acronym of the case:

EnCoRe

Web address of the case:

http://www.encore-project.info/

Country of the case:

United Kingdom

Posting Date:

4 July 2011

Last Edited Date:

18 July 2011

Author:

Edgar Whitley (London School of Economics and Political Science)
tags

ePrivacy | Personal information | user control

Ensuring Consent and Revocation Logoe.a.whitley@lse.ac.uk's picture
Editor's Choice 2011

Type of initiative

  • Project or service-imgProject or service

Case Abstract

EnCoRe - Ensuring Consent and Revocation - is a research project, being undertaken by UK industry and academia, to give individuals more control over their personal information.

Our work aims to make an individual's consent a more powerful means for allowing them to control what happens to the personal information they disclose to organisations. We think that this control should be capable of shaping the purposes this information is used for, with which other organisations it is shared, and for how long and where it is stored. Today, the consent required of individuals for the use, sharing and storage of personal information by others will often be a one-off choice, described in vague terms or given implicitly. This type of consent gives individuals no real control over personal information, nor the ability to revoke their consent and be sure that their wishes are respected. Our work will improve the ease, reliability and rigour with which individuals can grant and, more importantly, revoke their consent to the use, storage and sharing of their personal information by others.

It is common practice for enterprises and other organisations to collect personal data (PD) and confidential information in order to provide services to individual consumers or employees and to enable business transactions. These personal data are often stored, processed, aggregated and shared with third parties. In addition to enterprises, government agencies and e-commerce sites, new Web 2.0 social networking sites (e.g., Facebook, LinkedIn, YouTube, etc.) and federated and cloud computing services are increasingly collecting and using personal information. These data can range from personally identifiable information (PII), work-related and financial information to personal pictures, videos and descriptions of personal experiences and life matters.

However, people are increasingly raising concerns about the lack of effective control over their data once they have been divulged by them, and over the fact that these data could be misused or shared with other parties without proper consent. In essence, these concerns involve security and privacy aspects. The main risks are that personally identifiable information and other personal data could be collected when not actually required to achieve an agreed goal, and later be used without authorisation, or be widely exposed. Individuals, in general, are not aware of how their personal information is actually used, for what purpose and which parties have a copy. They are not usually given the opportunity to declare their specific consents and privacy-related personal data management preferences.

Description of the case

Domain
eGovernment
Topic
eIdentity and eSecurity | Services for Citizens | Infrastructure | Legal Aspects | Policy | User-centric Services | Other
Sector
Communication (infrastructure)
Date
May 2008 to February 2012
Date operational
June 2008
Target Users
Business (industry) | Business (SME) | Citizen | Intermediaries
Scope
National
Status
Pilot
Language(s)
English

Policy Context and Legal Framework

Currently, the law does not require that consent must always have been given before an organisation can use personal information about individuals. In fact, organisations will often avoid relying on consent from individuals to legitimise such use, on the basis that it can be difficult to prove that adequate consent was obtained. It is possible, and more common, for organisations to use personal information on the grounds that they are doing so fairly, legitimately and in a way that would not cause any harm.  In many cases, consent must be given before a particular service can be used at all.

What the law does do is to require that those organisations which use personal information in the course of their business - so-called 'data controllers' - do so in accordance with certain principles. These include using the personal information fairly and lawfully; using it only for specified purposes; using only the minimum amount of information; not storing information for longer than it is needed; allowing individuals to be provided with details about the information, to object or to update it; keeping the information secure; and not sending the information to countries where it would not be protected. There is, significantly, no clear legal right or procedure that allows an individual to revoke their consent.  Moreover, it is common practice for organisations to offer, at best, coarse-grained consent (for example the option to opt in/out of email notifications) and other general statements about the use of personal data by third parties.

Accordingly, data controllers in the public and commercial sectors generally will not feel compelled to agree to give individuals any specific 'fine-grained' control of their personal information. For example, to allow a home address to be used for delivery of a purchased item, and then require it to be deleted shortly afterwards, except that the postcode may be used for market research only. It is also the case that any individual's specific instructions that relate to the use of personal information at one data controller will tend not to be communicated to, or respected by, other parties to which the personal information may be sent. This is because typical information technology and computer systems are not designed to support such features.

So, if an individual wishes to be more specific than giving a simple one-off 'opt-in/opt-out' choice, or to change or revoke a previously given consent, they typically have to find the relevant member of staff at a data controller. The contact details for this person will usually not be easy to find online, and composing a letter or email stating the desired changes is impractical and time consuming for the individual. A data controller dealing with such a request would have to determine which of the stated wishes were feasible to respect (often, not all will be) and then undertake a variety of one-off actions to do so. If the individual's wishes refer to personal information that had been forwarded to another party, the original data controller's task would become even more complicated. Both the inconvenience to the individual of taking such action, and the cost to a data controller of dealing with it, are significant. At present, this situation effectively prevents an individual exerting any meaningful control over their personal information after they have disclosed it.

Project Size and Implementation

Type of initiative
IT infrastructures and products
Overall Implementation approach
Partnerships between administration and/or private sector and/or non-profit sector
Technology choice
Not applicable/not available
Funding source
Public funding national
Project size
Implementation: Not applicable/not available

Implementation and Management Approach

The EnCoRe project links technology, process and regulatory research and development, all within a framework that is driven by the requirements of all the different stakeholders in a privacy-enhanced data protection environment. Its outputs include technical and process architectures, technology innovations and proof-of-concept prototypes, together with inputs to guide the development of an improved consent and revocation regulatory regime.  A particular feature of EnCoRe is the inclusion of mechanisms to assess compliance and risks.

Our research is conducted by investigating three scenarios with differing factors and requirements for reliable consent and revocation mechanisms, and running prototype solution design/build/verify cycles on them.

The project consortium is multi-disciplinary, spanning across a number of IT and social science specialisms, and includes both industry and academia.

The EnCoRe project runs from June 2008 to February 2012. It receives funding from the UK Government's Technology Strategy Board, Economic & Social Research Council and Engineering & Physical Sciences Research Council.

Impact, innovation and results

Impact

The overall vision of this project is to make giving consent as reliable and easy as turning on a tap, and revoking that consent as reliable and easy as turning it off again. Turning this into reality, for both the individual and the organisation, requires:

  • consent management technologies to be developed,
  • IT systems architectures that include these to be developed,
  • organisations' operational processes and systems to be designed or enhanced to use them,
  • compliance and risk assessment mechanisms,
  • easy-to-use interfaces to be developed and implemented, and
  • the regulatory regime that underpins all of this to be enhanced and strengthened.

EnCoRe is working on all of these areas. 

Supporting that vision is the need to ensure that the processes which perform these tasks are specific, reliable, rigorous and verifiably compliant with legal regulations and the wishes of the individual concerned.

The EnCoRe project's aims are:

  • To enable business to adopt scalable, cost effective and robust consent and revocation methods for controlling the use, storing, locating and sharing of personal data.
  • To benefit individuals by providing meaningful, intuitive mechanisms which will allow them to control the use of their personal information held by others.
  • To help restore individual confidence in participating in the digital economy and so, in turn, benefit the wider society.

Track record of sharing

A key feature of EnCoRe has been to disseminate the findings of the project as it develops.  This has included commissioning some special videos http://www.youtube.com/watch?v=MpqcoSDguyI and http://www.youtube.com/watch?v=mS7qHUPeAEY.  In addition, we have an active user advisory group and have also organised public events and associated press briefings, for example http://www2.lse.ac.uk/publicEvents/events/2010/20100629t1830vSZT.aspx

Detailed reports outlining the EnCoRe technical architecture have been released.

EnCoRe participants are frequent speakers at industry and academic conferences.  EnCoRe has responded to a number of EU and UK consultations in the area of privacy and data protection.  We are currently working with the UK Cabinet Office on a number of their streams of work.

Lessons learnt

  • That normal consumer behaviour means that consent given in most online interactions is rarely fully informed and freely given and that consent management needs to respond to this reality
  • That giving consent can be more sophisticated than a simple one-off ticking of a box.  Instead, consent management is a lifetime activity where individuals may change their mind about previously given consent and may revoke or refine that previously given consent.
  • That there are significant challenges associated with putting data "out of use" once consent has been revoked but the project is working to implement auditable technological solutions to these challenges.

Multimedia Content Select a Tab

There isn't any SlideShare for this case
    There isn't any image for this case
    There isn't any Video for this case
    Print Print this document
    In order to send a message you need to be registered at least one month and have earned more than 150 kudos.

    See Related Content

    About Us · Rules of conduct · Important Legal Notice · Contact Us · Site Map · FAQ · Glossary · RSS
    eGovernment