Nevertheless, state of art technology can help individuals to reduce the risk of losing control of their personal data, empowering the user to control personal data distributed among service providers, using a centralized authorization service.
At the Kantara User-Managed Access (UMA) Work Group, headed by Eve Maler, we are developing specs that let an individual control the authorization of data sharing and service access made between online services on the individual's behalf.
UMA is designed with Privacy in mind, with the goal to address the concept of Privacy by Design. UMA is inspired by the paradigm:
"The goal of a flexible, user-centric identity management infrastructure must be to allow the user to quickly determine what information will be revealed to which parties and for what purposes, how trustworthy those parties are and how they will handle the information, and what the consequences of sharing their information will be" - Ann Cavoukian, Information and Privacy Commissioner of Ontario (Privacy in the clouds).
This approach helps to reduce sensibly the difficulties for individuals to stay in control of their personal data.A typical scenario involves online registration for websites to allow an individual to access its online service. This scenario may involve an host where the individual stores the personal data, a requester, which is the website that provides the service and the Authorization Manager which provides the authorization decision on behalf of the individual.
What data will be revealed
Individuals can control what data will be revealed because they are involved in the protocol. First, the Subject must register the resource which is collecting the personal data with a centralized Authorization Manager. This allows individuals to maintain a centralized view of what data is being collected.
UMA goes beyond just informing people what will happen if something is shared; it lets them activily control sharing.
Individuals are an active part of defining the how the personal information will be handled in the data sharing process. With UMA’s centralized Authorization Manager, the Subject is able to define sharing policy (a connection), for what purposes the personal data is shared (or collected) and maintaining of control of it, including the possibility of canceling and disabling connection with service providers (Requester) at any time.
Any attempts to access to personal data by any party (Requester), will be intercepted by a policy enforcement point (at the local service provider) and to alert the Authorization Manager, which is in charge of taking an authorization decision. In this specific scenario, the Authorization Manager interacts with the subject for requesting consent to grant the access to the own personal data.
The following picture shows an individual online consent request based on UMA User Experience study applied to a mobile context.
Visualization plays a fundamental role in creating an abstraction layer for controlling distributed personal data. Last summer, I had the opportunity to visit the Newcastle University for 4 weeks on the SmartAM project, which is implementing UMA spec, with the goal of studing and contributing to human interface aspects.
As a result of this study, we introduced two main concepts to enhance the level of control of personal data. First is the connection which defines the context of a data sharing policy. In other words, it’s a visualization technique that help the individual to define and determine what data will be revealed for what purpose, so it defines an appropriate context. The second one is an analytics feature which helps to maintain control of information which is revealed.
The picture below shows an example of how the individual would see all of the connections for own Personal data. In the middle of the example, “Personal Data” is shown in different contexts (i.e. Professional, University, Collab, etc.), each context includes Requester (MySelf, Person, Groups, ect.), which have access to the data and Applications which have access on behalf of the requester.
One of the most important and complex aspects for economic development and for encouraging individuals to adopt distributed authorization system is to build a trusted eco-system among Individual, Service Providers and Requester services. UMA WG is also defining a Trust Model in order to provide baselines to build technical and business Trust. At this link you can read a blog post that presents a brief introduction of the model.