Title :
Extending the Power of Consent with User-Managed Access: A Standard Architecture for Asynchronous, Centralizable, Internet-Scalable Consent
Author_Institution :
CTO Office, San Francisco, CA, USA
Abstract :
The inherent weaknesses of existing notice-and-consent paradigms of data privacy are becoming clear, not just to privacy practitioners but to ordinary online users as well. The corporate privacy function is a maturing discipline, but greater maturity often equates just to greater regulatory compliance. At a time when many users are disturbed by the status quo, new trends in web security and data sharing are demonstrating useful new consent paradigms. Benefiting from these trends, the emerging standard User-Managed Access (UMA) allows apps to extend the power of consent. UMA corrects a power imbalance that favors companies over individuals, enabling privacy solutions that move beyond compliance.
Keywords :
Internet; authorisation; data privacy; Internet-scalable consent; UMA; Web security; asynchronous consent; centralizable consent; corporate privacy function; data privacy; data sharing; notice-and-consent paradigms; user-managed access; Authorization; Automation; Data privacy; Market research; Privacy; Servers; Standards; privacy; consent; authorization; permission; access control; security; personal data; digital identity; Internet of Things;
Conference_Titel :
Security and Privacy Workshops (SPW), 2015 IEEE
Conference_Location :
San Jose, CA
DOI :
10.1109/SPW.2015.34
