%0 Conference Proceedings
%T Why We Trust Dynamic Consent to Deliver on Privacy
%+ Department of Computer Science [Oxford]
%+ University of Oxford
%+ Department of Computer Science
%A Schuler Scott, Arianna
%A Goldsmith, Michael
%A Teare, Harriet
%A Webb, Helena
%A Creese, Sadie
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 13th IFIP International Conference on Trust Management (IFIPTM)
%C Copenhagen, Denmark
%Y Weizhi Meng
%Y Piotr Cofta
%Y Christian Damsgaard Jensen
%Y Tyrone Grandison
%I Springer International Publishing
%3 Trust Management XIII
%V AICT-563
%P 28-38
%8 2019-07-17
%D 2019
%R 10.1007/978-3-030-33716-2_3
%K Dynamic consent
%K Privacy
%K Trustworthiness
%K Engagement
%K Revocation
%Z Computer Science [cs]Conference papers
%X Dynamic consent has been discussed in theory as a way to show user preferences being taken into account when data is accessed and shared for research purposes. The mechanism is grounded in principles of revocation and engagement – participants may withdraw or edit their permissions at any time, and they receive feedback on the project they are contributing to if they have chosen to do so. The level of granular control offered by dynamic consent means that individuals have informational control over what they are sharing with the study, and to what extent that data can be used further. Rather than attempt to redefine privacy, this paper takes the position that data controllers have certain obligations to protect a data subject’s information and must show trustworthy behaviour to encourage research participation. Our model of privacy is grounded in normative, transaction-based requirements. We argue that dynamic consent is a mechanism that offers data controllers a way to evidence compliance with individual privacy preferences, and data subjects with control as and when they require it. The key difference between dynamic consent and a “rich” database consisting of a dataset with the ability for a subject to revoke access is human engagement, or relations of trust. We must re-think how consent is implemented from the top-down (policy-based) and bottom up (technical architecture) to develop useful privacy controls.
%G English
%Z TC 11
%Z WG 11.11
%2 https://inria.hal.science/hal-03182615/document
%2 https://inria.hal.science/hal-03182615/file/491176_1_En_3_Chapter.pdf
%L hal-03182615
%U https://inria.hal.science/hal-03182615
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-TC11
%~ IFIP-TM
%~ IFIP-WG11-11
%~ IFIP-AICT-563