The Promise of Even Stronger Internet Intermediaries?

You may also like...

3 Responses

  1. Veracitor says:

    I’m all in favor of “privacy trustees” but it really would be an uphill legal climb to establish them because of the pernicious hypertrophy of the third- party doctrine.

    Although perhaps (impromptu thought here…), perhaps lawyers could set themselves up as “privacy trustees” since clients’ disclosures to their lawyers are still privileged (most of the time) and the lawyer-client privilege arguably extends to negotiations lawyers conduct on behalf of their clients.

  2. Frank says:

    This sounds very interesting, and I look forward to reading the papers. It does seem bizarre that one has to give such a massive amount of data to mortgage brokers and banks when applying for a loan, when some third party focusing on the issue (and with proper security) could vet it. On the other hand, I worry about yet another layer of “cover” to which financial institutions could displace blame.

    Would certificate-issuing entities on the web count as privacy trustees? Princeton’s CITP worried that “Hundreds of different entities located around the world have the ability to issue fraudulent certificates that will nevertheless be trusted by our browsers.” This set of talks may be of interest:

    http://citp.princeton.edu/events/emerging-threats-to-online-trust/

    I was just on a conference call on electronic medical records today, and we were discussing the steps PHR vendors would have to take in order to reliably assure customers that their information was secure, private, and confidential. Is bank-level security enough? Ted Janger organized an interesting conference on that issue last year:

    http://www.prnewswire.com/news-releases/brooklyn-law-school-symposium-data-security-and-data-privacy-in-the-payment-system-87648077.html

    The PHR worry centers on the newer, smaller intermediaries. They apparently are more lax, security wise, than the established players. Perhaps a privacy trustee can be shared by many of them, sparing each one the expense of buying the whole infrastructure the established players have accumulated.

  3. A.J. Sutter says:

    “They must be trusted by both sides of the transaction”: They must also merit the trust of both sides. Most consumers probably trust Google, online payment systems and most websites, though they may be ignorant or negligent to do so. Others now suspend their mistrust, because of the absence of viable alternatives. Once an intermediary layer of faceless, “stronger, more secretive” privacy trustees becomes ubiquitous, trust or mistrust by the consumer or other low-leverage participant will become moot, as it is now.

    There’s a difference between a trustee whose face you can see, i.e. an individual human being, and a trustee that is an anonymous entity. The world Schelling described was quite different from what we have today, in which we ascribe agency even to modules of software. BTW, will privacy trustees be for-profit entities, or owned by such entities? Then count me out for trust, from day one. Schelling was writing before profit-maximization became the prevailing “norm,” as well.