Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
June 30, 2020
Eve Maler | @xmlgrrl | #AccessTheFuture
CTO
It’s Time to Democratize Data Control
BEYOND CONSENT:
With thank...
Copyright © 2020 ForgeRock. All rights reserved
Data Protection and Privacy Legislation Worldwide
Changes from Jan 14 to A...
Copyright © 2020 ForgeRock. All rights reserved
Consumer Data Right
PSD2
3000+ institutions
Financial Data
Exchange
UK Ope...
Copyright © 2020 ForgeRock. All rights reserved 3
MANIFESTATION
KNOWLEDGE
VOLUNTARINESS
Copyright © 2020 ForgeRock. All rights reservedCopyright © 2020 ForgeRock. All rights reserved
1. Cookie Consent
2. App Pe...
Copyright © 2020 ForgeRock. All rights reservedCopyright © 2020 ForgeRock. All rights reserved 5
D ig it a l C o n s e n t...
Copyright © 2020 ForgeRock. All rights reservedCopyright © 2020 ForgeRock. All rights reserved 6
Copyright © 2020 ForgeRock. All rights reserved
Can We Enable Mutual Agency and Value Exchange?
7
Criteria For A
“Me2B”
Pe...
Copyright © 2020 ForgeRock. All rights reserved
Consider Right-to-Use Licensing
8
CONSENT CONTRACT
Meeting Of Minds Not Re...
Copyright © 2020 ForgeRock. All rights reserved
UK Open Banking As a Solution
Regulations and Standards for Greater Securi...
Copyright © 2020 ForgeRock. All rights reserved
User-Managed Access (UMA) As a Solution
Standard from Kantara Initiative E...
Copyright © 2020 ForgeRock. All rights reserved
Start to Democratize Data
Control Now
11
Data control
Data transparency
Da...
June 30, 2020
Eve Maler | @xmlgrrl | #AccessTheFuture
CTO
Thank You
Prochain SlideShare
Chargement dans…5
×

INTERFACE by apidays_Beyond Consent : It’s Time to Democratize Data Control by Eve Maler

330 vues

Publié le

INTERFACE by apidays
Beyond Consent : It’s Time to Democratize Data Control
Eve Maler, CTO at Forgerock

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

INTERFACE by apidays_Beyond Consent : It’s Time to Democratize Data Control by Eve Maler

  1. 1. June 30, 2020 Eve Maler | @xmlgrrl | #AccessTheFuture CTO It’s Time to Democratize Data Control BEYOND CONSENT: With thanks to Lisa LeVasseur of Wrethinking the Foundation and the Me2B Alliance
  2. 2. Copyright © 2020 ForgeRock. All rights reserved Data Protection and Privacy Legislation Worldwide Changes from Jan 14 to Apr 2 https://unctad.org/en/Pages/DTL/STI_and_ICTs/ICT4D-Legislation/eCom-Data-Protection-Laws.aspx Legislation Draft Legislation No Legislation No Data 58 66% Countries with Legislation 10% Countries with Draft Legislation 21 19% Countries with NO Legislation
  3. 3. Copyright © 2020 ForgeRock. All rights reserved Consumer Data Right PSD2 3000+ institutions Financial Data Exchange UK Open Banking Enforcement Dated Consultation Stage Japan, 80 banks with Open APIs Payments NZ Hong Kong Open API Framework Canada Open Banking Mexico Open Banking Brazil Open Banking India Open Banking Nigeria Open Banking Singapore Open API Playbook Global Open Banking 2 In just the first month of the coronavirus lockdown, 6 million UK adults downloaded their bank’s app for the first time https://www.yourmoney.com/saving-banking/millions-download-banking-app-for-first-time-during-lockdown/
  4. 4. Copyright © 2020 ForgeRock. All rights reserved 3 MANIFESTATION KNOWLEDGE VOLUNTARINESS
  5. 5. Copyright © 2020 ForgeRock. All rights reservedCopyright © 2020 ForgeRock. All rights reserved 1. Cookie Consent 2. App Permissions 3. Marketing Preferences 4. Third-Party Permissions 4 5. ToS Agreement 6. Party-to-Party Delegation
  6. 6. Copyright © 2020 ForgeRock. All rights reservedCopyright © 2020 ForgeRock. All rights reserved 5 D ig it a l C o n s e n t D e f e ct s
  7. 7. Copyright © 2020 ForgeRock. All rights reservedCopyright © 2020 ForgeRock. All rights reserved 6
  8. 8. Copyright © 2020 ForgeRock. All rights reserved Can We Enable Mutual Agency and Value Exchange? 7 Criteria For A “Me2B” Permission Model Individual Asserts Terms Includes modification and revocation. Proactive Terms Specification Prior to supplying any data (e.g. authentication data used in account setup). Choice About Being Remembered Can navigate to and use a site without tracking. Terms Usability Data sharing terms are highly usable to choose, understand, and adopt on all sides.
  9. 9. Copyright © 2020 ForgeRock. All rights reserved Consider Right-to-Use Licensing 8 CONSENT CONTRACT Meeting Of Minds Not Required Required Timing Just In Time Beforehand Revocability Unilateral (By Consenter) Bilateral Recording Of Terms None Included In Contract Text CONSENT CONTRACT LICENSE Meeting Of Minds Not Required Required Not Required Timing Just In Time Beforehand Beforehand Or Just In Time Revocability Unilateral (By Consenter) Bilateral Unilateral By Issuer Recording Of Terms None Included In Contract Text Included In License Text
  10. 10. Copyright © 2020 ForgeRock. All rights reserved UK Open Banking As a Solution Regulations and Standards for Greater Security, Privacy, Data Portability, and Interoperability for the UK’s Nine Largest Banks and Building Societies 9 Third-party payment app collects “consent” details of intended purchase App bundles details, sends to bank, and receives “intent ID” App redirects customer to bank with ID; customer authenticates Customer “authorizes” (confirms) details Transaction succeeds (assuming sufficient funds) https://www.openbanking.org.uk/wp-content/uploads/Customer-Experience-Guidelines-V1-1.pdf Payment Initiation Services Provider Payment Initiation Services Provider Account Servicing Payment Service Provider
  11. 11. Copyright © 2020 ForgeRock. All rights reserved User-Managed Access (UMA) As a Solution Standard from Kantara Initiative Enabling a Single Control Point for Authorizing Distributed Data and Device Access to Any Third Party 10 https://www.openbanking.org.uk/wp-content/uploads/Customer-Experience-Guidelines-V1-1.pdf Alice gets married to Bob Bob has no relationship with Alice Bob gets married to Alice Alice divorces Bob, a qualifying life event Sharing hub ends all relationship-based sharing with Bob and can prove it to Alice and auditors Sharing hub allows the data access request Alice uses health insurer as sharing hub for three data sources Alice shares a subset of data with Bob due to their relationship Bob tries to access data within the subset Bob’s data access attempt succeeds
  12. 12. Copyright © 2020 ForgeRock. All rights reserved Start to Democratize Data Control Now 11 Data control Data transparency Data protection 1.0 2.0 » You want a single view of the customer; understand the kind of relationship they want with you » Offer an inclusive permission management dashboard across all apps and channels » For people you already recognize, build usernameless and passwordless “express lanes”
  13. 13. June 30, 2020 Eve Maler | @xmlgrrl | #AccessTheFuture CTO Thank You

×