- Encore, which will focus on the issue of providing more rigorous means for individuals to grant and revoke their consent for the use, storage and sharing of personal data, bringing together technological, procedural and regulatory developments.
- VOME, a research project that will reveal and utilise end users’ ideas and concepts regarding privacy and consent, facilitating a clearer requirement of the hardware and software required to meet end users’ expectations.
- Privacy Value Networks (pvnets), will generate a detailed understanding of individuals’ and organisations’ conceptions of privacy and identity across a range of contexts and timeframes – using a range of techniques including in-depth privacy value and devalue chains analysis to model the impact of the personal information.
Consult Hyperion are contributing to the VOME project (with Royal Holloway University of London, Cranfield University, Salford University and Sunderland City Council) and the pvnets project (with University of Oxford, University of St Andrew’s, University College London and University of Bath), so I hope to be able to share some interesting results with blog readers in the future!
Explaining the background to the decision to invest in the three projects, the Technology Strategy Board’s Chief executive, Iain Gray, said:
The next few years will see governments and businesses around the world making substantial investments in identity management infrastructures. In order to prepare UK businesses for competition in this global market, practical and cost effective solutions need to be developed which inspire public confidence by improving privacy and enabling consent as an integral part of future procurements.
He’s right, of course. An essential characteristic of a good digital identity infrastructure it that supports informed consent. The problem that I hope that we will be able to address through the VOME project is that people can’t make informed consent unless they are able to understand privacy, the spectrum of choice available to them and the implications of choices they make. We’re looking at a different problem in the pvnets project, that of valuing privacy from an organisational (to mind, risk analysis-centric) perspective. So, on the one hand we hope to find a way of making individuals manage privacy more effectively and on the other hand we hope to find a way to help businesses to help individuals to manage privacy more effectively (because it makes for better business, not for any regulatory or legal reasons).
If these two projects are able to deliver, then I hope that we will have made a real contribution to improving the privacy and security of individuals.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]