Transparency and Accountability: Policy Aware Web Design Strategies

Daniel J. Weitzner

Decentralized Information Group
MIT Computer Science and Artificial Intelligence Laboratory

W3C Technology and Society Domain Lead

19 October 2006
Madrid, Spain

These slides:


Civilizing the Web

A. Law and Society -- a pop quiz

  1. How many believe you are subject to law (any law)?
  2. How many of you follow (most) laws? [exclude speed limits]
  3. How many of you read all the laws to which you believe you are subject?
  4. How many have been to a court of law?

The anti-formalist view of law in society (see software verification debate)

General goal: Making the Web 'Policy Aware'

General view (amongst the 'digerati'): law has to catch up with new technology.

General question: how will laws catch up?

My question: How will the Web finally catch up with the 'real world'?: in everyday life, the vast major of 'policy' problems get worked out without recourse to legal system.

Design goal: instrument the Web to provide seamless social interactions which allow us to avoid legal system the way we do in the rest of life

Global perspective: In the shift from centralized to decentralized information systems we see a general trend:

ex ante policy enforcement barriers -> policy description with late binding of rules for accountability

B. Privacy Challenges -- then and now

AT&T TSD 3600 gmail

Privacy -- The challenge of web-scale profiling

Blue Chevy “Authorities in the Washington region spotted the same faded blue 1990 Chevrolet Caprice and recorded its New Jersey tags on at least 10 different occasions this month….

Each time, however, they let the driver go after finding no record that it had been stolen or that its occupants were wanted for any crimes.

’We were looking for a white van with white people, and we ended up with a blue car with black people,’ said D.C. Police Chief Charles H. Ramsey”

Washington Post 26 October 2002, p.A01

White Astro

Privacy shifts -- from collection limts to use limits

Most intrusive practices are from inferences drawn, not individual quanta of information collected:

collection barriers -> usage description with accountability (after the fact) to rules:

Departure from information hiding as a privacy protection mechanism -> transparency and accountability

C. Privacy: the dilemma of consent

Can today's model (EU or US) be sufficient going forward?

Key will be purpose limitation, but we have a dilemma...

Dilemma: limited individual and regulatory capacity to control escalating data collection.

Current result of consent dilemma + increased inference power: strict about what's collected but loose about usage

Better result: loose about what is collected and strict about usage

D. Collection Limitation -> Use Limitation

We're at the wrong end of the privacy spectrum facing scalability crisis:

privacy today

D. Collection Limitation -> Use Limitation

Necessary but not sufficient control point:

privacy goal for some

D. Collection Limitation -> Use Limitation

This is where we should be:

privacy goal for some

Collection Limitation -> Use Limitation


  1. Rules express core values!!
  2. Better allocation of individual and regulatory effort
  3. Often the only logical evaluation point


New York Times homepage TriQLP Browser
Google search page

editorial (or algorithmic) barriers -> individual description with trust inferencing;

Departure from centralized editorial control -> ad hoc, customized reasoning over large volume of description


Google Creative Commons Yahoo Creative Commons search

Departure from Hollywood content (centralied production) -> Blogs, Flickr and Livejournal (decentralized content we all make)


Universal Studios Flickr

Move from up-front enforcement barriers (DRM) -> open description of licensing terms (CC) with after-the-fact enforcement as needed

E. End-to-End Accountability for Privacy Protection

today's web architecture

E. End-to-End Accountability for Privacy Protection

today's web architecture

Conclusion: requirements for Web privacy technology

End-to-End Semantic Accountability

Links and Acknowledgements

For more information see:

Work described here is supported by the US National Science Foundation Cybertrust Program (05-518) and ITR Program (04-012).

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.5 License.