Daniel J. Weitzner
Decentralized Information Group
MIT Computer Science and Artificial Intelligence Laboratory
W3C Technology and Society Domain Lead
19 October 2006
Civilizing the Web
The anti-formalist view of law in society (see software verification debate)
General view (amongst the 'digerati'): law has to catch up with new technology.
General question: how will laws catch up?
My question: How will the Web finally catch up with the 'real world'?: in everyday life, the vast major of 'policy' problems get worked out without recourse to legal system.
Design goal: instrument the Web to provide seamless social interactions which allow us to avoid legal system the way we do in the rest of life
Global perspective: In the shift from centralized to decentralized information systems we see a general trend:
ex ante policy enforcement barriers -> policy description with late binding of rules for accountability
|‚ÄúAuthorities in the Washington region spotted the same faded blue
1990 Chevrolet Caprice and recorded its New Jersey tags on at least
10 different occasions this month‚Ä¶.
Each time, however, they let the driver go after finding no record that it had been stolen or that its occupants were wanted for any crimes.
|‚ÄôWe were looking for a white van with white people, and we ended
up with a blue car with black people,‚Äô said D.C. Police Chief
Charles H. Ramsey‚Äù
Washington Post 26 October 2002, p.A01
Most intrusive practices are from inferences drawn, not individual quanta of information collected:
collection barriers -> usage description with accountability (after the fact) to rules:
Departure from information hiding as a privacy protection mechanism -> transparency and accountability
Can today's model (EU or US) be sufficient going forward?
Key will be purpose limitation, but we have a dilemma...
Dilemma: limited individual and regulatory capacity to control escalating data collection.
Current result of consent dilemma + increased inference power: strict about what's collected but loose about usage
Better result: loose about what is collected and strict about usage
We're at the wrong end of the privacy spectrum facing scalability crisis:
Necessary but not sufficient control point:
This is where we should be:
editorial (or algorithmic) barriers -> individual description with trust inferencing;
Departure from centralized editorial control -> ad hoc, customized reasoning over large volume of description
Departure from Hollywood content (centralied production) -> Blogs, Flickr and Livejournal (decentralized content we all make)
Move from up-front enforcement barriers (DRM) -> open description of licensing terms (CC) with after-the-fact enforcement as needed
End-to-End Semantic Accountability
For more information see:
Work described here is supported by the US National Science Foundation Cybertrust Program (05-518) and ITR Program (04-012).
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.5 License.