◼ Current web monetization models, along with the rise of big data techniques, have resulted in a "collect everything" mentality that erodes our very notion of privacy.
◼ Most privacy policies do little more than satisfy the legal requirements for "notice" and "consent," acting mainly as a permission slip to collect and use all possible data in whatever way the company chooses. Even when privacy settings are configurable, they are disconnected and siloed and need to be set on device after device and app after app.
◼ Regulation is an uphill battle. The GDPR represents the terminus of the notice and consent paradigm's flawed thinking. We're merely asked to "consent" to the same old behaviors, being told the data is ours with no more sense of control than before.
◼ Collection of private and behavioral information can lead not just to creepy ad targeting, but can provide the information necessary for targeted, individualized propaganda and manipulation (see Facebook and Cambridge Analytica).
◼ Privacy concerns and a lack of trust are beginning to hold back adoption of new technologies. Of people surveyed, 89% revealed they avoid companies they don't believe protect their privacy. Device-makers are losing out as consumers take a wait-and-see approach.
◼ Our web-derived conception of privacy will only create more damage in an ever-expanding sensor laden environment. Audio, vision, movement, and other telemetry are constantly being recorded by IoT's and autonomous agents, creating qualitatively different privacy concerns.
◼ Self-sovereign digital identity is an important component of the blockchain, establishing a secure and transparent match between you and your data. In theory, this gives you ownership and control of your data. But even robust digital identity, standing alone, still provides you no control of how, where, or when the data is collected from various devices.
◼ Some believe that the ability to monetize our personal and behavioral data will solve the privacy problem. A big, red "I Consent" button linked to a blockchain wallet address will not solve privacy. It instead encourages fragmentation across many different platforms, which will only confuse customers and exacerbate the problem of data control.
◼ Attention monetization technologies can be effective in helping browser behavioral data remain private. But these technologies do not deal with off-web behaviors, physical interactions with devices in multi-person environments, or the complexities of real-life privacy expectation management.
Users have a privacy device (mobile device or other form factor) that enunciates their presence to devices in the vicinity. Users have an individualized and context-relevant privacy rule set, accessible via the blockchain, that describes and codifies their privacy expectations. The privacy rule set is fully-customizable via the Privaceum dApp. Locations and groups can also have Context PPEs that define their expectations for users who move into their zones of influence.
Manufacturers of privacy impacting devices (wearables, smart cars, cameras, smart home devices, robots) use our open source toolkit, code-named Geppetto, to enable their devices to join Privaceum's network of PCDs (we call it the Robiota). Device-makers receive a PAN certification of trust, which lets consumers know that the device will respect their privacy.
When users with a PPE move into the zone of influence of a device, Geppetto provides the PCD with access to the Privaceum Service and smart contracts to obtain the relevant privacy rule sets for users, compute their meaning, and control the device's telemetry and activities. The PCD, via Geppetto, then records control state confirmatory data to the blockchain that can be audited.
Aligning privacy expectations in a complex, multi-actor world often requires resolution of complex contexts and negotiation and consensus between individuals and groups with different expectations. The Privaceum Token empowers and quantifies a transfer of privacy authority between participants when trade-offs need to be made.
Privaceum Token empowers participant self-governance. A transfer of Privaceum Token can occur, for example, to mediate privacy preference conflicts between individuals, groups, or hierarchy chains. A transfer of token may also occur when an individual's privacy expectations need to be overridden in an emergency or within a controlled locality or event.
Third-party privacy awareness network auditors retrieve and review confirmatory data submitted by PCDs to determine if variances exist between PCDs' expected and final control states. Auditors may receive Privaceum Token for finding variances in PCD control states.
Imagine that, when you enter a given area or context, your Privaceum dApp shows you a privacy trust score based on the presence (or absence) of privacy-impacting devices in the Robiota and their current and historical level of compliance with people's privacy expectations.
As you move from place to place broadcasting your privacy preferences, you receive an active indicator of trust — an ongoing measurement of how well a given area or context (such as a company or store) is in fact respecting your privacy preferences. You can see whether your preferences are being adhered to, ignored, or overridden from confirmatory data submitted to the blockchain by devices.
The dynamic feedback provided by the Privaceum dApp creates a “privacy awareness network” that, over time, encompasses ever-expanding contexts such as shopping, travel, healthcare, and even cities.
Different users have different privacy needs and expectations. Every user has a privacy preference rule base, accessible via the blockchain and configurable using the Privaceum dApp, that codifies those expectations.
Individuals' privacy expectations can change depending on circumstance. PPEs broadcast users' contextually-organized privacy preference rules so privacy-impacting devices in different environments can react appropriately.
Devices using our toolkit take advantage of a common privacy preference architecture without reinventing the wheel. Devices retrieve privacy preference rules on detection of users' PPEs and set their control states accordingly.
Aligning privacy expectations in a complex, multi-actor world often requires negotiation and consensus. Powered by the Privaceum Token, the Privaceum platform enables transfer of privacy authority between participants when expectations need to be harmonized.
Devices in the Robiota submit confirmatory data to the blockchain about their activity state, along with a stake of Privaceum Token. Audit nodes verify the confirmatory data with respect to the users' context, preferences, and role. Users receive dynamic feedback about the trust level of nearby devices on the Privaceum dApp.
With our Daoonomy platform, members of the Robiota participate in distributed adaptive governance, working together to construct the schema, contextual hierarchy, defaults, and weightings for privacy scenarios that are contextually and culturally responsive to participants' needs.