While many techniques for protecting online privacy have been proposed, a variety of issues call into question their effectiveness for individuals and for the commercial entities that want to provide services to them.

For example, privacy policy agreements are largely ignored, typically coerced and poorly understood. Other approaches place restrictions on organizations using personal data that could help people obtain free services and find products and services that interest them. This is not just a commercial issue. Personal data is increasingly an essential ingredient for online services with societal benefits like energy conservation and public and personal health maintenance. The arrival of an increasing number of always-on, Internet-connected, sensor-laden devices used on our persons and throughout our homes has accentuated the conflict between helpful services and personal privacy.

One potential promising and practical approach uses the trusted intermediary (TI) model. TIs are trusted third parties that manage interactions between an individual’s devices and external entities. They protect personal data while making that data even more useful in the process, and they allow users to control the use of their own data with little effort. An intelligent TI can match public and private service providers and advertisers' audience-reach goals against the interests, intents and environmental circumstances of individuals, without having to reveal that information to anyone. Using TIs, both individuals and organizations benefit by avoiding distribution of personal information.

 Limits of Current Approaches

It is a reality that many Internet companies' business models are dependent on the collection and analysis of personal data. Yet they need not have access to that data. Individuals expect to receive enjoyable and useful services for free. While the true price of this Faustian bargain is increasingly better known, this “free” business model has benefited the hundreds of millions of people who use these services daily. This puts privacy advocates in an unenviable position. Not only must they take on companies who have grown wealthy under this arrangement but also possibly inconvenience the many individuals happily using these services. Too many have just given up with the “privacy is dead” attitude. But abandoning privacy means letting others define who you are and allowing them to control you strongly, yet imperceptibly.

Current approaches to personal data protection do not address the potential social benefits of big data analytic techniques. There are plenty. Analysis of a family’s appliance usage can be used for recommendations on how to reduce energy usage, for example. Or, sensors can track the elderly at home and notify the proper people if there is a marked change in their living patterns, indicating need for alert. That kind of benefit allows the elderly to stay in their homes longer in life, increasing their happiness and reducing the budgets of those who pay for their care. Overly strict restrictions on the use of individual data can throttle these sorts of services.

Current privacy protection approaches fall into two general areas: legal and technical. The most common legal-based method is the “notice-and-consent” model. This model is rightly criticized as placing an undue burden on the individual. Technical methods often focus on anonymization of data that is indiscriminately redistributed. But this is increasingly ineffective, as re-identification techniques are becoming relentless and sophisticated.

Benefits of the TI Model

At its core, the TI model places agents between individuals and organizations. Agents act as honest brokers on behalf of all stakeholders, and they can employ sophisticated methods for matching interests and intents among those stakeholders.

Conceptually, a limited number of trusted intermediaries can handle much of an individual’s private data. This is helpful, since In today’s world it is nearly impossible for an individual to keep track of the privacy notices they have agreed to, let alone all the organizations holding their data. By using a limited number of trusted intermediaries, this burden is greatly simplified.

Organizations also benefit by using TIs. First, they can reduce the amount of personally identifiable information they need to handle, reducing the burden, both legal and technical, of protecting that data. They can also work with an organization that can be audited for industry-standard security and data-handling practices.

Putting the Model into Practice

A TI service can be realized by using modern computing technologies. Today’s cloud computing technology has matured to where a service can create secure, cloud-based service components. For example, personal agent software collects data from individuals without having to reveal it to anyone, acting as a broker on behalf of the individual, and negotiates with organizations wishing to use the data. Organizations could then use this data to target advertising, personalize media and energy saving recommendations, etc.

Secure client software running on individuals’ smartphones and other devices functions as an extension of the personal agent, collecting raw data from which cloud-based components make inferences about the individual’s characteristics, interests and intents. This data can include sensor, app usage and social media data collected on a device. The client software includes a user interface for the individual to control profile information, in effect giving the personal agent instructions on allowed uses of the data. For example, an individual may not wish an interest or characteristic to be part of her profile that the agent uses to match against advertiser audience specifications but may allow it to be used in other circumstances, such as social recommendations.

Another essential ingredient for the TI service is an automated auditing service. This service assures the personal agent performs as intended, providing a tangible point for individuals to place their trust in the ability to control their data through the personal agent.

This technical approach benefits the organizations and individuals in many ways. Organizations get the benefit of personalization and targeting without the burden of having to collect, maintain and shoulder the liability associated with the data.

For individuals, the personal agent software acts transparently on their behalf, collecting information and making sense out of it, automatically finding highly relevant content and services and providing notifications of events of interest. The agent can enable healthcare information to be provided based on highly specific personal and family histories. This concept can be extended into more general public benefits, whereby the agent can search for public health bulletins that are relevant to a person’s travel history, providing alerts and instructions without having to report that information in ways that risk abuse.

Among the variety of mechanisms available to protect private information, the TI model demonstrates a number of advantages. Using modern computing technologies, implementations can ensure personal information remains private and secure while making it available and useful for services without having to disperse it. It provides a useful and auditable single point of contact for individuals to manage their private information. Implementations also work with commercial services to ensure profitable businesses. Beneficial public services can still use the personal data they need without risk of abuse.

The next step is for TI implementations to gain market acceptance.

Written By

David Maher


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

Now Open! 2017 IAPP Vanguard Privacy Award

Do you know a true privacy vanguard? Submit a nomination for the 2017 award by December 9!

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Get more News »

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

NEW! Raise Staff Awareness

Equip all your data-handling staff to reduce privacy risk, with Privacy Core™ e-learning essentials.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The GDPR requires 75,000 DPOs

What’s the formula for DPO success? IAPP CIPP/E and CIPM training, certifications and our global privacy conferences.

Upcoming Web Conferences

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Team

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

NEW! FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Are You Ready for the GDPR?

Check out the IAPP's EU Data Protection Reform page for all the tools and resources you need.

IAPP-OneTrust PIA Platform

New U.S. Government Agency privacy impact assessments - free to IAPP members!

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

Privacy Vendor List

Find a privacy vendor to meet your needs with our filterable list of global service providers.

More Resources »

Europe Data Protection Intensive 2017

Join us in London to dig deep into operational privacy and practical strategies you can put to use right away. Registration is now open. Don't miss out!

Plan for the Summit

The world’s premier privacy conference returns with the sharpest minds, unparalleled programs and preeminent networking opportunities. Registration opens in December!

Canada Privacy Symposium 2017

The Symposium returns to Toronto this spring and registration opens in February! Plan to join your fellow privacy pros for another stellar program.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»