As an Eisenhower Fellow, Dr. David A. Bray had the opportunity to travel to Taiwan and Australia in a personal capacity to discuss the burgeoning privacy and security challenges that the Internet of Everything era presents. Throughout his meetings, everyone asked: who is responsible for ensuring security? Answering as an Eisenhower Fellow in a personal capacity, Bray was always quick to answer: Everyone is.
Even before his Eisenhower Fellowship experience, Bray, who is also the CIO for the Federal Communications Commission, has been a big supporter of empowering individuals to make choices about the level of privacy and security – relative to services and functionality – they want from their Internet-enabled devices.
“In Taiwan and Australia, as well as in numerous other countries around the world, consumers make daily choices regarding what information they want to share and what apps they want to download. Leaders in both countries noted the trend today is that Internet platforms create and manage the interfaces by which users set their privacy preferences. For example, if you want to use Google, LinkedIn or Facebook, often you must either accept their privacy data sharing policies or you can't use their services fully. It may very well be the case that a large majority of users do not fully read the 30-40 page end user agreements,” Bray said.
A common idea Bray discussed with leaders during his Eisenhower Fellowship was that the interface for selecting privacy preferences should move away from individual Internet platforms and be put into the hands of individual consumers.
Consumers could have an open source agent that uses APIs to broker their privacy preferences on different platforms. This would allow users to directly control their privacy preferences on different devices and even let them select alternative preferences in exchange for different functionality. Bray envisions this working by having the open source agent using Natural Language Processing (NLP) to interact in a narrative form with individual consumers.
“For instance the app might ask: ‘Are you willing to share your health data with company X?’,” explains Bray. “And a consumer might choose to say no. The app might then come back and say: ‘Okay, would you be willing to share your health data if you received a reduction in your health insurance premiums of 50 percent?’ Some consumers might say yes, others may still choose to say no.”
“Later the app, noticing the functionality of your new Internet-enabled watch or piece of clothing, might ask: ‘Would you be willing to share your health data with emergency personnel if your wearables notice your heart going into cardiac arrest?’ Those consumers who said no before might be willing to say yes here,” Bray said.
The ultimate goal would be to do this in a simple narrative form that anyone can interact with easily and make their own choices across all the Internet-devices associated with them.
Bray concluded with this final thought in his capacity as an Eisenhower Fellow: “With an explosion of devices connecting our personal lives to the Internet, the Internet of Everything era is changing how we interact with each other, with businesses, and with the world. Making it easy to manage privacy preferences could let users have a hand in maintaining the security of their personal information.”
Dr. David A. Bray serves as Chief Information Officer (CIO) for the Federal Communications Commission, overseeing the Commission's efforts to modernize legacy systems and transform technology partnerships in telecommunications, broadband, competition, the spectrum, the media, public safety, and security. He was selected to serve as a member of the Council on Foreign Relations and as a Visiting Associate for the Cybersecurity Working Group on Culture at the University of Oxford in 2014.