Alice and Bob’s Relationship is broken

By John Wunderlich

Alice and Bob are the primary characters in a cast of characters first used in cryptographic circles as placeholder names to represent different parties in a transaction. The story goes like this. Alice wants to send a message to Bob, but she doesn't want anyone but Bob to be able to read it. Bob also doesn't want anyone to read his messages to Alice. They do this by securely exchanging special 'keys' to exchange documents and data.

All well and good so far. This transaction and this representation make sense because Alice and Bob are peers. They have a common interest and have the same capability - defined in cryptographic protocols. In terms of this exchange, Alice and Bob are equals. And because Alice and Bob are such a cute couple they have come to represent many other different types of transactions on the web. But when we take Alice and Bob out of the crypto context and use them as placeholders for normal web transactions, their relationship is different. There is no equality via protocol. By and large these relationships are defined by the privacy policies and terms of use of the websites that Alice visits. And these do not define a relationship between peers. JLINC is working to rebalance the scales

The utility of privacy policies

Privacy policies are created and published, by and large, for the purpose of reducing corporate risk. In that sense, they serve the same purpose as any warranty that you receive with any product. If you read the warranty on your latest household appliance you will probably find, after translating the legalese into English, that the company provides very little in the way of an actual guarantee. Privacy policies serve the same purpose. In a 2014 survey The Pew Research Centre asked people if having a privacy policy means that a company will keep user information confidential. The correct answer is, sadly, "FALSE". But only 44% of respondents answered correctly. 56% of users answered "TRUE”

Forbes found one refreshingly honest privacy policy that ended with the phrase "All your privacy are belong to us. We mean it."

Terms of Use are similarly weighted away from Alice. These are standard form contracts or 'contracts of adhesion' where the terms are set by the website and Alice is effectively left with two options: take it; or leave it.

When Alice is surfing the web she is typically using sites set up by companies or organizations. When Alice visits one of these sites, she implicitly or explicitly agrees with each site's "Terms of Use" and/or implicitly consents to their "Privacy Policy". But unlike the key exchange between Alice and Bob, this not a relationship between equals. The top 5 most visited sites on the web are (data from Alexa):

  1. Google.com
  2. Youtube.com
  3. Facebook.com
  4. Baidu.com
  5. Wikipedia.org

Does it really make sense to think of Google, YouTube or Facebook as Alice's "peer" in the way that Alice and Bob are peers for exchanging cryptographic keys? Obviously not. There is a serious power imbalance between this Alice and this Bob. It would really be better to think of these relationships as between Alice and Bob Company or BobCo (or even EvilBobCo). As a result of this imbalance, BobCo is able to sell Alice's data, or access to Alice's web page when she is on Bob's site, to Charlie who in turn can make Alice's information available to as many organizations as are interested in that data. This uncontrolled trade in data and almost complete lack or respect for Alice's privacy or Alice as a person is the basis for the current business model of the Internet and what is meant by the phrase, "If you're not the customer, you are the product”.

And, by the way, you are not that valuable a product. At best, your entire years worth of Facebook viewing and clicking is worth less than $27 per year in North America. At that price, Alice has little or no leverage to influence any of Facebook’s policies or attitudes.

Personal Data Value Chain

Alice and Bob are not equals. And the structure of the relationship between users and services encourages the extraction and monetization of personal data without consent. This is not a trade-off of service for a value that most people would make if they thought that they had a choice. This is the so-called "Tradeoff Fallacy". It's been known since at least 2009, for examplethat Americans reject tailored advertising when it is explained to them. Until Alice can monitor and control what happens to her data, she cannot hold Bob accountable and the exploitation of her data will continue.

UserAbuseArchitecture_preview

There is work being done to address this situation. In the Kantara Initiative, the User-Managed Access Work Group has released the UMA protocol extending OAuth's capability to enable Alice to control who has access to her resources. The Consent and Information Sharing Work Group is developing standards for user submitted terms and consent receipts. The Vendor Relationship Management project (ProjectVRM) has sparked or inspired dozens of companies or initiatives to empower users in the commercial space. The JLINC protocol is an open source protocol that will enable Alice to do exactly the kind of monitoring and have the kind of control over her data that is missing. Stay tuned to JLINC Labs for more as it develops

In the meantime, the next time you read about Alice and Bob, think about the context and draw your own conclusion about the nature of that relationship. Most of the time, I suspect, you will find that it is Alice and BobCo/EvilBobCo and that whether Bob is evil or not, Alice has no power.

Bob is a bully and needs to be stopped.

Show Comments

Get the latest posts delivered right to your inbox.