When Consent does not makes sense, Security by Design must be required

  • Stephan Engberg profile
    Stephan Engberg
    25 April 2015 - updated 4 years ago
    Total votes: 3

Having been working with Security Economics for more than two decades have lead me to two main conclusions - consent makes no sense for key areas and we have no alternative then to apply Privacy and Security by Design as these areas are failing.

I am explicitly saying in these areas - presently including commercial infrastructure, eGov services and research - we cannot leave the choice to those involved as they misrepresent individual rights and society interests.

a) Consent is dead.

Not as a principle or in specific issues, but in digital terms as ex ante general acceptance for some unknown future event.

Citizens simply has no way to understand the implications or causality when requested to accept e.g. their data used for behavioral profiling, "once only" use in public sector or research (yes - also research!).

In these areas consent has turned into a form for blackmail where cherry-picked positive elements - typically convenience plus one good case - are weighed against an an endless myriad of negatives which are doing serious damage to both the citizens and society through negative externalities. Consent simply do not make sense.

When consent does not makes sense, Privacy by Design must be required, both to protect the citizen/consumer from fraudulent terms of agreement and to protect rest of society from negative externalities.

The Society argument is essential and beyond individual rights. E.g. when (ab)using a citizen to leak data on other citizens (e.g. photo, connections, interactions, transactions etc.) without the consent of counterparties. Or damages to markets as citizens "accept" to be used as someones monopolized resource (e.g. Smartphones, Trusted party such as payments or a "data store") accumulated into increasing market market control. Two problems that are already damaging markets most seriously.

b) Moving from Privacy by Design to Security by Design

However hard most find it to handle security of on citizen (my definition of Privacy), we need to realize that transactions always have more stakeholders both directly involved and "society" as an indirect stakeholder representing all (e.g anti-crime, tax and competition/innovation).

All of these have legitimate security requirements that must be resolved as part of the transaction and the overall design of technology and processes.

As an - untraditional - example, public sector research can no longer be exempted from consent (and thus the impossibility of consent) as it is both 1) is damaging quality and effectiveness of primary process as research becomes a stakeholder distorting system design away from demand-choice towards system use and 2) is no longer passive knowledge creation, but actively feeding back as market/democratic damaging control and profiling of individual citizens.

This mean we cannot rely on mere Privacy by Design to solve the society problems, we need to move beyond to the understanding of multi-stakeholder security resolution while maintain security of citizens (privacy) as the primary objective which resolution of secondary stakeholder requirements must respect.


I could offer many examples, but offer three examples on how and suggest the area of Healthcare Research as the prime driver of solutions and understanding.

Democratic Elections
An example of non-digital solutions optimized for multi-stakeholder requirements. The mechanisms are from centuries of abuse almost perfected into physical security processes and precautions so fine-tuned that we still do not even theoretically have Security by Design solutions to make eVoting possible.

In Denmark, we did a Security by Design case on how to enable even progressive taxation while maintain privacy and minimizing state involvement in society processes.

Criminal Forensics
I presented a solution on how to maintain privacy while enabling the secondary requirements when dealing with bio-samples in Healthcare for both treatment, research AND criminal forensics (side 8)


We are today beyond laissez-faire and trust in public sector authorities as both of these have proven unstable if left to themselves. As a market-based democratic society we need to represent both individual and society interest in the serious questions where individual consent does not make sense or is not enough to ensure progression and good solutions.

Normative we - in these areas - must require Security by Design with privacy as the main objective or they will fail. I suggest at least these areas where this requirement is unavoidable - private sector infrastructure incl. market-making and 3rd party cross-purpose profiling, public sector services (no "Once Only" but yes to citizen-controlled means to avoid double entry) and research.

Yes - these are tough areas and the existing power structures are not only resisting democratic controls but actually moving actively to undermine democracy and markets. The arguments applied in exercising destructive lobby influence are often mis-representation of "facts" of some "public good" over rights of individuals or society (which we presently witness on both "Big Data", "App Economy" and "Once Only" from the Commission/DG Connect).

Yes - we need to separate between normative thinking and paths to implementation as these areas represent serious legacy and exert enormous influence on political processes.

But no - we, in my humble opinion, have no sustainable alternatives but to pursue and enforce this democratic principle on the key areas.

I suggest to use Public Sector Research as the main change driver both because it is the easiest to solve with the least legacy and because it is the easiest to understand - of course we cannot allow general purpose individual profiling from genetics, blood and lifestyle, not even for research purposes.