CONSENT 2.0APPLYING USER-MANAGED ACCESS TO THE
PRIVACY CHALLENGE
Eve Maler (@xmlgrrl)
The personal data gathering dark ages
Web 1.0 Web 2.0
Copyright © Identity Summit 2015, all rights reserved.
Privacy goals vs. reality
aspirationrisk mitigation
cynicism
Copyright © Identity Summit 2015, all rights reserved.
From the webto the IoT,
the “fear/greed” tension around data sharing is only going to
grow
Copyright © Identity Summit 2015, all rights reserved.
“Post-compliance” consent toolsonly take us so far
OAuth: standard and scoped…but opt-in, app-to-app, and point-to-point
“Share”: proactive and party-to-party…but proprietary, point-to-point, and often insecure
Copyright © Identity Summit 2015, all rights reserved.
Customers with identities in the digital worldneed Consent 2.0 solutions
Context The right moment to make the decision to share
Control The ability to share just the right amount
Choice The true ability to say no and to change one’s mind
Respect Regard for one’s wishes and preferences
Copyright © Identity Summit 2015, all rights reserved.
Copyright © Identity Summit 2015, all rights reserved.
Businesses and governments need the UMA standard to deliver Consent 2.0 successfully
Copyright © Identity Summit 2015, all rights reserved.
ForgeRock’s OpenUMA solutions
will help you meet
the new privacy challenge
Copyright © Identity Summit 2015, all rights reserved.
ForgeRock is delivering two key
OpenUMAcomponents by the
end of 2015
authorization server
resource server
(client)
UMA Providerbased on
UMA Protectorbased on
Copyright © Identity Summit 2015, all rights reserved.
ForgeRock helps you deliver Consent 2.0 experiences to your
customers that demonstrate context, control, choice, and respect
Copyright © Identity Summit 2015, all rights reserved.
THANKS!
Eve Maler (@xmlgrrl)