Design Goals for Consent at Scale in Digital Service Ecosystems

Authors

Christian Kurtz, University of HamburgFollow
Florian Wittner, Leibniz Institute for Media Research | Hans Bredow Institute (HBI)Follow
Pascal Vogel, University of HamburgFollow
Martin Semmann, University of HamburgFollow
Tilo Böhmann, Department of Informatics, University of HamburgFollow

Abstract

Digital services have undergone a shift to multi-actor constellations characterised by the utilisation of personal data. By involving external actors, service capability and variety increase but so does the number of actors that gain access to personal data. Here, privacy policies are legal documents that serve two primary functions: specifying the purpose and details of data processing in a binding manner and informing users about it. Privacy policiestherefore have special importance in which the processing is based on user consent. In a case study of the platform eBay, we identified 18 problems that point out difficulties in achieving consent in a meaningful way in today’s large-scale and massively interconnected digital service ecosystems. Based on these problems, the design goals are determined which help to find meaningful consent in digital service ecosystems. These goals include notifications for changed purposes of data processing in ecosystems or the reasonability of time needed for consent in relation to the usage time of the service. Thus far, no legal limits govern the reasonability of efforts for consent to privacy policies. This requires a fundamental rethinking of the concept of consent or far-reaching automation of privacy-related legal acts.

Recommended Citation

Kurtz, Christian; Wittner, Florian; Vogel, Pascal; Semmann, Martin; and Böhmann, Tilo, "Design Goals for Consent at Scale in Digital Service Ecosystems" (2020). In Proceedings of the 28th European Conference on Information Systems (ECIS), An Online AIS Conference, June 15-17, 2020.
https://aisel.aisnet.org/ecis2020_rp/69