CONSENT 2.0APPLYING USER-MANAGED ACCESS TO THE

PRIVACY CHALLENGE

Eve Maler (@xmlgrrl)

The personal data gathering dark ages

Web 1.0 Web 2.0

Copyright © Identity Summit 2015, all rights reserved.

Privacy goals vs. reality

aspirationrisk mitigation

cynicism

Copyright © Identity Summit 2015, all rights reserved.

From the webto the IoT,

the “fear/greed” tension around data sharing is only going to

grow

Copyright © Identity Summit 2015, all rights reserved.

“Post-compliance” consent toolsonly take us so far

OAuth: standard and scoped…but opt-in, app-to-app, and point-to-point

“Share”: proactive and party-to-party…but proprietary, point-to-point, and often insecure

Copyright © Identity Summit 2015, all rights reserved.

Customers with identities in the digital worldneed Consent 2.0 solutions

Context The right moment to make the decision to share

Control The ability to share just the right amount

Choice The true ability to say no and to change one’s mind

Respect Regard for one’s wishes and preferences

Copyright © Identity Summit 2015, all rights reserved.

Copyright © Identity Summit 2015, all rights reserved.

Businesses and governments need the UMA standard to deliver Consent 2.0 successfully

Copyright © Identity Summit 2015, all rights reserved.

ForgeRock’s OpenUMA solutions

will help you meet

the new privacy challenge

Copyright © Identity Summit 2015, all rights reserved.

ForgeRock is delivering two key

OpenUMAcomponents by the

end of 2015

authorization server

resource server

(client)

UMA Providerbased on

UMA Protectorbased on

Copyright © Identity Summit 2015, all rights reserved.

ForgeRock helps you deliver Consent 2.0 experiences to your

customers that demonstrate context, control, choice, and respect

Copyright © Identity Summit 2015, all rights reserved.

THANKS!

Eve Maler (@xmlgrrl)