Foundations of Trust
WWW: ,
mail: smtps/sPop3,
|
Why trust PrivaSphere?
Users considering to use this service rightfully ask:
"Why yet another service for privacy and why should we trust them in
particular?"
Some arguments why:
- Privacy By Design:
PrivaSphere's services are designed to maximize your privacy. Whenever there is
as design choice between a privacy enhancing and a privacy reducing
way to implement something, we will choose the enhancing one. Yes, there is
sometimes, but less then generally claimed, a significant privacy - convenience
trade-off. Our services offer you several options along this continuum - have
a look at
to choose the right combination of convenience and privacy in an informed way.
For example whenever we can avoid taking a secret or potentially personal
information from you our systems, we will.
For example in the area of payment, we will offer you means to pay us
that will not require your credit card number in our databases.
As another example, we will never send you password in an
e-mail that is not encrypted!
- External Review:
PrivaSphere plans to have a board of external reviewers to review its
processes and practices. This will especially also include the non-open-source
part of its code. Please nominate members to this board to _mailtoInfo.
If a big 4 or similarly established reviewing organization offers to
review PrivaSphere "pro bono", we are ready to discuss.
- Transparency:
PrivaSphere opens its statutes, governance structure otherwise, and its
executives' other interests to the public. This avoids surprises.
- Separation of powers and interests:
Other institutions have many interests and revenue sources. In such a picture
privacy is a side issue. If they glitch on privacy issues, most likely it
will not be fatal to their existence - therefore there is a higher risk that
- negligence occurs
- conflicts of interests may be decided against privacy - such as
foregoing revenues from sale of customer information
Therefore, it may be advisable to have one institution supporting you at
keeping control about your personal and sensitive information while others
provide you with the largest choice of books, most accurate medical
information, most up-to-date stock quotes, etc.
- Exclusive Mission Privacy - Focus:
PrivaSphere's sole focus is providing practical solutions to enhance your
privacy on-line. Spending all our work on this hopefully will eventually enable
us to offer a more professional service level than others who have many other
businesses to worry about as well.
- Limit Exposure:
PrivaSphere will offer services that will mediate between you and other online
institutions you may want to interact with. It may well be reasonable to
concentrate the required personal information for your transaction in one
single place and limit the possibility of negligence or mal intent to one
institution with only a few carefully chosen members instead of having
your sensitive information ending up on the hard disk of each
"Mom-and-Pap online store" you shop at.
- Standards:
In implementing its services, PrivaSphere's preference is for software
that follows the open source definition and that implements
standards. This way, peer review is
facilitated and the algorithms used to ensure security are under broadest
scrutiny.
We also have a bias for de-facto standards wherever no
tailor-made functionality is needed for two reasons:
- More bugs will be found overall, but less remain uncovered, thus
the overall application is likely to be the most secure and
robust available on the market.
- Over time, most used applications also tend to end up with the biggest
and best functionality.
- ...
A detailed description about what "MUC's" are and how PrivaSphere's
trust management works is here
|