The Critical Role of Consent in Digital Systems

Hybrid Event: 3470 Leinweber / Zoom

Abstract: When an individual grants consent to a person or a system, it creates new moral rights for them to initiate an interaction. In other words, it is only because the individual has given consent, an action, previously considered wrong, becomes morally acceptable to perform without judgment from others. The essence of “consent” is giving an individual maximum control over what rights over others have with respect to the individual, in a particular context.

This thesis shows how centering users’ consent in designing and building digital systems results in a new class of systems that better meet users’ nuanced needs around privacy, safety, and agency. I first propose a theoretical framework of affirmative consent where I define affirmative consent as voluntary, informed, specific, revertible, and unburdensome. I then propose designs based on the framework for developing systems that prioritize giving users more agency over their online interactions and data. These designs challenge many of the traditional assumptions made by system creators, which often tend to be based on an engineer or lawyer’s conception of privacy.

In the remaining part of the thesis, I present two systems-work where I develop and deploy more consentful systems. First, I redesigned online advertisement settings based on the framework, and deployed them on Facebook, to show that even simple changes on the interface-level could help users better exercise their agency regarding one’s data on platforms.

Second, I applied the framework on a systems-level, and built a novel social media platform called Moa, which aims to enable sensitive information-sharing around problematic power dynamics. Among Moa’s consent-based features, the most novel element is called the “consent boundary,” which enables users to precisely demarcate who can view their posts or comments based on a range of contextual dimensions that existing permission models do not provide.

Through these systems, I empirically show the values and limitations of a consent-centered approach to systems-design. At its most radical, a consent approach implies that digital systems should be designed to let people easily configure systems as they want—and this extends beyond just access and privacy controls.