Subject Re: The Most Important Attribute
From David Chadwick <d.w.chadwick@xxxxxxxxxx>
Date Thu, 07 Jul 2011 11:53:27 +0100

On 06/07/2011 21:31, Rhys Smith wrote:
On 6 Jul 2011, at 21:06, Rhys Smith wrote:

On 6 Jul 2011, at 20:57, David Chadwick wrote:

which is what we should be trying to engineer (ie. remove as much
visibility and complexity from the user as possible).

So you're advocating removing any kind of getting consent from the
user? (when implemented, it's one of the most visible and complex
parts of the process from a UI perspective...)

Just replying to myself here, don't mind me...

I was being flippant, but there is an important point to make.

The only good UI is one that doesn't interact with the user and
presents no interface. Transparent is simple. Currently there is no
consent, which is as invisible and simple as it gets.

How about zero click shopping?
Yes, we have implemented this, which is one up on Amazon



You can have simplification and increased usability, or you can have
user consent mechanisms of any type. You can't have both...

(Yes, there are better and worse ways of managing consent (massive
open question as to which options are which), but they're *all* more
complex and less usable than no consent at all).

R. --

Dr Rhys Smith                                   e: smith@xxxxxxxxxxxxx
Engineering Consultant: Identity&  Access Management
(GPG:0xDE2F024C) Information Services, Cardiff University,
t: +44 (0) 29 2087 0126 39-41 Park Place, Cardiff,
f: +44 (0) 29 2087 4285 CF10 3BB, United Kingdom.
m: +44 (0) 7968 087 821


David W. Chadwick, BSc PhD
Professor of Information Systems Security
School of Computing, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick@xxxxxxxxxx
Home Page:
Research Web site:
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5