IN THE GLOBAL INFORMATION SOCIETY

Rainer Kuhlen

University of Konstanz

Germany

Trust has become a central topic in the literature of sociology and philosophy in the last ten years. The reason for this is that technical and abstract systems under the conditions of modernity are increasingly thought to be lacking in security and certainty.

It was in particular Anthony Giddens in his book „The Consequences of Modernity" (1990) who pointed out that these systems have become more and more complex and can only partially be mastered by experts, whom we have to trust without knowing in detail why.

If this analysis is right, namely that we are bound to live in a world which is often informationally underdetermined on principal and that we cannot extricate ourselves from this situation alone, then there is a need for mechanisms of compensation. Nobody can live permanently in a situation of informational uncertainty.

The theoreticians of modernity (in addition to Giddens, Niklas Luhmann and Ulrich Beck) consider trust the main way to compensate for our lack of knowledge in handling modern systems. Trust reduces uncertainty; it does not make up for lack of knowledge, but it allows us to believe and act as if we were in a state of full and certain knowledge.

1. Uncertainty with respect to information technology systems

We are not concerned with technical and abstract systems in general but with information technology systems. For these systems it it true as well that normal people do not have, and are not likely to ever acquire, sufficient knowledge about their theoretical assumptions or the way they function. Therefore uncertainty, insecurity, and even mistrust are likely to result as basic attitudes towards information technology and information systems, and all the more so given their global spreading.

We shall mention here only a few signs of the growing mistrust towards information technology and machine-driven information systems:

• Growing uncertainty with respect to the job market due to the fact that intensive usage of information technology, reinforced by new means of organizing labour globally, is cutting jobs rather than creating new ones.

• Greater uncertainty and mistrust in the Internet environment. What makes us sure that the search engines, the Yahoos, Alta Vistas and robots, index web sites without ulterior motives, that is without manipulating data? Are we sure that they provide us with the information, and only the information, that we actually need?.
• What happens with our personal data when we make enquiries in an information market place or when we carry out financial transactions?

• How can the supplier of information goods be sure that the person who orders electronically is really the person he or she claims to be?

• What should we do if web sites we wish to visit ask us to accept cookies which nest in our personal computers and carry out actions we are not aware of? Who can guarantee that they are not harming us or our computers?

• Are we sure that our personal or professional e-mail is not being read by people who are unauthorized to do so?

• How reliable are the automatic summaries or the automatic translations which our decisions are based on?

• How responsibly will the software stock agent handle our personal money when we allow him or her to buy and sell stocks for us?

All of us who use the Internet for information and communication will be able to give more examples from our personal and professional lives. In the following, we want to discuss the problems of uncertainty and the construction of trust in two main areas: electronic information markets and intelligent software agents, whose growing influence will become more and more relevant for human information work.

1. Information machines

We have all learned in the early days of our childhood how to build up trust towards other people. As a species we have some 100.000 years of pertinent experience. This may be considered the basis of personal ethics. How we compensate for information deficiencies with respect to abstract systems such as administration or money, or with respect to technical systems such as airplanes, we also have learned more or less satisfactorily with some 1000 to 100 years of experience.

But how to handle information machines in a comparable situation of uncertainty – this we have not yet mastered. Information machines are more abstract than their technical, mechanical or organizational counterparts. Yet they carry out actions which are more directly related to our daily lifes. They intrude very far into what has traditionally been considered the privileged domain of human as opposed to other animate beings: the domain of intellectual knowledge and intelligent actions.

Consequently, we must ask ourselves what the delegation of information work to information machines means for our self-understanding and our identity: Will it mean a major alienation, even more severe than the alienation from non-autonomous work? Will it create a spatial and temporal discontinuity in our lives which is even more dramatic than that produced by abstract and technical systems?

To put it in a nutshell: Is the intelligent agent – to mention only this example of an elaborated information machine – more influential for our daily lives than the television set, the automobile or the airplane? How shall we judge the agent´s influence when he/she/it (?) not only solves information problems but also defines our information problems by watching us and making inferences about our needs? The situation is all the more dramatic because we often understand less about information systems and their principles and functions than we do about abstract and technical systems.

2. Information uncertainty in electronic markets and network services

Within the framework of this paper we cannot discuss the basic anthropological question of what consequences the delegation of information work to information machines will have for human autonomy. Rather we would like to elaborate on some examples of informational insecurity which occur in electronic information markets and how this uncertainty can be reduced by trust mechanisms. The discussion can be divided into two main parts:

• From the point of view of users it is of major concern (a) how trust can be established in the correctness and the relevance of the information which is provided by the systems, and (b) how users can be confident that their personal information, which will inevitably be given to the providers in the process of interaction, will not be misused.

• From the point of view of providers there are also many problems of uncertainty and consequently trust. This stems from the fact that providers usually do not have suffient information about their customers. Not only does this make marketing very difficult but it also makes it difficult to establish trustful business relations. Although it is not our main concern here, it is worth mentioning that a severe market problem arises when on the one hand it is easier and easier to achieve customer information electronically, but on the other hand harder and harder to achieve social acceptance for this kind of information gathering. Business in this respect, as we will see later, will have to work on trust-building mechanisms; otherwise information-gathering will be an impossible job.

1. Information-based insecurity on the part of users

Information is not a one-way street. Even passive or receptive information situations produce information traces which may be of interest to others, who may use them, without authorization, for purposes unknown or even unacceptable to the original data producers.

Very often users of informations systems and visitors to electronic market places are not aware of how extensively personal interaction data is being collected and made accessible to third parties of whom the original users are not aware. The ´public` arena of information markets in their present anarchic state is widely opaque.

Lack of transparency and lack of acceptable control mechanisms influence users´ thinking and users´ behaviour with respect to private and professional information services. This more or less uncontrolled usage of personal interaction data puts the (already 30-year-old) debate on data protection in a new perspective. Privacy will become a major trust-building concept and the basis for an information-market ethics.

[Belloto 1997, 67] proposes to ensure privacy by means of access control. Access control refers to the ability of information users to keep a check on their own outgoing (interaction) data and, equally, to keep a check on the process of incoming data: „Privacy can be defined as a capability to determine what one wants to reveal and how accessible one wants to be." Access control seems thus to be a necessary requisite for the construction of trust in electronic market systems: „users must be able to know (have feedback) about and control the consequences of their interactions with technology in terms of how visible and accessible they and their information are to others" [Bellotto 1997, 68].

This basis of trust in the sense of access control is not given on electronic markets at the moment. There is widespread uncertainty in the public about the mechanisms of data collection and unauthorized information usage. Users, for example, do not trust providers‘ assurance that cookies will be used only for internal statistic purposes. They are often not even informed that this kind of information invasion is taking place. More sophisticated observation techniques will be available very soon, not only in the „real" world by the use of laser voice detection or of electronic mini-video drones which fly around in our private space watching us, but also increasingly in the virtual electronic world of information markets. These unknown procedures will undermine the trustful basis necessary for personal and commercial transactions. Trust destruction in real life and in the virtual market is not all that different.

2. Trust as an economic factor

To what extent this kind of informational insecurity will hinder people from taking advantage of the information- and transaction-related services of the Internet is not known. We have no empirical data concerning the consequences of this destruction of trust. But the problem, of course, has been recognized by the information economy. Unlimited information gathering cannot be considered an accepted business practice. Astonishingly (or understandably) enough, the acceptance of information goods and services does not depend primarily on objective system performance criteria (these are more or less opaque and incomprehensible anyway) but on the extent to which trust can be established in them. Trust is an „as-if" event. What counts is not the quasi-objective data (although these, too, need to be made public) but our personal understanding and our emotions towards the systems and services in question.Trust is already a success factor for electronic markets, and the construction of trust will turn into a business itself.

Trust, originally a very personal, even intimate concept of every-day life, has become a trade-mark of the market. Trust has turned out to be a business for companies which guarantee – for a price - data protection, data security, privacy and access control, all factors of information self-determination. Trust-building performance, even trust-software, is already a competitive factor on electronic (information) markets. The founding and spreading of enterprises such as TRUSTe is a consequence of this „trust business". In most of the cases so far, these trust companies are an initiative of the information economy itself. What they do is provide companies which are active providers on the electronic markets with an electronic quality stamp, hopefully after an intensive checking process, which is designed to produce confidence in customers. It certifies that the companies in question pursue an open infomation gathering policy, that is, that they make their information policy transparent.

This trust-ensuring quality stamp is considered to be a substitute, a compensation for our individual inability to control the companies´ information behaviour, thus building up trust in their information practice.

How do we handle this delegation of trust-building? Is it only a marketing trick of the information industry? Should we trust it in a situation where suspicion and even mistrust are more appropriate since it is our most personal belongings, our information and knowledge base, which are at stake? We will come back to this question at the very end of this paper. We believe that there is a need for other instruments of trust-building. Self-regulation is, of course, the most appropriate measure for all information markets and for handling the information ethics problems involved in them. But self-regulation does not necessarily mean that we leave it up to the commercially driven forces of the market to establish trust. What we have learned from the U.S.-American experience, in particular from the failure of the information decency act and from the debate about the rights to cryptographic algorithmic software, is that, on the contrary, the state and its institutions cannot be trusted in these personal matters either. Instead, we consider „webs of trust" the only adequate way to solve the problem of trust-building.

1. Trust in agents

Information markets will be highly influenced by the advent of a new breed of information machines, so-called intelligent software agents, which/who (?) are at the moment however still in an experimental stage of development. They are being promoted in particular by the M.I.T: media lab. Software agents are autonomously operating, cooperative and mobile machines which are equipped with knowledge about their owner/user and about the domain they are designed to operate in. Agent technology is widely considered to be a very important tool for overcoming the problems of information access, problems immediately evident to anyone who tries to master the huge amount of information directly accessible to end-users by means of direct manipulation.

Comparable to the task of establishing trust on information markets we can distinguish between trust in agents from a user´s point of view and from a provider´s one. Some people even believe that trust is a challenge for the interaction between software agents themselves when they communicate in open distributed systems.

1. Trust in agents from a user´s point of view

Delegation of information work is always critically a matter of trust, especially when transactions with financial consequences are involved Delegation means by principle a loss of personal control and produces a risk that the job which was delegated will not be executed the way it was intended to be. We want to emphasize the following critical points:

• Insecurity about the correctness of information agents´ work turns out to be of special dramatic effect because it is almost impossible for the human user to trace the agent´s steps on its journey in global networks or to know which kind of information it has given to other agents or systems, ones which may ultimately give it to people the original user is not aware of.

• While in the public the danger of misuse of credit card information (the software agent may need the credit card or other financial means) is highly discussed, we believe the more basic information problem is an even more sensitive one: the problem that other (unauthorized) parties may learn of the kind of information a person is interested in. This is quite obvious in a commercial environment but it is also relevant in one´s private life to keep information, and information interests, personal and protected.

• We consider other information problems even more relevant. How can a user be sure that the software agent will (a) achieve a reasonable degree of representativeness of information, (b) make a sound judgement about the truth-value of the information gathered by the agent itself or with the help of other agents, and (c) be able to infer whether this information is really relevant for the user? Do software agents have semantic and even pragmatic competence? And is it desirable to provide machines with the kind of competence that ultimately may lead to a further loss of human information autonomy?

The problem of delegating information work has been solved in the past by personal information assistants: librarians, information brokers, officers, managers. Their social and communicative competence has been a sufficient basis for establishing trust in their information behaviour and performance. But how can this be achieved by machine information assistants, by software agents? Can agents be provided with social and communicative competence, and, if that is not possible, what kinds of compensation mechanisms are needed to establish trust in agents nevertheless? Will emotional transfer be facilitated if agents are presented in a way that we find more appealing? Can the question of trust be reduced to a question of design? Is it a must that agents, as many believe, should appear, anthropomorphically, as pictures or cartoon human beings? Or is this counter-productive?

If we want to achieve acceptance in the performance of software agents, there is a feeling on the part of those involved in research and development that trust is the key factor. It is indeed so far not much more than a feeling. Agent technologists normally lack the competence to handle social questions of trust-building. Again different means and different participation models are required, again a task for webs of trust.

1. Aspects of trust in agents on electronic markets from a provider´s point of view

The provider´s point of view is, as mentioned earlier, not the focus of this paper. We merely wish to point out that agent technology will only be effective if market place owners or information service providers allow agents to enter their electronic domain, where they can look for the information they are designed to seek. It is a fact that more and more providers are refusing to permit them entry, with the effect that agents come back to the human user with the message: „system was blocking out our agents". Providers obviously do not believe that the agents will report objectively about their services. This is partly correct, as can be seen from the performance of a well-known agent such as BargainFinder, who makes buying decisions only on the basis of prices neglecting other trust-relevant factors considered by the provider to be more relevant (such as customer service, business experience, reliability, etc.)

2. Trust among agents

Mobile agents are agents which, once released, can navigate more or less independently in electronic networks in order to solve the problems they are designed for. Because they work independently, there is a need for an absolutely safe identification procedure which will make it clear to what extent the agents are allowed to use other computers´ power and services. Here again, Java technology produces situations of uncertainty when the Java byte code is implemented into the local HTML code causing somewhat unpredictable actions in the host computer. How can the host computer „trust" the invading agent, how can the agent trust the computer that it will not do any harm to him/it? Is it even acceptable to describe the actions of soft- and hardware devices with concepts like trust, which are fundamentally social in nature?

The same question arises in distributed agent systems,where agents exchange information and work together cooperatively on complex tasks. If an agent has good reasons (based on experience or recomendations from other agents) to trust another agent, it will be cooperative; otherwise it will have to calculate the risk or will even avoid the cooperation. Is this already the first step towards an autonomous world of information machines? There are serious people in philosophy who are already talking about an e-per (e-persons) ethics where information assistants/agents will have ethical rights and duties.

All this may be far away and out of reach for UNESCO´s mission in information ethics. But it is obvious that agents in a distributed cooperative environment need to know something about other agents` competence and reliability. This might well be described in terms of trust. In the M.I.T. lab researchers have developed a trust- or reputation-building mechanismn (a so-called Better Business Bureau) which agents in the Kasbah-system use for their work. Each time an agent has finished a job in a distributed environment, it writes a report about its experience with the other agents, judging their competence and reliability: how good was the information, how fast did they react, how secure was the financial transaction, and even how much he/it liked the contact with the other agents. A new world of machine trust.

1. Conclusion

The debate on trust in electronic markets and for the usage of software agents has several dimensions:

We foresee for the near future a public debate – comparable to other global debates such as those about atomic energy, biogenetics, and environment pollution – on the question of whether and to what extent human information autonomy and the human self-image as an intelligent being will be threatened by increasingly delegating information work to information machines, of which software agents are only the beginning. UNESCO should be prepared for such a discussion and should not only react to the currently dominant Internet topics.

Electronic markets will be difficult to escape in the near future. In order to establish an environment which is based on mutual respect and trust rather than on mistrust and suspicion, the following problems need to be handled appropriately and consensually:

• Society must find compromises in defining principles for fair and open use of information which acknowledge both the right to individual privacy (defined as active and passive information self-determination) and the need for reasonable marketing strategies based on information about the consumers. Privacy is not the right to be let alone. There is a need for a symmetric information relation between providers and users rather than a secret information-gathering marketing policy. Mutual transparency is in the long run the best trust-building device.

• Electronic transaction processes and delegated information work are always subject to potential mistrust and even „Angst". There is a need for personal, media and organizational trust devices to compensate for the lack of information and understanding.

Trust-building in general is a very complicated, and in the end an ethically based process:

• Trust is built up by dominant value systems and attitudes which have traditionally been controlled and mediated by the political public, the media and many social organizations. Today, global electronic communication forums on the Internet are developing into the strong media of the future and may thus become responsible for the construction of public opinion and consequently public values.
• Trust is also built up by an open information policy. Already the fact of making the basic principles of information devices public is important, even if a full understanding cannot be achieved by everyone.
• A special responsibility is incumbent on information experts, who are able to verify the reliability and truthworthiness of information devices and market places. Trust as an „as-if"-procedure is also built up by delegating the responsibility for controlling information devices to trusted experts.
• Trust also depends on the actual experience of users. Trust is hard to create but very easy to lose. Trust must be handled as a very precious good.
• Trust-building also needs to be institutionalized, because personal experience and delegated personal expertise are not always sufficiently available. Trust centers and commercial trust companies will only be successful if they can achieve a public acceptance beyond political and commercial interest. We hold the concept of webs of trust, the consensual trust-building process between trusted experts, as an appropriate means of institutionalized trust-building. Prominent institutions such as UNESCO can play an important role in establishing global webs of trust in all fields of information ethics, information markets and information devices and can keep them under control in an open enviroment of mutual confidence. This may sound like a utopia, but it can indeed be part of a realistic information policy, if the latter is widely accepted.

1. References