Robin Wilton

A member of the Gartner Blog Network

Robin Wilton
Research Director
26 years IT industry

Robin Wilton is a research director with a particular interest in digital identity and privacy (and their relationship to public policy), access control and single sign-on, and the productive use of public key infrastructures. Read Full Bio

Coverage Areas:

Is the word “trust” being subverted?

by Robin Wilton  |  April 20, 2012  |  Comments Off

A couple of things I’ve heard recently make me wonder whether the word “trust” is being used in public discourse in ways that fundamentally undermine its meaning. Consider the following short phrases:

  • “Trust… but verify”
  • “Trusted traveller programme”

Neither of these usages is actually that new. The first was made famous by that renowned “communicator”, the late President Reagan, and the second – though more recently adopted by the TSA – is the kind of phrase that has been applied generically to various air travel and immigration “fast track” initiatives over the last decade or so.

To me, Reagan’s phrase encapsulates the paradox. After all, if you trust someone, why would you feel the need to check them out? And if you only ‘trust’ someone because you’ve rummaged through their sock drawer looking for evidence of hostile intent, surely what you have demonstrated is that you don’t really trust them – you only trust such evidence as you are able to gather, one way or another.

Don’t get me wrong: I’m not saying that, for instance, there is no place for intelligence-led security measures, or that there are no circumstances under which people’s sock drawers should be subjected to a good rummage. All I’m saying is that we should resist being fooled into thinking that those come under the heading of trust. So, if I am saying that I know what trust is not (I hear you say…), what do I think it is? Here’s a candidate definition that I have found pretty useful so far:

“Trust is the belief that someone will act in (or at least not contrary to) your interest, even if they are in a position (and perhaps are even motivated) to do otherwise”.

The word “belief” is important. Like any belief, trust in someone can be well- or ill-founded. But trust is founded on some degree of uncertainty. If you know perfectly well that someone cannot hit you (for instance, because they are locked in another room), then the relationship you have with them is not, in that regard, one of trust: it is one of knowledge.

Why does this matter?

Well, trust has never been more of a factor than in today’s online world. It is intimately woven into any discussion of authentication, digital identity, online anonymity/pseudonymity,  privacy, copyright and intellectual property management, net neutrality, internet access, deep packet inspection, CCTV surveillance, Passenger Name Records, web tracking and so on and so forth. I’m not sure an exhaustive list is even possible. In many of these areas, the roots of “trust” lie – we are told – in law enforcement access, accountability mechanisms, auditability and the like. But I’d argue that that approach does not reflect trust at all; it reflects a desire to base decisions on knowledge, not belief. A wish to remove uncertainty from risk-related decisions. Ultimately, a wish to predict the individual’s future behaviour based on exhaustive knowledge of their past behaviour.

It is rational to mitigate risk by seeking to understand it.

Just stop trying to kid me that it’s “trust”.

Comments Off

Category: Uncategorized     Tags: