Trust and Formal Analysis

I came to the consideration of trust not because it is currently a public issue, nor because it seems to be in vogue in sociology. Instead, I was dismayed at some of the recent sociological treatments of the subject and, in particular, at these studies’ cursory treatment of one of what many would consider to be the leading foundational modern study of trust in social interaction, that of the late Harold Garfinkel who, in 1963, published a paper titled “A Conception of, and Experiments with, ‘Trust’ as a Condition of Stable, Concerted Actions,” (Garfinkel 1963b).

During the time that he was Professor of Sociology at the University of California at Los Angeles, Garfinkel devised a radically innovative approach that he termed “ethnomethodology.” This meant “members’ methods.” By this, then, Garfinkel intended not a technical or professional research method per se but, instead, a topic for study; namely the study of society members’ interactionally deployed cultural methods of making sense of the everyday contexts in which they find themselves, methods also of sharing this sense and incorporating it into their joint projects of action – in a phrase, sense-making-in-action.

Introduction

Ken Thompson was the 1984 recipient of the Turing Award, the equivalent of the Nobel Prize in Computer Science. His recognized contributions include the design, while at Bell Labs, of the UNIX operating system, that later led to the free software flagship Linux, and today Android, which has the largest share of the smartphone market. Yet, in his acceptance address, Thompson did not choose to talk about operating system design, but instead about computer security, and specifically “trust.” His thoughts were later collected in an essay entitled “Reflections on Trusting Trust” (Thompson, 1984), which has become a classic in the computer security literature. In this work, Thompson examines to what extent one can trust – in an intuitive sense, but as we will see, also a technical sense – a computer system. He recounts how computer systems are built on layers of hardware, but also by layers of software – computer code that provide instructions for how they should perform high-level operations, such as writing a document or loading a Web page. How could anyone foresee what these devices could do under different circumstances? First, they would have to examine what the hardware would do under all conditions. Although this is expensive, it is possible, as hardware is composed of fixed arrangements of wires, silicon, and plastic. Naively, one could assume that software could also be examined in a similar fashion: by reading the source code of the software to understand how it would behave.

Introduction

The main thesis of this chapter is: trust in the context of the Internet, and elsewhere too, is usually best understood as a continuation of the normal run of life, not as an exception to it. We need to look at those usually unchallenged background activities, contacts, and commitments that, at some point, lead up to situations in which questions about trust are asked. This is not to say that we constantly trust each other, but it means that the question only has an application in particular situations, and that the meaning it has must be understood in the context of the situation. As a further, methodological remark, continuous with the previous point, I suggest that what trust “is” is best seen in situations in which “trust” is raised as an issue. To understand trust, we should not be looking for a mental state, attitude, or behavioral pattern “out there” for which the word stands. We should focus on the various kinds of worry that invite talk about trust; on what prompts us to apply the vocabulary of trust in certain problematic situations; and on how applications of that vocabulary contribute to solving, creating, or transforming those situations.

This also invites the question to what extent particular worries about trust are specific to the use of the Internet, as opposed to being continuous with what happens in other walks of social life. There exists a misleading picture that represents the Internet as a world unto itself, an incorporeal realm facing us with a specific set of philosophical and ethical conundrums. This looks to me like a romanticization of the Internet. It is more fruitful to think of our various uses of the Internet as so many extensions of our off-line practices.

Introduction

If you've used a PC, a mobile phone or some other digital device, you've experienced the output of my discipline of interaction design, the field in which I’ve worked for the past seventeen years. The goal of an interaction designer is to design digital tools that help people achieve a task in their life, be it sending an email to a colleague, making a phone call to a friend, or creating a Web page for everyone to see. Interaction designers make choices about what a person sees on screen, when they see it, and how it reacts to their mouse clicks or finger presses. We design experiences that are intended to lead a person successfully through the stages of their task, hopefully in a way that feels effortless and even delightful or fun.

Design is a processional discipline. Designers start with an often vague set of needs and technologies; their goal is a gradual prioritization and synthesis of these and a narrowing down to something specific and buildable. This process, which is an iterative one based on constantly testing ideas, is primarily visual. We use tools like sketching, modeling, and prototyping to test these ideas and make choices of those we think are most successful.

Introduction

When the first e-commerce services emerged in the late 1990s, consumer trust in online transactions was identified as a potential major hurdle. Researchers of human-computer interaction (HCI) started to investigate how interface and interaction medium design might make these services appear more trustworthy to users. Jens Riegelsberger (then a doctoral student) and the first author were part of that first cohort (Riegelsberger and Sasse 2001). We soon realized that much of the HCI research was very much focused on increasing user trust in Web sites through design elements, but did not consider (1) existing substantive knowledge from other disciplines on the role and mechanics of trust, and (2) existing methodological knowledge on how to conduct valid studies on trust formation and its impact on behavior. To address this, we reviewed and integrated existing knowledge to prepare a foundation for HCI research, which was published in two research papers: to address point 2, a prescription for valid HCI methods for studying trust, The Researcher's Dilemma (Riegelsberger et al. 2003a); and to address point 1, a framework for HCI research and The Mechanics of Trust (Riegelsberger et al. 2005).

The key message from the latter paper was the need for HCI researchers to engage with technology developers to create trustworthy systems, rather than focus on influencing trust perceptions at the user interface level. In the worst case, the latter could lead to manipulating user trust perceptions to place trust in systems that are not trustworthy, which would be socially and ethically irresponsible. The way forward, we argued, was to design systems that encouraged trustworthy behavior from all participants, by creating the right economic incentives and creating reliable trust signaling. In the current chapter, the authors summarize this prescription and reiterate the argument for it, because it is still valid today. We then review progress over the past eight years to consider to what extent the prescription has been implemented. Although our conclusion may seem sobering, it really is not: the security signals offered by service providers are not accurate enough and require too much user effort.

Introduction

Trust – and its lack – is a hot issue. This is especially true of public discussion of one of the defining features of contemporary life – namely, computers and the varied technologies that are built on them. We want trust but doubt whether it is well-grounded. Nor is it clear how it could be so grounded. Where is rational trust to be found? Call this the search for trust. Meanwhile, computers become a more pervasive part of our lives. Uncertainty and risk increase. The search is urgent.

There is an obvious way to resolve the search for trust. To build trust in a technological world, we need to know what trust is. Philosophers answer questions of the form “what is f?” They do so paradigmatically through conceptual analysis. Therefore, philosophers should analyze trust, thereby answering the question “what is trust?” Such an analysis will explain when trust is grounded and when it is not. It will then be possible to identify how trust can be grounded in the specific context of the new modes of living that computing technologies have created. The response concludes: let's get started.

Preamble

Several of the prior chapters in this book allude to the work of Harold Garfinkel and his seminal Studies in Ethnomethodology (1967). One of the great lessons that one can take from that book is the idea that society is made up of people who “do” sociological theory or, rather, people who construct and deploy “lay-sociological theorizing” to both interpret and organize the world around them. Their everyday reasoning is a form of sociology Garfinkel would have us believe. Today, of course, the idea that people theorize in this sense, that they reason sociologically, has suffused itself throughout the discipline of sociology and its cognates. Take Michel De Certeau (1984), for example, or another sociologist of the quotidian, Henri Lefebrve (2004). Both argue that the social world is constructed, “enacted” through the deployment of interpretative skills and agency – through people's capacity to reason in particular ways. And consider other social sciences, such as anthropology. Here Tim Ingold (2011) argues that people construct their places of dwelling through conscious acts of “dialogic engagement”: they attend to, work with, and reflect on the things and persons around in ways that directs them in new trajectories, lines of action. All of this is a form of reasoning, Ingold claims.

The subtle differences between these various views notwithstanding, that people reason in a way that can be characterized as sociological, and that, as a result, the thing called society has the shape it has, is virtually commonplace in contemporary thinking. The word “theorizing,” however, has been ameliorated with alternate formulas by these (and other) authors. We have just listed some of the alternative words and phrases used: people enact their reasoning and they rationally engage their reasoning as part of how they produce dwellings. These and other formula stand as proxy for theorizing. One of the motivations for using alternatives is that many commentators, including those just mentioned, would appear to prefer keeping the term “theory” as a label for their own thinking rather than as one applicable to the non-professional arena. To put it directly, this move allows them to valorize what they do while giving lay persons’ actions a more prosaic, less consequential air.

Introduction

One view of cyberspace is that it is made up of technology: personal computers, the routers that support the Internet, huge data centers, and the like. Another view is that cyberspace is made up of people: people who interact over the Internet; people who run the Internet and the data centers; people who regulate, invest, set standards, and do all the other actions that make up the experience of cyberspace. The latter view is probably the more relevant; technology is only the foundation.

If cyberspace were only technology, we might properly ignore issues of trust. We might ask whether we have confidence that the technology will function as intended, and our everyday experience tells us when that confidence might be misplaced. But to the extent that cyberspace is made up of people, we should ask whether issues of trust are important in the proper functioning of cyberspace. I argue that trust is central in many ways.

Trust, as I use the term, is a relationship between trustor and trustee in which the trustor is willing to assume that the trustee will act in the best interest of the trustor. This does not mean that the trustor can predict exactly what the behavior of the trustee will be, but that the trustee will use judgment and intelligence to restrict the range of actions undertaken. One who is not trustworthy may be malicious or simply inattentive, incompetent, or in an unsuited role: trust is usually accepted with respect to a particular role.

Introduction

In reality, the Internet, as a networking person would define it, has not changed much since it was commercialized in the 1990s. The main Internet concept is still there, and so are its core technologies and applications; for example, the protocols that are responsible for transferring bits between two computers have been virtually unchanged since the inception of the Internet. However, many things have evolved and have tremendously impacted the way we communicate, perform computation, and conduct business online.

This chapter highlights recent trends and technology evolutions that appear to be shaping perhaps not the Internet itself (as seen in the strict definition of a networking person), but everything around traditional approaches to computing and communication. In my opinion, there are three main such transforming trends: the Cloud and the promise it brings for computing; the new Web with its intertwined services and applications; and Big Data computing, which opens up new horizons and opportunities with fast processing of diverse, dynamic, and massive-scale datasets. Each of these trends is not disconnected from the others, but interlinked, which – as I discuss – is the case with every aspect of the Internet today. This maze of interconnected services, applications, users, and devices is one of the two main themes that are omnipresent in the Internet today. The other is an implicit notion of shared trust, a trust that appears to transfer – irrespective of user intentions – through the links of this maze, reforms our online experiences, and also bears tough challenges for user privacy.

In early 2011, Pepsi made headlines by announcing that after more than 20 years, they would forego advertising during the Super Bowl. Instead, PepsiCo decided to award more than $20 million in grants to fund community projects. Anyone could submit a grant application online, and award winners would be chosen by popular vote. News of Pepsi’s contest spread across social media, and with each mention, the Pepsi name was further associated with a philanthropic brand image. Contestants extended the brand promotion as they campaigned for their own personal causes, driving more traffic to Pepsi’s website.

In a similar move, P&G, one of the world’s largest marketing organizations, announced in February 2012 that they would reduce their marketing budget by $10 billion over the next four years. Much of the savings would be achieved by shifting their efforts away from traditional offline marketing methods in favor of digital marketing tools such as online banner ads, viral marketing, and social media marketing.

As individuals, we make decisions about whether to post our opinions to social media and what opinions to post. When we make these decisions, we are subject to a host of social influences. While we may have intended to express our thoughts on the latest restaurant that we visited or a movie that we recently saw, posting comments online doesn’t occur in a vacuum. Based on what others have said previously, what we choose to say (that is, if we choose to say anything at all) may change once we sit down at the computer.

Earlier chapters discussed how our opinion formation and expression behaviors change as we are exposed to the opinions that others have already posted. In turn, the opinions we express today will affect how others behave in the future. Social media platforms can be seen as opinion ecosystems where our viewpoints interact and influence those of other contributors. Some opinions will be discouraged and driven out of the ecosystem through selection effects. Other opinions adapt to the environment as a result of a variety of adjustment effects. As a result, the collective opinion of the posting population evolves.

A search of employment opportunities in social media inevitably turns up something like the following:

In other words, the employer wants a communications associate whose main job is to tweet and blog.

Like many organizations, the employer represented here views social media as just another platform for advertising and communications. The person in charge of the social media efforts may be informed about the organization’s overall strategy, but his or her role is to simply use social media to communicate this strategy to the target consumer or constituency. This perspective on how social media fits into the organization can be very limiting and potentially problematic. Let’s break down the pitfalls associated with this line of reasoning.

It used to be that when a new movie was released, moviegoers would look to the opinions of professional movie critics before deciding whether to see it. Under this paradigm, professional critics wielded an enormous amount of power and influence to either make or break a new movie. In today’s environment, however, social media host reviews from anyone who wants to share an opinion. And now, before we head out to the theaters, we look online for not only the reviews provided by professional movie critics but also the reviews posted by friends, and sometimes even strangers, who have already seen the movie.

Arguably, social media have the potential to give a voice to everyone, making us less reliant on the opinions of a few experts. As consumers, that means that we have available to us a wider variety of opinions. Thus, we can follow the opinions of trusted sources who share our views rather than individuals whom others have deemed to be experts. This means that through social media, an organization or business has access to the wide variety of opinions held by its various customers and stakeholders. Their opinions, rather than those of a few top executives, can now drive many of the organization’s strategic decisions. Is this a good thing? Should a company trust HiPPO (the Highest Paid Person’s Opinion) or should it follow the opinions of masses on social media?