When we talk about identity transactions the word “trust” is frequently used, and used in different ways. It’s a topic that’s come up in this newsletter frequently (e.g., “What's the meaning of 'trust'?”). Go to the home page for this newsletter and enter “trust” in the search box and you’ll get a results list of over 60 separate issues. So you can imagine how I felt when I received notice that the final version of the Trustguide report was ready.

Trustguide is a U.K. organization, sponsored by the Department of Trade & Industry, British Telecom and HP. Over the past 15 months, the organization hosted several workshops across the U.K., focusing on the range of trust issues that arise through the development and deployment of new technologies. The goal of the workshops was to develop guidelines for those engaged in the researching, development and delivery of Information and Communications Technology (ICT) as to how cybertrust might be enhanced. The 101 page report, “Trustguide: Final Report” is the result of that effort.

According to the authors, the one theme that occurred over and over again during their many workshops was that“[w]hile an initial hypothesis may be that people do not engage with online services because they do not trust them, our findings have shown that trust is not as significant a measure as first thought. What is more important to understand is that people are willing to take risks online, as long as they are informed, and it is clear how consequences will be addressed. People use specific services not because they trust them, but because they in some way provide a benefit to the individual and they know that if something goes wrong, restitution will be made.”

Trust is important, but it appears to be secondary to the overall benefit provided. That is very significant.

The major areas covered in the report are:

* Trust vs. risk
* E-Commerce: Risk and Responsibility
* Factors that impact on risk taking
* Mitigated risk
* ID cards: An aid to security?
* Use of Biometric data
* Privacy and health information
* E-Government and Public Sector IT
* Awareness and education
* Use of public access terminals

Download the report and read it carefully. Don’t try to digest it all at one sitting.

Next issue we’ll examine exactly what the Trustguide folks meant by the term “trust.”

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.