International Working Group on Data Protection in Telecommunications

A software agent is defined as a piece of software that acts on behalf of its user and tries to meet certain objectives or to complete tasks without any direct input or direct supervision from its user. Agents may find several applications in telecommunications. In the first place they can be used to increase the functionality of a telecommunications network. It is possible to use a network more efficiently if the network resources are adapted to the demands of individual users. Agents can fulfil this task by representing the users.

Another application is in value-added content services that are delivered by means of telecommunications networks: agents can be applied on behalf of the user to select and gather information (e.g. on the Internet) and to act as intermediate with other parties in electronic transactions. Currently the first services of this kind start to become available, ranging from simple 'push technology' which brings information to the user's doorstep based on individually specified interests, to sophisticated systems that allow for the personalization of network user sessions and the tracking of user activities.

The development of agent technologies will culminate in Intelligent Software Agents, software programs, at times coupled with dedicated hardware, designed to complete tasks on behalf of their user. Given their role as representative of a person, a wealth of personal information will be generated and exchanged by the operations of agents. Privacy and confidentiality of actions will be amongst the major issues confronting the use of intelligent agents in the future.

This Common Position aims at increasing awareness of the privacy risks associated with the use of agents and encouraging system designers to incorporate measures to protect privacy. The privacy risks associated with the use of agents can be grouped as follows:

1. Firstly, risks associated with the fact that an agent acts on behalf of a user. User profiling is at the core of agents' activities. Typically the user profile will contain identity and contact information, as well as a great deal of information about personal preferences. When an agent operates on a network personal data will be exchanged with the environment, and potentially disseminated to unauthorised third parties
2. Secondly, risks associated with foreign agents that act on behalf of others. Agents, or generally their users, might be confronted with agents acting on behalf of others, These might deliberately collect personal data of individuals by performing traffic flow analysis, entering databases that contain information about the individual or entering the user-profile of an individual's agent. Such agents may even appear in disguise or overrule other agents.

Recommendations

Measures have to be taken to reduce the impact of the privacy risks of Intelligent Software agents. The Working Group recommends that the following be considered, notwithstanding requirements that are necessary to comply with any data protection principles, especially those that might follow from the purpose for which the agent is constructed:

1. Producers of software agents should reflect in an early stage of design on the implications of the use of intelligent agents for the privacy of individuals. This is necessary to control the consequences that may arise in the near future.
2. Developers of agents should ensure that users do not loose control over their systems and information contained therein. They should provide the user with the maximum of transparency on the functioning of the agent. Adding control and feedback mechanisms and safeguards to prevent this will help agent-users to increase trust in using agent technologies.
3. Developers of intelligent agents should ensure the proper means by which the privacy of users may be protected and control maintained by data subjects over the uses of their personal data.
4. Technical facilities such as Privacy Enhancing Technologies (PET) are recommended in conjunction with software agents. The following measures are proposed:
   • development of a Trusted Third Party structure for the identification and authentication of all agents;
   • access control mechanisms;
   • tools to give a user control over the actions of third parties' agents that collect personal data;
   • mechanisms to audit the logged activities;
   • integrity mechanisms to control the integrity of stored or exchanged data and to control the integrity of working methods of agents or trusted components, like digital signatures;
   These measures can be integrated into the agents. The measures can also be used to build an infrastructure of trusted components.
5. By using a checklist of privacy-compliant design criteria, the designer, supplier, or provider of an agent should design or equip an agent or an agent-environment with proper privacy-enhancing technologies. A framework for certification of the privacy-compliance of software agents is required.