{"id":3706,"date":"2025-05-03T05:05:50","date_gmt":"2025-05-03T05:05:50","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/05\/03\/privacy-for-agentic-ai-html\/"},"modified":"2025-05-03T05:05:50","modified_gmt":"2025-05-03T05:05:50","slug":"privacy-for-agentic-ai-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/05\/03\/privacy-for-agentic-ai-html\/","title":{"rendered":"Privacy for Agentic AI"},"content":{"rendered":"\n
Privacy for Agentic AI<\/div>\n

\t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

Sooner or later, it\u2019s going to happen. AI systems will start acting as agents, doing things on our behalf with some degree of autonomy. I think it\u2019s worth thinking about the security of that now, while its still a nascent idea.<\/p>\n

In 2019, I joined<\/a> Inrupt, a company that is commercializing Tim Berners-Lee\u2019s open protocol for distributed data ownership. We are working on a digital wallet<\/a> that can make use of AI in this way. (We used to call it an \u201cactive wallet.\u201d Now we\u2019re calling it an \u201cagentic wallet.\u201d)<\/p>\n

I talked about<\/a> this<\/a> a bit at the RSA Conference<\/a> earlier this week, in my keynote talk about AI and trust. Any useful AI assistant is going to require a level of access\u2014and therefore trust\u2014that rivals what we currently our email provider, social network, or smartphone.<\/p>\n

\n

This Active Wallet is an example of an AI assistant. It\u2019ll combine personal information about you, transactional data that you are a party to, and general information about the world. And use that to answer questions, make predictions, and ultimately act on your behalf. We have demos of this running right now. At least in its early stages. Making it work is going require an extraordinary amount of trust in the system. This requires integrity. Which is why we\u2019re building protections in from the beginning.<\/p>\n<\/blockquote>\n

Visa is also thinking about this. It just<\/a> announced<\/a> a protocol that uses AI to help people make purchasing decisions.<\/p>\n

I like Visa\u2019s approach because it\u2019s an AI-agnostic standard. I worry a lot about lock-in and monopolization of this space, so anything that lets people easily switch between AI models is good. And I like that Visa is working with Inrupt so that the data is decentralized as well. Here\u2019s our announcement<\/a> about its announcement:<\/p>\n

\n

This isn\u2019t a new relationship\u2014we\u2019ve been working together for over two years. We\u2019ve conducted a successful POC and now we\u2019re standing up a sandbox inside Visa so merchants, financial institutions and LLM providers can test our Agentic Wallets alongside the rest of Visa\u2019s suite of Intelligent Commerce APIs.<\/p>\n

For that matter, we welcome any other company that wants to engage in the world of personal, consented Agentic Commerce to come work with us as well.<\/p>\n<\/blockquote>\n

I joined Inrupt years ago because I thought that Solid could do for personal data what HTML did for published information. I liked that the protocol was an open standard, and that it distributed data instead of centralizing it. AI agents need decentralized data. \u201cWallet\u201d is a good metaphor for personal data stores. I\u2019m hoping this is another step towards adoption.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Bruce Schneier
\n \t

\n
<\/BR>
\nGo to bruce schneier<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

Privacy for Agentic AI Sooner or later, it\u2019s going to happen. AI systems will start acting as agents, doing things on our behalf with some degree of autonomy. I think it\u2019s worth thinking about the security of that now, while its still a nascent idea. In 2019, I joined Inrupt, a company that is commercializing […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[57,762,1225,83,555,1],"tags":[87],"class_list":["post-3706","post","type-post","status-publish","format-standard","hentry","category-bruce-schneier","category-data-privacy","category-inrupt","category-privacy","category-schneier-news","category-uncategorized","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/3706"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=3706"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/3706\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=3706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=3706"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=3706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}