LibraryblogA Brief Review of Online Trust

A Brief Review of Online Trust

We take a look into the nature of trust, the relationship between trustor and trustee that defines trust, and the way this evolves in the online world.

Online trust blog graphic images.
Johann Puustusmaa
October 14, 2020
Blog Post

Trust exists across a variety of domains and industries. This trust can be observed on a spectrum of faith at one end and confidence at the other. All that falls in between the decision to trust and the end-result of that trust relationship, or that which lingers at the edges, is an ongoing process. A process which often requires some sort of management and engagement. The text at hand does not attempt to provide a thorough review of online or digital trust. Instead, it glimpses at the multiplicity of trust relations and theorizations, while highlighting the ambiguity of the use of trust in online spaces. 

Trust, as a word, an expectation and a promise, emerges in corporate posts and discussions, yet is often used simply to express the desire to enhance said trust. The aim of this short review is to explore the role of trust in those online settings and relationships, separating it from any specific business interests. 

The following will at times refer to two broad categories of trust, interpersonal and system trust. That is, a relationship between persons, or between a person and an organisation, system, program.

Guido Möllering (1) summarizes, rather than defines, trust

Distributed trust (2) could remove the need to trust another human, when systems, machines, or artificial intelligence presents us with a choice to trust based on some score. This correlates with how Bart Vanneste, Coye Chesire and Helen Nissenbaum would talk about responsibility and accountability. Who are we supposed to blame, when our trust is betrayed? Who takes responsibility? How is the response to such instances communicated and what does the action to fix the breach look like in practice? Distribution of not only trust, but of accountability, highlights the unknowns involved in trust. 

In Möllering’s summary, we see an important action taken towards vulnerability. Vulnerability is a characteristic that can be seen in a majority of trust definitions as one of the defining conditions for trust to exist. Since it appears to be relational, trust involves at a minimum a trustor and a trustee, the former accepting vulnerability and the latter subjected to that trust. As we can read from Möllering’s idea, and will see in many others, accepting vulnerability and entering into a trust relationship aims to reduce the complexity involved in such relationships. 

Rachel Botsman’s (2) popular take on trust draws attention to a few important aspects, which are applicable in both offline and online interactions. Moving on from interpersonal relationships, we have reached a point where third parties in the form of various service providers are highly involved. With digital identities, reputation or social proof is as important as ever. Social proof does not have to be drawn from great numbers, but could be, depending on the context, based on a small group of influential people.  In online settings that reputation may be reduced to a number of stars, yet it is grounded in a process which has led people to trust these stars. 

Bridging the known and unknown, she uses the concept of a trust leap. Trust, in her words, is a confident relationship with the unknown. Even while seeing it as a confident relationship, we still need to know how to contextualize trust. Botsman further asks what trust should be based on. Is it competence or reliability? Or is it integrity or benevolence? The choice can then be made between ability and character. It is possible to settle for a combination of the two. Regardless of the preferred answer, since it often does depend on the context, the proof for either is not only statistical. It is social. And alive. The way we evaluate that trust, then, will have an impact on economic and social transactions. 

Lauri Haapanen warns us, in his take on transparency and inclusivity, that the complete openness of a process is not always necessary for creating a foundation from which consumers can base their assessment of the trustworthiness of the producer. While the trustee is responsible for exposing the essential information, the trustor should engage with that information in order to find trust or justify assurance in said information. 

Helen Nissenbaum and Coye Chesire question the promise of strong online security as a prerequisite for, or an asset of, trust. Instead of supporting trust, they see these novel forms of security as supplanting trust. Whether we agree with that or not, the position and value of trust still demands to be attended to. Wendy Chun (3) provides a poignant example of our relationship with machines by claiming that: “'Trusting' a program does not mean simply accepting its predictions or letting it decide the future, but instead acknowledging the impossibility of knowing its truth in advance while nonetheless responding to its results.” 

The unknown of system trust is well illustrated in the varied responses to Pew Research Center’s canvassing of experts on the future of online trust. Because trust is relational by nature, it comes as no surprise that the answers range from doomed to hopeful. Enhanced trust may be an indication of people’s affinity to convenience, only disrupted by massive disasters and not disturbed by minor inconveniences or breaches. While trust in online services may remain low or even decrease, people will find it difficult to opt out because analogous offline opportunities will be rare. If we consider trust to be inconsistent across different areas of online services, as well as geographically and socially varied, it also makes sense to imagine or hope, as some of the respondents do, for technology to be bridging the gaps. 

Digital literacy, access to information, and the willingness or drive to use that information can influence trust in online services. A GSMA study on “The role of privacy frameworks in building trust for digital identity services” reveals unexpected  behaviour in relation to risk and knowledge. The report, drawing on a qualitative study of 4 countries (Ghana, Zambia, Rwanda and Mozambique), shows that in some regions, fewer safety and protection frameworks do not necessarily create distrust or concerns about those issues. On the other hand, more digital education and stronger legal frameworks can push users to be less trusting. It is important to note that in some cases, the public is not necessarily aware of their country’s legal frameworks. This could mean that the behavior towards laws or security could be dependent on assumptions and there may not always be a correlation between alertness and willingness to share information or access online services. The lack of analogous opportunities, minor disadvantages, or discomfort all tend to push people to accept the terms they are given, sometimes describing these terms simply as “the way things are”. And to approach them by asking: Who are we to question that?

The GSMA report includes a clear disclaimer that the data collected about trust is highly dependent on the manner of data collection, analysis and further interpretations. In many cases, consumers were not able to reliably describe the impact of either the presence or the lack of laws. The confusion about what laws actually mean or which parts of personal information they address could create a situation where any abuse or misuse of said information could be credited to organizations which may not have anything to do with the misuse. 

A survey conducted by Frost & Sullivan highlights the perception gap between organizations and consumers. Consumers scored 61 points out of 100, when asked whether they trust their organizations to handle personal data appropriately. The organizations scored 75 out of 100 on the same question about consumers trusting their organizations. This further confirms the need to understand the positions of users/consumers and organizations in relation to trust.

Connecting this to a more theoretical standpoint on online trust, we can visit Helen Nissenbaum’s suggestion that “the ideal endpoint of trust through security is surety and not, in fact, trust”. Thinking about systems, we can see the act of bridging uncertainties, performed through the emotive act of trust, in reality, grounded in technical assurances. Paradoxically, some systems are built and imagined to supplant trust while the public performance of the organisations continues to try to evoke trust. Building systems to supersede “old” forms of security, aims to create assurance in the systems. Trust in those systems can be defined as confidence, rather than trust, which involves vulnerability. Agreeing with this, Coye Chesire claims that strong forms of online security, chased by creating better systems, can rather supplant trust, than enhance it. Are we still asked to trust, then, because organisations understand that trust can outweigh the specific information about technical and legal frameworks which the public may not want, or simply not be able to comprehend and integrate into their everyday?

Masudul Hasan Adil’s and Neeraj R. Hatekar’s article about demonetisation in India in 2016, and the continued plans for digitalisation of financial transactions brings to light the problem of asymmetrical power relations, digital literacy and access to both technology and information. The role of trust is vital in the transition from one kind of transaction or platform to another. From physical to digital. The presence of gatekeepers, educators, legislative bodies and various mediators creates new forms of trust networks, to which people may or may not have existing relationships. 

As a highly contextual issue, trust would need to be explained in relation to its setting, and emergence. In spite of unknowns and ambiguities, there is room for fictional reassurance. Esther Keymoelen suggests that trust does not solve problems, but suspends them. In some cases by acting “as-if”, the uncertainty of relationships is suspended in favour of a relationship which can allow trust to be formed on a fictional basis. If we were to act as if a person or a company is trustworthy, while there is no real basis for that, it is possible that in case of a positive outcome, that trust could be developed and maintained. Trust management, then, would be vital for grounding trust in something else than vulnerability and unknowing. Following the ideas and surveys presented in this review, we could imagine online trust to include both an assurance of safety, as well as a possibility for an online loitering (2). To be online without fear. This, in line with hopes for transparency, would be reliant on visibility of the many transactions, relationships and decisions that are made on various levels of complexity and inclusion.

  1. Möllering, G (2006), Trust: Reason, Routine, Reflexivity. Oxford: Elsevier
  2. Botsman, R.  (2017), Who Can You Trust? How Technology Brought Us Together and Why It Might Drive Us Apart. New York: PublicAffairs.
  3. Chun, W. H. K.  (2016), Updating to Remain the Same: Habitual New Media, Cambridge, MA: MIT Press