On Trust #1: Trust Management – A Category Error?

(Trust me = Accept this residual, non-computable risk because the expected coordination benefit exceeds the perceived downside.)

How I got here?

I have been dealing with topics related to the digital identity for a quarter of a century, roughly since the term “identity management” was coined.

At the time, I was under the mistaken belief that the associated tasks within companies could be completed quickly and that after three to five years, once all the companies concerned had done their homework, we would move on to new topics.

Far from it: even though it was never my intention, the diverse questions associated with this topic continue to keep me busy professionally today.

At some point, the “next big thing” was announced: trust management.

That was exciting. Because I had no confident comprehension of whether and, if so, how trust could be “managed.”

I want to finally change this situation and approach the topic of “trust” as systematically as possible.

Can trust be managed – or only cultivated?

Rarely is a term used so frequently and with such confidence, while remaining so poorly understood, as trust. In business, politics, technology and public discourse, “trust management” is now a common expression. Yet it remains deeply unclear what is actually meant by it — and whether trust, in any meaningful sense, can be “managed” at all.[1]

This essay explores a more uncomfortable possibility: that trust is not a controllable resource, but a fragile, emergent property of social interaction — one that grows slowly, collapses suddenly, and resists symmetric restoration. If that is true, then “trust management” may be not merely difficult, but conceptually flawed.

I. The conceptual problem of “trust management”

Even at the level of definition, trust refuses to stabilise. Interdisciplinary research has long shown that psychology, sociology, economics and management theory all define trust differently — as expectation, willingness to be vulnerable, confidence in systems, moral commitment, or strategic reliance, depending on disciplinary lens [1]. Do we need to consider different types of trust in the end?

Managerial literature has nevertheless attempted to operationalise trust. The influential model by Mayer, Davis and Schoorman defines trust as a willingness to accept vulnerability based on perceived ability, benevolence and integrity of another party [2]. In practice, this has encouraged organisations to treat trust as something that can be designed, measured, improved and audited.

Yet this managerial framing already hints at a deeper problem: trust is not a thing that exists in isolation. It is a relationship, rooted in vulnerability, uncertainty and expectation — conditions that resist full formalisation. As Baier observed, trust is inherently moral: it exposes the truster to harm in ways that cannot be contractually neutralised [3]. The more one attempts to reduce trust to compliance artefacts, the more one empties it of its meaning.

II. Trust in intellectual history

Long before it became a business metric, trust was recognised as a central social phenomenon. Niklas Luhmann described trust as a complexity-reducing mechanism: without it, human beings would be paralysed by uncertainty and unable to act meaningfully in society [4]. Trust allows us to behave as if the future were predictable, even when it is not.

Anthony Giddens extended this insight into modernity, arguing that contemporary life increasingly depends on “abstract systems” — institutions, expert knowledge, technical infrastructures — which we must trust without personally understanding or verifying them.[5]

At the same time, classical and modern thinkers recognised trust’s fragility. The seminal volume edited by Diego Gambetta framed trust not only as something that is “made”, but also as something that is easily “broken” — often irreversibly [6]. This duality already anticipates the asymmetry at the heart of the present argument.

III. Trust as a human developmental process

Trust does not begin in institutions or markets. It begins in infancy.

Attachment research has shown that early interactions between caregiver and child shape a person’s baseline expectations about reliability, care and responsiveness in others [7]. This early “template of trust” influences later relationships — from family and peers to institutions and strangers.

Importantly, human cognition displays a pronounced negativity bias: negative experiences are weighted more strongly than positive ones. Trust therefore grows slowly through repeated confirmation, but can collapse abruptly after a single perceived betrayal. This biological asymmetry is not a cultural accident — it is deeply rooted in human cognition.

Thus, trust is not symmetric: it is hard to build, easy to lose, and difficult to restore.

IV. Trust in society, economy and institutions

At the macro level, trust functions as a form of social capital. Francis Fukuyama famously argued that high-trust societies are more capable of building large, flexible organisations and sustaining economic prosperity [8]. Robert Putnam later linked declining civic engagement to erosion of institutional trust in modern societies [9]. 

Think for a moment what the decline of trust in our institutions, in the community in total, which is reported, e.g. by the Edelman Trust Barometer, from several western countries, and from Germany in particular, will mean for the prosperity of our society.

Elinor Ostrom demonstrated that cooperation in communities does not arise from formal rules alone. It emerges from a complex interplay of norms, mutual monitoring and shared expectations — in other words, from cultivated trust environments rather than central control [10].

Trust, then, cannot be commanded into existence. It can only be enabled — or undermined.

V. Trust in digital communication

Digitalisation has not abolished trust; it has transformed it.

Online platforms must constantly engineer trust signals — ratings, reputations, seals, reviews — to compensate for the absence of physical presence and personal familiarity [11]. Empirical research shows that trust is a decisive factor in technology acceptance and online behaviour [12][13].

At the same time, digital systems increasingly attempt to replace trust with verification, automation and control — shifting reliance from social judgement to technical enforcement. This brings us to the paradoxical notion of “Zero Trust”.

VI. The misleading promise of “Zero Trust”

In cybersecurity, “Zero Trust” does not mean that trust has disappeared. It means that systems no longer rely on assumed trust, but enforce continuous verification, least privilege and strict identity validation [14].

Technically, this is sound architecture. Conceptually, however, the term is misleading. Zero Trust does not eliminate trust — it merely transfers it from human relationships to technical and institutional mechanisms. Trust becomes embedded in code, policy and infrastructure.

In doing so, digital systems implicitly concede that human trust is too fragile to be relied upon — and yet too essential to be eliminated.

Epilogue

The evidence points to a clear conclusion: trust is not a controllable resource. It is an emergent, asymmetric, relational phenomenon.

It can be encouraged, cultivated, protected — and easily destroyed. But it cannot be engineered, optimised or restored symmetrically once broken. “Trust management”, in the industrial sense, is therefore a category error.

What can be managed are conditions of trust: transparency, consistency, fairness, accountability and institutional reliability. These shape the soil in which trust may grow — but they do not command the plant itself.

Trust grows slowly. Trust collapses suddenly. And that asymmetry defines the fragile moral infrastructure of civilisation.

References

1. Rousseau, D. M., Sitkin, S. B., Burt, R. S., & Camerer, C. (1998). Not so different after all: A cross-discipline view of trust. Academy of Management Review, 23(3), 393–404. https://doi.org/10.5465/AMR.1998.926617
• Seminal synthesis explaining why ‘trust’ remains conceptually plural across disciplines; anchors the claim that the term is used widely but defined inconsistently. ↩ ↩


2. Mayer, R. C., Davis, J. H., & Schoorman, F. D. (1995). An integrative model of organizational trust. Academy of Management Review, 20(3), 709–734. https://doi.org/10.5465/amr.1995.9508080335
• Classic organisational trust model (ability–benevolence–integrity) that operationalises trust as willingness to accept vulnerability; provides the managerial baseline the essay interrogates. ↩


3. Baier, A. (1986). Trust and antitrust. Ethics, 96(2), 231–260. https://doi.org/10.1086/292745
• Philosophical account emphasising the moral dimension of trust and the asymmetry of vulnerability; useful to argue why ‘managing’ trust can shade into manipulation.↩


4. Luhmann, N. (1979). Trust and power: Two works by Niklas Luhmann. Wiley.
• Foundational systems-theoretical treatment: trust reduces complexity and enables action under uncertainty; supports the view of trust as a societal mechanism rather than a controllable asset.↩


5. Giddens, A. (1990). The consequences of modernity. Stanford University Press.
• Introduces the concept of trust in ‘abstract systems’ (institutions and expert systems), providing a bridge from interpersonal trust to institutional and digital trust.↩


6. Gambetta, D. (Ed.). (1988). Trust: Making and breaking cooperative relations. Blackwell.
• Influential interdisciplinary volume on how trust is formed, signalled, and broken; supports the essay’s focus on fragility and non-linear collapse.↩


7. Ainsworth, M. D. S., Blehar, M. C., Waters, E., & Wall, S. (1978). Patterns of attachment: A psychological study of the strange situation. Lawrence Erlbaum Associates.
• Core empirical work in attachment theory; underpins the developmental account of how early caregiver reliability shapes later expectations of trustworthiness.↩


8. Fukuyama, F. (1995). Trust: The social virtues and the creation of prosperity. Free Press.
• Widely cited argument that social trust acts as social capital and influences economic prosperity and institutional capacity; supports macro-level trust claims.↩


9. Putnam, R. D. (2000). Bowling alone: The collapse and revival of American community. Simon & Schuster.
• Landmark work linking civic engagement and social capital to societal and institutional trust; supports discussion of trust erosion in modern societies.↩


10. Ostrom, E. (1990). Governing the commons: The evolution of institutions for collective action. Cambridge University Press.
• Demonstrates that sustainable cooperation arises from governance conditions (rules, monitoring, norms) rather than command-and-control; supports the ‘cultivation’ framing.↩


11. McKnight, D. H., Choudhury, V., & Kacmar, C. (2002). Developing and validating trust measures for e-commerce: An integrative typology. Information Systems Research, 13(3), 334–359. https://doi.org/10.1287/isre.13.3.334.81
• Provides validated constructs for online trust and institutional trust; supports claims about engineered trust cues in digital environments.↩


12. Gefen, D., Karahanna, E., & Straub, D. W. (2003). Trust and TAM in online shopping: An integrated model. MIS Quarterly, 27(1), 51–90.
• Empirically shows trust as a determinant of technology acceptance; supports claims that digital adoption depends on trust rather than mere functionality.↩


13. Pavlou, P. A. (2003). Consumer acceptance of electronic commerce: Integrating trust and risk with the technology acceptance model. International Journal of Electronic Commerce, 7(3), 101–134.
• Integrates trust with perceived risk in online transactions; supports the argument that verification and risk mitigation often substitute for interpersonal judgement.↩


14. Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture (NIST Special Publication 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207
• Authoritative definition of Zero Trust as continuous verification and least privilege; supports the claim that the term is conceptually misleading outside cybersecurity.↩