Identity Trust Charter

From IdCommons
Jump to: navigation, search

Name

Identity Trust

(Note: This charter and effort has turned into the Open Notice Initiative, in essence this Charter has provided space for a think tank in Identity & Trust for contribution to other efforts - The essence of this wiki will stay the same while the effort involved will continually evolve into other efforts around consent and notice. (The two digital identity components that develop user centric transparency over information control and its application on the Internet.)

- Efforts - identity-trust.com -- Blog

Currently the evolution of this effort has resulted in Open Notice and the Consent Receipt Specification.

Consent Tag New effort Sept 2013 to Open Notice and Consent at the [Kantara ISWG][1].


Media:Open NoticeMedia:http://opennotice.org: Advocacy group for industry efforts in more transparent notice and personal information control.

At this time people are not able to be aware of what privacy and terms of use policies they are subjected to at any one time. It is not clear that the existing notice and consent infrastructure is even legal for managing digital identity in multiple countries. While Regulators and Enterprise come to an understanding of what forms of regulation should be in place personal information isnt easily controllable or usable by people. Privacy is effectively restricting personal information, innovation, and collaboration.

Purpose

To advocate and facilitate open (not closed) internet policy notices and terms that control personal information. Enabling a rich ecosystem of granualr controls to set personal information free from its current privacy prison.

Both Consent and Notice are primary tools online used to legally control and administer the flow of rights when sharing information online. At this time this policy infrastructure is a relic of the industrial age.

Industrial Age Notice is the existing policy infrastructure that is easily identified by a check box or i agree button to administer the control and use of personal data and contract terms, but it is ad-hoc. Meaning that each organisation has its own policy in their own format, placed in various places on websites. The most typical sign of Industrial Age Notices is that the law in most countries in the world stipulates, that if an organization wishes to, they can require people to provide a written request for access to personal information. Thus restricting people to analog (not in context access to personal information) An issue, with a simple open notice format, could easily be addressed with a twitter address.

The purpose of Identity Trust is to help people use open notice (digital age use of law and consent in notice) to control their own personal information.

Practices

To discuss ideas, developments and opportunities in the development of Notice and Consent online. Activities consist of posting articles of interest to the list and to share research pertaining to the advancement of notice and consent management. Anyone can participate.

identitytrust@googlegroups.com

At this time there are a lot of efforts in the space of identity management online. This charter calls for more focused discussion = on the core issues of consent and the use of notices in the control of information.

"Identity Trust Think Tank - Topic List"

  • User-Centric Consent tracking
  • Advocate for an Open Online Notice Standard for policy and consent notices
  • Support the evolution of Data Portability by digitizing and standardizing Legal Subject Access Requests
  • Analyzing/Measuring the new trust/privacy strategies and regulatory initiative (do they really work?)
  • Mapping Governance: tracing the control infrastructure of choice, consent, and policy notices
  • Exploring Consent and Notice Metrics for uniform enforceability across jurisdictions
  • Identity Rights Framework - How to independently measure the quality of rights protections in online information policy?
  • How to Regulate? What to Regulate? Where to Regulate?
  • Legal and Illegal use of notice and consent in surviellance

(Invitation, Please email topics to identitytrust@googlegroups.com)

Related WG's:

ISWG - Information Sharing Work Group ([Kantara Initiative][2] and [Identity Commons][3])

[TFMM][4] - Trust Framework Meta-Model Work Group (Kantara Initiative) (NEW)

[NSTIC-WG][5] - National Strategy for Trusted Identities in Cyberspace (Identity Commons) (NEW)

[PFWG][6] - Privacy Framework Sub-Work Group of the P3WG - Privacy and Public Policy Work Group (Kantara Initiative)

OIX WG - Open Identity Legal Analysis Work Group (Open Identity Exchange)

[UMA][7] - User Managed Access (Kantara Initiative)

Related Efforts: (Note: At this time their are a great deal of efforts, many disconnected. Please list efforts here) APEC - CIPL - Accountability ISO 2901 - NASPO OASIS


TBD

Requirements of Participation and How to Join

The discussion is open to people who would like to contribute to developing the management of consent and digital notices online.

Anyone may contribute and comment at any time.

[if you are interested in more information or a private chat send an email to [identitytrust@gmail.com]]

Licenses and/or Restrictions on Usage of Work Product

Creative Commons Attribution-Share Alike

Current Meeting Schedule

There are no meetings scheduled as of yet.

Current Deliverable and Milestones

Step 1: Aggregate interest, material and ideas.

Step 2: Organize a call for papers and ideas based on Step 1

Current Stewards Council Representative and Alternate

Primary: Mark Lizar Alternate:

This WG effort is also dedicated to the memory of Nick Givotovsky a co-founder. The first Steward of Identity Trust

Current References

W3C Workshops:

  • [Do-Not-track] [8]- Apr 26-29, 2011 @ Princeton
  • [Internet Privacy Workshop][9] - Dec 8-09, 2010 @ MIT
  • [W3C Workshop on Privacy] [10]and data usage control 04/05 October 2010

'Papers:'

  • The Evolving Privacy Landscape: 30 Years After the OECD Privacy Guidelines [11] Latest OECD Doc - Transparency and Consent are the most important principles.
  • [NSTIC Privacy Effects] [12]April 15, 2011 By Identity Finder, LLC: Aaron Titus, Todd Feinman, and David Goldman
  • Research on the Relationship between Trust and Privacy in Network Environments] [13] Feng Gao, Jingsha He, Shunan Ma, International Journal of Digital Content Technology and its Applications. Volume 5, Number 1, January 2011
  • [EU Electronics Communication Revisions] [14] April 2011

Cofta, Piotr (2007) Trust, Complexity and Control - Confidence in a Convergent World. John Wiley & Sons.

Morrone Adolfo, Tontoranelli, Noemi, and Ranuzzi Giulia (2009) How Good Is Trust? Measuring Trust And Its Role For The Progress Of Societies. Organisation for Economic Co-operation and Development: 38. 6963

History

This work group has been set up to develop a Master Controller Access to Consent Framework which back in 2007 was a long way to describe user centric consent management. This effort has been incubating for 4 years while research and understanding in the fields of Identity and Trust have grown greatly.