Identity Trust Charter

Contents 1 Name 2 Purpose 3 Practices 4 Requirements of Participation and How to Join 5 Licenses and/or Restrictions on Usage of Work Product 6 Current Meeting Schedule 7 Current Deliverable and Milestones 8 Current Membership 9 Current Stewards Council Representative and Alternate 10 Current References 11 History

Name

Identity Trust

(Note: This charter and this effort is under development, in essence this Charter provides space for a think tank in Identity & Trust for contribution to other efforts - This means the essence of this wiki will stay the same while this wiki will constantly evolve its content around consent and notice. (The two digital identity components that develop user centric transparency over control and its application on the Internet.)

At this time people are not able to clearly understand what privacy and control they have over their own identity information especially online. This means that trust is obstructed in the use of digital identity services. While Regulators and Enterprise come to an understanding of what forms of regulation should be in place this charter is placed here to inspire ideas in identity and trust. For instance technical mechanisms for people to track consent online or to manage consent after it is given. Inspiring ways for Enterprise to further open their policy notices, enable data portability, develop trust and ignite the "Personal Data Eco-system".

Purpose

The purpose of this Charter is to generate and list ideas in order to raise awareness of the need to increase the quality of notice and consent online (together provide transparency). Generating ideas and discussion around the access and usability of the controls that manage an individuals information. Both Consent and Notice are primary tools online used to legally control and administer the flow and rights when sharing information online. Legally informed consent is required in many jurisdictions for the capture and use of sensitive and personal information. On May 25 2011 changes to the EU Electronic Communications Framework come into effect. In addition, the NSTIC (National Strategy for Trusted Identities in Cyberspace) a US Whitehouse driven effort is under development. Now that formal efforts are underway internationally to develop trusted use of identity online a standard for the quality of consent and policy notices will be needed to augment any future regulatory efforts.

Practices

To discuss ideas, developments and opportunities in the development of Notice and Consent online. Activities consist of posting articles of interest to the list and to share research pertaining to the advancement of notice and consent management. Anyone can participate.

identitytrust@googlegroups.com

At this time there are a lot of efforts in the space of identity management online. This charter calls for more focused discussion = on the core issues of consent and the use of notices in the control of information.

"Identity Trust Think Tank - Topic List"

• User-Centric Consent tracking
• Community Interest Company - What would a business structure of the trusted intermediary for identity attributes look Like?
• Advocate for an Open Online Notice Standard for policy and consent notices
• Support the evolution of Data Portability by digitizing and standardizing Legal Subject Access Requests
• Analyzing/Measuring the new trust/privacy strategies and regulatory initiative (do they really work?)
• Mapping Governance: tracing the control infrastructure of choice, consent, and policy notices
• Exploring Consent and Notice Metrics for uniform enforceability across jurisdictions
• Identity Rights Framework - How to independently measure the quality of rights protections in online information policy?
• How to Regulate? What to Regulate? Where to Regulate?
• Legal and Illegal use of notice and consent in surviellance

(Invitation, Please add topics)

Related WG's:

ISWG - Information Sharing Work Group ([Kantara Initiative][1] and [Identity Commons][2])

[TFMM][3] - Trust Framework Meta-Model Work Group (Kantara Initiative) (NEW)

[NSTIC-WG][4] - National Strategy for Trusted Identities in Cyberspace (Identity Commons) (NEW)

[PFWG][5] - Privacy Framework Sub-Work Group of the P3WG - Privacy and Public Policy Work Group (Kantara Initiative)

OIX WG - Open Identity Legal Analysis Work Group (Open Identity Exchange)

[UMA][6] - User Managed Access (Kantara Initiative)

Related Efforts: (Note: At this time their are a great deal of efforts, many disconnected. Please list efforts here) APEC - CIPL - Accountability ISO 2901 - NASPO OASIS

TBD

Requirements of Participation and How to Join

The discussion is open to people who would like to contribute to developing the management of consent and digital notices online.

Anyone may contribute and comment at any time.

[if you are interested in more information or a private chat send an email to [identitytrust@gmail.com]]

Licenses and/or Restrictions on Usage of Work Product

Creative Commons Attribution-Share Alike

Current Meeting Schedule

There are no meetings scheduled as of yet.

Current Deliverable and Milestones

Step 1: Aggregate interest, material and ideas.

Step 2: Organize a call for papers and ideas based on Step 1

Current Membership

• Mark Lizar
• Louis Monvoisin

Current Stewards Council Representative and Alternate

Primary: Mark Lizar Alternate:

This WG effort is also dedicated to the memory of Nick Givotovsky a co-founder. The first Steward of Identity Trust

Current References

W3C Workshops:

• [Do-Not-track] [7]- Apr 26-29, 2011 @ Princeton
• [Internet Privacy Workshop][8] - Dec 8-09, 2010 @ MIT
• [W3C Workshop on Privacy] [9]and data usage control 04/05 October 2010

'Papers:'

• The Evolving Privacy Landscape: 30 Years After the OECD Privacy Guidelines [10] Latest OECD Doc - Transparency and Consent are the most important principles.

• [NSTIC Privacy Effects] [11]April 15, 2011 By Identity Finder, LLC: Aaron Titus, Todd Feinman, and David Goldman

• Research on the Relationship between Trust and Privacy in Network Environments] [12] Feng Gao, Jingsha He, Shunan Ma, International Journal of Digital Content Technology and its Applications. Volume 5, Number 1, January 2011

• [EU Electronics Communication Revisions] [13] April 2011

Cofta, Piotr (2007) Trust, Complexity and Control - Confidence in a Convergent World. John Wiley & Sons.

Morrone Adolfo, Tontoranelli, Noemi, and Ranuzzi Giulia (2009) How Good Is Trust? Measuring Trust And Its Role For The Progress Of Societies. Organisation for Economic Co-operation and Development: 38. 6963

History

This work group has been set up to develop a Master Controller Access to Consent Framework which back in 2007 was a long way to describe user centric consent management. This effort has been incubating for 4 years while research and understanding in the fields of Identity and Trust have grown greatly.