ID-Legal 10-09-08

Call in Time
11am Pacific, 2pm Eastern 8 am Hawaii.

Dedicated Dial-In Number: 1(309)946-5255 Access Code:659714

Agenda:
Please read this page outlining the purpose of the group/conference ID-Legal (it answers some of the questions Dan raised on Monday's call)

We need to figure out some key questions out to really move forward.

Is this going to be a co-educational event?

The legal community learning from technologists and technologists learning from the legal community.

We think the answer is yes - we need to check this

Then what kind of process would we use at the event. I would like at least 1/2 of it to use Open Space to facilitate deeper dialogue and understanding then typically provided.

Where are we going to have the event:
 * Bay Area or DC Area all both potential locations that have
 * Then after that what venue(s)

What dates for the event work:
 * January - February but when in that time frame

Who do we want at the event:
 * We have done some scoping on this but need to get clearer.
 * We need to invite some more key people into our group like Mary Rundle and Jane Winn

Jeff Hodges is not able to be the steward right now for the group. I am up for hearing who would like to volunteer for this role. It means you are on the board of Identity Commons, you review other groups to see if they are in alignment with the purpose and principles, help manage common assets. You need to be on the community/stewards mailing list & it is good to attend the once a month stewards call.

Please see the notes on this page ID-Legal 10-06-08 from the Judi/Dan conversation on Monday. We had our circles crossed on Monday.

=
=============================================================== ID-Legal concall Thu 9-Oct-2008 11am Pacific, 2pm Eastern 8 am Hawaii. --- Attendees: Lucy Lynch (ll) Judi Clark (jc) Dan Perry (dp) Mary Ruddy (mr) Kaliya Hamlin (kh) Michael Froomkin (mf) Scott David (sd) Jeff Hodges (jh) - NEXT CALL: Thu 23-Oct-2008 8 am Hawaii, 11am Pacific, 2pm Eastern Dedicated Dial-In Number: 1(309)946-5255 Access Code:659714 - contents: Action Item (AI) Summary Loose Ends *DRAFT* first-order distilled minutes by =JeffH *DRAFT* second-order distilled minutes by =JeffH - Action Item (AI) Summary:

Cross-Jurisdictional legal/policy/regulations What you are allowed to say about a person ..and link to the new pages from http://wiki.idcommons.net/ID-Legal
 * LL to create wiki page (at wiki.idcommons.net) on..

Legal framework(s) for (3d party) Identity Providers
 * MR + DP to create wiki page on..

Privacy and traceability and security
 * JC to create wiki page on..

- Loose Ends:


 * citation for Scott David's recent article as mentioned in 2nd-order notes.


 * citation for Michael Froomkin's first digital sigature paper -- done, see below

on it..
 * apparently we forgot about this topic and no one signed up to do a wiki page

How do we enhance/foster interactions/conversations between attorneys and technologists?

-
 * DRAFT* first-order distilled minutes by =JeffH

>  Call in Time > > 11am Pacific, 2pm Eastern 8 am Hawaii. > > Dedicated Dial-In Number: 1(309)946-5255 Access Code:659714 > >  Agenda: > > Please read this page outlining the purpose of the group/conference ID-Legal > (it answers some of the questions Dan raised on Monday's call) > >  http://wiki.idcommons.net/ID-Legal > > We need to figure out some key questions out to really move forward. > > Is this going to be a co-educational event? > > The legal community learning from technologists and technologists learning > from the legal community. > > We think the answer is yes - we need to check this

We began with JC & JH reaffirming that the answer to above question is "yes", and that we think we need bi-directional cross pollination.

In process of trying to assess what this means, various people put forward what are essentially use-cases calling for multi-disciplanary legal/tech approach.

E.g. MR noted that with various technologies lying about any person or org can put up an Identity Provider and start serving up attributes about subjects. There's an analogy for doing this in the paper world (e.g. credit bureaus noted MF) but there doesn't seem to be a legal framework for doing this online. So if one considers doing this, one quickly gets to legal questions, and then many get stuck. This is an aear where biz & techs could use legal help and a forum where these sorts of specific problems can be discussed would be useful.

MF noted that there are likely already applicable legal frameworks, eg contract law and credit bureau law, though ack'd that sorting through this together would be useful. The heart of the matter is "what are you allowed to say about people?".

As a result of this, we felt we were hearing five somewhat different, though intersecting topical areas..

Cross-Jurisdictional legal/policy/regulations           (LL) Legal framework(s) for (3d party) Identity Providers    (MR + DP) Privacy and traceability and security                   (JC) What you are allowed to say about a person              (LL for now,                                                            KH to help?) (e.g. how does one go about obtaining permission(s) to release information,    and how might those permissions be updated or revoked) How do we enhance/foster interactions/conversations between attorneys and technologists?

We felt that any one of these topics would provide enough fodder for a one or two day event, which we felt we ought to characterize as a "workshop" -- i.e. we'd have a better chance to attract legal-types with that nomenclature than if we used (just) "(un)conference/openspace".

We clarified that we wouldn't want to attract just "practicing attorneys" to a such a workshop on one these topics, rather we'd want to strive for attendance by regulators, law profs, theorists, judges, as well as technologists.

It was noted by several folks that Feb-2009 is coming up quickly and that it is somewhat "late" to be trying to schedule something in for that timeframe.

In terms of which of the above topics to select, and who to invite, MF noted that "it is more the who than the what, the workshop topic is just the excuse to attend".

So in an effort to gage interest in the topic areas, folks bit off topics, as indicated above (and noted in the AI summary), with the action item to create a wiki page(s) for it and initiate conversations around them.

We agreed to have another call in two weeks -- same time, same station -- in order to check on progress and assess.


 * DRAFT* second-order distilled minutes by =JeffH

1. wrt additional detailed points wrt motivations for having an ID-Legal event(s):

SD pointed out that he feels some are coming to understand that people are "part of the system" and that most interactions [between networked systems] are initiated by people in some fashion. He said he recently wrote an article on this topic [cite needed].

LL noted that ISOC is interested in this work bcause they are seeing warning signs that [identity-based or enabling] technology is created without consideration of the legal aspects of "asserting identity". Emphasized that this is not US-centric, but talking about asserting identities across global networks. She wants to open up a dialog with respect to how people make identity assertions globally and what the ramifications are in terms of local legal frameworks. E.g. there's work in the EU on "privacy and personhood" it is about how one asserts identity across a network where both endpoints will have different regionalized "legal/regulatory overlays". It is completely different than the work in the US that seems to be centered on notions of data- and identity-theft.

SD noted that he is dealing with a half-dozen projects wrt "international legal identity" where one is attempting to comply with a variety of non-meshing laws, so yes, this overall question here is relevant.

LL noted that it was the [messy, wandering, long] conversation around the notion of what became to be known as "digital signatures" is what Bob Blakley has noted is motivating him to participate in these ID-Legal discussions. I.e. try to have the conversation be at least less [messy, wandering, long].

MF noted that he'd been involved in said digital signature conversation and wrote one of the first papers on the topic's legal aspects. [cite:

The Essential Role of Trusted Third Parties in Electronic Commerce http://www.law.miami.edu/~froomkin/articles/trusted.htm ]

2. wrt characteristics of an ID-Legal event:

KH would like at least 1/2 of event to use Open Space techniques to facilitate deeper dialogue and understanding than she feels one obtains with "pre-programmed" and ppt-based conferences.

DP noted that the "unconference" notion and term would cause attorneys to back away, in his view. Suggested term "workshop" rather than "unconference". He also noted that some attorneys shy away from "casual conversations" with a lay audience due to the fear of opening up legal liability. E.g. some attorney says something, someone else hearing it makes decisions on it, and if they don't work out, circles back around claiming the attorney bears some liability. So, doesn't think having an attorney present to a room of technologists and being "bombarded" by questions from them would be good, from attorney perspective.

MF noted that he's interested in hallway conversations and such, and thus a F2F meeting as opposed to an initial webinar, as was briefly suggested.

--- end