Awesome-Mirrors
/
decentralized-id.github.io
mirror of https://github.com/Decentralized-ID/decentralized-id.github.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

topics category

This commit is contained in:
⧉ infominer 2023-06-23 04:27:20 +05:30
parent 5c0a89692b
commit 654be069ac
8 changed files with 255 additions and 417 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
_posts/application/2020-12-30-humanitarian.md
View File

@ -26,35 +26,6 @@ published: true
* [Satellite and geospatial tech for humanitarian crises](https://medium.com/caribou-digital/satellite-and-geospatial-tech-for-humanitarian-crises-b90b670aba46) 2021-12-09 Caribou Digital
> The discussion covered a broad range of topics, from specific data availability to the challenges of applying and translating technical data into usable formats to the application of geospatial data for anticipatory humanitarian response
## Ethics
* [Pro-social behaviours](https://en.wikipedia.org/wiki/Prosocial_behavior) 2023-06-14 Wikipedia  
> those intended to benefit others, or society as a whole — for example, helping, sharing, donating, co-operating, and volunteering. Within a community, theyre the behaviours that make it an attractive space to belong to, and which encourage its growth and/or development. Its a central part of the value cycles that underpin the Communities of Practice model.
* [Radical generosity](https://provocations.darkmatterlabs.org/radical-generosity-8063d9edc3aa) 2022-08-31 Dark Matter
> Could we establish an alternative market economy, one that is structured around a distinct set of principles centred on care, trust, generosity, the importance of collective intelligence and deep sets of relationships; what would fall away and what would remain in place?
* [literature] [Ethical Design of Digital Identity Environmental Implications from the Self-Sovereign Identity Movement](https://theses.ubn.ru.nl/items/5afb03ab-7a90-4303-909b-4934295859f8) 2021-06 Sanne Glastra
> In a world that is becoming more digital, it is relevant to find some guidelines for organizations to design digital identity more ethically. A universal identity system on the internet is still missing and there are no clear standards for organizations to design digital identity. With this research, knowledge and insights have been obtained to advance organizations to design digital identity more ethically. A contribution has been made by proposing the conditions to enable improvements for a more ethical design.
* [Sovereignty, privacy, and ethics in blockchainbased identity management systems](https://link.springer.com/content/pdf/10.1007/s10676-020-09563-x.pdf) 2020-11-30 Georgy Ishmaev
> Self-sovereign identity (SSI) solutions implemented on the basis of blockchain technology are seen as alternatives to existing digital identification systems, or even as a foundation of standards for the new global infrastructures for identity management systems. It is argued that self-sovereignty in this context can be understood as the concept of individual control over identity relevant private data, capacity to choose where such data is stored, and the ability to provide it to those who need to validate it.
## Human Rights
* [Tech Tools for Human Rights Documentation](https://documentation-tools.theengineroom.org/) 2022-04-06 The Engine Room
> Insights from research & practical guidance for civil society documenters of human rights violations
* [Human Rights Documentation](https://documentation-tools.theengineroom.org/findings-documentation/) The Engine Room
> For this research, The Engine Room and HURIDOCS conducted a combined total of 36 one-on-one interviews with civil society documenters of human rights abuses and direct support organisations. Our findings are supplemented by insights from interviews with eight tool developers working in the human rights documentation space.
* [Tool Development](https://documentation-tools.theengineroom.org/findings-tool-dev/) The Engine Room
> For this research, The Engine Room conducted eight interviews with tool developers, and carried out independent research into relevant tools.
* [Transitional Justice](https://documentation-tools.theengineroom.org/findings-transitional-justice/) Tech tools from a transitional justice perspective
> For this research, PILPG conducted interviews with 15 transitional justice experts and held three focus groups.
* [TAKEAWAYS FROM OUR COMMUNITY CALL ON INTERSECTIONS BETWEEN DATA & DIGITAL RIGHTS AND SOCIAL JUSTICE](https://www.theengineroom.org/takeaways-from-our-community-call-on-intersections-between-data-digital-rights-and-social-justice/) 2022-03-21 The Engine Room
> On February 15, we held a community call to discuss our newly-published [research findings](https://www.theengineroom.org/new-research-community-call-intersectional-approaches-to-data-and-digital-rights-advocacy/) on intersectional collaboration between social justice communities and data and digital rights (DDR) communities. We were joined by speakers Temi Lasade-Anderson from Alaase Lab, Luã Cruz from IDEC, Patronella Nqaba from Atlantic Fellows for Racial Equity and Paromita Shah from Just Futures Law.
* [Internet Governance - UDDI - Universal Declaration of Digital Identity](https://iiw.idcommons.net/10I/_Internet_Governance_-_UDDI_-_Universal_Declaration_of_Digital_Identity) 2021-05-06 Jeff Aresty, Kristina Yasuda IIW, IDCommons
> Reaffirming the human rights and fundamental freedoms enshrined in the Universal Declaration of Human Rights and relevant international human rights agreements such as the UN GP on BHR and Constitutional Rights;
>
> Reaffirming the relevance of international human rights standards in the digital environment and the need to explore and expand new human rights guarantees for the future;
* [Universal Declaration of Digital Rights](https://docs.google.com/document/d/1y9C-5TPYmRruRQqJq39-HePk3ypWLDpSAEVzuonOH2Q/edit) 2020-10-21 Johannes Ernst
> all states should recognise and promote universal respect for and observance of both fundamental human and digital rights in physical domain and the digital spaces environment and ensure that these rights are upheld as core elements of a free, open and representative society
## Inclusion
* [Unmasking Power: Alternative Futures for Empowering Our Digital Identities](https://openresearch.ocadu.ca/id/eprint/3937/) 2022 Chopra, Shreya
> The project is directed primarily toward design and innovation teams, and associated knowledge workers, whose efforts have significant influence on future technologies, platforms, and their impacts. This work explores how we might deconstruct power dynamics prevalent in digital service design today. Through multiple analyses, maps and models of these systems, the paper reveals multiple opportunities for change.
@ -89,12 +60,34 @@ published: true
* [literature] [Self-Sovereign Identity in a Globalized World: Credentials-Based Identity Systems as a Driver for Economic Inclusion](https://www.frontiersin.org/articles/10.3389/fbloc.2019.00028/full) 2020-01-23 Fennie Wang, Primavera De Filippi
> the paper will focus on two blockchain-based identity solutions as case studies: (1) Kiva's identity protocol for building credit history in Sierra Leone, and (2) World Food Programme's Building Blocks program for delivering cash aid to refugees in Jordan. Finally, the paper will explore how the combination of blockchain-based cryptocurrencies and self-sovereign identity may contribute to promoting greater economic inclusion.
* [Empowering humans for a digital age and global economy via Self-Sovereign Identity](https://vladanlausevic.medium.com/empowering-humans-for-a-digital-age-and-global-economy-via-self-sovereign-identity-457ef947f33b) 2020-06-20 Vladan Lausevic
## Business
* [What are the limits of the private sector in serving the poor?](https://medium.com/caribou-digital/what-are-the-limits-of-the-private-sector-in-serving-the-poor-3ee9a9a468fc) 2021-08-17 Caribou Digital
> A large set of impact investor, international donor, and government anti-poverty policy is based on the notion that for-profit companies can be induced to serve the poor with life changing services like banking or schooling but the limits of the for profit model are not always taken into account
* [Layering Digital ID on Top of Traditional Data Management](https://hiplatform.org/blog/2020/5/20/layering-digital-id-on-top-of-traditional-data-management) 2020-05-20 HIP
> While Digital ID could offer benefit to humanitarian agencies and beneficiaries, alike, many questions remain to be answered. The cost effectiveness of ID solutions remains to be established. Given that many of these systems are only operating at pilot-scale, it is difficult to know what the primary drivers of cost are and how they can be mitigated. In addition, the digital ID space is fairly young and while initiatives like ID4D and ID2020 are working to drive meaningful interoperability among providers in the space, it remains to be seen what the most effective factors, in addition to open source software, open APIs, and common data formats, can be used to general meaningful interoperability.
## Marginalized
* [What Companies Can Do Now to Protect Digital Rights In A Post-Roe World](https://www.eff.org/deeplinks/2022/05/what-companies-can-do-now-protect-digital-rights-post-roe-world) 2022-05 Electronic Frontier Foundation
> In a post-Roe world, service providers can expect a raft of subpoenas and warrants seeking user data that could be employed to prosecute abortion seekers, providers, and helpers. They can also expect pressure to aggressively police the use of their services to provide information that may be classified in many states as facilitating a crime.
* [Design From the Margins Centering the most marginalized and impacted in design processes - from ideation to production](https://www.belfercenter.org/sites/default/files/files/publication/TAPP-Afsaneh_Design%20From%20the%20Margins_Final_220514.pdf) 2022-05 Belfer center
> Making technological change positive for all is the critical challenge of our time. We ourselves - not only the logic of discovery and market forces - must manage it. To create a future where technology serves humanity as a whole and where public purpose drives innovation, we need a new approach.
## Refugees
* [Lost and Found: Digital identity Can Be The Difference Between Life And Death For Refugees](https://diacc.ca/2022/09/27/lost-and-found-digital-identity-can-be-the-difference-between-life-and-death-for-refugees/) 2022-09-27 DIACC
> Most Refugees and IDPs did not have the time to properly prepare by gathering all their important documents such as passports, identity cards, drivers licenses, and land titles or rental agreements. Fleeing your home may save your life, but fleeing without identity documents can lead to a very long wait sometimes a decade or more before your life is stable again.
* [Video] [Can Blockchain and Self-Sovereign Identity Systems address the Refugee Crisis](https://www.youtube.com/watch?v=ewMZQoyGxCs) 2022-08-09 ETH Global, Lyonna Lyu
> Zoras Metabolism hackathon is a virtual space for creative experimentation, bringing together some of the worlds best creators from a broad variety of categories and inviting them to design new digital spaces, on-chain tools, artistic experiments and more. Web3 is both one of the biggest paradigm shifts since the advent of the internet age and an ever-evolving inquiry into the societal possibilities of creative technology: no matter if you are a developer, an engineer, an architect, a musician, a theorist or seasoned NFT artist - we invite you to build hyperstructures with us with focus on NFTs, on-chain music ecosystems, a new generation of DAOs and Zoras vast ecosystem of tools and smart contracts.
* [Digital Identity: Enabling dignified access to humanitarian services in migration - PrepareCenter](https://preparecenter.org/resource/digital-identity-enabling-dignified-access-to-humanitarian-services-in-migration/) 2021-06-07 PrepareCenter
> The primary objective of the report is to inform humanitarian organizations working with migrants of the opportunities and risks in the use of digital identities in providing services throughout the migrants journeys.
* [Gravitys work with refugees in Turkey featured in latest report from Oxford Centre for Technology and Development, “Digital Identity: An Analysis for the Humanitarian Sector”](https://medium.com/gravity-earth/case-study-gravitys-work-with-refugees-in-turkey-featured-in-latest-oxford-centre-for-technology-ecb515a18464) 2021-05-25 Gravity Earth
> “Gravitys work is selected as a case study here because their solution included close collaboration with four other organizations from the start. It thus offered a rife example of interoperability challenges associated with digital ID systems, as well as how the same systems may be used to overcome existing coordination challenges. Moreover, Gravity has made more documentation of this project publicly available.”
* [Can digital identity help with the world refugee crisis?](https://securityboulevard.com/2022/05/can-digital-identity-help-with-the-world-refugee-crisis/) 2022-05 SecurityBoulevard
> The first international agreement on how refugees could handle the issue of missing or incomplete identity documents resulted from the Arrangement of 5 July, 1922, which was a meeting of the League of Nations. Among other things, the conference established a uniform [“identity certificate” for Russian refugees](https://www.refworld.org/docid/3dd8b4864.html), between one and two million of whom [had been displaced by various conflicts over the previous decade](https://www.icrc.org/ar/doc/assets/files/other/727_738_jaeger.pdf).
* [Can digital identity help with the world refugee crisis?](https://blog.avast.com/digital-identity-world-refugee-crisis) 2022-05-24 Avast
> At the moment, a lack of documents isnt too much of a hindrance to Ukrainian refugees, who are largely being welcomed in neighboring states. Dr. Dzeneta Karabegovic, PhD, an expert in migration and human rights and a childhood refugee herself, tells Avast that Ukrainians currently dont need a passport in order to get through most borders of the European Union (EU).
* [Blockchain Can Empower Stateless Refugees](https://www.law360.com/technology/articles/1095148/blockchain-can-empower-stateless-refugees) 2018-12-02 Law360
> InternetBar.org Institute, or IBO, a global NGO, developed the idea for a project to pursue these goals, and presented it at the World Justice Forum V in July 2017, in a presentation titled "The Invisibles: Digital Identity for Stateless Refugees." Then, earlier this year, IBO recorded music with top musicians living in refugee camps in eight countries, in order to make these refugees owners of digital assets.
* [Report launch: Identity at the Marginsidentification systems for refugees”](https://medium.com/caribou-digital/report-launch-identity-at-the-margins-identification-systems-for-refugees-69466244fa62) 2018-11-29 Caribou Digital
> For refugees, the current state of humanitarian identity systems presents challenges. Most described having very limited visibility into and agency around the data collected about them by organizations. They were rarely offered the opportunity to exercise control over what data is collected, despite having the capacity and interest to do so. At the same time, many refugees described making active efforts to negotiate the various identities available to them, consciously weighing the benefits and constraints associated with different statuses in order to access services, employment, and to preserve their spatial mobility.
* [Self-Sovereignty for Refugees? The Contested Horizons of Digital Identity](https://www.tandfonline.com/doi/full/10.1080/14650045.2020.1823836) 2020-10-04 Margie Cheesman
> I identify a series of competing logics in the debates around SSIs emancipatory potential, which relate to four issues: (i) the neutrality of the technology, (ii) the capacities of refugees, (iii) global governance and the nation state, and (iv) new economic models for digital identity. SSI is simultaneously the potential enabler of new modes of empowerment, autonomy and data security for refugees and a means of maintaining and extending bureaucratic and commercial power. I situate SSI in a genealogy of systems of identity control and argue that, in practice, it is likely to feed into the powers of corporations and states over refugee populations.
## Projects
* [Opportunities for Integrating Functional Digital ID into Humanitarian Action](https://hiplatform.org/blog/2022/5/18/opportunities-for-integrating-functional-digital-id-into-humanitarian-action) HIP 2022-05-18
@ -116,25 +109,12 @@ published: true
* [Rohingya turn to blockchain to solve identity crisis](https://www.theguardian.com/world/2018/aug/21/rohingya-turn-to-blockchain-to-solve-identity-crisis) 2018-08-21 Guardian
> Dilek Genc, a PhD candidate at the University of Edinburgh who studies blockchain-type applications in humanitarian aid and development, saysif the aid community continues to push innovation using Silicon Valleys creed of “fail fast and often,” and experiment on vulnerable peoples they will be fundamentally at odds with humanitarian principles and fail to address the political roots of issues facing refugees.
## Refugees
* [Lost and Found: Digital identity Can Be The Difference Between Life And Death For Refugees](https://diacc.ca/2022/09/27/lost-and-found-digital-identity-can-be-the-difference-between-life-and-death-for-refugees/) 2022-09-27 DIACC
> Most Refugees and IDPs did not have the time to properly prepare by gathering all their important documents such as passports, identity cards, drivers licenses, and land titles or rental agreements. Fleeing your home may save your life, but fleeing without identity documents can lead to a very long wait sometimes a decade or more before your life is stable again.
* [Video] [Can Blockchain and Self-Sovereign Identity Systems address the Refugee Crisis](https://www.youtube.com/watch?v=ewMZQoyGxCs) 2022-08-09 ETH Global, Lyonna Lyu
> Zoras Metabolism hackathon is a virtual space for creative experimentation, bringing together some of the worlds best creators from a broad variety of categories and inviting them to design new digital spaces, on-chain tools, artistic experiments and more. Web3 is both one of the biggest paradigm shifts since the advent of the internet age and an ever-evolving inquiry into the societal possibilities of creative technology: no matter if you are a developer, an engineer, an architect, a musician, a theorist or seasoned NFT artist - we invite you to build hyperstructures with us with focus on NFTs, on-chain music ecosystems, a new generation of DAOs and Zoras vast ecosystem of tools and smart contracts.
* [Digital Identity: Enabling dignified access to humanitarian services in migration - PrepareCenter](https://preparecenter.org/resource/digital-identity-enabling-dignified-access-to-humanitarian-services-in-migration/) 2021-06-07 PrepareCenter
> The primary objective of the report is to inform humanitarian organizations working with migrants of the opportunities and risks in the use of digital identities in providing services throughout the migrants journeys.
* [Gravitys work with refugees in Turkey featured in latest report from Oxford Centre for Technology and Development, “Digital Identity: An Analysis for the Humanitarian Sector”](https://medium.com/gravity-earth/case-study-gravitys-work-with-refugees-in-turkey-featured-in-latest-oxford-centre-for-technology-ecb515a18464) 2021-05-25 Gravity Earth
> “Gravitys work is selected as a case study here because their solution included close collaboration with four other organizations from the start. It thus offered a rife example of interoperability challenges associated with digital ID systems, as well as how the same systems may be used to overcome existing coordination challenges. Moreover, Gravity has made more documentation of this project publicly available.”
* [Can digital identity help with the world refugee crisis?](https://blog.avast.com/digital-identity-world-refugee-crisis) 2022-05-24 Avast
> At the moment, a lack of documents isnt too much of a hindrance to Ukrainian refugees, who are largely being welcomed in neighboring states. Dr. Dzeneta Karabegovic, PhD, an expert in migration and human rights and a childhood refugee herself, tells Avast that Ukrainians currently dont need a passport in order to get through most borders of the European Union (EU).
* [Blockchain Can Empower Stateless Refugees](https://www.law360.com/technology/articles/1095148/blockchain-can-empower-stateless-refugees) 2018-12-02 Law360
> InternetBar.org Institute, or IBO, a global NGO, developed the idea for a project to pursue these goals, and presented it at the World Justice Forum V in July 2017, in a presentation titled "The Invisibles: Digital Identity for Stateless Refugees." Then, earlier this year, IBO recorded music with top musicians living in refugee camps in eight countries, in order to make these refugees owners of digital assets.
* [Report launch: Identity at the Marginsidentification systems for refugees”](https://medium.com/caribou-digital/report-launch-identity-at-the-margins-identification-systems-for-refugees-69466244fa62) 2018-11-29 Caribou Digital
> For refugees, the current state of humanitarian identity systems presents challenges. Most described having very limited visibility into and agency around the data collected about them by organizations. They were rarely offered the opportunity to exercise control over what data is collected, despite having the capacity and interest to do so. At the same time, many refugees described making active efforts to negotiate the various identities available to them, consciously weighing the benefits and constraints associated with different statuses in order to access services, employment, and to preserve their spatial mobility.
* [Self-Sovereignty for Refugees? The Contested Horizons of Digital Identity](https://www.tandfonline.com/doi/full/10.1080/14650045.2020.1823836) 2020-10-04 Margie Cheesman
> I identify a series of competing logics in the debates around SSIs emancipatory potential, which relate to four issues: (i) the neutrality of the technology, (ii) the capacities of refugees, (iii) global governance and the nation state, and (iv) new economic models for digital identity. SSI is simultaneously the potential enabler of new modes of empowerment, autonomy and data security for refugees and a means of maintaining and extending bureaucratic and commercial power. I situate SSI in a genealogy of systems of identity control and argue that, in practice, it is likely to feed into the powers of corporations and states over refugee populations.
## Business
* [What are the limits of the private sector in serving the poor?](https://medium.com/caribou-digital/what-are-the-limits-of-the-private-sector-in-serving-the-poor-3ee9a9a468fc) 2021-08-17 Caribou Digital
> A large set of impact investor, international donor, and government anti-poverty policy is based on the notion that for-profit companies can be induced to serve the poor with life changing services like banking or schooling but the limits of the for profit model are not always taken into account
* [Layering Digital ID on Top of Traditional Data Management](https://hiplatform.org/blog/2020/5/20/layering-digital-id-on-top-of-traditional-data-management) 2020-05-20 HIP
> While Digital ID could offer benefit to humanitarian agencies and beneficiaries, alike, many questions remain to be answered. The cost effectiveness of ID solutions remains to be established. Given that many of these systems are only operating at pilot-scale, it is difficult to know what the primary drivers of cost are and how they can be mitigated. In addition, the digital ID space is fairly young and while initiatives like ID4D and ID2020 are working to drive meaningful interoperability among providers in the space, it remains to be seen what the most effective factors, in addition to open source software, open APIs, and common data formats, can be used to general meaningful interoperability.
## Biometrics
* [Biometrics in the Humanitarian Sector](https://www.theengineroom.org/wp-content/uploads/2018/03/Engine-Room-Oxfam-Biometrics-Review.pdf) 2018-03 The Engine Room Oxfam

53
_posts/literature/2018-12-19-user-experience.md
View File

@ -1,53 +0,0 @@
---
date: 2018-12-19
title: How would self-sovereign identity work for the user?
excerpt: >
From A gentle introduction to self-sovereign-identity by @antonylewis. A good example of a basic necessary SSI explainer.
You would have an app on a smartphone or computer, some sort of “identity wallet” where identity data would be stored on the hard drive of your device, or with an agent of your choosing, but crucially not stored in a central repository.
Your identity wallet would start off empty with only a self-generated Decentralized identifier (DID).
At this stage, no one else in the world knows about this identification number. No one issued it to you. You created it yourself. It is self-sovereign. The laws of big numbers and randomness ensure that no one else will generate the same identification number as you.
You then use this identification number, along with your identity claims, and get attestations from relevant authorities.
layout: single
toc: false
permalink: /literature/self-sovereign-identity/user-experience/
canonical_url: 'https://bitsonblocks.net/2017/05/17/gentle-introduction-self-sovereign-identity/'
redirect_from:
- self-sovereign-identity/user-experience
- self-sovereign-identity/user-experience/
categories: ["Literature"]
tags: ["Literature","Self Sovereign Identity","notes"]
last_modified_at: 2019-07-08
published: true
---
From [A gentle introduction to self-sovereign-identity](https://bitsonblocks.net/2017/05/17/gentle-introduction-self-sovereign-identity/) by [@antonylewis](https://github.com/antonylewis). A good example of a basic necessary SSI explainer.
You would have an app on a smartphone or computer, some sort of “identity wallet” where identity data would be stored on the hard drive of your device, or with an agent of your choosing, but crucially not stored in a central repository.
Your identity wallet would start off empty with only a self-generated Decentralized identifier (DID).
At this stage, no one else in the world knows about this identification number. No one issued it to you. You created it yourself. It is self-sovereign. The laws of big numbers and randomness ensure that no one else will generate the same identification number as you.
You then use this identification number, along with your identity claims, and get attestations from relevant authorities.
You can then use these attested claims as your identity information.
Claims would be stored by typing text into standardised text fields, and saving photos or scans of documents.
Proofs would be stored by saving scans or photos of proof documents. However this would be for backward compatibility, because digitally signed attestations remove the need for proofs as we know them today.
Attestations and heres the neat bit would be stored in this wallet too. These would be machine readable, digitally signed pieces of information, valid within certain time windows. The relevant authority would need to sign these with digital signatures for example, passport agencies, hospitals, driving licence authorities, police, etc.
Need to know, but not more: Authorities could provide “bundles” of attested claims, such as “over 18”, “over 21”, “accredited investor”, “can drive cars” etc, for the user to use as they see fit. The identity owner would be able to choose which piece of information to pass to any requester. For example, if you need to prove you are over 18, you dont need to share your date of birth, you just need a statement saying you are over 18, signed by the relevant authority.
Sharing this kind of data is safer both for the identity provider and the recipient. The provider doesnt need to overshare, and the recipient doesnt need to store unnecessarily sensitive data for example, if the recipient gets hacked, they are only storing “Over 18” flags, not dates of birth.
Even banks themselves could attest to the person having an account with them. We would first need to understand what liability they take on when they create these attestations. I would assume it would be no more than the liability they currently take on when they send you a bank statement, which you use as a proof of address elsewhere.
Data sharing
Data would be stored on the persons device (as pieces of paper are currently stored at home today), and then when requested, the person would approve a third party to collect specific data, by tapping a notification on their device, We already have something similar to this if you have ever used a service by “linking” your Facebook or LinkedIn account, this is similar but instead of going to Facebooks servers to collect your personal data, it requests it from your phone, and you have granular control over what data is shared.

7
_posts/topics/2018-12-21-self-sovereign-identity.md
View File

@ -10,13 +10,11 @@ redirect_from:
- /literature/self-sovereign-identity/
- /self-sovereign-identity
- /self-sovereign-identity/
categories: ["Literature"]
categories: ["Topics"]
tags: ["Self Sovereign Identity","Laws of Identity","Literature","RWoT","IIW","Learning Machine","Sovrin Foundation","Evernym"]
last_modified_at: 2023-06-22
---
<center><img src="{{ site.baseurl }}/images/sovereign-id-wide.webp"/></center>
## About Self Sovereign Identity
* [Video] [Exploring the Decentralized Web, Episode 4: Digital Identity](https://www.youtube.com/watch?v=jm8y56KMkIw) 2022-01-05 Filecoin Foundation
> Episode 4 explores the relationship between authentication and authorization, the rise of single sign-on platforms, and the advantages of and use cases for self-sovereign identity. Guests include Brian Behlendorf, Rainey Reitman, Danny O'Brien, Sarah Friend, Wendy Hanamura, Andrew Hill, and Brad Kam.
@ -100,6 +98,8 @@ last_modified_at: 2023-06-22
> - [Part 4: Why every company is an identity company](https://medium.com/global-id/globalid-101-every-company-is-an-identity-company-a851beed999d) 2022-08-16
* [Trusted Third Parties vs Self-Sovereign Identity](https://academy.affinidi.com/trusted-third-parties-vs-self-sovereign-identity-4e96de929b1b) 2021-12-30 Affinidi
> All of us have [multiple identities](https://academy.affinidi.com/what-links-identity-and-vcs-together-across-applications-9523af3884a9) at any point. We are sons, daughters, brothers, sisters, parents, partners, friends, colleagues, and more to different people.
* [Selective Disclosure: Share Just What You Want](https://academy.affinidi.com/selective-disclosure-share-what-you-want-8ae367655b7b) 2021-08-02 Affinidi
> In the context of SSI, selective disclosure is best implemented through [verifiable credentials](https://academy.affinidi.com/what-are-verifiable-credentials-79f1846a7b9) where the user has separate credentials for each piece of information such as his/her date of birth, full name, vaccination details, address, passport number, etc.
* [Self-Sovereign Identity: What You Can/Cant Do With SSI?](https://academy.affinidi.com/self-sovereign-identity-what-you-can-cant-do-with-ssi-1284f7227b4e) 2021-06-24 Affinidi
> it gives complete control and ownership of data to the individual entities as they can decide what data to share and with whom.
>
@ -138,7 +138,6 @@ The Models: Space Time • Presentation • Attribute • Relationship • Capab
* [How Decentralized Identifiers Will Shape the Future of Identity](https://hackernoon.com/how-decentralized-identifiers-will-shape-the-future-of-identity-iam3w9g) 2020-11-09 HackerNoon
> Hackers value personal information the most. 96% of hacking groups primary motive is intelligence gathering. Researchers at privacy website PrivacyAffairs.com found that you can obtain a person's full identity for the low price of $1,275.
## Literature
* [WhitePaper] [Self Sovereign Identity](https://www.blockchainresearchinstitute.org/project/self-sovereign-identity) 2022-05-10 Phil Windley, Blockchain Research Institute

93
_posts/topics/2023-06-22-user-experience.md Normal file
View File

@ -0,0 +1,93 @@
---
title: User Experience and Self Sovereign Identity
excerpt: >
Lack of great user experiences is often raised as one of decentralized identitys (and public blockchains) missing ingredients for ubiquitous adoption. However to arrive at usable experiences across the industry, we first need to reach consensus around basic user personas and mental models, then design and build interoperable system accordingly.
description: the mere fact of building such a verifiable and traceable architecture does not automatically translate into understandable communications
layout: single
toc: true
toc_sticky: true
permalink: /topic/user-experience/
canonical_url: 'https://decentralized-id.com/topic/user-experience/'
redirect_from:
- /literature/self-sovereign-identity/user-experience/
- self-sovereign-identity/user-experience
- self-sovereign-identity/user-experience/
categories: ["Topics"]
tags: ["User Experience"]
last_modified_at: 2023-06-23
published: true
---
## General
* [Identity and Consistent User Experience](https://www.windley.com/archives/2021/11/identity_and_consistent_user_experience.shtml) 2021-11 Phil Windley
> There's a saying in security: "Don't roll your own crypto." I think we need a corollary in identity: "Don't roll your own interface." But how do we do that? And what should the interface be? One answer is to adopt the user experience people already understand from the physical world: connections and credentials.
* [Fluid Multi-Pseudonymity](https://www.windley.com/archives/2021/09/fluid_multi-pseudonymity.shtml) 2021-09-07 Windley
> Fluid multi-pseudonymity perfectly describes the way we live our lives and the reality that identity systems must realize if we are to live authentically in the digital sphere.
* [Humanizing PoSSI- Human-centric structure of the Principles of SSI](https://iiw.idcommons.net/21M/_Humanizing_PoSSI-_Human-centric_structure_of_the_Principles_of_SSI) 2021-05-06 Line Kofoed
> 1. [Line] Welcome and introductions; background information around how this topic is important to discuss
> 2. Principles of SSI - [https://sovrin.org/principles-of-ssi/](https://sovrin.org/principles-of-ssi/)
> 3. Sovrin Foundation is working on Sovrin Utility GF and the Sovrin Ecosystem GF
> 4. Work on the SEGF led to reviewing how we define an ecosystem (see slide for definition) → identity ecosystem for identity services
> 5. The approach to grouping the 12 principles are intended to enable better understanding as digital trust ecosystems grow
> 6. Ecosystem of ecosystems will need a foundational set of values and principles and the PoSSI
> 7. [Sterre] It is good to have the order the principles to help better understanding
> 8. [Drummond] additional supplementary material to help laypersons understand the PoSSI better
> 9. [Alex] is the original sequence/numbering sufficient and complete?
> 10. [Chris] the grouping is more important for the SEGF
> 11. [please join Sovrin meetings]
* [Bringing User-Centricity to Decentralized Identity](https://www.youtube.com/watch?v=UnWsu1gCe9k) 2021-08-01 Nat Sakimura KuppingerCole
> Raj Hegde sits with identity veteran, Nat Sakimura - Chairman of OpenID Foundation to understand how user-centric learnings from existing authentication protocols can be applied to future identity initiatives.
* [How humans understand identity](https://medium.com/universal-identity/how-humans-understand-identity-367200ae9591) 2021-07-09 Universal Identity
> Lack of great user experiences is often raised as one of decentralized identitys (and public blockchains) missing ingredients for ubiquitous adoption. However to arrive at usable experiences across the industry, we first need to reach consensus around basic user personas and mental models, then design and build interoperable system accordingly.
## Relationships
* [Are Transactional Relationships Enough?](https://www.windley.com/archives/2022/03/are_transactional_relationships_enough.shtml) 2022-03 Phil Windley
> Our online relationships are almost all transactional. A purely transaction digital life can't feel as rich and satisfying as one based on interactional relationships. As more of our relationships are intermediated by technology, finding ways to support interactional relationships will allow us to live authentic digital lives.
* [Backchannel: A relationship-based digital identity system](https://www.inkandswitch.com/backchannel/) 2021-09 Ink and Switch
> Using Backchannel as a model example, we propose four design principles for trusted digital relationships. Then we used Backchannel to design and build three sample apps: chat, location sharing, and document preview. We also tested these designs with journalists, researchers, and designers. Based on this testing, we outline common user experience challenges and recommended solutions.
* [Authentic Digital Relationships](https://www.windley.com/archives/2020/08/authentic_digital_relationships.shtml) 2020-08 Phil Windley
> Self-sovereign identity (SSI) systems offers an alternative model that supports richer relationships. Rather than provisioning identifiers and accounts in an administrative system where the power imbalance assures that one party to the relationship can dictate the terms of the interaction, SSI is founded on peer relationships that are co-provisioned by the exchange of decentralized identifiers. This architecture implies that both parties will have tools that speak a common protocol.
* [Relationships and Identity](https://www.windley.com/archives/2020/07/relationships_and_identity.shtml) 2020-07 Phil Windley
> We build digital identity systems to create and manage relationships—not identities.
## Design
* [More security does not have to mean less user-friendliness](https://background.tagesspiegel.de/cybersecurity/mehr-sicherheit-muss-nicht-weniger-nutzerfreundlichkeit-bedeuten) 2022-06-05 Martin Kuppinger, Tagesspiegel
> The passwords that have been declared dead are far from dead. Nevertheless, the way in which users authenticate themselves is changing towards more security and convenience.
* [How Might we Design Consent Experiences for Data Sharing?](https://www.youtube.com/watch?v=bGgV2Ffnczg) 2022-05-27 ToIP HXWG Arianna Rossi, Xengie Doan, Interdisciplinary Center for Security, Reliability and Trust (SnT) at the University of Luxembourg
> The complex ecosystem where manifold transactions can be automatically enabled by smart contracts contributes, at least in principle, to establish greater transparency about data use towards the many parties involved. However, the mere fact of building such a verifiable and traceable architecture does not automatically translate into understandable communications, easily applicable instructions and smooth transactions for human beings.
* [Tap and Prove](https://www.linkedin.com/pulse/tap-prove-stephen-wilson/) 2021-07-15 Stephen Wilson
> We should be able to “tap and prove” any important fact and figures about ourselves as easily as we tap and pay with a mobile phone at any one of 100s of millions of terminals globally.
* [Disability-inclusive ID Systems](https://blogs.worldbank.org/voices/access-agency-and-empowerment-through-disability-inclusive-id-systems) 2020-12-09 World
> Creating an inclusive ID system requires a comprehensive, whole-of-system approach to overcome barriers to ID enrollment and use for persons with disabilities.
* [EPS for SSI (Self-Sovereign Identity)](https://medium.com/@kokumai/eps-for-ssi-self-sovereign-identity-8c742e2b1d02) 2020-08-15 Hitoshi Kokumai
> you might be interested to hear that the core of EPS is designed to convert images to high-entropy codes, which work as very long passwords and also as the seeds of symmetric or asymmetric cryptographic keys.
* [Falsehoods Programmers Believe About Names - With Examples](https://shinesolutions.com/2018/01/08/falsehoods-programmers-believe-about-names-with-examples/) 2018-01-08 Shine Solutions Group
> In this post Im going to list all 40 of Patricks original falsehoods, but give you an example (or two) drawn from my experiences working in this space. Ready? Lets go!
>
> 1. People have exactly one canonical full name.
> 2. People have exactly one full name which they go by.
## Trust
* [An Introduction to Digital Trust](https://northernblock.io/verifiable-credentials/introduction-to-digital-trust/) 2021-09-06 Northern Block
> whats the purpose of SSI? Its about enabling Digital Trust (which is quickly becoming an integral part of digital transformation for organizations).
* [Will users and organizations have trust in keys roaming via the cloud?](https://www.kuppingercole.com/events/eic2022/blog/will-users-and-organizations-have-trust-in-keys-roaming-via-the-cloud) 2022-05-12 Kuppinger Cole EIC2022
> the FIDO Alliance, a set of open, scalable, and interoperable specifications has been developed to replace passwords as a secure authentication method for online services. The alliance has also worked with companies such as [Microsoft](https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless), [Google](https://cloud.google.com/blog/products/identity-security/protect-gce-vms-with-managed-fido-security-keys), and [Apple](https://fidoalliance.org/expanded-support-for-fido-authentication-in-ios-and-macos/)  to integrate and adopt FIDO standards across their operating systems.
## Consumer Research
* [People Dont Understand the Purpose of Privacy Policies and Terms of Service  New Research Published](https://me2ba.org/people-dont-understand-the-purpose-of-privacy-policies-and-terms-of-service-new-research-published/) Me2B Alliance ([Report](https://me2ba.org/spotlight-report-5-me2b-alliance-validation-testing-report-consumer-perception-of-legal-policies-in-digital-technology/)
> - Consumers are aware that legal policies exist on connected technologies and that they should read them, but they continue to choose to largely ignore them.
> - 55% of survey participants did not understand that a TOS/TOU agreement is a legal contract. This has significant implications because a key requirement for legally binding contracts is mutual assent, which means that both parties have a “meeting of the minds” and must understand theyre entering into a contract.
> - None of the interview participants were aware of tools that explain or rate privacy policies and TOS/TOU documents, and half said that a score would not change their behavior.
> - 66% of survey respondents believe that privacy policies protect the business, while 50% say they protect the consumer. Its questionable that privacy policies protect either the individual or the business, as they are primarily legal notices, disclosures of how data is used by the technology and the companies behind it. Moreover, 39% of respondents erroneously thought that the privacy policy was a contract [between them and the company].
### Location Tracking
* [Most People Feel Negatively About Location Tracking in Websites and Apps](https://me2ba.org/most-people-feel-negatively-about-location-tracking/) 2021-11-16 Me2Ba
> The Spotlight Report, “[Consumer Sensitivity to Location Tracking by Websites and Mobile Apps](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/)”, was developed to validate the Location Commitment scoring criteria in the [Me2B Alliance Validation Research: Consumer Sensitivity to Location Tracking by Websites and Mobile Apps](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/)
* [What is Respectful Use of Location Information? New Me2BA Reearch](https://me2ba.org/what-is-respectful-use-of-location-information-new-me2ba-research-published/) 2021-11-22 Me2B
> As weve been performing independent product audits over the past year and a half, we received some push-back on our passing criteria related to the automatic translation of IP address to geographic location. Vendors felt that automatically calculating the users geographical location was, in fact, a benefit. However, in our specification, that behavior will receive a failing score. At an impasse, we decided to conduct some validation testing with Me-s.
* [“Spotlight Report #3: Consumer Sensitivity to Location Tracking by Websites and Mobile Apps”](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/) 2021-11-16 Me2B
> This research quantifies and qualifies public opinion of location tracking in a variety of different contexts within web and mobile technology.
* [Do Consumers Even Want Personalized Ads?](https://anonyome.com/2021/06/do-consumers-even-want-personalized-ads/) 2021-06 Anonyme
> The [YouGov](https://www.globalwitness.org/en/blog/do-people-really-want-personalised-ads-online/) poll of consumers in France and Germany we mentioned earlier says its the [behind the scenes](https://mysudo.com/2021/02/beware-the-dark-patterns-trying-to-steal-your-data/) or back door nature of personalization that gives people the creeps.
* [Only 5% Of US Consumers Want To Be Tracked For Ads](https://anonyome.com/2021/05/only-5-of-us-consumers-want-to-be-tracked-for-ads/) 2021-05 Anonyme
> That means 95% of US consumers are saying no way to cross-app tracking with Apples new [App Tracking Transparency](https://anonyome.com/2021/05/apples-new-att-and-why-facebook-is-hitting-back-hard/) (ATT) feature.

78
unsorted/topics/architecture.md → _posts/topics/2023-06-23-architecture.md
View File

@ -1,10 +1,22 @@
# System Architecture
---
title: System Architecture and Self Sovereign Identity
excerpt: >
In chaotic systems such as those that the discipline of physics seeks to describe, there is also the concept of the “self-organizing principle,” which dictates a tendency for chaotic systems to organize themselves. While this might be a tendency in physics, organization usually needs a nudge in the right direction in the identity world.
description: Authentication and authorization both fall under identity and access management (IAM) but serve different purposes.
layout: single
toc: false
permalink: /topic/architecture/
canonical_url: 'https://decentralized-id.com/topic/architecture/'
categories: ["Topics"]
tags: ["Architecture"]
last_modified_at: 2023-06-23
---
* [Centralized\Federated vs Self Sovereign](https://twitter.com/dominiumssi/status/1564188374529081345) 2022-08-29 dominiumssi
> Anyone who wants to understand DID and Self Sovereign Identity should begin by understanding the graph below. We are shifting the power from the companies to the users. That's it in a nutshell.
> ![](https://pbs.twimg.com/media/FbUcnNNacAAUnAs?format=png&name=small)
* [Good Welfare, Bad Platforms?: The Risks of Centralized Digital Identity Systems](https://points.datasociety.net/good-welfare-bad-platforms-d65b412d962e) 2022-02-02 OpenID
> As S. Shakthi and I noted in a recent [research paper](https://journals.openedition.org/samaj/6279), digital identity systems are widely seen as datafiers by virtue of their core property of reducing the person to machine-readable data. A datafier is a system that performs the crucial operation of converting the physical into digital. A different, contrasting view is also emerging in research: digital identity systems are increasingly seen as platforms, i.e. “technological building blocks” on which different types of complements can be constructed.
* [Identity management is key to increasing security, reducing fraud and developing a seamless customer experience](https://identitypraxis.com/2022/01/07/identity-management-is-key-to-increasing-security-reducing-fraud-and-developing-a-seamless-customer-experience/) 2022-01-07 Identity Praxis
> - Identity management is an iterative process with three core elements initial identification, authentication (re-identifying the individual) and verification (ensuring the individual is who they claim to be)
> - Enterprises employ a vast array of technologies to execute these processes which are growing in scope and complexity
> - Understanding why identity management is necessary to enterprises and how this creates opportunities for vendors
* [Leveraging the Identity Metasystem](https://www.windley.com/archives/2021/12/leveraging_the_identity_metasystem.shtml) 2021-12 Phil Windley
> the [metasystem guarantees the fidelity of the credential exchange](https://www.windley.com/archives/2021/06/ssi_interaction_patterns.shtml). Credential fidelity comprises four important attributes. Credential exchange on the identity metasystem:
>
@ -12,15 +24,23 @@
> 2. Ensures the credential was issued to the party presenting it
> 3. Ensures the credential has not been tampered with
> 4. Reveals whether or not the credential has been revoked
* [Token-Based Identity](https://www.windley.com/archives/2021/10/token-based_identity.shtml) 2021-10 Windley
* [Token-Based Identity](https://www.windley.com/archives/2021/10/token-based_identity.shtml) 2021-10 Phil Windley
> Token-based identity systems move us from talking about who, to thinking about what, so that people can operationalize their digital lives. Token-based identity systems support complex online interactions that are flexible, ad hoc, and cross-domain.
* [Your User is Your API](https://www.evernym.com/blog/your-user-is-your-api/) 2021-05-17 Evernym
> The customer becomes the integration point. The customer is the API. Rather than having one huge, expensive, and probably illegal data hub, every customer becomes a data hub in their own right. They provide the data needed, just-in-time, under their control.
* [The Unbundling of Authentication vs Authorization - What You Need to Know](https://www.pingidentity.com/en/company/blog/posts/2021/authentication-vs-authorization.html) 2021-09-08 Ping Identity
> Authentication and authorization are both processes that fall under the category of [identity and access management (IAM)](https://www.pingidentity.com/en/company/blog/posts/2017/what-is-identity-and-access-management-iam.html), but they serve different purposes.
* [To Better Understand Digital Identity, Look to Physics](https://www.pingidentity.com/en/company/blog/posts/2021/digital-identity-physics.html) 2021-05-17 Ping
> In chaotic systems such as those that the discipline of physics seeks to describe, there is also the concept of the “self-organizing principle,” which dictates a tendency for chaotic systems to organize themselves. While this might be a tendency in physics, organization usually needs a nudge in the right direction in the identity world. Proper attention to requirements and a good change control process are a crucial part of the equation.
* [The SSO Practitioners Introduction to Decentralized Identity](https://www.pingidentity.com/en/resources/blog/post/sso-practitioners-introduction-decentralized-identity.html)
* [The Buzz Behind Zero Trust](https://stateofidentity.libsyn.com/zero-trust-architecture) 2021-10-21 State of Identity
> The Zero Trust model is the belief that no one should be trusted from inside or outside your network, until their identity has been verified. Zero trust refers to the alignment of maturing identity practices, an established understanding of user behaviors, and the application of least-privilege access security policy decisions to trust boundOaries
* [What Is Zero Trust?](https://www.pingidentity.com/en/company/blog/posts/2021/what-is-zero-trust.html) 2021 Ping
> 1. The network is always assumed to be hostile.
> 2. External and internal threats exist on the network at all times.
> 3. Network locality is not sufficient for deciding trust in a network.
> 4. Every device, user and network flow is authenticated and authorized.
> 5. Policies must be dynamic and calculated from as many sources of data as possible.
* [Compare and Contrast — Federated Identity vs Self-sovereign Identity](https://academy.affinidi.com/compare-and-contrast-federated-identity-vs-self-sovereign-identity-227a85cbab18) 2021-04-26 Affinidi
> The next step was a federated form of identity where third parties issued digital identity credentials using which users could log into other websites or services. Typically, these were your Google and Facebook logins. In the process, these third parties that issued federated identities became the middlemen.
* [The SSO Practitioners Introduction to Decentralized Identity](https://www.pingidentity.com/en/resources/blog/post/sso-practitioners-introduction-decentralized-identity.html) 2020-10-13
*Written for IAM professionals familiar with federations.*
> In most self-sovereign and decentralized identity systems the trust model is fundamentally unidirectional, where a verifier will trust the issuer, but the issuer may have no knowledge of the verifier.
* [The Architecture of Identity Systems](https://www.windley.com/archives/2020/09/the_architecture_of_identity_systems.shtml) 2020-09 Phil Windley
@ -28,43 +48,11 @@
> - Administrative
> - Algorithmic
> - Autonomic
* [Authentic Digital Relationships](https://www.windley.com/archives/2020/08/authentic_digital_relationships.shtml) 2020-08 Phil Windley
> Self-sovereign identity (SSI) systems offers an alternative model that supports richer relationships. Rather than provisioning identifiers and accounts in an administrative system where the power imbalance assures that one party to the relationship can dictate the terms of the interaction, SSI is founded on peer relationships that are co-provisioned by the exchange of decentralized identifiers. This architecture implies that both parties will have tools that speak a common protocol.
* [Self-Sovereign vs Administrative Identity](http://blogs.harvard.edu/vrm/2012/03/25/ssi/) 2012-03-25 Doc Searls
> The problem Im trying to surface here is that we need full respect for self-sovereign identities, and identifiers, before we can solve the problem of highly fractured and incompatible administrative identifiers — a problem that has only become worse with the growth of the Web, where by design we are always the submissive and dependent party: calves to administrative cows.
* [Fluid Multi-Pseudonymity](https://www.windley.com/archives/2021/09/fluid_multi-pseudonymity.shtml) 2021-09-07 Windley
> Fluid multi-pseudonymity perfectly describes the way we live our lives and the reality that identity systems must realize if we are to live authentically in the digital sphere.
* [What Is Zero Trust?](https://www.pingidentity.com/en/company/blog/posts/2021/what-is-zero-trust.html) Ping
> 1. The network is always assumed to be hostile.
> 2. External and internal threats exist on the network at all times.
> 3. Network locality is not sufficient for deciding trust in a network.
> 4. Every device, user and network flow is authenticated and authorized.
> 5. Policies must be dynamic and calculated from as many sources of data as possible.
* [What's the difference between identification, authentication and authorization?](https://twitter.com/doerkadrian/status/1397566626405421060) 2021-05-26 Adrian Doerk
> - Identification: Who are you?
> - Authentication: Is it you again?
> - Authorization: What rights do I want to grant you?
* [Centralized\Federated vs Self Sovereign](https://twitter.com/dominiumssi/status/1564188374529081345) dominiumssi
* [Never mind who I am, ask me about my credentials](https://www.linkedin.com/pulse/never-mind-who-i-am-ask-me-my-credentials-john-phillips/) 2020-02-09 John Phillips
> Many (most) identity systems make a fundamental assumption that is built into their very architecture. This assumption creates three significant problems: privacy erosion; toxic data stores; and poor security.
* [Decentralized Identity Trilemma](https://maciek.blog/p/dit) 2018-08-13 Maciek Laskus
> 1. Self-sovereignty — anybody can create and control as many identities1 as they wish without 3rd party involvement.
> 2. Privacy-preserving — one can acquire and utilize an identifier without revealing their real name or other personality identifying information.
> 3. Sybil-resistant — identity is subject to scarcity; i.e., creating more identifiers cannot be used to manipulate a system2.
## Related
* [Understanding Digital Credentials](https://www.bcdiploma.com/en/blog/understanding-digital-credentials-21-05-12) BCdiploma
> We are freeing ourselves from the management of “data hash” which leads to a centralization or complexification of verification procedures. This makes our solution new compared to traditional blockchain applications on the market.
* [DIGITAL SOVEREIGNTY](https://twit.tv/shows/floss-weekly/episodes/628) 2021-05-05 Doc Searls, Aaron Newcomb FLOSS WEEKLY
> Dr. Andre Kudra of esatus.com discusses SSI, or Self-Sovereign Identity. It's a hot and fast-moving topic with a growing base of hackers, companies, nonprofits, and whole states, provinces and countries. Aaron Newcomb and Doc Searls probe Andre for lots of great intelligence about how SSI puts individuals in full charge of how they present minimized ID credentials safely, and inside a whole new framework. They also talk with Andre about his involvement with the demoscene and retro computing, which are especially huge in Europe. It's a great discussion on this episode of FLOSS Weekly.
* [An Introduction to Digital Trust](https://northernblock.io/verifiable-credentials/introduction-to-digital-trust/) 2021-09-06 Northern Block
> whats the purpose of SSI? Its about enabling Digital Trust (which is quickly becoming an integral part of digital transformation for organizations).
* [Badges and Credentials A new currency for the digital world?](https://www.speexx.com/speexx-resources/podcast/podcast-badges-credentials) 2021-11-12 Speexx Exchange
> Listen to this episode for an entertaining deep dive into the topic of badges and credentials, as Donald Taylor sits down with Dr. Doug Belshaw to discuss the importance, various fields of application
* [Passwordless Authentication Everything You Need to Know](https://imageware.io/passwordless-authentication/) 2021-11-12 Imageware
> When it comes to authentication, passwords were once the safest and most used methods of authentication
* [The Buzz Behind Zero Trust](https://stateofidentity.libsyn.com/zero-trust-architecture) 2021-10-21 State of Identity
> The Zero Trust model is the belief that no one should be trusted from inside or outside your network, until their identity has been verified. Zero trust refers to the alignment of maturing identity practices, an established understanding of user behaviors, and the application of least-privilege access security policy decisions to trust boundOaries
* [Compare and Contrast — Federated Identity vs Self-sovereign Identity](https://academy.affinidi.com/compare-and-contrast-federated-identity-vs-self-sovereign-identity-227a85cbab18) Affinidi
* [Levels of information architecture](https://reb00ted.org/tech/20220815-levels-of-information-architecture/) 2022-08-15 reb00ted
> So I propose this outermost framework to help us think about how to interact with shared information environments
* [Never mind who I am, ask me about my credentials](https://www.linkedin.com/pulse/never-mind-who-i-am-ask-me-my-credentials-john-phillips/) John Phillips
> Many (most) identity systems make a fundamental assumption that is built into their very architecture. This assumption creates three significant problems: privacy erosion; toxic data stores; and poor security.
* [Self-Sovereign vs Administrative Identity](http://blogs.harvard.edu/vrm/2012/03/25/ssi/) 2012-03-25 Doc Searls
> The problem Im trying to surface here is that we need full respect for self-sovereign identities, and identifiers, before we can solve the problem of highly fractured and incompatible administrative identifiers — a problem that has only become worse with the growth of the Web, where by design we are always the submissive and dependent party: calves to administrative cows.

81
_posts/topics/2023-06-23-ethics-rights-sovereignty.md Normal file
View File

@ -0,0 +1,81 @@
---
title: "Ethics, Human Rights, Sovereignty and Self Sovereign Identity"
excerpt: >
In a world that is becoming more digital, it is relevant to find some guidelines for organizations to design digital identity more ethically. A universal identity system on the internet is still missing and there are no clear standards for organizations to design digital identity.
description: "concept of individual control over identity relevant private data"
layout: single
toc: true
toc_sticky: true
permalink: /topic/ethics-rights-sovereignty/
canonical_url: 'https://decentralized-id.com/topic/ethics-rights-sovereignty/'
categories: ["Topics"]
tags: ["Ethics","Human Rights","Sovereignty"]
last_modified_at: 2023-06-23
---
## Ethics
* [Pro-social behaviours](https://en.wikipedia.org/wiki/Prosocial_behavior) 2023-06-14 Wikipedia  
> those intended to benefit others, or society as a whole — for example, helping, sharing, donating, co-operating, and volunteering. Within a community, theyre the behaviours that make it an attractive space to belong to, and which encourage its growth and/or development. Its a central part of the value cycles that underpin the Communities of Practice model.
* [Radical generosity](https://provocations.darkmatterlabs.org/radical-generosity-8063d9edc3aa) 2022-08-31 Dark Matter
> Could we establish an alternative market economy, one that is structured around a distinct set of principles centred on care, trust, generosity, the importance of collective intelligence and deep sets of relationships; what would fall away and what would remain in place?
* [Measuring the Ethical Behavior of Technology](https://me2ba.org/measuring-the-ethical-behavior-of-technology/) 2021-08-12 Me2bAlliance
> This session will share the results and learnings of the creation and development of an ethical “yardstick” for respectful technology, including its application to websites and mobile apps. The speakers will also explore learnings from everyday people in the validation research around the certification mark as well as share recommendations for tech makers.
* [Me2B Alliance Safe & Respectful Technology Specification](https://me2ba.org/flash-guide-2-what-is-the-me2b-respectful-tech-specification/) 2021-07-21 Me2B
> The specification, produced by the Me2B Alliances Respectful Tech Spec Working Group, is designed to provide a standard for measuring safe and ethical behavior in connected technology.
* [literature] [Ethical Design of Digital Identity Environmental Implications from the Self-Sovereign Identity Movement](https://theses.ubn.ru.nl/items/5afb03ab-7a90-4303-909b-4934295859f8) 2021-06 Sanne Glastra
> In a world that is becoming more digital, it is relevant to find some guidelines for organizations to design digital identity more ethically. A universal identity system on the internet is still missing and there are no clear standards for organizations to design digital identity. With this research, knowledge and insights have been obtained to advance organizations to design digital identity more ethically. A contribution has been made by proposing the conditions to enable improvements for a more ethical design.
* [Sovereignty, privacy, and ethics in blockchainbased identity management systems](https://link.springer.com/content/pdf/10.1007/s10676-020-09563-x.pdf) 2020-11-30 Georgy Ishmaev
> It is argued that self-sovereignty in this context can be understood as the concept of individual control over identity relevant private data, capacity to choose where such data is stored, and the ability to provide it to those who need to validate it.
* [NO NEED FOR SUPERHUMANS!: A practical guide to ethics in socio-technical systems design](https://trustoverip.org/blog/2022/03/18/no-need-for-superhumans/) TOIP 2022-03-18
> Of course we are not as Albert Camus once said, wild beasts loosed upon this world, all of us have a moral compass and a sense of what is right and wrong, no-one intends for their product or service to cause harm. Neither are we superhuman, able to always understand the perspectives of all stakeholders or foresee the consequences of every cool feature or elegant line of code, nor indeed can we forecast how our products and services will be used for good or ill. Lisa called on all of us to remember that “technology is not a product, but a system”, and gave us practical steps to help us tap into our innate moral compass and design for those systems with the human experience and human flourishing at its heart.
- summary and video [on our Wiki](https://wiki.trustoverip.org/display/HOME/1.+Dear+Human%2C+The+Future+Needs+You.++Practical+Ethics+with+Digital+Sociologist%2C+Lisa+Talia-Moretti) or [YouTube](https://www.youtube.com/watch?v=Xmnnj82wpTM&t=20s
- Lisas Ted Talk, [Technology is not a product, its system](https://www.ted.com/talks/lisa_talia_moretti_technology_is_not_a_product_it_s_a_system)
- [HXWG Expert Series Summary](https://wiki.trustoverip.org/display/HOME/Expert+Series) including video of Lisas talk
- [A SocioTechnical Process for Researchers, Designers and Creators](https://bit.ly/sociotechprocess)
- The [responsible tech guide](https://atih.responsibletechguide.com/introduction) is full of useful links and insights
- [Ethics for Designers also has practical tools](https://www.ethicsfordesigners.com/tools)
* [FRIDAS principles to guide data and technology](https://youngfeministfund.org/wp-content/uploads/2020/07/FRIDAS-TECH-AND-DATA-PRINCIPLES.pdf) 2020-07 Young Feminist Fund
> The tech we use should be responsive to and responisble with the climate, environment crises of our time. Frida advocates for the use and creation of volence-free technologies putting first the care of our territories and bodies
* [FRIDA Happiness Manifesto](https://youngfeministfund.org/wp-content/uploads/2019/06/Happiness-Manifestx-web.pdf) Young Feminist Fund
* [We Should Embrace the Ethical Implementation of Digital Identity](https://www.continuumloop.com/embrace-the-ethical-implementation-of-digital-identity/) 2022-03-22 Continuum Loop
> Maybe its because of the nature of my job in decentralized identity consulting, but lately, Ive been seeing a lot of conspiracy theories on social media about Self-Sovereign Identity (SSI). People criticize the way its being implemented and warn about the negative consequences it will have. Its almost as if people dont realize that organizations are already monitoring and influencing us and that Google and social media algorithms have been instrumental in this.
## Sovereignty
* [The railroad of (no) choice](https://www.mydigitalfootprint.com/2021/07/the-railroad-of-no-choice.html) 2021-07 MyDigitalFootprint
> - to force something to be officially approved or accepted without much discussion or thought.
> - to force someone into doing something quickly, usually without enough information.
* [A Deep-Dive on Digital Self-Determination](https://medium.com/berkman-klein-center/a-deep-dive-on-digital-self-determination-368c48d87705) 2021-05-26 Berkman Klein
> Questions of control over personal data were a cross-cutting theme throughout a [Research Sprint](https://cyber.harvard.edu/story/2021-03/research-sprint-examines-digital-self-determination-increasingly-interconnected-world) co-hosted by the [Berkman Klein Center for Internet & Society](http://cyber.harvard.edu) and [Digital Asia Hub](https://www.digitalasiahub.org/). The Sprint also examined other important dimensions of self-determination in the digitally networked world, for instance, self-expression and participation in civic life and the digital economy, or relationship-building and well-being, to name just a few application areas.
* [DIGITAL SOVEREIGNTY](https://twit.tv/shows/floss-weekly/episodes/628) 2021-05-05 Doc Searls, Aaron Newcomb FLOSS WEEKLY
> Dr. Andre Kudra of esatus.com discusses SSI, or Self-Sovereign Identity. It's a hot and fast-moving topic with a growing base of hackers, companies, nonprofits, and whole states, provinces and countries. Aaron Newcomb and Doc Searls probe Andre for lots of great intelligence about how SSI puts individuals in full charge of how they present minimized ID credentials safely, and inside a whole new framework. They also talk with Andre about his involvement with the demoscene and retro computing, which are especially huge in Europe. It's a great discussion on this episode of FLOSS Weekly.
* [The principles of user sovereignty](https://uxdesign.cc/the-principles-of-user-sovereignty-515ac83401f6?sk=d37a69c8efc8a48cdd4a23d0518ba8d0) 2020-07-31 UX Design
> The earliest discussion of the phrase I could find is a [blog post](https://blog.lizardwrangler.com/2011/08/04/extending-our-reach-many-layers-of-user-sovereignty/) from August 4th, 2011 by the “Chief Lizard Wrangler” herself, [Mitchell Baker](https://en.wikipedia.org/wiki/Mitchell_Baker) the CEO of Mozilla. In it she prophetically describes user sovereignty as the consequence of new “engines” that are “…open, open-source, interoperable, public-benefit, standards-based, platforms…” She also makes the critical link between the philosophy of openness and standards-based interoperability with that of identity management and personal data dominion.
* [Identity and Digital Self-Sovereignty](https://medium.com/learning-machine-blog/identity-and-digital-self-sovereignty-1f3faab7d9e3) 2016-09-19 Natalie Smolenski
> Web-based applications increasingly form the infrastructure of modern life. They are the seas, roads, buildings, schools, and libraries within which we travel, socialize, learn, and express ourselves. They store data that is integral to our social and legal identities. Without them, a person is consigned to something like social death — not too different from the situation of a passenger of a ship on the High Seas.
## Human Rights
* [If Tech Fails to Design for the Most Vulnerable, It Fails Us All: Building around the so-called typical user is a dangerous mistake](https://www.wired.com/story/technology-design-marginalized-communities/) 2022-05-15 Wired
> WHAT DO RUSSIAN protesters have in common with Twitter users freaked out about Elon Musk reading their DMs and people worried about the criminalization of abortion? It would serve them all to be protected by a more robust set of design practices from companies developing technologies.
* [Tech Tools for Human Rights Documentation](https://documentation-tools.theengineroom.org/) 2022-04-06 The Engine Room
> Insights from research & practical guidance for civil society documenters of human rights violations
* [Human Rights Documentation](https://documentation-tools.theengineroom.org/findings-documentation/) The Engine Room
> For this research, The Engine Room and HURIDOCS conducted a combined total of 36 one-on-one interviews with civil society documenters of human rights abuses and direct support organisations. Our findings are supplemented by insights from interviews with eight tool developers working in the human rights documentation space.
* [Tool Development](https://documentation-tools.theengineroom.org/findings-tool-dev/) The Engine Room
> For this research, The Engine Room conducted eight interviews with tool developers, and carried out independent research into relevant tools.
* [Transitional Justice](https://documentation-tools.theengineroom.org/findings-transitional-justice/) Tech tools from a transitional justice perspective
> For this research, PILPG conducted interviews with 15 transitional justice experts and held three focus groups.
* [TAKEAWAYS FROM OUR COMMUNITY CALL ON INTERSECTIONS BETWEEN DATA & DIGITAL RIGHTS AND SOCIAL JUSTICE](https://www.theengineroom.org/takeaways-from-our-community-call-on-intersections-between-data-digital-rights-and-social-justice/) 2022-03-21 The Engine Room
> On February 15, we held a community call to discuss our newly-published [research findings](https://www.theengineroom.org/new-research-community-call-intersectional-approaches-to-data-and-digital-rights-advocacy/) on intersectional collaboration between social justice communities and data and digital rights (DDR) communities. We were joined by speakers Temi Lasade-Anderson from Alaase Lab, Luã Cruz from IDEC, Patronella Nqaba from Atlantic Fellows for Racial Equity and Paromita Shah from Just Futures Law.
* [Human rights perspective on W3C and IETF protocol interaction](https://lists.w3.org/Archives/Public/public-credentials/2022Jan/0014.html) 2022-01-05 Adrian Gropper
> The Ford Foundation paper attached provides the references. However, this thread should not be about governance philosophy but rather a focus on human rights as a design principle as we all work on protocols that will drive adoption of W3C VCs and DIDs at Internet scale.
* [Redecentralize Digest — August 2021](https://redecentralize.org/redigest/2021/08/) 2021-08 
> Decisions made by engineers in internet standards bodies (such as IETF and W3C) have a large influence on internet technology, which in turn influences peoples lives — people whose needs may or may not have been taken into account. In the report [Human Rights Are Not a Bug](https://www.fordfoundation.org/work/learning/research-reports/human-rights-are-not-a-bug-upgrading-governance-for-an-equitable-internet/) (see also its launch event), Niels ten Oever asks “how internet governance processes could be updated to deeply embed the public interest in governance decisions and in decision-making culture”.
* [Internet Governance - UDDI - Universal Declaration of Digital Identity](https://iiw.idcommons.net/10I/_Internet_Governance_-_UDDI_-_Universal_Declaration_of_Digital_Identity) 2021-05-06 Jeff Aresty, Kristina Yasuda IIW, IDCommons
> Reaffirming the human rights and fundamental freedoms enshrined in the Universal Declaration of Human Rights and relevant international human rights agreements such as the UN GP on BHR and Constitutional Rights;
>
> Reaffirming the relevance of international human rights standards in the digital environment and the need to explore and expand new human rights guarantees for the future;
* [Universal Declaration of Digital Rights](https://docs.google.com/document/d/1y9C-5TPYmRruRQqJq39-HePk3ypWLDpSAEVzuonOH2Q/edit) 2020-10-21 Johannes Ernst
> all states should recognise and promote universal respect for and observance of both fundamental human and digital rights in physical domain and the digital spaces environment and ensure that these rights are upheld as core elements of a free, open and representative society

11
unsorted/standards/trust-frameworks.md
View File

@ -66,3 +66,14 @@ The concept behind a Trust Registry is that a Wallet needs to know which decentr
> This paper illustrates how TRAIN (Trust mAnagement INfrastructure), an approach based on established components like ETSI trust lists and the Domain Name System (DNS), can be used as a trust registry component to provide a holistic approach for trust management in SSI ecosystems. TRAIN facilitates individual trust decisions through the discovery of trust lists in SSI ecosystems, along with published credential schemas, so that verifiers can perform informed trust decisions about issued credentials.
* [Trust Registries in the Real World](https://www.continuumloop.com/trust-registries-in-the-real-world/) Continuum Loop
> Trust Registries allow us to know that the various shared credentials (e.g. proof of insurance) are accurate. A Homeowner can ask their Digital Wallet to verify an insurance Credential that the Contractor is honest.
* [Trust Registries Tweetstorm](https://www.continuumloop.com/trust-registries-tweetstorm/) Continuum Loop
> We want to start a conversation on Trust Registries and get people thinking about how Trust Registries will help answer the hard questions an ecosystem needs to create a whole experience [[tweetstorm](https://threadreaderapp.com/thread/1569093372920614914.html)]
* [Podcast] [Are Trust Registries Vital to the Success of Decentralized Identity?](https://northernblock.io/are-trust-registries-vital-to-the-success-of-decentralized-identity-with-darrell-odonnell/) Northern Block, with Darrell ODonnell
> - What are the differences between Verifiable Data Registries and Trust Registries?
> - How can Trust Registries help establish the Authenticity of Data?
> - Does placing too much Governance at the Verifiable Data Registry layer cause scaling issues?
> - Why DNS can become an elegant Root of Trust solution to validate the authenticity of Credential Issuers.
> - Who in the Trust Triangle benefits the most from Trust Registries
* [Solving Governance in SSI Ecosystems with Trust Registries.](https://www.youtube.com/watch?v=5zZKIwesSl8) Trust over IP Foundation
> Learn the what and the why behind trust registries.  In addition to discussing how trust registries solve governance in verifiable credential ecosystems, Tomislav demos the very first implementation of ToIPs trust registry specification.

261
unsorted/topics/user-experience.md
View File

@ -1,261 +0,0 @@
---
published: false
---
# User Experience
* [Humanizing PoSSI- Human-centric structure of the Principles of SSI](https://iiw.idcommons.net/21M/_Humanizing_PoSSI-_Human-centric_structure_of_the_Principles_of_SSI) 2021-05-06 Line Kofoed
> 1. [Line] Welcome and introductions; background information around how this topic is important to discuss
> 2. Principles of SSI - [https://sovrin.org/principles-of-ssi/](https://sovrin.org/principles-of-ssi/)
> 3. Sovrin Foundation is working on Sovrin Utility GF and the Sovrin Ecosystem GF
> 4. Work on the SEGF led to reviewing how we define an ecosystem (see slide for definition) → identity ecosystem for identity services
> 5. The approach to grouping the 12 principles are intended to enable better understanding as digital trust ecosystems grow
> 6. Ecosystem of ecosystems will need a foundational set of values and principles and the PoSSI
> 7. [Sterre] It is good to have the order the principles to help better understanding
> 8. [Drummond] additional supplementary material to help laypersons understand the PoSSI better
> 9. [Alex] is the original sequence/numbering sufficient and complete?
> 10. [Chris] the grouping is more important for the SEGF
> 11. [please join Sovrin meetings]
* [NO NEED FOR SUPERHUMANS!: A practical guide to ethics in socio-technical systems design](https://trustoverip.org/blog/2022/03/18/no-need-for-superhumans/) TOIP 2022-03-18
> Of course we are not as Albert Camus once said, wild beasts loosed upon this world, all of us have a moral compass and a sense of what is right and wrong, no-one intends for their product or service to cause harm. Neither are we superhuman, able to always understand the perspectives of all stakeholders or foresee the consequences of every cool feature or elegant line of code, nor indeed can we forecast how our products and services will be used for good or ill. Lisa called on all of us to remember that “technology is not a product, but a system”, and gave us practical steps to help us tap into our innate moral compass and design for those systems with the human experience and human flourishing at its heart.
- summary and video [on our Wiki](https://wiki.trustoverip.org/display/HOME/1.+Dear+Human%2C+The+Future+Needs+You.++Practical+Ethics+with+Digital+Sociologist%2C+Lisa+Talia-Moretti) or [YouTube](https://www.youtube.com/watch?v=Xmnnj82wpTM&t=20s
- Lisas Ted Talk, [Technology is not a product, its system](https://www.ted.com/talks/lisa_talia_moretti_technology_is_not_a_product_it_s_a_system)
- [HXWG Expert Series Summary](https://wiki.trustoverip.org/display/HOME/Expert+Series) including video of Lisas talk
- [A SocioTechnical Process for Researchers, Designers and Creators](https://bit.ly/sociotechprocess)
- The [responsible tech guide](https://atih.responsibletechguide.com/introduction) is full of useful links and insights
- [Ethics for Designers also has practical tools](https://www.ethicsfordesigners.com/tools)
* [FRIDAS principles to guide data and technology](https://youngfeministfund.org/wp-content/uploads/2020/07/FRIDAS-TECH-AND-DATA-PRINCIPLES.pdf) Young Feminist Fund
The tech we use should be responsive to and responisble with the climate, environment crises of our time. Frida advocates for the use and creation of volence-free technologies putting first the care of our territories and bodies
* [FRIDA Happiness Manifesto](https://youngfeministfund.org/wp-content/uploads/2019/06/Happiness-Manifestx-web.pdf) Young Feminist Fund
* [We Should Embrace the Ethical Implementation of Digital Identity](https://www.continuumloop.com/embrace-the-ethical-implementation-of-digital-identity/) Continuum Loop
> Maybe its because of the nature of my job in decentralized identity consulting, but lately, Ive been seeing a lot of conspiracy theories on social media about Self-Sovereign Identity (SSI). People criticize the way its being implemented and warn about the negative consequences it will have. Its almost as if people dont realize that organizations are already monitoring and influencing us and that Google and social media algorithms have been instrumental in this.
* [Falsehoods Programmers Believe About Names - With Examples](https://shinesolutions.com/2018/01/08/falsehoods-programmers-believe-about-names-with-examples/) Shine Solutions Group 2018-01-08
> In this post Im going to list all 40 of Patricks original falsehoods, but give you an example (or two) drawn from my experiences working in this space. Ready? Lets go!
>
> 1. People have exactly one canonical full name.
> 2. People have exactly one full name which they go by.
* [Are Transactional Relationships Enough?](https://www.windley.com/archives/2022/03/are_transactional_relationships_enough.shtml) Phil WIndley
> Our online relationships are almost all transactional. A purely transaction digital life can't feel as rich and satisfying as one based on interactional relationships. As more of our relationships are intermediated by technology, finding ways to support interactional relationships will allow us to live authentic digital lives.
* [Using a Theory of Justice to Build a Better Web3](https://www.windley.com/archives/2022/05/using_a_theory_of_justice_to_build_a_better_web3.shtml) Phil Windley
> Summary: Building a better internet won't happen by chance or simply maximizing freedom. We have to build systems that support justice. How can we do that? Philosophy discussions are the black hole of identity. Once you get in, you can't get out. Nevertheless, I find that I'm drawn to them
* [Only 5% Of US Consumers Want To Be Tracked For Ads](https://anonyome.com/2021/05/only-5-of-us-consumers-want-to-be-tracked-for-ads/) Anonyme
That means 95% of US consumers are saying no way to cross-app tracking with Apples new [App Tracking Transparency](https://anonyome.com/2021/05/apples-new-att-and-why-facebook-is-hitting-back-hard/) (ATT) feature.
* [The Principles of User Sovereignty](https://uxdesign.cc/the-principles-of-user-sovereignty-515ac83401f6) 2020-07-31 UXDesign
> “Our identities have no bodies, so, unlike you, we cannot obtain order by physical coercion. We believe that from ethics, enlightened self-interest, and the commonweal, our governance will emerge. Our identities may be distributed across many of your jurisdictions. The only law that all our constituent cultures would generally recognize is the Golden Rule. We hope we will be able to build our particular solutions on that basis. But we cannot accept the solutions you are attempting to impose.” — John Perry Barlow
* [Do Consumers Even Want Personalized Ads?](https://anonyome.com/2021/06/do-consumers-even-want-personalized-ads/) Anonyme
The [YouGov](https://www.globalwitness.org/en/blog/do-people-really-want-personalised-ads-online/) poll of consumers in France and Germany we mentioned earlier says its the [behind the scenes](https://mysudo.com/2021/02/beware-the-dark-patterns-trying-to-steal-your-data/) or back door nature of personalization that gives people the creeps.
* [The railroad of (no) choice](https://www.mydigitalfootprint.com/2021/07/the-railroad-of-no-choice.html) MyDigitalFootprint
> - to force something to be officially approved or accepted without much discussion or thought.
> - to force someone into doing something quickly, usually without enough information.
* [How humans understand identity](https://medium.com/universal-identity/how-humans-understand-identity-367200ae9591) Universal Identity
* [More security does not have to mean less user-friendliness](https://background.tagesspiegel.de/cybersecurity/mehr-sicherheit-muss-nicht-weniger-nutzerfreundlichkeit-bedeuten) Martin Kuppinger, Tagesspiegel
> The passwords that have been declared dead are far from dead. Nevertheless, the way in which users authenticate themselves is changing towards more security and convenience.
* [Selective Disclosure: Share Just What You Want](https://academy.affinidi.com/selective-disclosure-share-what-you-want-8ae367655b7b) 2021-08-02 Affinidi
> In the context of SSI, selective disclosure is best implemented through [verifiable credentials](https://academy.affinidi.com/what-are-verifiable-credentials-79f1846a7b9) where the user has separate credentials for each piece of information such as his/her date of birth, full name, vaccination details, address, passport number, etc.
* [Identity and Digital Self-Sovereignty](https://medium.com/learning-machine-blog/identity-and-digital-self-sovereignty-1f3faab7d9e3) 2016-09-19 Natalie Smolenski
> Web-based applications increasingly form the infrastructure of modern life. They are the seas, roads, buildings, schools, and libraries within which we travel, socialize, learn, and express ourselves. They store data that is integral to our social and legal identities. Without them, a person is consigned to something like social death — not too different from the situation of a passenger of a ship on the High Seas.
* [Managing Authorization: Who Has What?](https://iiw.idcommons.net/4D/_Managing_Authorization:_Who_Has_What%3F) By David Schmudde
Focused on communicating risks/harms to the user. Focus on the high-level user experience.
- Steve Venema suggested the [Privacy Co-op](https://privacyco-op.com/frontdoor)
- Make an individual's policy decisions [disappear into their workflow](https://www.hpl.hp.com/techreports/2009/HPL-2009-341.pdf). Whenever the application needed a resource, we knew the answer from the action they took in the UX.
- Trust based on the context of the other people I know.
- Web of trust: have my friends shopped here?
- Reputation: what is the ranking of this place?
- Revocation
- Information is given, cannot be revoked (photo of a driver's license)
- Permission is given, can be revoked (allow a 3rd party to say I have a driver's license)
- Trust based on browsing history
- TOFU: Trust based On First Use - trusted it once, will trust it again
- [Kantara Initiative](http://wiki.idcommons.org/Identity_Trust_Charter): agreed to terms once. Will stay agreed unless they change.
- The opposite of "who do you trust?" is "how are you making yourself vulnerable?"
- [Kantara Initiative](http://wiki.idcommons.org/Identity_Trust_Charter)
- obligations/consequences for violating the consequences
- "identity trust workgroup" - Adopt the Personal Data Categories from Enterprise Privacy for the Consent Receipt V 1.1
- Consent for each purpose. People give consent at the purpose-level.
### Harms and User Risks. High Level UX by David Schmudde
Focused on communicating risks/harms to the user. Focus on the high-level user experience.
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
- Steve Venema suggested the [Privacy Co-op](https://privacyco-op.com/frontdoor)
- Make an individual's policy decisions [disappear into their workflow](https://www.hpl.hp.com/techreports/2009/HPL-2009-341.pdf). Whenever the application needed a resource, we knew the answer from the action they took in the UX.
- Trust based on the context of the other people I know.
- Web of trust: have my friends shopped here?
- Reputation: what is the ranking of this place?
- Revocation
- Information is given, cannot be revoked (photo of a driver's license)
- Permission is given, can be revoked (allow a 3rd party to say I have a driver's license)
- Trust based on browsing history
- TOFU: Trust based On First Use - trusted it once, will trust it again
- [Kantara Initiative](http://wiki.idcommons.org/Identity_Trust_Charter): agreed to terms once. Will stay agreed unless they change.
- The opposite of "who do you trust?" is "how are you making yourself vulnerable?"
- [Kantara Initiative](http://wiki.idcommons.org/Identity_Trust_Charter)
- obligations/consequences for violating the consequences
- "identity trust workgroup" - Adopt the Personal Data Categories from Enterprise Privacy for the Consent Receipt V 1.1
- Consent for each purpose. People give consent at the purpose-level.
* [Realistically speaking: Identity reclamation/solutions for normies](https://iiw.idcommons.net/14H/_Realistically_speaking:_Identity_reclamation/solutions_for_normies) by Grace
- What is the right balance between ease of use and identity, and how we use that in real life
- Idea of how do we even get our identity back from where its stored
- Current tradeoff for privacy is solutions that are barely usable (Duckduckgo, SSB)
- Real versus online world,
- Focused on the idea of context for each thing
- Lively debate about the nature of reality versus virtuality
- Discussion of whether corporate ownership of data is “data assault” and that the term data theft might be too mild.
* [Device-free SSI: Ideas, Potentials and Challenges](https://iiw.idcommons.net/20J/_Device-free_SSI:_Ideas,_Potentials_and_Challenges) by Nuttawut Kongsuwan
Links from Chat:
Catherine Nabbala, 10:56:43 AM
For offline discussions, pls email: win@finema.co
Takashi Minamii 11:29:45 AM
FYI:Hitachi's Solution (PBI)[https://www.hitachi.com/rd/sc/story/pbi/index.html](https://eu01st1.zoom.us/web_client/jzsz6o/html/externalLinkPage.html?ref=https://www.hitachi.com/rd/sc/story/pbi/index.html)
* [Can Kids Use D.I.D.s? Whats your tech for kids online?](https://iiw.idcommons.net/21K/_Can_Kids_Use_D.I.D.s%3F_What%27s_your_tech_for_kids_online%3F) by Erica Connell
Brief but rich conversation about what technologies may be available and/or practicable or are developing  to use with kids and their online presence.
Use case: Wonderland Stage & Screen, interested in developing a platform to support youth creating media to share, comment, discuss their work that meets COPPA guidelines, allows freedom of participants, and provides a mechanisms for privacy.
- Create an onboarding process that models a physical process
- Collect information
- Issue a credential
- Offer wallet options for use
- What kinds of credentials could we use?
- View only
- Interactive
- Comment enabled
* [The principles of user sovereignty | by 𝔡𝔴𝔥](https://uxdesign.cc/the-principles-of-user-sovereignty-515ac83401f6?sk=d37a69c8efc8a48cdd4a23d0518ba8d0)
The earliest discussion of the phrase I could find is a [blog post](https://blog.lizardwrangler.com/2011/08/04/extending-our-reach-many-layers-of-user-sovereignty/) from August 4th, 2011 by the “Chief Lizard Wrangler” herself, [Mitchell Baker](https://en.wikipedia.org/wiki/Mitchell_Baker) the CEO of Mozilla. In it she prophetically describes user sovereignty as the consequence of new “engines” that are “…open, open-source, interoperable, public-benefit, standards-based, platforms…” She also makes the critical link between the philosophy of openness and standards-based interoperability with that of identity management and personal data dominion. 2011-08-04
* [EPS for SSI (Self-Sovereign Identity)](https://medium.com/@kokumai/eps-for-ssi-self-sovereign-identity-8c742e2b1d02)
> you might be interested to hear that the core of EPS is designed to convert images to high-entropy codes, which work as very long passwords and also as the seeds of symmetric or asymmetric cryptographic keys.
* [Sexism in Facial Recognition Technology](https://medium.com/berkman-klein-center/sexism-in-facial-recognition-technology-d5e547a6e7bc) Berkman Klien Center
The use of facial recognition by law enforcement agencies has become common practice, despite increasing reports of [false arrests](https://www.nytimes.com/2020/06/24/technology/facial-recognition-arrest.html) and [jail time](https://www.nytimes.com/2020/12/29/technology/facial-recognition-misidentify-jail.html). While there are various downsides to facial recognition technology being used at all, including fears of mass surveillance and invasion of privacy, there are flaws within facial recognition technologies themselves that lead to inaccurate results. One such major challenge for this still-burgeoning technology is gender-based inaccuracies. 2020-12-29
* [A Deep-Dive on Digital Self-Determination](https://medium.com/berkman-klein-center/a-deep-dive-on-digital-self-determination-368c48d87705)
Questions of control over personal data were a cross-cutting theme throughout a [Research Sprint](https://cyber.harvard.edu/story/2021-03/research-sprint-examines-digital-self-determination-increasingly-interconnected-world) co-hosted by the [Berkman Klein Center for Internet & Society](http://cyber.harvard.edu) and [Digital Asia Hub](https://www.digitalasiahub.org/). The Sprint also examined other important dimensions of self-determination in the digitally networked world, for instance, self-expression and participation in civic life and the digital economy, or relationship-building and well-being, to name just a few application areas.
* [Tap and Prove](https://www.linkedin.com/pulse/tap-prove-stephen-wilson/) Stephen Wilson
We should be able to “tap and prove” any important fact and figures about ourselves as easily as we tap and pay with a mobile phone at any one of 100s of millions of terminals globally.
* [Frontier Talk #6 | Bringing User-Centricity to Decentralized Identity](https://www.youtube.com/watch?v=UnWsu1gCe9k) - Nat Sakimura KuppingerCole
Raj Hegde sits with identity veteran, Nat Sakimura - Chairman of OpenID Foundation to understand how user-centric learnings from existing authentication protocols can be applied to future identity initiatives.
* [Most People Feel Negatively About Location Tracking in Websites and Apps](https://me2ba.org/most-people-feel-negatively-about-location-tracking/) Me2Ba.org
The Spotlight Report, “[Consumer Sensitivity to Location Tracking by Websites and Mobile Apps](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/)”, was developed to validate the Location Commitment scoring criteria in the [Me2B Alliance Safe & Respectful Technology Specification](https://me2ba.org/flash-guide-2-what-is-the-me2b-respectful-tech-specification/). The specification, produced by the Me2B Alliances Respectful Tech Spec Working Group, is designed to provide a standard for measuring safe and ethical behavior in connected technology.
* [Me2B Alliance Validation Research: Consumer Sensitivity to Location Tracking by Websites and Mobile Apps](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/)
The Me2B Alliance (“Me2BA”)[3](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/#footnotes) is a nonprofit creating a safe and just digital world through standards development and independent technology testing. At the core of our work is our Respectful Technology Specification[4](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/#footnotes), currently in development, which provides an objective standard for measuring safe and ethical technology behavior.
* [What is Respectful Use of Location Information? New Me2BA Research](https://me2ba.org/what-is-respectful-use-of-location-information-new-me2ba-research-published/)
* [“Spotlight Report #3: Consumer Sensitivity to Location Tracking by Websites and Mobile Apps”](https://me2ba.org/spotlight-report-3-me2b-alliance-validation-research-consumer-sensitivity-to-location-tracking-by-websites-and-mobile-apps/). This research quantifies and qualifies public opinion of location tracking in a variety of different contexts within web and mobile technology.
* [People Dont Understand the Purpose of Privacy Policies and Terms of Service  New Research Published](https://me2ba.org/people-dont-understand-the-purpose-of-privacy-policies-and-terms-of-service-new-research-published/) Me2B Alliance ([Report](https://me2ba.org/spotlight-report-5-me2b-alliance-validation-testing-report-consumer-perception-of-legal-policies-in-digital-technology/)
- Consumers are aware that legal policies exist on connected technologies and that they should read them, but they continue to choose to largely ignore them.
- 55% of survey participants did not understand that a TOS/TOU agreement is a legal contract. This has significant implications because a key requirement for legally binding contracts is mutual assent, which means that both parties have a “meeting of the minds” and must understand theyre entering into a contract.
- None of the interview participants were aware of tools that explain or rate privacy policies and TOS/TOU documents, and half said that a score would not change their behavior.
- 66% of survey respondents believe that privacy policies protect the business, while 50% say they protect the consumer. Its questionable that privacy policies protect either the individual or the business, as they are primarily legal notices, disclosures of how data is used by the technology and the companies behind it. Moreover, 39% of respondents erroneously thought that the privacy policy was a contract [between them and the company].
* [Backchannel: A relationship-based digital identity system](https://www.inkandswitch.com/backchannel/) Ink and Switch
Using Backchannel as a model example, we propose four design principles for trusted digital relationships. Then we used Backchannel to design and build three sample apps: chat, location sharing, and document preview. We also tested these designs with journalists, researchers, and designers. Based on this testing, we outline common user experience challenges and recommended solutions.
* [Identity and Consistent User Experience](https://www.windley.com/archives/2021/11/identity_and_consistent_user_experience.shtml) Phil Windley
There's a saying in security: "Don't roll your own crypto." I think we need a corollary in identity: "Don't roll your own interface." But how do we do that? And what should the interface be? One answer is to adopt the user experience people already understand from the physical world: connections and credentials.
* [Survey Finds Customers Frustrated With Passwords, Open to Biometrics](https://findbiometrics.com/survey-finds-customers-frustrated-passwords-open-biometrics-7102106/) FindBiometrics
Passwords were a major point of contention in that regard, with a strong majority (68 percent) of consumers indicating that it is difficult to remember and key in a large number of passwords. Nearly half (44 percent) believe that biometric authenticators are easier to use, while 34 percent would prefer to use them as their primary means of identity
* [Measuring the Ethical Behavior of Technology](https://me2ba.org/measuring-the-ethical-behavior-of-technology/) Me2bAlliance
This session will share the results and learnings of the creation and development of an ethical “yardstick” for respectful technology, including its application to websites and mobile apps. The speakers will also explore learnings from everyday people in the validation research around the certification mark as well as share recommendations for tech makers.
### Accessibility
* [Disability-inclusive ID Systems](https://blogs.worldbank.org/voices/access-agency-and-empowerment-through-disability-inclusive-id-systems)
> Creating an inclusive ID system requires a comprehensive, whole-of-system approach to overcome barriers to ID enrollment and use for persons with disabilities.
### Customer Commons \ Intention Economy
* [Making The Intention Economy happen](https://iiw.idcommons.net/3E/_Making_The_Intention_Economy_happen) by Doc Searls (& Customer Commons)
* [The Intention Economy: When Customers Take Charge | Berkman Klein Center](https://cyber.harvard.edu/events/2012/05/searls)
* [https://wiki.p2pfoundation.net/Intention_Economy](https://wiki.p2pfoundation.net/Intention_Economy)
* [Making The Intention Economy Happen](https://iiw.idcommons.net/10B/_Making_The_Intention_Economy_Happen,_Part_2), Part 2 by Doc Searls
This was a small meeting primarily meant to tee up Hadrian Zbarceas demo of Customer Commons new Intention Byway model for better signaling between demand and supply in markets of all kinds
* [Relationships and Identity](https://www.windley.com/archives/2020/07/relationships_and_identity.shtml) 2020-07 Phil Windley
> We build digital identity systems to create and manage relationships—not identities.
* [https://www.slideshare.net/dsearls/iiw-xxxiiintentionsession](https://www.slideshare.net/dsearls/iiw-xxxiiintentionsession)
* [Will users and organizations have trust in keys roaming via the cloud?](https://www.kuppingercole.com/events/eic2022/blog/will-users-and-organizations-have-trust-in-keys-roaming-via-the-cloud)
the FIDO Alliance, a set of open, scalable, and interoperable specifications has been developed to replace passwords as a secure authentication method for online services. The alliance has also worked with companies such as [Microsoft](https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless), [Google](https://cloud.google.com/blog/products/identity-security/protect-gce-vms-with-managed-fido-security-keys), and [Apple](https://fidoalliance.org/expanded-support-for-fido-authentication-in-ios-and-macos/)  to integrate and adopt FIDO standards across their operating systems.
* [How Might we Design Consent Experiences for Data Sharing?](https://www.youtube.com/watch?v=bGgV2Ffnczg) ToIP HXWG with Dr Arianna Rossi  & Xengie Doan of Interdisciplinary Center for Security, Reliability and Trust (SnT) at the University of Luxembourg
The complex ecosystem where manifold transactions can be automatically enabled by smart contracts contributes, at least in principle, to establish greater transparency about data use towards the many parties involved. However, the mere fact of building such a verifiable and traceable architecture does not automatically translate into understandable communications, easily applicable instructions and smooth transactions for human beings.
* [If Tech Fails to Design for the Most Vulnerable, It Fails Us All: Building around the so-called typical user is a dangerous mistake](https://www.wired.com/story/technology-design-marginalized-communities/) Wired
WHAT DO RUSSIAN protesters have in common with Twitter users freaked out about Elon Musk reading their DMs and people worried about the criminalization of abortion? It would serve them all to be protected by a more robust set of design practices from companies developing technologies.
* [Design From the Margins Centering the most marginalized and impacted in design processes - from ideation to production](https://www.belfercenter.org/sites/default/files/files/publication/TAPP-Afsaneh_Design%20From%20the%20Margins_Final_220514.pdf)
* [Can digital identity help with the world refugee crisis?](https://securityboulevard.com/2022/05/can-digital-identity-help-with-the-world-refugee-crisis/) SecurityBoulevard
The first international agreement on how refugees could handle the issue of missing or incomplete identity documents resulted from the Arrangement of 5 July, 1922, which was a meeting of the League of Nations. Among other things, the conference established a uniform [“identity certificate” for Russian refugees](https://www.refworld.org/docid/3dd8b4864.html), between one and two million of whom [had been displaced by various conflicts over the previous decade](https://www.icrc.org/ar/doc/assets/files/other/727_738_jaeger.pdf).
* [Design Principles for the Personal Data Economy](https://medium.com/mydex/design-principles-for-the-personal-data-economy-f63ffa93e382) MyDex ([whitepaper](https://mydex.org/resources/papers/)
A key part of this is continuity and longevity: a personal data store is for life, so the institutions providing personal data stores should be designed for decades (centuries, even). Whatever particular corporate form they take, legal safeguards relating to continuity and longevity of purpose need to be built into how they operate.
## Human Rights
* [What Companies Can Do Now to Protect Digital Rights In A Post-Roe World](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0046.html)
Good topic for CCG discussion and reading on the implications of a lot of
the tech we are working on:
* [What Companies Can Do Now to Protect Digital Rights In A Post-Roe World | Electronic Frontier Foundation](https://www.eff.org/deeplinks/2022/05/what-companies-can-do-now-protect-digital-rights-post-roe-world)
* [Human rights perspective on W3C and IETF protocol interaction](https://lists.w3.org/Archives/Public/public-credentials/2022Jan/0014.html) Adrian Gropper (Wednesday, 5 January)
The Ford Foundation paper attached provides the references. However, this thread should not be about governance philosophy but rather a focus on human rights as a design principle as we all work on protocols that will drive adoption of W3C VCs and DIDs at Internet scale.
* [https://redecentralize.org/redigest/2021/08/](https://redecentralize.org/redigest/2021/08/) says: *Human rights are not a bug*
* [Part 0: The 7 Deadly Sins of Digital Customer Relationships](https://www.evernym.com/blog/7-deadly-sins-customer-relationships/)
* [Part 1: Decentralized Identifiers: Building Smarter, More Sustainable Customer Relationships](https://www.evernym.com/blog/decentralized-identifiers-customer-relationships/)
DIDs are about building lasting private and secure digital relationships with customers, and as well see with each of the Deadly Sins, about reducing costs, increasing compliance and enabling truly personalized products and services without being creepy.