decentralized-id.github.io/unsorted/topics/data-governance.md

published
false

• Katryna Dow - Data minimisation: value, trust and obligation 2020-10-14 UbiSecure

  Katryna talks to Oscar about her career (including inspiration from Minority Report), Meeco’s personal data & distributed ledger platform, the importance of data minimisation to inspire trust in organisations, and cultural differences in attitudes towards digital identity.

• Why Location Data Brokers Put All Communities At Risk 2022-06-06 Zach Edwards M2BA

  New work that may leverage decentralized ID from the supply chain side of things…but not sure (lots of links inside on data brokers harm)

• INNOPAY paper on data sharing published in CEUR Workshop Proceedings 2022-09-15 Innopay

  This week, CEUR-WS.org has published the paper titled ‘Harmonization Profiles for Trusted Data Sharing Between Data Spaces: Striking the Balance between Functionality and Complexity’ in the CEUR Workshop Proceedings.

• What’s in Your Data Ecosystem? 2021-12-09 State of Identity

  Indicio's CEO, Heather Dahl, and CTO, Ken Ebert, identity wallets, verified credentials, the role of the Sovrin Foundation, and new momentum around interoperability across decentralized identity.

• Part 4: Getting on the Right Data Diet with Verifiable Credentials 2021-03-08 Evernym

  But there’s a difficult truth here. Much of the data is just plain wrong, wasteful, or at worst not compliant. We know this because businesses are spending boatloads of cash on fixing poor quality data and data compliance. And what’s the remedy? More data! More data sources, more attributes and profiles, more money. All fed by a new and increasingly sophisticated set of data APIs that are driving that growth.

• Design Principles for the Personal Data Economy 2022-06-22 MyDex (whitepaper

  A key part of this is continuity and longevity: a personal data store is for life, so the institutions providing personal data stores should be designed for decades (centuries, even). Whatever particular corporate form they take, legal safeguards relating to continuity and longevity of purpose need to be built into how they operate.

* 6: Breaking Down Silos with Open Ecosystems and True Data Portability 2021-03-11 Evernym

Every company providing a new digital identity solution believes that all the other digital identity options are not good enough, not secure enough, not fast enough. They believe they can do better.

Yet collaboration will be critical to making digital identity work properly at scale.

• Part 7: Envy Counting The Cost of Data Collection, And A New Paradigm Of ‘Identity Holder Present’ 2021-03-12

  It all feels like data envy to me. Aristotle described envy as the pain at the sight of another’s good fortune, stirred by “those who have what we ought to have.” Precisely.

• UNDP LEGAL IDENTITY AGENDA ONLINE FORUM: PRIVATE SECTOR ENGAGEMENT ROUNDTABLES: DATA PROTECTION AND PRIVACY 2022-07-13

  A second Private Sector Engagement Roundtable was held on February 10, 2022 building on the first roundtable held in May 2021. The forum drew 74 virtual participants. Hosted by the UN Legal Identity Agenda (LIA) Task Force1, the roundtable with members of UN entities and the private technology sector addressed, core questions about data protection and privacy, as well as policy issues concerning legal identity systems.

• Marissa Mayer wants to fix your address book CNBC 2020-11-18

  At launch, Mayer’s start-up is rolling out Sunshine Contacts, an address book app that relies on artificial intelligence to find and merge duplicate contacts, fill out incomplete information and continually keep that data up to date. The app integrates with the iOS Contacts app as well as Gmail and will be free to all iOS users with an invitation.

• You are not your Data but Your Data is still You.

  In the digital age, individual privacy in the broadest sense is about control over protecting one’s personally identifiable information (PII), such as information about health, credit, shopping, or communication. But the types of information deemed ‘personally identifiable’ and the amount of control one has over them varies around the world.

• Ada Lovelace Institute (ALI) Shares Highlights and References

  discussing different approaches to data stewardship and potential principles individuals and organisations can follow

• Exploring principles for data stewardship - case studies exploring principles for data stewardship - ALI

• Data Trusts Initiative - interdisciplinary programme that pursues research at the interface of technology, policy and the law to better understand the role data trusts can play

• Data Futures - Research to shift power through data governance - Mozilla Foundation

• The Data Economy Lab - unlock the societal value of data while safeguarding the rights of individuals and communities.

• Doing good with data: what does good look like when it comes to data stewardship? ALI

• @CjColclough shares: Towards Workers' Data Collectives (The Why Not Lab)Written for Just Net Coalition and IT for Change Digital New Deal essay series

• Local-first software: You own your data, in spite of the cloud

a set of principles for software that enables both collaboration and ownership for users. Local-first ideals include the ability to work offline and collaborate across multiple devices, while also improving the security, privacy, long-term preservation, and user control of data.

• Personal Data Warehouses Simon Willison

  If you’re like me, and you love building side-projects but you don’t like paying $5/month for them for the rest of your life, this is perfect.

• Why framing “data” as an asset or liability is dangerous MyDigital Footprint

  If there is one thing that can change finance’s power and dominance as a decision-making tool, it is the rest of the data. According to Google (2020), 3% of company data is finance data when considered part of an entire company’s data lake. McKinsey reports that 90% of company decisions are based on finance data alone, the same 3% of data.

If you are in accounting, audit or finance shoes, how would you play the game to retain control when something more powerful comes on the scene?

• PSA Today with Julian Ranger, founder of Digi.me

  Personal data governance (in a world of surveillance capitalism‪)‬

• Personal data servers will help take back digital ID from big tech (Wired OpEd)

  In 2021, individuals will gain the ability to own servers where their data is stored – and with it control their online identities.

[...] because data from their healthcare provider acquired into the server can be used to authenticate and assert that fact without the need to give any identity information. By using PDAs, apps that rely on sensitive data will be able to access this and stay “identity blind”. One effect of the Covid-19 pandemic will be the increased use of PDAs.

• Digi.me enables rapid citizen-centric data exchange solutions for flexibile Gov COVID-19 uses (youtube)

• Hidden in Plain Sight — the Transformational Potential of Personal Data MyDex

  Personal data stores apply the same economic logic to transform the costs of producing data driven services. Verified attributes are the digital equivalents of Henry Ford’s standardised parts. By enabling one organisation to instantly re-use data verified by another organisation they eliminate the need for vast amounts of duplicated effort and rework (re-creating each data point from scratch or checking its details, provenance etc).

• If your strategic plan is based on data, have you considered the consequences? MyDigitalFootprint

  How do you know your data set has the views of everyone who is critical to your business today and in the future? How do you know the tools you use provide equal weight to everyone to make our business thrive?  How do you know if the recommendation was written before the analysis? How do your incentives create a new bias?

• Data for good: powering our way to a better world 2021-04-29

  We should absolutely all be taking care of the data that belongs to us, our data that we create, that we have a right to be able to control and share exactly as we choose. But we should also bear in mind the power of that data to help each of us, every day, benefit from the good that can come when it is shared and used to create a better world for us all.

• Everybody has our data ... except us reb00ted

Google has all my e-mail. (And I don’t. They merely let me access it with a browser.)

Facebook has the list of all of my friends and what I said to them. (And I don’t.)

LinkedIn has all of my business contacts. (Repeat after me: and I don’t.)

Instagram has all my photos. Well, the Instagram department of Facebook does. (Chorus now: and I don’t.)

Amazon has the list of all my purchases, and knows what products I was interested in but didn’t buy after all. (AND I DON’T.)

• What the Heck is a Data Mesh?!

I re-read Zhamak Dehghani ’s original and follow-on posts. Zhamak is the creator of the data mesh. In her second post she identifies four data mesh principles:

1. Domain-oriented decentralized data ownership and architecture
2. Data as a product
3. Self-serve data infrastructure as a platform
4. Federated computational governance

• Attitudes To Personal Data Management

  In recent years, personal data has been an increasingly popular topic of conversation for marketers, data analysts, regulators, and privacy warriors. Individuals have learnt that recent regulatory updates have given them more rights over how that data is used. Are these two forces aligned?

  We distributed a survey and received over 400 responses from both individuals and organisations answering questions about the management of personal data. How aligned are the two points of view? This infographic shows a summary of key questions and responses.

• What Does It Actually Mean When a Company Says, “We Do Not Sell Your Data?” John Philipin 2021-09-03

Probably because the alternatives produce even more income.

• Japan-based Dixon Siu to join the Board of aNewGovernance AISBL 2021-09-15

Given his breadth of experience and alignment with a number of strategic sectors where aNewGovernance is currently developing ecosystems, I am sure, he will bring incredible contribution.

• Data Privacy: does anyone care? Meeco

The compelling data and research suggest that my original question now needs to be reframed. People most certainly do care about their data privacy. The question now is: how are organisations going to bridge this data privacy chasm?

• Data Sovereignty International Forum 2021(English)

• FTC’s Shot Across the Bow: Purpose and Use Restrictions Could Frame The Future of Personal Data Management Identity Praxis 2021-11-03

So that there is no uncertainty or doubt, however, Duball4 reports that, while consumer privacy is a chief concern for the commission, it is not the primary concern to the exclusion of other concerns. The commission is also worried about algorithmic bias and “dark patterns” practices. 2021-11-03

• Self-Sovereign Identity Personal Data Usage Licensing (SSI-PDUL) Model: Whitepaper Hyperonomy

The scope of the Self-Sovereign Identity Personal Data Usage Licensing (SSI-PDUL) Model is personal digital identifiers and any associated identity data presented by Alice to the App. It does not include the permissioning of data internal to the App (although the natural extension of the solution to internal data is an obvious one)

• Self-Sovereign Identity Personal Data Usage Licensing (SSI-PDUL) Model Michael Herman 2021-01-27

How Alice User, an App User and Identity Owner, and Bob Developer, an App Developer and App Controller, might negotiate the use of Alice’s personal digital identifiers and any associated personal identity data by Bob’s app, based on Self-Sovereign Identity Model Usage Principles

• 75% of Americans Want National Data Privacy Standards Anonyme

  The clear majority of adults surveyed want national standards around how companies collect, process and share personal data to help protect users’ privacy and security online. Seven in 10 people agree with the federal government treating personal data security as a national security issue and investing in cybersecurity.

• Trusted Data Ecosystems: The Indicio Way

This multidimensional value—authenticity, compliance, integrity, and resilience—coupled with being easy to integrate is what separates the Indicio approach from the rest. Our growth in 16 months—with global enterprise customers and a global decentralized blockchain network supported by 23 companies on five continents is a sign that fundamental change is coming in the way we share information.

• Helping Data Trusts Manage Personal Data Mydex

Mydex CIC has just published a blog for Cambridge University’s Data Trust Initiative on ‘Helping Data Trusts Manage Personal Data’. In it, we address the challenges that arise as the Data Trust movement begins to scale.

• MEF CONNECTS Personal Data & Identity 5/11 Mobile Ecoystem Forum

• The need for new Data Institutions Alan Mitchell

we were presenting at the Open Data Institute’s event on Data Sharing and the Rise of Data Institutions — a crucially important subject for the years ahead. (You can see the slides of our presentation here.)

• Dangerous Data: the role of data collection in genocides The Engine Room

• Ontology Partners With 4EVERLAND to Accelerate Web 3.0 Adoption

Ontology is partnering with 4EVERLAND, a Web 3.0 cloud computing platform enabling global acceleration, privacy protection, distributed storage and other technical features to accelerate the move towards Web 3.0.

• Data Mob Rule MoxyTongue

Individual Rights are hard to come by historically. Strong people make them possible. First requirement of their existence is thus, strong people.

• How to unleash the full potential of data? Alan Mitchell

The main reason why vital information is not getting where it needs to be is that our data economy has evolved to be an organisation-centric ‘One User One Use’ (OUOU) system — whereas, thanks to the inner logic of data itself, it needs to operate as a ‘Many Users, Many Uses’ (MUMU) data ecosystem.

• Data as competitive advantage & control mechanism in platform economy

  Presenters: Sangeet Paul Choudary, Molly Schwartz Session host: Riikka Kämppi Molly Schwartz chats with Sangeet Paul Choudary - best-selling author of Platform Revolution and Platform Scale and founder of Platformation Labs - unpacks the ethics and economics of data.

Dynamic Data Economy: Digital Identity, Authentic Data Flows, Data Mesh and other dragons by Robert Mitwicki

DDE, HCF, Data Mesh, KERI, OCA

Session was held by Human Colossus Foundation folks who described the vision for DDE which is developed within the Colossi network around the foundations.

Dynamic Data Economy is a roadmap towards fair, decentralized and authentic data economy. Many times people are referring to blockchain technology as a revolution within digital space. But often they actually mean something more profound: the promise of Decentralisation brought by blockchain. A Dynamic Data Economy brings decentralization outside the technology realm into digital solutions for any economic actors. It does so by decentralizing all layers of the ecosystem:

• Decentralized Governance - no administrative entity fully controls and sets the rules, Individuals, organization and government are sovereign on their data Governance.
• Decentralized Architecture - physically decentralization of resources running that network. Economic actors keep control of their data storage solution according to the level of security required.
• Decentralized Logic (Data) - if you cut the system in half it can continue working and data is not damaged in any way, e.g. no need for total ordering.

No blockchain fulfills all those requirements and some none at all. And this is a problem for sensitive areas (e.g. identity or data portability) Then the agreements on sets of principles, protocols and rules to fulfill those requirements are “add-ons”.They are not in the system by design and thus weakens the overall solution Thus the Human Colossus Foundation (HCF) is seeking for opening up discussion and lead towards standardization efforts to ensure that the decentralized technologies already existing brings to life a Dynamic Data Economy for all with and without blockchain.

• An introduction to The Authentic Data Economy by David Huseby

This was a session to discuss the topics I brought up in my article on the authentic data economy:

• The Authentic Data Economy. Universal Digital Trust at Global Scale | by 𝔡𝔴𝔥 | Medium

With each successive wave of computerization the new innovations built on the last. Each one taking more of human-scale processes and shrinking them down and putting them into computers and eventually online. The authentic data economy isn’t any different. It leverages data collection and networking and personal computing advances. It makes our data ours and authentic. It builds on all of the previous work done by countless engineers and inventors and dreamers. However, by being the last big problem it represents the final piece that brings together everything that came before it. The scope of the authentic data economy is literally everything in the human sphere. There is nothing that this won’t change. Trust will go everywhere and into everything. But most importantly, so will privacy.

I talked about how the break from the W3C DID specs and other key innovations in cryptography have enabled me and Mike Lodder to design a solution for identity and all data provenance that is 1. privacy preserving, 2. scalable to global scale and how that creates an opportunity for authentic data to become the primary way data is used in the world.

• Credential Marketplaces by Martin Riedel, Stepan Gershuni

Presentation: https://docs.google.com/presentation/d/1WOXgHhgAwG0Im45pZkTAhsadpd8xbck0xjlnsuVGGhI/edit?ts=60803bc8

The goal of this session is to present the idea and get community feedback regarding this.

Credential Marketplace is quite high up the SSI stack but we want to start this discussion.

1. What is Credential Marketplace?
2. We have a Trust Triangle of Issuer-Holder-Verifier. This does not need any centralized entity except schema hosting.
3. However, we want to solve the problem of discovery of Issuers and Verifiers.
4. Example: I’m traveling to a new country. I need to get what healthcare VCs are needed to go there, in an automated way.
5. How can we solve this without relaying on a centralized registry of Verifier requirements and Issuer capabilities?
6. How it works
7. In order to discover issuers / vc types, there should be a registration step where issuers/verifiers actively OR passively provide metadata about their capabilities.
8. Credential Data — can contain some filters or constraints on the data from within the VC. E.g. As a Verifier, I only accept passport VC from only certain governments: only German nationals.
9. VC Metadata
10. Issuer Metadata
11. Reputation mechanism for credential issuers
12. Marketplace can also implement value transfer: paying for issuance by the verifier, for example. Even if they are part of different SSI ecosystems. This is optional but can help incentivize different participants.

• https://docs.google.com/presentation/d/1VaxwE9d4kEvmsJGUMWcvLf5WOQRcv5o_wTGTsecfseA/edit?usp=sharing

• International Semantic Infrastructure: Requirements for a distributed data economy by Paul Knowles

Brent Shambaugh. Integrate computing, processing, storage. Virtual machine to integrate databases. Query language, like Linked Data, over a lot of different systems. SeeQL(?) - translate. Categorical databases (Ryan and David’s work): to not really rely on a single source ofo truth, but more rely on transformations between things. Use category theory to have an exact/provable way of doing that. Cat theory has to follow certain rules. Cat theory kind of abstract but provides a framework for unrelated disparate things. Ryan could say how to algebraicly describe things, which would branch off into… Josh at Uber: come up with schemas, get down to the data/logical layer. Different places to go. Way to translate in from out. Might have multiple different ones, want to map from each one, but if you have a vague interpediary in centralized model, loosely defined that both map to, then have a mapping between the two things. Linked Data problem

• [...]

Linking data together is about machine readability. Involved humans… need to understand. Do it through language. Humans like OCA because can understand data in different languages, makes sense for people. Human element. In that capture space. Want to refine OCA, take out some of the rules parts, masking overlay, conditional overlays, and get it away from OCA as architecture - it convolutes things. OCA only meant for making theings human-readable.

• BIS Annual Report section III. The future monetary system on page 41 in the chart

  Point 5. User control over data—data governance arrangements should ensure users’ privacy and control over data:

  • Today: Users trust intermediaries to keep data safe, but they do not have sufficient control over their data
  • Crypto: Transactions are public on the blockchain—which will not work with “real names”
  • Tomorrow: New data architectures can give users privacy and control over their data

Customer Commons \ Intention Economy

• Making The Intention Economy happen by Doc Searls (& Customer Commons)

• The Intention Economy: When Customers Take Charge | Berkman Klein Center

• https://wiki.p2pfoundation.net/Intention_Economy

• Making The Intention Economy Happen, Part 2 by Doc Searls

This was a small meeting primarily meant to tee up Hadrian Zbarcea’s demo of Customer Commons’ new Intention Byway model for better signaling between demand and supply in markets of all kinds

• https://www.slideshare.net/dsearls/iiw-xxxiiintentionsession

Data Portability

• Europe’s top Data Portability Projects 2021-03-30 NGI
  • ALIAS – automating GDPR portability for applications developers.
  • Checkpipe Charlie – tool for describing and validating data.
  • DIP – Vaccination & Immunization Management using Verifiable Credentials.
  • Domi – SSI-based digital passport to facilitate data portability in the housing rental sector.
  • DPella – Data analyses with privacy in mind.
  • IDADEV-P2P – Blockchain Based Data Portability System
  • OpenPKG – decentralised data provenance system for improved governance and portability of personal data.
  • OpenXPort – Open export of data across different systems and providers.
  • ORATORIO – Energy data exchange platform.
  • Prov4ITData – Provenance-aware querying and generation for interoperable and transparent data transfer.
  • UI-Transfer – complete solution for “user initiated inter-controller and continuous data transfer”

User Control

• The Anatomy Of Personal Data Sovereignty 2021-05-04 Forbes

  The data privacy/control issue isn’t new, but the attitude shift is. People care more, demand more, and the scale of change that has occurred due to the Covid-19 pandemic is major. As we live through times exposing such injustice and inequality, it's becoming evident that this personal data ecosystem needs to undergo a major revamp.

• [Video] Radical Exchange Talk: Data Agency. Individual or Shared? 2021-03-05 IdentityWoman

  Digital networks have centralized power over identities and information, creating problems for both markets and democracy. Does the solution require more shared agency over data? What might that look like? This panel discussion is structured around thought experiments to find solutions to this issue.

• Self Sovereign Identity Systems 2021-04-09 The Passion Pad

  We should have the right to manage our identity, free of any country or the place where we live. By giving this right to the government or any central authority, we give them much more power. Separating data rights from the actual data is important. User should have the right to decide who should have the access to his/her data.

• Self-Sovereign Identity – A Possibility for More Data Control for Users 2020-06-18 DataEthics.eu

  But also, the general populations’ computer skills must be taken into account when designing the solution, along with legal considerations of whether individuals should be allowed to sell sensitive data, such as health data to third parties. If it is legal to monetize personal data, users can be tempted to share personal data in a way that might harm them later e.g. sharing health data and later being denied an insurance. Monetization might also create a gap in the society and the world, having rich people prioritize protecting their privacy while less fortunate citizens might feel like they have no other option than selling their data. Thoughts about the monetization of data need to be considered in a legal context as it has been done with the donation of blood, when creating a self-sovereign identity solution. Furthermore, safeguard measures must be made against discrimination like only providing identity for a selected few, and to ensure that everyone have equal access to creating a trustworthy digital identity.