83 KiB
published |
---|
false |
Public Sector
- MyDex CCI on working with the Scottish Government
Over the past months Mydex CIC has been working for the Scottish Government on a strategy for implementing and scaling a system of ‘smart entitlements’ for the citizens of Scotland.
- Digital Identity Scotland – A beta industry event.
The Smart Entitlements concept is very simple. Its goal is to create a common, easy approach for citizens to access public services that is consistent across multiple service providers. To achieve this, it provides citizens with the ability to store their personal information in an Attribute (or personal data) Store which they own and control.
- Swiss doing SSI
Underpinned by our country’s values, DIDAS is the Swiss ecosystem with the goal to enable an inclusive, privacy-first & frictionless future for our society’s Digital & Data needs. We are advocating for global standards with local governance for digital identities and data sovereignty.
Policy
-
OECD Global Blockchain Policy Forum
The Global Blockchain Policy Forum is the leading international event focused on the policy implications of this technology and its applications, led by the OECD’s Blockchain Policy Centre. Following the second edition of the Forum in 2019, which was attended by more than 1 600 people
-
New Zealand is working with Maori leaders on Identity
Next week we’re celebrating our first Aotearoa Digital Identity Hui Taumata. We’re particularly excited to be bringing you a Kapa Kōrero session with Kaye-Maree Dunne, Jane-Renee Retimana, Belinda Allen and Ben Tairea. The quartet will be exploring perspectives from Te Ao Māori, and the relevance of Te Tiriti in our collective work on digital identity.
Digital Identity New Zealand is having it’s Annual Meeting Dec 10th common bar of acceptance
Digital Identity New Zealand
-
DINZ held the first Aotearoa Digital Identity Hui Taumata
Bianca Lopes and David Birch shared with us their International perspectives and insights, including a whirlwind Identity world tour hosted by Bianca and her team at Talle.
Omidyar Network:
- seeking to better understand the existing laws and institutions
- exploring ways to strengthen the capacity of institutions that uphold these laws
- supporting digital rights organizations throughout Africa to act as checks on technological excesses of both governments and corporations
The GLEIF introduce the vLEI
Taking the LEI one step further from entity identification to individuals is a huge development for the digital identity industry and one that has been supported by our partners at RapidLEI. We wrote a full blog on the story to explain why vLEIs are important and how we expect they can add value to the industry with some solid examples such as mobile driving licenses and healthcare service delivery.
There have been a number of high profile attacks against critical American infrastructure in recent months, including the Solarwinds supply chain attack that exposed much of the government to potential risk. Top of mind in recent days is the ransomware attack against Colonial Pipeline, which significantly impacted the flow of refined oil across America. These attacks expose the vulnerability of critical infrastructure in the United States, and the Biden Administration is issuing federal directives that will minimize or eliminate risk.
Our vision for Inclued is for it to become the de facto choice for two-way, secure citizen engagement that empowers citizens to not only access services but influence what is delivered to them, while giving governments and citizens insight and evidence into the value and impact of working with, not for citizens.
- Catalonia launches a project for Self-Sovereign Identity to empower citizens in the digital world Politiques Digitales
The Government will only act as a validator, giving the tools and a secure legal framework, but it will not in any case have the custody of the data.
The Government of Catalonia has presented IdentiCAT, the new decentralized and self-sovereign digital identity model, which aims to become the first public digital identity at a European level and it will be self-managed by the citizen with the absolute legal guarantee and validity to operate with the public administration and the private sector.
The California Privacy Rights Act of 2020 (“CPRA”) established the California Privacy Protection Agency (“CPPA”). The CPPA has full administrative power and authority to implement the CCPA and CPRA, which basically means that the CPPA will be in charge of updating regulations and adopting new regulations, while enforcement of these regulations will be done by both the CPPA and the Attorney General
It is our goal to make SSI simple and accessible: to enable every developer and organisation to build identity and trust into the web and their applications. Ultimately, this will transform every digital interaction into an effortless and worry-free experience.
FinClusive’s AML/KYC capabilities create verified identity credentials that will be incorporated into MemberPass – Bonifii’s digital identity solution for Credit Unions Through this partnership, U.S. Credit Union members can now establish and maintain verifiable digital identities that enable safe, secure, and touchless experiences for many credit union service
The Lissi Wallet now supports additional cards and convenience features. Import of additional cards The Lissi Wallet does supports verified credentials, custom cards and pk.pass files The Lissi Wallet now supports .pkpass files, as well as other custom cards, in addition to verifiable credentials (first screen). Any card in the wallet that has a bar code or QR code can now be easi
- Adopting eID in Europe and Beyond State of Identity
Digital identity is now recognized as a key building block in digitizing public administration; however, it requires interoperability with private sector use cases to drive value for its citizens.
Raj Hegde is joined by Sebastian Manhart - Technical Advisor on Digital Identity for the German Chancellery to explore governmental reform and understand stakeholder expectations behind the rollout of digital identity projects in the post-COVID era.
You’re invited to participate in an exciting pilot program being launched by ATB Ventures and the Government of Alberta.
- ID Wallet: The German government had long known about IT security vulnerabilities Market Research Telecast
The BSI expresses the problem as follows: “The authentication of the user required to carry out a hotel check-in on the basis of the factors possession (” link secret “) and knowledge (” PIN “) takes place exclusively on the basis of key material that is stored in the Wallet app is saved. ” No specially secured electronic storage and processing medium such as a “secure element” integrated in smartphones is used.
- Introducing the SSI eIDAS Legal Report – Ignacio Alamillo – Webinar 55
The European Commission developed the SSI (Self-Sovereign Identity) eIDAS bridge, an ISA2 funded initiative, to promote eIDAS as a trust framework for the SSI ecosystem. It assists a VC (Verifiable Credential) issuer in the signing process, and helps the verifier to automate the identification of the organization behind the issuer’s DID (Decentralized Identifier)
The Spanish Association for Standardization (UNE) has recently published the UNE 71307-1 Digital Enabling Technologies Standard. This is the first global standard on decentralized identity management, based on Blockchain and Distributed Ledger Technologies (DLT).
- Data: A New Direction — But Which Direction? Alan Mitchell
This is the fifth and final blog in our series about the UK Government’s proposals for data protection reform — “Data: A New Direction”. Previous blogs focused on the thinking behind the proposals. This blog summarises what the main proposals are.
- Joining forces towards European digital credentials European Commission
- MetaMUI and Sovereign Yidindji Government launched 1st self-sovereign identity-based National ID system Cointelegraph
We are delighted to announce that our first E-Government pilot program with the Sovereign Yidindji Government has been successfully completed on Jan 7, 2022.
The key differences between federated and decentralized identity systems - An analysis of a few notable government-led projects, such as Aadhaar (India), Verify (UK), eIDAS (EU), and the Ontario Digital Identity Program (Canada) - What decentralization means for portability, scalability, flexibility, and privacy - How governments and commercial organizations can enhance existing federated identity systems with verifiable credentials
- SURF: Technical exploration Ledger-based Self Sovereign Identity Identity Economy DE
As a general concept, the privacy-friendly nature of SSI, end-user control over disclosure of personal information, and the SSI trust model aligned well with the public values typically found in R&D. The platform we used (based Hyperledger Indy) allowed us to successfully run all use cases. The platform delivers on SSI's promises of privacy, scalability, and security.
Composed of the desk, wallet and gateway, SSI+ offers a complete solution for issuers, holders and verifiers of verifiable credentials (VCs) to get started with self-sovereign identity projects today. After evaluation of the emerging SSI frameworks, we determined that Hyperledger Indy delivers today the strongest privacy guarantees, interoperability and maturity.
Welcome to lucky episode number 13! Your new host Aubrey Turner, Executive Advisor at Ping, is thrilled to welcome Katryna Dow, CEO & Founder of the award-winning data platform Meeco. Katryna discusses Meeco’s mission to enable everyone on the planet access to equity and value in exchange for the data and information they share. She talks about why she saw a need for Meeco’s services, what we need to know as we approach a more “physigital”world, and how her vision all started with a Tom Cruise film.
Emphasis ours
The idea behind ID-Ideal is to create a basis for existing and future identity services. To achieve this, interoperability between the individual ecosystems is necessary. For this reason, the project mainly focuses on key aspects:
A) Trust Framework: harmonize various ID services and create standards for secure digital identities
B) High relevance to everyday life and very good usability to increase the incentive
C) Establishing a TrustNest initiative: an open community that promotes certification, exchange, and further development
- IRS Using Facial Scanning Phil Windley
The IRS will use ID.me's authentication and identity proofing service exclusively starting sometime this summer. The identity proofing portion employs facial scanning by a third party, causing some concern.
- Rough Seas Ahead People MoxyTongue
Commentary from the man who invented the term Self-Sovereign Idenitty on the ID.me situation with the IRS.
Humanity does not come into existence inside a database. The American Government does not come into authority "of, by, for" database entries.
People prove birth certificates, birth certificates do not prove people.
- IRS Will Soon Require Selfies for Online Access Krebs on Security
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me
critical questions of user experience and acceptance can be validated in real life. The findings and results will feedback into further development of the systems and hardening of security and privacy. This is also a great practical way to identify legal aspects that need clarification or even potential changes in the relevant laws
- THE IRS AND ID.ME: PRIVACY OPTIONAL Trust Over IP
While it is not clear why the IRS would relinquish this extremely sensitive capability in its entirety to a single, private-sector entity using a proprietary solution, there are clues
- The time for the eIDAS Bridge ValidatedID
The main goal of this new program was to provide an implementation of eIDAS bridge and to proof the interoperability between different provider implementations. Validated ID was selected to participate in part of the Call 1 of infrastructure. The results of this project are available as open source. If you are interested in digging into the code, you can find it all in the following repositories: our open source version implementation and the SSI eIDAS Bridge interoperability performed with SICPA.
With the transition to the web 3.0 ecosystem, the development of distributed registries (blockchain technology) and the regulatory environment that is forcing digital players to favour privacy by design, the ISS approach will become the new standard, whether for entering into customer relations, managing digital identities or ensuring compliance of administrative processes in companies and institutions.
The document in particular outlines the EUDI Wallet:
The EU Commission published the long-awaited Data Act on February 23, 2022. This is a progressive legislative proposal to increase access to data for the users of connected products suchs as Iot devices and related services. It is a significant move towards realising the MyData principle of portability, access, and re-use as well as the principle of interoperability. It will potentially also move the needle towards the shift from formal to actionable rights in terms of the right of data portability. With such a progressive agenda, the proposal will certainly also face significant opposition and counter-lobbying from those who stand to benefit from the status quo.
Efforts are underway around the globe to promote new trust models between governments and citizens that promotes privacy and improves how trust is established between entities sharing information. Now is the time for the US government to consider and adopt the ToIP Framework as a starting point to not only support ZTA but promote greater privacy in information sharing within its ecosystem.
Problem 1: Unique wallet IDs
Problem 2: Remote Wallet Kill Switches
Problem 3: Wallet Content Restrictions
Problem 4: Private Sector Restrictions
Exciting New Opportunities for eIDAS 2.0
Opportunity 1: Basic or Enhanced Wallets
Opportunity 2: Turning Regulations Into Revenue
Opportunity 3: Person-to-Person Verification
Opportunity 4: Secure messaging.
The proof of concept stage is where the Canadian government tests digital credentials use cases in cooperation with regulators and organizations to advance the adoption and maturity of digital credentials technology. The National Digital Trust Service aims to enable Canadians and businesses to issue, use and verify digital credentials during transactions.
All forms of face recognition are a menace to privacy, free speech, and racial justice. This post explores many of the various kinds of face recognition, and explains why all must be addressed by laws.
- International Thank You Day Jolocom
Today, January 11, is the International Day of Gratitude. What better time then, to tell partners that you cherish their work and thank them for the inspiration they have given you? We at Jolocom reflect on amazing projects that became possible by joining forces with partners such as T-Labs, Bundesdruckerei, Stacks, and TIB – the Technical Information Library Hanover.
Our Self-Sovereign Identity initiative with SwissSign, the canton of Aargau and cardossier clearly shows: Even if there are still uncertainties regarding technical maturity and governance – SSI is happening and brings major advantages in data protection and cross-organizational digitization.
- Who Do You Trust With Your Wallet? State of Identity (not ssi)
Sweden's Freja eID is a pinnacle example of government-approved digital identity, all from the convenience of your mobile wallet. Join host Cameron D'Ambrosi as he kicks off 2022 with Kristofer von Beetzen, Chief Product Officer of Freja eID. They dive into the burning questions for eID including who should control identity, why and when you shouldn't host identity data yourself
prompted by the UK Government’s proposed reforms of data protection law contained in its consultation paper Data: A New Direction.
- […]
Under the banner of tackling ‘consent fatigue’, abolish citizens’ right to consent to the collection and use of their data: achieved by expanding the definition of organisations’ ‘legitimate interests’ (where they don’t have to seek consent) to cover almost every activity
- Your digital identity and credentials New South Wales
Help us make it easier for you to do things like open a bank account, buy a phone, start a new job, prove your age or enrol to study.
KYC-Chain will enter a partnership with enVoy. enVoy offers sustainable DeFi, tokenized letters of credit, realtime x border payments, and tokenized documentation for the supply chain removing risk and creating trust for third-party trade on an end to end ESG and sustainable supply chain journey.
The Department of Labor’s Occupational Safety and Health Administration (OSHA) recently released a rule on requiring all employers with 100 or more employees to ensure their workforce is fully vaccinated or require any workers who remain unvaccinated to produce a negative test result on at least a weekly basis before coming to work.
This rule impacts ~80 million workers — every company in the S&P 500
While the structural difference between SSI approaches and conventional centralised or federated eID schemes is, on one level, profound (full control over data and identity with the user; no third-party intermediary between the user and the service provider), on another level, these differences may also appear highly abstract to ordinary users. What societal and economic consequences they may unfold remains, so far, little understood, also because research on the real social and economic effects of SSI solutions is only beginning.
The LEI’s legacy is proudly rooted in financial services and regulation. Its future, however, undeniably points beyond to broader, digitized adoption and utilization across public and private sectors around the world. The Global LEI System is the only open, commercially neutral, and regulatory endorsed system capable of establishing digitized trust between all legal entities everywhere. It was established as a public good, and GLEIF remains committed to ensuring that every last drop of value is wrung from the system, and used to the benefit of all.
-
Recognizing Digital Identity as a National Issue
we dove into creating a centralized and holistic approach to protecting and regulating identity in the United States and the specifics of why digital identity and cybersecurity are national issues that the private sectors simply cannot tackle on their own. Here are some of the key takeaways.
My interest was first piqued when I came across three videos on YouTube from Rachel Botsman, Jordan Perterson and Philipp Kristian Diekhöner.
Trust has always been at the centre of society overall and commerce in particular. There’s a reason why during the first industrial revolution banks always built the most impressive, secure looking buildings in town – so you trusted them to deposit you money there!
One key aspect outlined in Section 4 of the Executive Order (EO) is securing the software supply chain. At issue here is the reality that the U.S. federal government—like nearly any other organization on the planet that uses computer technology in any form—relies on not just one but numerous types of software to process data and run operational equipment.
-
The keystone foundation companion to the Blockchain is Digital Identity DigitalScot
The building block of digital identity ecosystems are ‘verifiable credentials‘, the core mechanics for forming these ecosystems through sharing Identity data between collaborating partners, exemplified by initiatives such as the EU’s recent announcement and explained here by the OIX Identity forum.
-
RaonSecure builds a blockchain-based digital wallet service with a public institution
Selection of RaonSecure as the final operator of the ‘blockchain-based digital wallet project’ that is part of the ‘2021 Blockchain Pilot Project’ program promoted by the Korean government
- The Trust Economy in a Future New Zealand
Now with the 4th industrial (digital) revolution the old vertical, siloed trust models are breaking down and we are moving to a more horizontal, distributed environment.
- A Collaborative Approach to Meeting the Challenges in President Biden’s Executive Order on Improving US Cybersecurity
One key aspect outlined in Section 4 of the Executive Order (EO) is securing the software supply chain. At issue here is the reality that the U.S. federal government—like nearly any other organization on the planet that uses computer technology in any form—relies on not just one but numerous types of software to process data and run operational equipment.
- South Korea’s brilliant decentralized approach to citizen identity management TechWire Asia
Adopting blockchain technology is seen as a necessity by the Korean government and multiple institutions are backing its continuous research and development, including the Ministry of Science and Technology (ICT), The Korea Internet Security Agency (KISA), Defense Acquisition Program Administration (DAPA), National IT Industry Promotion Agency (NIPA), and Korea Post among others.
- Apple iPhones Can Soon Hold Your ID. Privacy Experts Are On Edge
Elizabeth Renieris, a fellow at Stanford University who studies digital identification systems, said the feature may be easy-to-use and save time. Those conveniences, however, come at a cost: Turning every instance in which we show our ID into a business opportunity.-
- The Future of Digital Identity in Canada: Self-Sovereign Identity (SSI) and Verified.Me SecureKey
Verified.Me ensures that only authorized attributes are shared with explicit user consent. The service bridges together multiple participants within a common ecosystem to verify the identities of users securely and privately across the participating organizations with others within the group.
- Three Key Takeaways from the FATF’s Latest 12-Month Review on Virtual assets Elliptic
Financial Action Task Force (FATF), the global standard-setter for anti-money laundering and countering the financing of terrorism (AML/CFT), released its second 12-month review on virtual assets (You can read our summary of its first report from July 2020 report here).
- Towards a universal, self-sovereign and privacy preserving digital identity for the public sector Impulse
The EU-funded IMPULSE focuses on building a decentralised Self-Sovereign Identity (SSI) model by combining two of the most promising technologies available today, such as Artificial Intelligence and blockchain networks, with the aim of facing the limitation of the existing electronic identification systems in the public sector..
- What does the EU Wallet mean for self-sovereign identity? Fintechtalents.com
While the EU wallet may not align entirely with every principle of self-sovereign identity, it is certainly a massive leap in that direction.
IDnow joins IDunion, the network initiative for digital identities funded by the Federal Ministry for Economic Affairs and Energy (BMWi)
The Blockchain Research Institute™, in collaboration with the Washington DC based Chamber of Digital Commerce and other experts have produced a 120-page report on how the Biden-Harris administration could reimagine US technology strategy and policy—and take action to implement it.
Digital access to the attributes these documents contain can solve these issues. It can also have benefits such as improving inclusion. If you do not have a passport, perhaps another government service can validate your age. There are also opportunities for data minimisation by disclosing only that information which is required (for example, that you’re over 18), rather than full disclosure of your data, including your date of birth, name, or address.
The consultation sets out how the government can build confidence in digital IDs so they have a similar status in law as physical proofs of identity that businesses and individuals already trust.
With a buyable solution like Auth0, state administrations are able to roll out digital services in days versus years for a custom-built in-house solution. The back-end of Auth0’s solutions are pre-built, allowing teams to customize quickly with low to no-code inputs from a development team to get a new release deployed faster.
- Do we really need (or want) the State to provide us with digital identification? LIberatarianism.org
With identity being the missing link, the advent of self‐sovereign identity could finally bring ambitious projects like Bitnation to fruition. This virtual blockchain jurisdiction wants to establish a blockchain‐based self‐administration or, as the project itself advertises, “a toolbox for do‐it‐yourself governance.” With the concept of self‐sovereign identity being implemented properly, new digital nations such as Bitnation could compete against old territorial tax states.
The cooperation agreement envisages the design and conceptualisation of a cross-border pilot to be implemented in the near future, with a view to contributing to the development of the European Union’s Digital Identity Framework, recently announced as part of the eIDAS Commission proposal.
Excelsior Pass Plus, a result of the strategic partnership between New York State and VCI, will provide New Yorkers safe access to retrieve a secure, digital copy of their COVID-19 vaccination record using the SMART Health Cards Framework - making their interstate and international travel and commerce experiences safer, contact-less, and more seamless.
From the moment the parents register a child with the Municipality, the official identity is recorded in the Personal Records Database and you will receive a Citizen Service Number. Will it soon be replaced by a digital identity, or a Self-Sovereign Identity? In this article I will tell you all the ins and outs about this new form of identity.
When it comes to identity management the involvement of the government can be a tricky topic. It needs to be involved to enable access to public services, adapt legislature and guarantee equal access for its citizens. However, it should not be able to control or monitor all aspects and activities of its citizens. Self-sovereign identity (SSI) might for some imply, that a citizen is suddenly able to issue his own ID-card, which isn’t the case. Governments are still the primary source of foundational identities."
The Ministry of Public Administration and Security (MOIS) is working on the implementation of a national mobile driver’s license in the form of a blockchain-based Decentralized Identifier-based (DID) System. LG CNS and RaonSecure are in charge of the project and are currently building it.
- The Roles of Government & The Private Sector in a Digital ID Program with Sebastian Manhart Northern Block
we dive into what’s happening within the Digital ID landscape within Europe. Sebastian Manhart is very well positioned between policy and technology in the European Union. In this episode of SSI Orbit, he shares his experiences and future projections.
Jolocom is currently working on the project “ONCE – Online einfach anmelden” (simply register online – ONCE) alongside a number of prestigious partners, with the aim to bring the digital identity of any citizen onto their smartphone.
The project is part of the competitive innovation programme “Showcase Secure Digital Identities” (SSDI) funded by Germany’s Federal Ministry for Economic Affairs and Energy (BMWi) and one of four projects that qualified for the implementation phase.
We do not have to look back further than the global economic collapse of 2008 to fully understand the worst-case scenario of unverified legal entities engaging in financial transactions. The LEI was created at the request of the G20 and Financial Stability Board (FSB) in response to this global catastrophe.
After rejection of the e-ID Act in March 2021, the Swiss Federal government is working at full speed on a new proposal. The first results were published in a discussion paper on September 2. Self-Sovereign Identity (SSI) is one of three possible solutions proposed for the implementation of the future e-ID. What is SSI is and why does it bring significant added value in terms of data privacy?
- Digital identities: German-Finnish cooperation agreed Bundesregierung
The content of the joint declaration is close bilateral cooperation in the development of a cross-border ecosystem of digital identities based on the principles of Self-Sovereign Identity (SSI).
Following the launch of GLEIF’s digital business identity initiative designed to bridge the trade finance gap in Africa, we’re catching up with our key partners to hear their thoughts on how the project will bring about greater financial inclusion for SMEs on the continent and beyond.
In 2021, 22 projects were selected to become part of our incubator programme to help tap into the potential of the EBSI infrastructure. Each project's private and public sector partners was given early access to the pre-production environment of EBSI, and was invited to develop their own pilot project to address a specific business or government use case involving the exchange of verifiable credentials.
With the help with the EBSI team, Early Adopters can identify how to connect their systems, be part of a community and collaborate with other Early Adopters. This will help us improve EBSI's services and ensure it meets the needs of Europe's businesses and public administrations, within and across borders.
- A summary of findings from government-led public consultations on digital identity
- An overview of Ontario’s Digital ID technology roadmap, and discussions about the technology stacks and infrastructure
- Ontario’s proposed conceptual model for digital identity, and the principles that inform it
In their final recommendations, the researchers from INNOPAY and TNO argue that in view of the social value of digital data exchange, the government would do well to play a driving role in the further consolidation of the SSI playing field. That starts with creating clarity about the relationship between the Digital Government Act and the EU Digital Identity Wallet.
Government should adopt a simple, existing standard for its digital ID system, such as the public-key infrastructure (PKI)-based system in use within many European countries. PKI offers a number of security and privacy benefits that the TDIF aims to have; however, as no central authority is involved in authentication, no entity can meaningfully track user activity.
The ID wallet for the digital driver's license is not only technically immature. Government data show: the allocation was not transparent, security checks were incomplete - and the possible direction is questionable.
- Three Governments enabling digital identity interoperability Heather Vescent
On September 15, 2021, I moderated a panel with representatives from the United States Government, the Canadian Government, and the European Commission. Below is an edited excerpt from the panel
What use cases should a National Digital Identity program prioritize in collaboration with the private sector? As use cases become verticals of their own, what are then some of the horizontal considerations that need to be applied to enable all of the use cases to function within their relative ecosystems?
- Ontario Releases Technology and Standards for Digital Identity Ontario Newsroom
“Our Ontario Onwards: Action Plan first announced our government’s goal to make Ontario the most advanced digital jurisdiction in the world – all in the service of the people of this province,” said Peter Bethlenfalvy, Minister of Finance. “The release of Ontario’s Digital ID later this year will be an exciting step towards transforming and modernizing government services in an increasingly digital world.”
An incubator to help Early Adopters and their partners imagine, build and launch their EBSI pilot project(s)
- A key place for Identity in the Digital Strategy for Aotearoa < - Colin Wallis will now head Digital Identity.nz
Our government is embarking on a journey to create A Digital Strategy for Aotearoa that seeks to respond to the social, economic, education and cultural opportunities from digital technology, along with the risks that these technologies can bring.
Excelsior Pass Plus will be compatible with the globally recognized SMART Health Cards Framework developed by VCI. VCI is a coalition of 570 public and private organizations including major health networks and Microsoft.
- Declaration for Cooperation and Exchange of Best Practices in the Field of Self-Sovereign Identity Between the Federal Republic of Germany and the Republic of Finland theinternetofthings.eu
- PIPL: A game changer for companies in China DataProtection
China passed its Personal Information Protection Law (PIPL) on 20 August 2021. This is China’s first omnibus data protection law, and will take effect from 1 November 2021 allowing companies just over two months to prepare themselves.
Apple has revealed a handful of states that it is working with to develop virtual, mobile driver’s licenses, and confirmed that the Transportation Security Administration will accept is mobile IDs
Excelsior Pass Plus expands travel and commerce opportunities for New Yorkers by enabling compatibility with New York State’s Excelsior Pass platform which has generated three million passes since its launch in March that provide digital proof of vaccination or a negative test result.
- Data Sovereignty and Trusted Online Identity IEEE Beyond Standards
IEEE SA co-organized a discussion panel at the Pan-European dialogue on Internet Governance (EuroDIG) conference, an event known for its frank and interactive discussions of public policy issues surrounding internet governance. Messages coming out of the discussions will be presented at the Internet Governance Forum (IGF) later this year.
-
Navigating Digital Identity in Political Economies RxC Panel IdentityWoman.net
the world is fundamentally social and intersectional — we are all part of networks. So how might we formalize digital identity in a way that better reflects this complex reality?
The NSW Government has established a Digital Identity Ministerial Advisory Council (DIMAC), that will advise on a strategic direction and roadmap for digital identity in the State.
-
The consultation is open to any member of the public and closes on 13 September.
-
LG CNS wins Korean government contract for decentralized identity for driver’s licenses Ledger Insights
Adopting DID technology provides numerous benefits but two stand out. Firstly, it should make it far harder to forge a license because credentials can be verified. Additionally, OmniOne includes FIDO biometric security. The second key benefit is that an individual can choose how much data to share.
Competition \ Public sector
Explore the next frontier in account security with secure-by-design, public-key-based credentials that use the Web Authentication standard. Discover in this technology preview how Apple is approaching this standard in iOS 15 and macOS Monterey.
Apple’s approach to passwordless is not particularly unique since it adheres to the FIDO standard, however their implementation and approach to the credential recovery problem is unique and relevant to enterprises. One refreshing aspect of their messaging and stance on authentication is their dedication to eliminating shared secrets.
Apple’s story is more about individual convenience in service of Apple. When it comes to the Big in Big Tech, Apple’s as Big as they come — all while being renowned control freaks. Their top-down approach to digital identity isn’t about portability or interoperability, it’s about strengthening their platform moat, where Apple takes a 30 percent cut on all sales.
-
What US states will support Apple Wallet digital identity cards? CNet
-
Now Apple wants to store your driver’s license on Apple Wallet Mashable
Central banks are realising CBDCs will have to be intimately linked to identity to deal with illicit finance and bank disintermediation risk
- What Does Trust Over IP Mean for Governments and Their Citizens?
credentials can help reopen travel, reduce the costs and improve access to healthcare, streamline KYC and financial transactions, and help connect students with employers needing their skills—all while saving governments billions in the costs of connecting and protecting their digital infrastructure. [...] featured speakers from Evernym, Mastercard, LG CNS, Accenture, GLEIF, and other[s]
- Data: Governance and Geopolitics
How data is governed can be thought of along several lines of activity: legislating privacy and data use, regulating content, using antitrust laws to dilute data monopolies, self-regulating by the tech giants, regulating digital trade, addressing intellectual property rights (IPR) infringement, assuring cybersecurity, and practicing cyber diplomacy. Of these, antitrust, regulation, and privacy are most immediately in the spotlight, and are the focus of this commentary, but it will also touch briefly on the connections with other issues.
- Kiva Protocol, Built on Hyperledger Indy, Ursa and Aries, Powers Africa’s First Decentralized National ID system (CASE STUDY)
Since the launch of Kiva Protocol, Davie says global regulators have made significant progress in terms of how they are considering digital identity and eKYC verifications. He sees a global movement towards user-owned and -controlled data, better privacy, and more universal access.
[...] As of today, Kiva is focusing on building additional ecosystem applications and services to make it easier for all stakeholders to access and use Kiva Protocol. Much of this is being contributed upstream into the Hyperledger Indy and Aires projects, with the remaining components hosted in Kiva’s repository.
- Digital identity in the UK in 2021 with TrueProfile.io’s René Seifert (podcast)
In episode 37, René Seifert talks about the current status of identity in the UK; the government’s recent call for evidence and DIU (digital identity unit); the resultant six guiding principles – including privacy and inclusivity; the potential of self-sovereign identity to solve some of these issues; TrueProfile.io and the importance of verified credentials in an HR context; plus the ethical, political and technical challenges of ‘immunity passports’.
- Catalan government announces self-sovereign identity project
The government of Catalonia announced its plans for self-sovereign identities (SSIs) for citizens based on blockchain technology. The project, named IdentiCAT, was revealed by the President of Catalonia Quim Torra and will allow citizens to be the “owner, manager and exclusive custod[ian] of his identity and data”.
- IDunion: An open ecosystem for trusted identities
- IDunion (formerly SSI for Germany) has completed the competition phase of the innovation competition “Schaufenster Sichere Digitale Identitäten” and is applying to the Federal Ministry of Economics and Energy (BMWi) for the next phase of the innovation competition.
- The use of decentralised, self-sovereign identities for natural persons, companies and things is to be tested in over 35 use cases from a wide range of sectors.
- The project involves 26 well-known public and private partners.
Many folks within the identity space see VC infrastructure as the future of identification. If much of our online identity is reputation based, then VCs represent a formal method for linking reputations and vouching for others to form a web of trust within which individuals are able to conduct identity transactions in a less centralized way.
While the tools may already exist to solve the government’s identity crisis, real progress will only be made if governments significantly evolve their legacy approaches to digital identity.
- Showcase programme “Secure Digital Identities” Digitale Technoligen DE
With this innovation competition, the Federal Ministry for Economic Affairs and Climate Action (BMWK) is directly contributing to Germany’s digital sovereignty and data security on the Internet. The measure aims to strengthen the confidence of citizens and companies in digital transformation. The envisaged proposals should also be aligned with the needs and opportunities of small and medium-sized enterprises and enable them to implement and use Secure Digital Identities.
On December 14th, Joao Rodrigues, Head of sector (Digital) Building Blocks at @European Commission participated in an #ebcTALKS of the European Blockchain Convention about "Where do we stand on Self-Sovereign Identity"?
In 2021 the European Commission announced the European digital identity wallet. This article explains the basic concepts, highlights the significance of this development and provides an overview of the status quo.
tech standards that the provincial government says it is currently considering include the Verifiable Credentials Data Model 1.0 for data modeling, Decentralized Identifiers (DIDs) v1.0 for key management, JSON-LD 1.1 for data formatting, OpenID Connect as identity standard, BBS+ Signatures 2020 and Ed25519 Signature 2020 for signature format, Self-Issued OpenID Provider v2 and more for interoperability.
Organization
The funding call is within the Digital Europe Programme (DIGITAL) topic 5.3.1.2 which requests support to implement the European Digital Identity Framework and the implementation of the Once Only System under the Single Digital Gateway Regulation. Up to €37m funding is available.
- Public Spending: One Way to Solve Many Problems Digital Scot
“We will identify where there may be shared interest, duplication or overlap in intended policy outcomes over multiple portfolios. Where there is, we will look to develop a more effective and efficient cross-government solution.”
European Union
The concept of digital identification is already well established, and using a smartphone to board a plane or prove vaccination status is second nature to many millions of people. In the EU however, while many states have made electronic identification available and domestic use is growing, the development of internationally accepted electronic identity (eID) systems has been piecemeal and inconsistent.
-
EU digital wallet: the race is on for pilot funding, tech supremacy, hearts and minds Biometric Update
-
eIDAS 2.0 is fast approaching. By September 2023, European Union citizens will have the right to download and populate a digital identity wallet on a smart device. In less than 18 months, Europeans may no longer need physical credentials to travel, work and live anywhere else in the bloc. But are they ready?
We at Validated ID have been betting on EBSI since the beginning. We started working to become conformant wallet providers since the very first version of Wallet Conformance Tests (WCT) was published. The process of preparing our solution to become conformant has allowed us to appreciate how remarkable EBSI's work has been.
Canadian Digital Identity
Today’s budget announcement keeps the importance of secure and privacy protecting digital ID in our windows and more work needs to be done to develop this path based on citizen consent, control, and trust. We look forward to collaborating with the government on consultations to support these imperative next steps while finding ways to combat misinformation that surrounds it.
-
Report on the Adequacy of Identity Governance Transparency – DIACC Special Group Insights
-
This report looks at Transborder use of digital identity in the context of international transfer, control, and access to private/personal data between Canada and the European Union. In particular, it looks at such data transfer considering the obligation to inform individuals during data processing and investigate into the adequacy of transparency and notice for international data transfer.
-
Canadians Want user-centric Digital ID aligned with their values DIACC Research
-
2021 Research Report • Multi-page Synopsis • One-page Synopsis
Establishing a trusted digital ID will allow people and organizations the choice to verify themselves online securely, while protecting personal information with no user traceability. It offers a decentralized, privacy-enhancing solution for both the private and public sectors.
Sloan invoked the specter of China while discussing the petition, suggesting that any digital identity program would be akin to a social credit program that gives the government too much control over the personal lives of its citizens. New Zealand
In April 2022, DINZ launched a broad-scope members’ Working Group in response to the increasing challenges for some groups in society to participate fully in Aotearoa’s digital transformation, with the aim of providing baseline supporting guidance to inform policy and service design.
- DINZ’s annual Consumer Research Digital Identity NZ
Scrolling Infographic! It looks fun and has some good info in it.
‘Do the best you can until you know better. Then when you know better, do better.’ These wise words from Maya Angelou encapsulate the key findings from our 2020 trust and identity research.
- Summary of Public Engagement of the Digital Strategy for Aotearoa discussion document New Zealand Govt.
The discussion document stated that a Digital Strategy for Aotearoa (the Strategy) would need to respond to the social, economic, education and cultural opportunities from digital technology, along with the risks that these technologies could bring.
- Principal Authority – new article on Wyoming law defining Digital Identity Christopher Allen (Thursday, 16 September)
What we've found as a good framework is the concept of "Principal Authority" which comes from the Laws of Agency, which allows us to leverage fiduciary style Laws of Custom to define requirements for practices when digital identity is delegated to others (whether for authorization or for use of data).
I've written up a layman's article (as I am not a lawyer) introducing this topic at:
-
https://www.blockchaincommons.com/articles/Principal-Authority/
-
On why revocation is important... Mike Prorock (Tuesday, 24 May)
Yikes!
For those that didn't read the article, the TL;DR is:
Tough to forge digital driver’s license is… easy to forge... 4 million mobile driver's licenses in NSW Australia compromised in an unrecoverable way.
In a search that started in October 2021, the province was considering vendors to potentially initiate digital ID, meant to replace the need for physical ID cards. According to RFP documents, the selected vendor would have worked with SGI for facial verification, but final details on accessing the photo database weren’t finalized.
Tampa-based Schellman, a leading provider of attestation and compliance services, announced today that it is joining the Trust over IP Foundation (ToIP) as a Steering Committee member. As the first IT audit firm to join the leadership of ToIP, this move represents Schellman’s belief in the growing suite of digital governance specifications and tools being developed by ToIP Working Groups.
- New Video: MetaMUI SSID Sovereign Wallet
MetaMUI SSID is the world’s first true Self-Sovereign Identity Application that enables running Blockchain-Based E-Government System, and CBDC payments on top of MetaMUI Blockchain.
- Building a Swiss Digital Trust Ecosystem – Perspectives around an e-ID ecosystem in Switzerland DigitalSwitzerland
An initial contribution to the ongoing meta-level debate about the development of the e-ID ecosystem in Switzerland.
- Perspectives around building an e-ID ecosystem in Switzerland DigitalSwitzerland
The transition to an ecosystem of digital credentials, initiated by the federal government’s directional decision, is a generational project that requires input from – and collaboration between – government, the private sector, academia, and civil society. This document is intended to serve as an initial contribution to the ongoing meta-level debate about the development of the e-ID ecosystem in Switzerland
The Biden administration, in coordination with 60 other countries, on Thursday unveiled a “Declaration for the Future of the Internet” that “reclaims the promise of the Internet in the face of the global opportunities and challenges presented by the 21st century.”
- Senate Asks FTC to Investigate ID.me for Deceptive Business Practices FindBiometrics
- Drafting of the eIDAS 2.0 report with amendment tracking Europa.eu
Kaliya is working on a commentary about it
Vedran L. Head of Office at European Parliament has released a draft report with tracking of amendments on the proposal for a regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity
The Decision to make EBSI software available for licencing under the European Union Public Licence is an example of how the European Commission is not only using, but also contributing to the open-source community and thereby growing the ecosystem around EBSI.
-
Meet the eSSIF-Lab ecosystem: “Completing the Framework” Programme participants
-
PCDS-DP - Product Circularity Data Sheets Digital Passport
-
ESSIF - 4 Logistics SSI based authorization for cross- border government and business representatives in logistics
-
Symfoni AS - Infrastructure to facilitate payments for verifiable credentials
-
Datarella GmbH - Go Aries – Enabling CL-Support on Aries Framework Go
-
ID.me’s legal woes are continuing to escalate. The company is now staring down the prospect of its second federal investigation in as many months, after the House of Representatives’ Oversight and Reform Committee initiated its review in April.
-
Enhancing the Privacy of Mobile Credentials, with John Wunderlich Ubisecure
what are the challenges and solutions surrounding mobile credentials, what is IAM’s role in this and how systems need to be developed around trust.
- New Report on Limits of “Consent” in New Zealand's Data Protection Law - Future of Privacy Forum FPF (report
- notice and consent requirements for processing personal data in New Zealand’s data protection law;
- the status of alternative legal bases for processing personal data which permit processing of personal data without consent if the data controller undertakes a risk impact assessment (e.g., legitimate interests); and
- statutory bases for processing personal data without consent and exceptions or derogations from consent requirements in-laws and regulations.
“The results of the survey certainly underline the need for this pioneering European initiative aiming at offering the most convenient user experience (UX) at the highest level of security,” the company adds
- The New Draft Law on eID Switzerland Procivis
Yesterday's media conference and published media release opened the consultation process for the new E-ID law, which will last until October 20, 2022.
The preliminary draft of the federal law declared the purpose of the E-ID to be to ensure "secure identification by means of E-ID among private individuals and with authorities". The protection of the personality and fundamental rights of individuals is to be provided by the following principles defined in the law:
- Data protection through technology
- Data security
- Data economy
- Decentralized data storage
- Leading the digital trust conversation DI NewZealand
the Digital Identity Services Trust Framework Act has the potential to provide a game-changing regulatory foundation for the identification and authentication components of services delivered through the digital channel. Those services that choose to be independently audited for compliance against the Framework’s security and privacy oriented rules and standards to become accredited, would then be able to differentiate those digital service brands through displaying an accreditation mark.
A Set of Recommendations for Blockchain-Based Interoperable, Privacy-Preserving, Regulatory Compliant, Secure and Standardized Digital Identifiers, Credentials, and Wallets.
As the details and technical architecture of the EU Digital Identity Wallet at the time of writing are still unknown, this analysis is based on what is currently known or can be assumed.
The SSI principles of existence, access, interoperability, consent, minimalization, and protection will likely be fulfilled by the EU Digital Identity Wallet. It will allow citizens to have an independent existence.
- The international digital identity industry has moved comprehensively towards decentralised verifiable credentials and strong client-side authentication tools (especially through the FIDO Alliance; Australia needs to catch up with these standards.
- The Australian states are implementing digitised credentials at a rapid rate, refocusing from Who a citizen is, to What attributes and claims they need to prove online; DTA risks being left behind by these developments.
-
Lockstep Submission – AU Digital Identity Legislation Phase 2 210714
-
Lockstep Submission – Trusted Digital Identity Legislation Phase 3 211027
-
Analyst Chat #134: How Self-Sovereign Identities Will Influence Public Services KuppingerCole
Europe
Below you will find a series of publications that will walk you through the technologies that make it possible for Public Administrations and Businesses to easily verify and trust information received directly from Citizens (or Businesses).
TR Ministry of Foreign Affairs Directorate for EU Affairs organized an EU Programs and Project Opportunities Hybrid Workshop on May 11-12, 2022 [...]
You can click to watch all the presentations from the event:
11 May 2022: https://www.youtube.com/watch?v=GKlgfRSCeXI
12 May 2022: https://www.youtube.com/watch?v=DQIgwVJvFuE&t=28020s
Based on technology, the GovTech agenda is driven by the GovTech Solutions Group (GSG) and GovTech Global Partnership (GTBP) under Governance Global Practice (GGP). But what does GovTech do? What are its objectives and challenges, and how can it best fulfill them
Self-Sovereign Identity and each individual's responsibility to safeguard their identity are crucial for the protection of personal data.
- Google is bringing Electronic IDs to Android VentureBeat
very soon, we will launch another Jetpack compatibility library that app developers can use immediately to write such apps for various DMVs or whatever cards — in the future, maybe even travel documents, although that kind of standardization for international travel is even further out.
USCIS make public announcement about their plants to use Verifiable Credentials for Immigration credentials
Very interesting #FedID presentation on @USCIS plans for digital immigration credentials. Looking to use the @w3c Verifiable Credentials standard - this may be the first use of VCs at scale in the US government.
January Walker is running for office in Utah’s 4th district
FTC begins a process around regulating Commercial Surveillance and ensuring Data Security
The comments on its 95 questions are due October 21.
See the comments Kaliya made in her 2 min along with links to the questions and more information about the process.