16 KiB
published |
---|
false |
USA
The Biden administration, in coordination with 60 other countries, on Thursday unveiled a “Declaration for the Future of the Internet” that “reclaims the promise of the Internet in the face of the global opportunities and challenges presented by the 21st century.” 2022-04-28
-
Senate Asks FTC to Investigate ID.me for Deceptive Business Practices FindBiometrics
-
Recognizing Digital Identity as a National Issue
we dove into creating a centralized and holistic approach to protecting and regulating identity in the United States and the specifics of why digital identity and cybersecurity are national issues that the private sectors simply cannot tackle on their own. Here are some of the key takeaways.
FATF
- Three Key Takeaways from the FATF’s Latest 12-Month Review on Virtual assets Elliptic
Financial Action Task Force (FATF), the global standard-setter for anti-money laundering and countering the financing of terrorism (AML/CFT), released its second 12-month review on virtual assets (You can read our summary of its first report from July 2020 report here).
- What Are the Six Key Areas of the FATF Consultation? Elliptic
On March 19th, Paris-based Financial Action Task Force (FATF), the global standard-setting body for anti-money laundering and counter-terrorism finance (AML/CFT), released its Draft Updated Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers. Or, in compliance acronym speak the FATF's draft guidance for its RBA to VAs and VASPs.
- FATF and Global Crytpto Regulatory News
The Financial Action Task Force (FATF) held its winter Plenary session on 22nd, 24th, and 25th February and welcomed over 205 delegates to its third virtual conference since the start of the pandemic.
- DeFi regulation must not kill the values behind decentralization Cointelegraph
Financial Action Task Force (FATF) recently proposed guidelines making it clear that “The owner/operator(s) of the DApp likely fall under the definition of a VASP [virtual asset service provider] [...] even if other parties play a role in the service or portions of the process are automated. The potential for fraud in the growing NFT market recently attracted the attention of the Financial Action Task Force (FATF)
ID.me
-
Rough Seas Ahead People MoxyTongue
Commentary from the man who invented the term Self-Sovereign Idenitty on the ID.me situation with the IRS.
Humanity does not come into existence inside a database. The American Government does not come into authority "of, by, for" database entries.
People prove birth certificates, birth certificates do not prove people.
-
IPR - what is it? why does it matter?
There is a lot of diversity in the category of future patent problems. Someone who was contributing without declaring that they hold a patent related to the work can claim they had a patent later (years after the specification is finished) and seek payment from everyone using/implementing the standard, claiming licensing rights or even lost revenue on ideas they legally own.
-
Self-sovereign identity in the context of data protection and privacy YourStory
this article deconstructs the self-sovereign identity model and examines how it stacks up against The Personal Data Protection Bill, 2019.
- USPTO: CIO Jamie Holcombe
CIO Jamie Holcombe says identity verification with blockchain might be in the future for USPTO and talks about navigating changes in policy & law when considering a distributed ledger to store patents & trademarks. Among the interesting questions: do we start with patent #1 (applicant: George Washington)?
- End-To-End Encryption is Too Important to Be Proprietary Cory Doctorow
End-to-end messaging encryption is a domain where mistakes matter. The current draft of the DMA imposes a tight deadline for interoperability to begin (on the reasonable assumption that Big Tech monopolists will drag their feet otherwise) and this is not a job you want to rush.
Bedoya’s research has shined a light on digital surveillance and its impact on people of color, immigrants, and the working class. He founded the Center on Privacy & Technology at Georgetown Law to focus on the importance of consumer privacy rights.
- Zero Trust Architecture in the White House Executive Order on Cybersecurity Adrian Gropper (Friday, 14 May)
Please read Section 3 in the EO
- […]
It may be time for us to explain Zero-Trust Architecture relationship to
VCs and DIDs. My not-so-hidden agenda includes priority for considering
authorization and delegation in our protocol work but our diverse community of security experts will surely make this a much broader discussion.
Sec. 3. Modernizing Federal Government Cybersecurity.
(a) To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must take decisive steps to modernize its approach to cybersecurity, including by increasing the Federal Government’s visibility into threats, while protecting privacy and civil liberties. The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS); centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks; and invest in both technology and personnel to match these modernization goals.
Austin
Many folks within the identity space see VC infrastructure as the future of identification. If much of our online identity is reputation based, then VCs represent a formal method for linking reputations and vouching for others to form a web of trust within which individuals are able to conduct identity transactions in a less centralized way.
Wyoming
Blockchain Commons
- Principal Authority
The Digital Identity Working Group for the Wyoming Select Committee on Blockchain meets again next week, on September 21-22, 2021. I will be providing testimony there at 2pm MST. As a result, we’ve decided to release the current draft of this article on digital identity and how Wyoming has defined it using Principal Authority, with the goal of helping to shape the agenda for digital identity for the next year, both in Wyoming and elsewhere.
California
- Our Input to the California Privacy Protection Agency (CPPA) Pre-Rulemaking Stakeholder Sessions Me2BA
California is a major center of new privacy law and regulation, creating opportunities for internet safety advocates to help design policies that will ripple out well beyond the state’s borders. Their Privacy Rights Act (CPRA), passed by ballot proposition in 2020, created the California Privacy Protection Agency (CPPA), which seems to be getting closer to initiating its first formal rulemaking process.
- Data Broker Registry State of California Department of Justice
California law requires a data broker, as defined in California Civil Code § 1798.99.80, to register with the Attorney General on its internet website that is accessible to the public, on or before January 31 following each year in which a business meets the definition of a data broker.
On May 4th, California Governor Gavin Newsom signed into effect a “Blockchain Executive Order” 2022-05-04
“[to] assess how to deploy blockchain technology for state and public institutions, and build research and workforce development pathways to prepare Californians for success in this industry”.
- Our Input to the California Privacy Protection Agency (CPPA) Pre-Rulemaking Stakeholder Sessions Me2Ba
We have monitored and involved ourselves in this new agency since its inception, and Lisa LeVasseur (our Executive Director) and Noreen Whysel (Director of Validation Research) shared their expertise on product audits and dark patterns, respectively, in a recent pre-rulemaking CPPA Stakeholder Session (May 5-6).
- Soulbound Tokens, Trust Networks, and California's Big Test Wrenchinthegears 2022-05-28
California SB1190 that would establish a “Trust Framework” at the state level. This bill was introduced to the state senate in early March by Robert Hertzberg, close friend of Los Angeles billionaire investor Nicholas Berggruen
The Verifiable Credential’s Policy Committee, (that Kaliya Chairs) in California had a big win this week
-
California Moves Forward to Allow Vital Records to be Issued on Blockchain Coindesk 2022-09-29
-
approved another on Wednesday that instructs county records offices to allow for the use of blockchain technology and verifiable credentials. The technology would be established in the distribution of birth, death and marriage records, allowing PDFs to be sent immediately rather than using a typical 10-day postal delivery. 2022-09-28
-
California Legalizes Blockchain-based Vital Records MobileDataWorld
As an abstract of the bill explains, while existing law requires such records “to contain certain information and to be printed on chemically sensitized security paper, as specified,” the new legislation enables a county recorder to, upon request, issue a birth, death, or marriage record “by means of verifiable credential, as defined, using blockchain technology, defined as a decentralized data system, in which the data stored is mathematically verifiable, that uses distributed ledgers or databases to store specialized data in the permanent order of transactions recorded.”
-
VCs Policy Committeee (California) – Participate in passing legislation to create a California Trust Framework! by Kaliya Young, Ally Medina Slides
discussed how the Blockchain Advocacy Coalition’s sponsorship of AB 2004 pushed verifiable credentials into mainstream political discourse and how companies can help us shape public policy and government pilot programs of Verifiable Credential technology.
We are planning on working with legislators to introduce a bill that creates a California Trust Framework and lays the groundwork for use of the technology in the public and private sector.
-
Me2BA provides human-centered recommendations to the California Privacy Protection Agency
The California Privacy Rights Act of 2020 (“CPRA”) established the California Privacy Protection Agency (“CPPA”). The CPPA has full administrative power and authority to implement the CCPA and CPRA, which basically means that the CPPA will be in charge of updating regulations and adopting new regulations, while enforcement of these regulations will be done by both the CPPA and the Attorney General
- California Digital Vaccine Record based on VCs Heather Vescent June 18
May be of interest: https://www.latimes.com/california/story/2021-06-18/california-unveils-system-to-provide-digital-covid-19-vaccine-records
SMART Health Card Framework: https://vci.org/about#smart-health
To achieve this purpose, the founding members of VCI™ have collaborated to develop (1) the SMART Health Cards Framework Implementation Guide based on the World Wide Web Consortium (W3C) Verifiable Credential and Health Level 7 (HL7) SMART on FHIR standards, and (2) the SMART Health Cards: Vaccination & Testing Implementation Guide.
If you are in California, you can get your vaccine record here: https://myvaccinerecord.cdph.ca.gov/
You’re invited to participate in an exciting pilot program being launched by ATB Ventures and the Government of Alberta.