decentralized-id.github.io/unsorted/educational-resources/governance.md
⧉ infominer 4eae83bddb sort
2023-06-15 12:28:33 +05:30

24 KiB
Raw Blame History

published
false

Governance

Historical analogies: rural electrification, telecommunications, insurance

Examples for where such data coops would be useful:

  • Sharing of environmental monitoring data among farmers, e.g. in the California central valley
  • Shared backup infrastructure for individuals / families
  • Collective bargaining with data brokers etc

Different data unions may focus on different things, just like different credit unions might have different investment priorities

Links from chat

I signed up this week for social.coop!

My use case is I want to operate https://twitter.com/permanentcpu as a coop :)

“The earliest mutual organization established in the British North American colonies was created in 1735 in Charleston, SC” https://en.wikipedia.org/wiki/History_of_cooperatives_in_the_United_States#18th_century

“The Philadelphia Contributionship mutual insurance company, founded by Benjamin Franklin in 1752, is the oldest continuing mutual insurance company in the continental United States. “

Coop says more about the governance (democracy + open membership) than the business model, IMO

A cooperative is defined as an autonomous association of persons united voluntarily to meet their common economic, social, and cultural needs and aspirations through a jointly-owned and democratically-controlled enterprise.

Good book of case studies on “Platform Cooperatives” https://www.orbooks.com/catalog/ours-to-hack-and-to-own/

Working through this now: more of a playbook https://elements.disco.coop/

This is the exit to community co starting up in SF. https://www.understory.coop/

In 5 years, will the cloud service youre renting be the same price or functionality or still exist?

Run https://github.com/colab-coop/coopernetes

Then run https://github.com/solid/community-server

(Or next cloud + https://github.com/pdsinterop/solid-nextcloud

a simple mechanism to provide public information concerning an entity by advertising a public profile service in the DID document of a public DID. A good analogy for this public identity information would be a machine-readable and cryptographically-verifiable imprint.

  • xkcd: PGP

  • Trust Registry or Machine-Readable Governance? Indicio

    Machine-readable governance is composed of elements that help to establish trust and enable interoperability: trusted participants, schemas (templates for structuring information in a credential), and rules and flows for presenting credentials and verifying them. Machine-readable governance can be hierarchical. Once a governance system is published, other organizations can adopt and then amend or extend the provided system.

  • Governance: Clarifying or confusing the marketplace?

Governance in decentralized identity is more akin to “technical rules and instructions.” This is highly disfluent in part because it is so extensive and in part because it relies on a new vocab that uses familiar words in unfamiliar ways. All of this creates disfluency to such a degree that it is unpleasant to contemplate and that unpleasantness is transferred onto the product.

This wouldnt be a problem if we properly regarded technical governance as being in the realm of an instruction manual, which we know from UX research that most people dont read. However, standards bodies and organizations like ToIP are driving governance as the key to implementing decentralized identity. Except… adoption of an early stage technology drives governance, not the other way around. Putting the cart before the horse is blocking adoption.

When we talk about governance, we should be using the language of values and the key value proposition: that it is putting the individual in control of their identity. That is the essence of decentralized identity governance; everything else goes in the instruction manual (which wont be read, except by lawyers and engineers)

Internet governance, human rights, digital identity, Identity for All, Guardianship

The UDDI is a call to action to IIW, which we've said before, to adopt a set of universal principles which can be used now to bring  Identity for All  projects to fruition.

I want to frame the UDDI discussion in terms of what we did with Jean at the last IIW -  our work on the UDDI is step toward the larger humanitarian vision of a Universal Declaration of Digital Rights, which is what he is working on.

We should present the Universal Declaration of Digital Identity as a way to say what the users of tomorrow's technology expect from the technology created by industry and from their governments when it comes to a new digital world, where SSI is at the root of trust.

As we have presented these affirmations at prior IIW and since then to others - we can post a document in the session to get agreement on the affirmations in the UDDI.

This is a Call to Action for IIW to support our role as a convenor in this important area of human rights in cyberspace.

Query of nature of governance and role of programmers.

Who “makes” the law?

Declaration of human rights is helpful baseline on structure. Useful to get to point with universal framework.

Notion of universal rules: Notion of universality

What is nature of lawmaking.

Why should lawyers, politicians have a monopoly on lawmaking in area that dont understand. People are making laws in action. From norms.

GO to where the justice fields are green stateless areas. There is paradigm of need. Aiming at public international framework.

Where develop these new approaches to governance.

Universal declaration of human rights: Challenge is not what do online, but how take existing rights and move them online. Problem is 2 million years experience on physical experience, 10k years of legal experience, but only 10 years of digital personhood.

What is nature of harm and protection.

Consider legal algorithm: Harm, rights, duty, breach, causation, damages, liability, insurance

What is personhood onlie that can be equivalent of protection offline.

What is centricity of perspective: digital, human, propostional transparency and data controls. Semantic notice and control for people. Reduce scope of wormhole of law.

Reverse the transparency requirements. Organizations

Need protocol at time of interaciton

Interesting notion of putting onius on organizations to be transparent

What is governance?

What is legislation?

What is rulemaking?

Notice and consent is inversaion of power relationship by using existing rights

Notice and consent is pathway to inversation of power AND an artifact of power. The choreography is fixed..

Parts of universal document to cover human rights:

  1. Legal document centered toward data

  2. Technical translation of document compliance with regulation but difficult without standard implementatiokn.

  3. Digital rights SDK incorporate to softarre architecture

Can test compliance and standardize data linked to representational entity.

Modules of Trust Frameworks

Disconnect of responsibility of programmers

Can link impact of action with responeiilituy.

Incorporat to educational pipeline.

Problem is not the data, it is the decision making process.

Need to start with harms that data can cause. Data processing is transformation of data. That is till point of decision of index harm.

Need to correlate tech with rights under taxonomy. Apply algorighms or indexes of harm.

When does a person become a person digitally? When data is exposed online or when they are first online? What is nature of that status?

Personhood Certain amount of data points infers a person.

California law is there opportunity to have trust framework law establish threshold for personhood.

In US reverse of EU, privacy is not default setting. Organizations tell you of risks before you engage. Consent by design. If backtrack. Trust framework is the culture itself. Want it extended digitally.

Technical versus non-technical issue: What is human readable and machine readable?

Semantic stack ISO 2100 has name for each person. Can map people to roles. Generic roles and stakeholders. What is missing is technical understanding of these. Purpose is not consistent across the stack. NO shared meaning across the stack.

Digital legal ontology extension to words. Might include in text to aid word search.

Revisit question on when do you become digital personhood.

We umnderstand physical person.

Legal person

What is digital personhood. Data online is it a body. Is it physically me? What if not property, what is digial body then look at rights framework. IF data is body, then rights frameworks If data is property then another set of rules.

Digital personhood as digital personhood.

Mary Rundle paper -on personhood.

Issue of nature of personhood. What is it, how defend it?

Need to know what it is before know how to defend it.

Data needs context to be valuable

Constitution protecting me, why not protect the data.

Query of nation states.

Nation states more human interst than corporations.

What is minimial set of data for a schema to be useful? Is this established in context.

Object identity and utility determine number of dat appoints.

Perhaps need digital eqjuialent of equity.

Query of what are standards of care?

Some say

I am my data

End remedy control within bounded space

Rights by design

Reliance on systems.

Expectation of derisking. Technical standards. Unversality.

Standards.

Working on enotary system.

Links from chat: http://emoglen.law.columbia.edu/LIS/archive/privacy-legis/ISTPA-FrameworkWhitePaper013101.pdf

When it comes to identity management the involvement of the government can be a tricky topic. It needs to be involved to enable access to public services, adapt legislature and guarantee equal access for its citizens. However, it should not be able to control or monitor all aspects and activities of its citizens.

Self-sovereign identity is a promising technology to allow you to control your own data. However, to provide the true value of the technology, it is essential to establish governance framework for its operation.

Questions started at about [46:30]  – though some questions came earlier. We covered:

  • “I dont trust organizations and corporations” where we point out the “decentralize the world” approach goes to far.
  • Phoning home (hint: no it doesnt need to phone home)
  • Where are Holders Authorized? (hint: Knowing if you can trust Bubbas Wallet may be more important…)
  • Canadian Digitial Identities are emerging can startups leverage this?
  • Explain the Role of Government in ecosystems.
  • “Can a third party discover who I trust from a trust registry?”
  • How will interoperability work between trust registries?

We plan to relieve some of that oblivity by having Shoshana lead the final salon in our Beyond the Web series at Indiana Universitys Ostrom Workshop. To prepare for that, Joyce and I spoke with Shoshana for more than an hour and a half last night, and are excited about her optimism toward restoring the public commons and invigorating democracy in our still-new digital age.

I conclude: there is no consensus whatsoever :-) That may be because there such a large range of setups under that term today.

Have you noticed that pretty much all senior technologists that dismiss Web3 — usually in highly emotional terms completely ignore that pretty much all the genuinely interesting innovations in the Web3 world are governance innovations?

By having SSI in place for users, FaceDAO promises users total security of their data. For FaceDAO, self-sovereign identity on the blockchain implies an identity users own. Its theirs. Only they can hold it on their accounts and only they can decide who gets to see it and what they get to see.

Real progress is made by rich, cross-disciplinary teams and heterogeneous coalitions coming together to attack hard problems from every angle at once.

Self-Administration of human authority, possessed equally by all living Individuals who choose civil participation as a method of Governance derived "of, by, for" people, begins and ends with the structural accuracy of words, and their functional practices.

Decentralized Ecosystem Governance makes verifying data an easy-to-play game of red light/green light. And, importantly, it decentralizes governance to the appropriate authorities.

We want to start a conversation on Trust Registries and get people thinking about how Trust Registries will help answer the hard questions an ecosystem needs to create a whole experience [tweetstorm]

Because DAOs do not have a sovereign above them, and are often explicitly in the business of providing services (like currency and arbitration) that are typically reserved for sovereigns, it is precisely the design of sovereigns (political science), and not the design of corporate governance, that DAOs have more to learn from.

  • What are the differences between Verifiable Data Registries and Trust Registries?
  • How can Trust Registries help establish the Authenticity of Data?
  • Does placing too much Governance at the Verifiable Data Registry layer cause scaling issues?
  • Why DNS can become an elegant Root of Trust solution to validate the authenticity of Credential Issuers.
  • Who in the Trust Triangle benefits the most from Trust Registries

Learn the what and the why behind trust registries.  In addition to discussing how trust registries solve governance in verifiable credential ecosystems, Tomislav demos the very first implementation of ToIPs trust registry specification.