Eric Welton- discussions with Myanmar Responsible Business Coalition - tricky situation with hostile relationships in government - establishing a biometric identity - difficult choice as someone is going to do it.  Can we do it in a more responsible, less harmful way.  May be useful to have a session on this in this group.  Difficult ethical questions for the team.  Interesting presentation on how digital ID can be abused.

sankarshan- biometric topic seems to be settling down from aid organisations - have to use biometrics, main focus is now on mitigating harms.  Myanmar, Afghanistan and other examples.  Uganda for example, optimistic programme, under-enrollment.  (the harms of untrustworthy systems) - now starting w/genetic profiling!

"The genie is out of the bottle"

Jo Spencer Activity on NSW gov initiative - driving license initiative hacked, DNA & biometrics further reinforce the argument. 

• We need to be better, we need to be very aware that the information we're sharing is not as secure as we'd hoped.  Law of Minimal Disclosure for Constrained Use.  Need to be cryptographically secured.  Driving new projects.  Victor Dominello  (NSW gov)  Inclusion focus on services for citizens, also allied with indigenous people programme.  Now an important process.  All exclusion factors considered (digital, literacy, social, political, disability, financial)

sankarshanMinimisation is not suitable for some interactions, e.g. Medical Records - much more important for secure and trustworthy data payload /  exchange.  Also Financial Transactions not very well suited to VC's.

Jo Spencer use of verifiable presentations which present derived data.

sankarshan taxonomy & semantics - quality & classification of data also needed

VC's are not the solution for many forms of data.  

Biggest harm is derived data sets from small data sets.

Eric Welton  - Use cases - all non-cash transactions will be exposed to government, e.g. national security / tax collection is given as purpose coming in ??.  Remember problems of correlation highlighted by Daniel Hardman

Also use case of VCs to convey health information - presentation that key emergency information for medical purposes (e.g. in accident) - could use biometrics to unlock the data for emergency responders.  VC is a PDF - convenience / emergency service.  Similar to ICE contact, could have ICE Credential. Could be linked to IATA - Good Health Pass

sankarshan Must be freeform data.  Accept that this is a new attack surface.  

John Phillips Humanitech conference - could be some good material & input to this discussion.  Great discussion and material. I'm now seeing an obvious connection between this work, and the work of the Humanitech organisation here in Australia (founded by the Australian Red Cross) who have been thinking about how they might "ensure frontier technologies benefit people and society". I was at, and spoke briefly, at their 2022 conference (https://humanitechsummit.org/2022/) - they've been considering the potential harms of the mis-application of frontier technology for some time.

Review of notes and insights from the AGENCY talk at HXWG last week.  Here is the wiki page 

On fake news (and news) there's a good 20 mins conversation from Davos hosted by Polkadot -

Rumsfeld Structure to scope  "Reports that say that something hasn't happened are always interesting to me, because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns—the ones we don't know we don't know. And if one looks throughout the history of our country and other free countries, it is the latter category that tends to be the difficult ones.^{[1]" (Source: Wiki)}

Also for discussion see this Miro Board

• differentiate between data exchange and identity as legal identification
• See comments in Miro Board
• Agree importance of Unknown Unknowns and use of resilience / vulnerability context relationships

Updates

• Discussion re moving meeting to 11am PT = 14.00 ET = 18.00 UTC = 19.00 BST = 20.00 CEST - put in slack question to group to move.
• Links & References:  Please use this Responsible Tech Resources page to capture links to media or online resources that can help us with our work. Responsible Tech Resources  All are updated now
• SSI Harms now changed on wikis, slack & calendar invites etc to BGBU
• Our First Deliverable Storyboard, is open for business here.  Aim is to have key questions/ discussion points ready for IIW by end of month - no group members attending so use another mechanism to challenge our thinking later on in our process.
• Sankarshan working on voting and democracy work, Nicky attended APPG on blockchain & voting, and some interesting perspectives from Robert Herian on the dangers of blockchain & voting voting https://www.researchgate.net/publication/339353856_Blockchain_GDPR_and_fantasies_of_data_sovereignty
• Danger of using global south as a set of experiments - urgency and pragmatic approaches vs north america, problem not a strong representation from Latam.  Similar to clinical trials - now happening with financial services and digital products, identity, identifiers etc  These are specific harms.  EG health privatisation e.g. HealthID.  We can't look at SSI on its own, must be in connection with the businesses and services it enables.  Decentralization also leads to other things if left unchecked.  All 'sold' as discovery - but in effect it's service providers discovering you.  
• Consider 3 pillars of inclusion = connection, identity, value exchange
• Must at least ensure that folks are not worse off as a result of these developments.  Problem of data silo's even within decentralized systems.  Always going to have one player that gets more and more data and has undue influence within the market.  Data breeds data.
• Virtual IIW - let's make a proposal to Phil, Doc & Kaliya
• Indigenous group, example - document the concerns, position paper (problem definition), capture the needs at the margins.  Good example of common problems but highlighted because they are at the edge/periphery. Document real-world problems and impacts.
• problems of colonial past, current harms of centralized state systems.
• Structural biases that are embedded in our own frames of reference, e.g. UN.  eg identity & violence book.  Also aboriginal man who Stan Grant.  https://www.booktopia.com.au/on-identity-stan-grant/book/9780733644238.html
  Even naming is deeply politicised, internet meme 40 different ways that coders get names wrong.
• HARM!  not being able to use your own name - = identifier, can have many names - in West is a unique and fixed identifier.
• Anglo-Indian names have ' in them - Aadhar can't accommodate names with apostrophe - but PAN does, so Aaadhar overwrites the name in PAN then creates authentication problems.  'why should I have to change my name if the states' ID system is poorly coded'
• How can vulnerable people be cared for online?  
• CO-CREATION - Group needs representation from those we seek to support / help / protecting.  We understood representation from 'real people'
• Need to be engaged now - up front to own the process.  We are promoting a model of digital interaction which we think is a good thing, but we need to understand the existing digital access/ interaction and then understand from them as to how VC's - pre-mortem / pre-parade, if this were successful what would happen, if things went wrong what could cause that?
• Groups definition
  • understand challenges in working digitally with specific groups in the community
  • use exclusion factors?
  • power imbalances & poverty of human dignity at heart of all harms
  • Start with recognition
  • Goldilocks not too much identification, not too little, just enough for the purpose (Kim's 2nd Law) - Harm with issuance, and then when you have to use it.
• Evolving framework / discussion as with guardianship

•  ACTION - Darrell to clone storyline format (from Drummond)
•  ACTION - ALL to review background links (on Purpose page under Links & Files)
•  ACTION - Persona Development (lapsed)
•  ACTION - reach out to others to join or be an 'expert witness' - open for follow up after we have more clarity on scope and basic storyboard. 
•  John Phillips to ask https://sigchi.org/ if they have any kind of framework for assessing interaction harms
  
•  Nicky Hickman to get kinship structures / forms from anthropology notes https://docs.google.com/document/d/1WQCD9floOebL2716PHZBZ8a-JvMdwb-rdx02hkQdfns/edit 
•  Eric Weltonto discuss domicile law and issues related to documentation and also on biometrics work next time.  Bound carefully with exam question.  Close during that session.

Scope & clarification from USA Call

• Suggested from USA call - that we de-scope to only focus on the new harms that could arise from use of SSI - do we agree?
  • e.g. Over-identification
  • How do we de-scope without removing before / after.  IE what's the cut-off function?
  • Specifically addressing the deployers of technology in ensuring that their deployments do not unwittingly increase threat surface/vectors to users (holders) causing harms.  The deliverable should describe the harms, how they arise, how they can be mitigated and recourse for victims, e.g. responses could include pooling risk or sharing harms, detect, intervene & recover. - Incidence response approach.  EG in detection how can you tell if things are going wrong, so you might monitor or surveille to ensure that harms not involving malicious actors for example are alerted and acted upon.
  • Support from USA group to use persona for storytelling, but interview real people on the ground to carry out research and understand harms.
• Recommendation from USA group that we do not exclusively focus on marginalized or vulnerable people, as we are all vulnerable at different times of our lives (e.g. as children, as frail elderly), however using extreme users or edge cases as persona can support robust design

Root Cause Analysis?

• Is part of the problem that many think SSI is specifically designed to address harms of Web 1.0 & 2.0?
• Is part of the problem that SSI is designed with a specific Western Educated Industrialised R Democratic perspective on the nature of human identity, the format of families, marriage, kinship and naming conventions?  An ego-centric (individual)  rather than socio-centric (dividual) view of identity.?  
• Must go deep to challenge the underpinnings of SSI - the problem of digital imperialism
  • One core under-pinning value is personal agency - this is based on principles of 'free will', this in turn is tied up with our ideas of free speech, free trade and is baked into our belief systems.  This is why it is so challenging.

Possible Frameworks:

• Creates or uses existing framework for analysing the dangers, risks, potential harms and threats (DRiPHT) to people with a particular focus on excluded, marginalized or vulnerable people. 

1. RIGHTS-BASED sankarshan's Digital Identifiers & Rights
2. HARMS -BASED Me2B Alliance Digital Harms Dictionary.  Uses DJ Solove's Privacy Taxonomy or Koops et al Typology to classify digital harms
   1. Action: Nicky to ask Lisa if we can have Digital Harms Dictionary in usable form to evaluate.
3.  ROLES - BASED: What are the unintended consequences of SSI or digital ID benefits on our chosen persona:  Children, Refugee, Indigenous People:   e.g. McKinsey. Digital Identification, a key to inclusive growth or Kaliya Young The Domains of Identity

4. SECTOR-BASED - prioritizing the primary sectors of uptake that ToIP members want us to look at and which impact against sustainable livelihood outcomes

Healthcare

Public Sector National Identity & Legal Identification

Financial Services & Fintech

5. OUTCOMES-BASED Sustainable Livelihoods framework .  Based on the principle that your digital data is a livelihood asset, a new form of capital?  Or a digital representation of other types of capital?  Harms arise when the outcomes or consequences negatively impact positive livelihood outcomes 

• More income
• Increased wellbeing
• Reduced vulnerability
• Improved Food Security
• More sustainable use of NR Base

More likely a combination of a couple of these?

Discussion - starting more messy and coming to frameworks, e.g. start with one harm and build out an approach of key questions:

• How does it arise?
• Who does it impact?
• How can it be detected
• How can it be mitigated? (intervention)
• How can it be set right? (recovery)

Can also have ideation session - dropping a long list of harms - reference  powerpoint storyboard - put in slack for other sto update then add one harm with above questions to get started.

Outline Storyboard is here: https://docs.google.com/presentation/d/1KoWjJx8LMwqNHKhAs-gK1uLdDL6zniIR/edit?usp=sharing&ouid=102748924597224658467&rtpof=true&sd=true

•   Get Me2B Alliance to allow access to harms dictionary for evaluation (Nicky)
•  Put in Slack alternate meeting time proposal (Nicky)
•  Encourage all to add to storyboard (Nicky)

Phil Wolff - individual contributor at DIF and ToIP and sometimes Sovrin IoT, IEEE identity work also.- led several sessions on threat vectors and harms associated with digital ID.

Oskar van Deventerleader at TNO and eSSIF lab (>50 sub-grantees).  Leader on interop, also European Blockchain Service Infrastructure representing NL.  Have developed prototype.  At TNO ~20 people working on SSI, 4 working on standardization at DIF. Techruption project with banks, land registry, notaries, similar scope looking at harms.  Coordinating

• Links & References:  Please use this Responsible Tech Resources page to capture links to media or online resources that can help us with our work. Responsible Tech Resources  All are updated now
• SSI Harms now changed on wikis, slack & calendar invites etc to BGBU
• Our First Deliverable Storyboard, is open for business here.  Aim is to have key questions/ discussion points ready for IIW by end of month

•  ACTION - Darrell to clone storyline format (from Drummond)
•  ACTION - ALL to review background links (on Purpose page under Links & Files)
•  ACTION - Persona Development
•  ACTION - reach out to others to join or be an 'expert witness'
•  John Phillips to ask https://sigchi.org/ if they have any kind of framework for assessing interaction harms
  
•  Nicky Hickman to get kinship structures / forms from anthropology notes
•  Eric Weltonto discuss domicile law and issues related to documentation and also on biometrics work next time.  Bound carefully with exam question.  Close during that session.

Overview of insights from Oskar's work and blogs - where are the key gaps/issues? - perspectives on key deliverables / scope and direction for the group?

• https://blockchain.tno.nl/blog/self-sovereign-identity-the-good-the-bad-and-the-ugly/
• https://blockchain.tno.nl/blog/verify-the-verifier-anti-coercion-by-design/
• https://blog.xot.nl/2022/01/31/civil-liberties-aspects-of-the-european-digital-identity-framework/index.html

Rushing with eIDAS - on SSI - 

Danger is we all become 'vulnerable' people - we are not empowered, controlling your digital ID can sometimes undermine my rights.   EG hotels that make me break the law by asking to copy my passport.

Harms relate to many harms that can arise e.g. https://blockchain.tno.nl/blog/verify-the-verifier-anti-coercion-by-design/

Protections - e.g. chip in passport - but fingerprint data can only be accessed by authorised verifiers.  - these protections are missing from SSI.

Wants to see implementations: e.g. authorised verifier

5-6 items that all need implementation, standardisation and interop testing 

Does this change our deliverables?  Supplier authentication, call centre use case especially outbound calling  e.g. Bloqzone

Gorilla use-case, I know who you are exclusion or discrimination if you don't accept data sharing - problem

Knotty Problem:  Privacy vs Access to food / services

Rieks - one step back ie WHY do you need this data - data minimization tool, often not needed for business decision, also issuing information to be consumed by other gorillas (bring in Amos' work) KNOTTY Biz Problem conflicting regulatory requirements.  Risk with SSI that we are going in a different direction because SSI gives higher assurances, now not only do you have to fill in the forms, now you can't lie about it and get it from an authorized source.  Old LoA argument - economic resources and politics.

Advise not focusing on excluded communities then risk that we ignore the issue that we all become vulnerable:

• Inclusive design using extreme users = better design for all of us
• Use scenarios  'what if' - Kafka

Different uses of persona, nature of harm and context - user research - better to talk to actual people rather than using persona, ethnography, interview people, e.g. those who have lived with harm.   EG a black person obliged to add a photo indicating race, would harm professional career.

Storytelling use of persona to make harms relatable -

EG not defining gender, use of they, them pronouns in the group and research

Remember SSI is transactions between two parties - relevance between the transactions that the two parties want to engage with.

Assertion of our social norms considering what is harm?  Harms only steming from those things which SSI is supposed to relate to.  Could we simplify by focusing on Highlights any new DRiPHT introduced by use of decentralized architectures and SSI, and how they could be mitigated

Over-identification problem - making it easy to add LoA3/4 creates new exceptional harms.

END____

Outline Storyboard is here: https://docs.google.com/presentation/d/1KoWjJx8LMwqNHKhAs-gK1uLdDL6zniIR/edit?usp=sharing&ouid=102748924597224658467&rtpof=true&sd=true

  - APAC Group to consider speakers.  e.g. This is the group that we're connected to through our work with Swinburne University a few years ago: https://sigchi.org/

Outline Storyboard is here: https://docs.google.com/presentation/d/1KoWjJx8LMwqNHKhAs-gK1uLdDL6zniIR/edit?usp=sharing&ouid=102748924597224658467&rtpof=true&sd=true

• Consider differences in family structures as a way of framing some of the issues in Harms, problem of nuclear family.  "A california family is now the way your phone thinks & works!"
• Explain forms of kinship (Nicky Hickmanto find anthropology notes)
• Centralised control model RBAC, harm we're identifying - if we assume about the nature of the relationship due to names or blood, then we can cause harm.  EG domestic abuse in marriage.

Example from Eric - Living near a safe house for IDP (underground railroad) in west of Thailand (Korim) - He has all his papers and can move freely, he is becoming stateless so that he can get back into the camp in order to care for his elderly parents, familial obligations - giving up his legal identity to fulfill his duties.  Corruptions in guards, violence associated with money and being able to leave the camp to work.  Too strong an  identity would prevent this.  Harm of centralized model with biometrics = he is 'owned by the state' - can't remove yourself from the system.

John: This is the group that we're connected to through our work with Swinburne University a few years ago: https://sigchi.org/

Eric: another group that is local to me, which may be helpful in identifying unique harms/risks is: https://kwahdao.org/ - their current director just graduated from law school and is one of their first students especially looking at stateless children.

•  John Phillips to ask https://sigchi.org/ if they have any kind of framework for assessing interaction harms
  
•  Nicky Hickman to get kinship structures / forms from anthropology notes
•  Eric Weltonto discuss domicile law and issues related to documentation and also on biometrics work next time.  Bound carefully with exam question.  Close during that session.
•   

•  Nicky Hickmanto work with Elisa Trevinoto change group name
•  Nicky Hickmanto ask Aebha and Rachel to 'own' children's persona
•  All to add their useful links to this Responsible Tech Resources page and consider sections for the White Paper Storyboard

Sankarshan - India, returning to ToIP following work absence, SSI Harms - harms created by solutionism and poor understanding, need to work through this topic to address

Eric Welton - Thailand south of Myanmar border, been looking at SSI Harms for 5-6 years, because bulk of tech driven by heavily digitised communities (EU, USA) with civil liberties basis, but not the reality in countries like e.g. China, has SSI components but very centralised.  Forcing view without asking people if they want to for example be financially included.  No engagement, combined with new surveillance capabilities, many harms can arise, e.g. camera's.    At the precipice of getting things done right or wrong.

Pyrou Chung - Thailand Director at East West Mgt - Open Dev Initiative - focus on data governance meets tech meets human rights, one main focus related to Indigenous peoples for sovereign data rights includes identity, not allowed to assert their identity, so no existing rights within frameworks so if a new system comes in that doesn't take into consideration their right indigenous rights e.g. for accessing public services, could exacerbate existing

Jo Spencer - (AUS) Initially drawn into the Guardianship WG realised that there was a model where we could put into place more certainty and controls with the right levels of trust and flexibility.  Work in Sezoo with John Philips.  Working with some parts of Gov.  Indigenous identity a passion project, not the right people to do it.  Once you have the tools, then can begin to tailor to needs of groups like indigenous peoples without the controls of government and surveillance capitalism.  Not about the tech more about the social impact of what you are doing.  Also some research w/ Universities around use of wallets.  

Notes to ensure we include dissenting voices by having some outside sessions later on in the process

• Reviewed the Purpose. - As well as white paper - a practical self-assessment tool so that developers can 
• Additionally - consider a self-assessment matrix as well.
• TIMELINE - likely a "get it done and move on" style of TF. Long-running "SSI Harms Department" (casual analogy) isn't the goal for now. Focus on the deliverable for now, and consider what happens later then.
  • Additional Deliverable - what are the enduring needs (Phil) and report back to HXWG & Community.
• Mapping risk in the wider ecosystem and assigning mitigation strategies that might be implemented by another group (e.g. a standard)
• We should be aware that tech will only ever be part of the solution (follow-up work)

Open as to what happens once initial deliverables are provided

Agree to focus on IIW for StoryBoard, and the stuff we are stuck on - where we have need for other views and help

Keep the narrative - the tech won't save us!!!  This is about humans, they are the builders of the good and bad stuff. 'No tech fix for the human condition!'

APAC - Suggested change to Harms Mitigation Task Force.

Example - Verifier pays issuer - what's the harm, what's the impact, what are the mitigations?

Develop Persona to measure and manage harms/risk against.  EG indigenous people, concept of collectivised identity is core to indigenous people, so we have a 'Persona Group' rather than a single individual, also link with Environment, e.g. things with digital identity, rivers in India, Uluru in Aus.  How environment & lands are connected with identity of individuals and have their own (socio-centric vs ego-centric) - 'individual vs dividual'.  (WRT respectful approaches to working with indigenous peoples, I've been impressed by the work of Terri Janke: https://www.terrijanke.com.au/true-tracks)

Clash between two cultures e.g. Aus problem of indigenous incarceration problem.

How can these interoperate when different social views of identity and ways of managing rights & accountabilities

Example of Northern region crossing China, Laos, Myanmar, Thailand - very many different ethnic groups forced into mountains and e.g. Thai Union is forced upon them. Long history - yes identity is a political tool that is related to power & control.  Consider land, connection,  associations & movements of people.  But note the cultural and spiritual connections to the land and deep within their psychographic identity.  Also needs to be considered and catered for.  Their own sovereign ability to govern the processes associated with technology.  This is where governance comes into play regarding collectivised identity.  Colonial narrative and mental models for example in forms of identity and governance models.  Connection w/state services - collectivisation builds social capital and bargaining power w/state.

Perhaps go further and find these folks to participate and help us build real case studies and examples. On the ground reality, need to be careful that we have real people in mind.

Kaliya Young - Identity Women - IIW and 'Human First Tech' - advocating for more of these types of conversation, have threat model analysis paper .  Naming harms of Web 1.0 & 2.0 Event 

Bart Suichies - No affiliation, active in SSI for 5-6 years, joined ToIP through SICPA.  Interest in SSI in public sector, and use where active governance.  Interested in figuring out where the lines are for what we can do as a community for solving societal problems.  Paradox of powerful tools for dual use good / bad

Kalin Nicolov - joined also as SICPA, currently co-chairing the HXWG - focused on connection point of HX design, interactions of ethics, incentive structures, points that are grey areas.

Darrell O'Donnell - part of ToIP from beginning - focused on making it real and understanding harms.  Affiliation - small boutique consultancy

Shireen Mitchell - Here to have the conversation about harms - statelessness is only identifier we find racism, part of Human First Tech with Kaliya.  Moments where we sit on the security line thinking about finance, but ignoring the impacts on 'real identity'.  Some concerns with the white papers problem in defining people's identity by their vulnerability attributes

Jacques Bikoundoublockchain developer, member of ToIP for 2 years, mainly involved in drafting GF documents, participated in CCI, interested because keen to understand how the technology can impact people

Phil Wolffhere to contribute to the threat analysis & mitigate harms, possibly from a product management lens.  Privacy advocate for 15 years, originally Oakland and now Pacific Northwest, consult for Wider Team on ID of things in healthcare. Led "Death to NSTIC" sessions at IIW to brainstorm and characterize threats to initiative success. 

Nicky:  Freelancer

Judith Fleenor, Director of Strategic Engagement for ToIP

Jon Pinkes, technologist linked via Kaliya & IIW

Notes to ensure we include dissenting voices by having some outside sessions later on in the process

• Reviewed the Purpose. - As well as white paper - a practical self-assessment tool so that developers can 
• Additionally - consider a self-assessment matrix as well.
• TIMELINE - likely a "get it done and move on" style of TF. Long-running "SSI Harms Department" (casual analogy) isn't the goal for now. Focus on the deliverable for now, and consider what happens later then.
  • Additional Deliverable - what are the enduring needs (Phil) and report back to HXWG & Community.
• Mapping risk in the wider ecosystem and assigning mitigation strategies that might be implemented by another group (e.g. a standard)
• We should be aware that tech will only ever be part of the solution (follow-up work)

Open as to what happens once initial deliverables are provided

Agree to focus on IIW for StoryBoard, and the stuff we are stuck on - where we have need for other views and help

Keep the narrative - the tech won't save us!!!  This is about humans, they are the builders of the good and bad stuff. 'No tech fix for the human condition!'