Versions Compared

Version Old Version 62 New Version 63
Changes made by

Neil Thomson

Neil Thomson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Table of Contents

...

TimeItemLeadNotes
5 min

Welcome & antitrust notice

Agenda review

Nicky

Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in  this activity beyond an observer role.

10minNew intro's & Updates

Trev Harmon Technical director at ID2020 and have been involved w/SSI community for some years previously at Evernym.


40minHarms Paper

the paper  

Phil Wolff huge input to the paper and many hours commenting and improving

Nicky Hickman commented that some technical folks were still struggling with utility, hopefully implementation guide and technical requirements.

Phil Wolff commented that the reverse of harm is increased benefit, have not sufficiently emphasised this connection with entrepreneurial ambitions.  Nearside / farside helps with this but not enough start-up / entrepreneurial culture.   We have natural bias for hope and good things.  Example of new market opportunities by building for the need.  Talk to their professional values, this is a framing challenge

Main comments needed on Part 3 of the paper.

Trev Harmon has 4.5 pages of notes at ID2020 will provide actionable feedback.

General impressions focused on the frameworks e.g. STS, curious as to why it was chosen and then modified.  Some places where systemic to society not identity specifically. Disconnect between the harms that occur and how SSI mitigates / exacerbates some sections stronger than others.  Some seem overly reductive. P19 last paragraph, connection between philosophical sides and action side especially quoting chinese or indian philosophy without any citations or support

Offered several recommendations on improving connections in text to be more straight forward.  good to be working on this to avoid future harms from SSI. 

Darrell O'Donnell lots of explanations in document not quick and fast enough.  

Nicky Hickman  need to reduce paper and make it more useful and more accessible to different types of readers. e.g. add requirements section at the end.  e.g. remove moon analogy

Trev Harmon the key elements are being buried behind the frameworks

Phil Wolff suggested added frameworks as appendices.  Return to simpler approach, 

  • these are the harms, this is why you should care, then discuss what to do next as implementers.

Trev Harmon suggested that systemic issues shouldn't go away from discussion but perhaps not right in same document.  Some of the harm discussion was shorter than it needed to be, some of frameworks longer than it needed to be.

Phil Wolff frameworks might help for systematic modelling of harms.  Concerns many aspects of organisations in public / private sector.   A framework for building on what you already have, should be advantageous, maybe as a separate blog post.  Should not miss opportunities to identify harm.

Nicky Hickman will 

  • take out the moon analogy
  • move frameworks to appendix & trim
  • simplify and clarify text
  • improve exec summary so that it is a 2min useful read

Trev Harmon will join the group to contribute to this work.

Neil Thomson It's a great document - leave it alone and make it as a background document. Build one or more new documents from the different perspectives/audiences who will consume it.  I am outside comfort zone, there are things that are harms not because of tech or intent but because of things outside our control. So remove those indirect & felt harms. In discussing Harms, it would be helpful to flag which harms are within the SSI technology and governance stacks ability to prevent and which are outside the realm (e.g., political).

Phil Wolff said we wanted to point out that you are also responsible for some of the negative externalities that occur.  Because includes governance stack these should be addressed by the ecosystem as a whole. e.g. harms surveillance, or by regulators in terms of compliance. 

Neil Thomson highlighted the Canadian CIO Council's draft standards that identifier issuers are currently defined as only governments or other government-accredited institutions such as banks. It has not yet adopted the option of individuals creating an SSI verifiable identifier through a 3rd party (Sovereign Identity vs. Self-Sovereign Identity). SSI Governance must be careful not to make the assumption that adopters will enact all technical or governance aspects of ToIP's view of SSI.


...

TimeItemLeadNotes
5 min

Welcome & antitrust notice

Agenda review

Nicky

Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in  this activity beyond an observer role.

10minsNew intro's & updates

Turing Institute Trustworthy Identities Conference - Decentralization & Harms a constant strand, 

25 minsNew ArcNicky

Considering feedback and comments on the current drat of the white paper - suggested new arc/perspective as an alternative to 'ssi harms'

  • We spend all our time considering benefits of SSI we need now to look from another vantage point, the dark side of the moon if you will.  

Actually the far side of the moon is not dark at all, but it is different from the near side. See The far side of the Moon, photographed by Apollo 16 in 1972. It is much more crater-ridden than the near side of the Moon. Source https://en.wikipedia.org/wiki/Far_side_of_the_Moon.  Not all of the far side of the moon is invisible from earth due to a phenomenon known as libration "In lunar astronomy, libration is the wagging or wavering of the Moon perceived by Earth-bound observers and caused by changes in their perspective. It permits an observer to see slightly different hemispheres of the surface at different times. It is similar in both cause and effect to the changes in the Moon's apparent size due to changes in distance. "

This paper is like the Apollo 8 astronauts who were the first humans to see the far side in person when they orbited the Moon in 1968.  We are just mapping that side of digital identity which we all know is there and contributing to opening up debate and developing robust legal, technical, human experience and governance mechanisms for addressing this problem. e.g. https://privacyinternational.org/advocacy/4945/letter-global-csos-world-bank "We, the undersigned civil society organizations and individuals, urge the World Bank and other international organizations to take immediate steps to cease activities that promote harmful models of digital identification systems (digital ID). "

  • Then PEST model of harms with SSI mitigations & potential new harms or exacerbations
  • Then framework for understanding harms in digital trust ecosystems
  • Potential short/medium long-term activities is an Appendix as a starting point for discussions with other WGs in ToIP and wider digital ID community
  • Then Conclusions:
    1. budget attention and resources at every level 
    2. practical do tomorrow steps
      1. examining from the outside and considering the known harms of digital ID systems, include known harms in a risk assessment
      2. people matter - talk about ethics beyond 'value statements' or principles, test the HX not just of customers but also of team members and wider stakeholder communities. 
  • Call to action:
    • x-industry harms awareness, transparency and mitigations  - like 'fraud signals' ????
    • ??
  • Key Questions?
    • ???
  • Next Steps
  • Vision:  We can use this model to not just address or prevent harms, but to promote goods from digital identity systems, I guess that public goods are the antithesis of human harms
  • When technology makes ethical norms possible - just because we couldn't do something before because we had bad tech doesn't mean
  • Mitigate harms and magnify benefits
15minsPotential TitlesNicky

From discussion in HXWG

  • Neil Thomson 'online identity harms' 
  • Phil Wolff 'Can decentralization help with human harms?' 
  • Andrew Slack ‘Building towards a positive/safe/.. digital identity ecosystem’
    ‘On human/social harm challenges in digital identity ecosystems’
    ‘Overcoming human/social harm challenges in digital identity ecosystems’ Christine Martin Darrell O'Donnell  like this one
  • Separate doc = ACTIONABLE GUIDANCE FOR SSI IMPLEMENTORS & Policy Wonks!


From story Arc

Mapping the Far Side of the Moon: A new framework for understanding and mitigating the human harms of digital identity systems; ‘Overcoming the challenges of human harms from in digital identity ecosystems’

The Apollo 16 Paper: Considering human harms in digital trust ecosystem design / digital identity systems


Vision based:  

Do no harm: creating digital identity systems that serve the public good

On track for finishing 2nd draft end next week

Darrell O'Donnell and Christine Martin to do Foreward


...

TimeItemLeadNotes
5 min

  • Welcome & antitrust notice

  • Agenda review
Nicky

  • Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.

10minsIntro's & UpdatesNicky

Eric Welton- discussions with Myanmar Responsible Business Coalition - tricky situation with hostile relationships in government - establishing a biometric identity - difficult choice as someone is going to do it.  Can we do it in a more responsible, less harmful way.  May be useful to have a session on this in this group.  Difficult ethical questions for the team.  Interesting presentation on how digital ID can be abused.

sankarshan- biometric topic seems to be settling down from aid organisations - have to use biometrics, main focus is now on mitigating harms.  Myanmar, Afghanistan and other examples.  Uganda for example, optimistic programme, under-enrollment.  (the harms of untrustworthy systems) - now starting w/genetic profiling!

"The genie is out of the bottle"

Jo Spencer Activity on NSW gov initiative - driving license initiative hacked, DNA & biometrics further reinforce the argument. 

  • We need to be better, we need to be very aware that the information we're sharing is not as secure as we'd hoped.  Law of Minimal Disclosure for Constrained Use.  Need to be cryptographically secured.  Driving new projects.  Victor Dominello  (NSW gov)  Inclusion focus on services for citizens, also allied with indigenous people programme.  Now an important process.  All exclusion factors considered (digital, literacy, social, political, disability, financial)

sankarshanMinimisation is not suitable for some interactions, e.g. Medical Records - much more important for secure and trustworthy data payload /  exchange.  Also Financial Transactions not very well suited to VC's.

Jo Spencer use of verifiable presentations which present derived data.

sankarshan taxonomy & semantics - quality & classification of data also needed

VC's are not the solution for many forms of data.  

Biggest harm is derived data sets from small data sets.

Eric Welton  - Use cases - all non-cash transactions will be exposed to government, e.g. national security / tax collection is given as purpose coming in ??.  Remember problems of correlation highlighted by Daniel Hardman

Also use case of VCs to convey health information - presentation that key emergency information for medical purposes (e.g. in accident) - could use biometrics to unlock the data for emergency responders.  VC is a PDF - convenience / emergency service.  Similar to ICE contact, could have ICE Credential. Could be linked to IATA - Good Health Pass

sankarshan Must be freeform data.  Accept that this is a new attack surface.  

John Phillips Humanitech conference - could be some good material & input to this discussion.  Great discussion and material. I'm now seeing an obvious connection between this work, and the work of the Humanitech organisation here in Australia (founded by the Australian Red Cross) who have been thinking about how they might "ensure frontier technologies benefit people and society". I was at, and spoke briefly, at their 2022 conference (https://humanitechsummit.org/2022/) - they've been considering the potential harms of the mis-application of frontier technology for some time.


5minsActionsNicky
  •  Nicky to try again to get the Me2B Alliance Harms Dictionary in xls format for analysis
  •  Nicky to see if there is a different cadence or timing for APAC meetings
15minsAGENCY Nicky

Review of notes and insights from the AGENCY talk at HXWG last week.  Here is the wiki page 

On fake news (and news) there's a good 20 mins conversation from Davos hosted by Polkadot -

Widget Connector
urlhttp://youtube.com/watch?v=eCI0GizV6QY

Rumsfeld Structure to scope  "Reports that say that something hasn't happened are always interesting to me, because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns—the ones we don't know we don't know. And if one looks throughout the history of our country and other free countries, it is the latter category that tends to be the difficult ones.[1]" (Source: Wiki)

Also for discussion see this Miro Board

  • differentiate between data exchange and identity as legal identification
  • See comments in Miro Board
  • Agree importance of Unknown Unknowns and use of resilience / vulnerability context relationships
20minsStoryboard Next StepsPhil

NEW (Google Slides): https://docs.google.com/presentation/d/1Y404nJpSOkJFK5pc2aYUmJtrXtCkwcx-eIMC9ZMC0DU/edit?usp=sharing

Phil has transferred to a G-DOC https://docs.google.com/document/d/151cqN0HY-ECmGwcS_SSBCeCHtszuwGyQebLRJq8sODA/edit?usp=sharing which contains the same material but in a doc format


5minsAOB Nicky

...