2025-06-12 GATF Meeting Notes - Americas
This TF schedules meetings as needed. Each meeting will be announced on the GSWG mailing list and the #governance-architecture-tf Slack channel.
The meetings (and Zoom links) are available on the ToIP meeting calendar:
LFX Meetings
Zoom Meeting Links / Recordings
Video and Transcript: Video Conferencing, Web Conferencing, Webinars, Screen Sharing
Meeting starts 06:00 in
Attendees
@John Phillips
@Neil Thomson
@Scott Perry @Scott Perry [not sure which one of these two is the real Scott Perry!]
Mikka Elfatih
Agenda Items and Notes (including all relevant links)
Time | Agenda Item | Lead | Notes |
3 min |
| Chairs |
|
2 min | Review of previous action items | Chairs |
|
| Topic #1 |
|
|
| Topic #2 |
|
|
| Topic #3 |
|
|
| Topic #4 |
|
|
5 mins |
| Chairs |
|
Summary of meeting:
Summary of meeting generated by NoteBookLM from the transcript and chat messages.
Meeting Minutes - [Date/Time of meeting, assuming the recording starts at 00:01:56]
Attendees:
John Phillips (Sezoo)
Scott Perry (Digital Governance Institute)
Makki Elfatih (Hkdolts)
Neil Thomson (QueryVision)
--------------------------------------------------------------------------------
Summary of Topics Discussed:
Management of AI Note-takers in Meetings
Discussion: John Phillips (Sezoo) noted a recurring issue of AI agents being sent to meetings without a human attendee, which he considers “rude”. He explained that ToIP records meetings, makes recordings public, and provides minutes, making external AI note-takers unnecessary. Makki Elfatih (Hkdolts) clarified that there are two types of such bots: those attached to user accounts and those part of the organisation's login process.
Action Agreed: John Phillips (Sezoo) intends to use meeting host controls to remove rogue AI note-takers. John Phillips posted a public message in the chat explaining that sessions are recorded, recordings are public, and remote note-takers are not allowed.
UNCEFACT Global Trust Registry Project Update
Discussion: John Phillips (Sezoo) provided an update on the UNCEFACT project, which aims to produce recommendations for a Global Trust Register by July 2026. The project focuses on "trust registries" within supply chains, dealing with claims about products, trade, and commerce, rather than people.
Key Points:
The project involves defining legal and governance requirements and the data structure for digital identity anchors related to land, assets (planes, trains, boats), companies, products, and trademarks.
John Phillips (Sezoo) shared a draft document outlining "technical, legal, and governance criteria" for authoritative registers to be included in the Global Trust Register.
This draft, currently in pencil, includes rigorous legal and institutional requirements, such as requiring registers to be from a UN Member State and under direct management or formal supervision of a public body.
Scott Perry (Digital Governance Institute) suggested that the global trust registry would have a governance framework and conformance program where ecosystems are the applicants. He also recommended adopting an ISO-style "shall/must" format for requirements.
John Phillips (Sezoo) affirmed the intention to move towards an IETF-style format and to establish a principles framework before detailing requirements.
A key principle is to recognize varying maturity levels among UN Member States, with the project aiming to understand what countries have declared about their registration processes rather than dictating inclusion. A minimum standard, however, will be necessary to prevent false representation
John Phillips (Sezoo) shared the project's website◦
Actions Agreed: John Phillips (Sezoo) committed to sharing the draft document for review.
Governance Across Ecosystems and Logical Models
Discussion: Neil Thomson (QueryVision) reiterated the need to gather information on governance related to Verifiers, Trust Registries, Holders, and Issuers. He noted that while an Issuer requirements document exists, similar documents are lacking for Verifiers and Holders.
Key Points:
Cross-ecosystem governance audits are crucial, as reliance on a third-degree inspection of another ecosystem's governance framework is pragmatic26.
Neil Thomson (QueryVision) emphasized the importance of developing logical models for trust registries that are implementation-neutral and serve as bridging mechanisms between ecosystems1227. He cited a "traveler profile" project (presentation schema) as a benchmark for portable data models28.
Actions Agreed: Neil Thomson (QueryVision) plans to contact Tim Boma of DIACC (Canadian Digital Performance group) to inquire about definitive documents on trust registries, verifiers, and holders29....
AI for Research and Global Initiatives
Discussion: John Phillips (Sezoo) shared his positive experience using Gemini 2.5 Pro's deep research tool for drafting a 50-page report on trust registries in global supply chains, noting its ability to integrate 275 verified references. He cautioned that while powerful, results can vary with repeated prompts.
Key Points:
Scott Perry (Digital Governance Institute) will find the research useful for his upcoming speech in Geneva with a verifiable trade organization.
John Phillips (Sezoo) highlighted several global initiatives relevant to cross-ecosystem trust governance, including Ayra, GLEIF, Regi-trust (Lucy Yang's work with UNDP), DIACC, and TRAIN
The TRAIN (Trust Management Infrastructure) project by Fraunhofer seems highly relevant due to its focus on flexible, cross-domain trust infrastructure and its use of W3C, JSON-LD, and verifiable credentials. Makki Elfatih (Hkdolts) noted that TRAIN aligns with their proposals.
John Phillips (Sezoo) stressed the project's aim is not to reinvent existing solutions but to recognize them and provide a "third way" if existing solutions cannot be promoted due to UN rules (e.g., open standards, no royalty fees).
India has expressed interest in joining the UNCEFACT project.
Actions Agreed: John Phillips (Sezoo) will share his 50-page research report on trust registries for global supply chains, likely as a PDF in the meeting minutes. He also offered to follow up on applications to register as UNCEFACT experts. Neil Thomson (QueryVision) shared a link to the TRAIN project website in the chat.
Payments and Identity
Discussion: Neil Thomson (QueryVision) noted that Visa Europe's initial digital identity delivery vehicle will be OpenID Connect, not SSI, although OpenID Connect is incorporating DIDs and DIDComm for verifiable credential verification.
Key Points:
John Phillips (Sezoo) advised against conflating payments and identity, emphasizing that payment rails need to be reliable and quick without being burdened by additional data.
He explained that KYC/AML processes are typically conducted upfront when obtaining a bank account or payment product, not during each merchant transaction.
ISO/mDL and "Phone Home" Issue
Discussion: John Phillips (Sezoo) announced that Sezoo will publish research on global ISO/mDL implementations, focusing on privacy concerns and the "phone home" issue.
Key Points:
He expressed surprise that there is a perception of novelty regarding the "phone home" pattern, given it was part of the ISO/mDL standard on release in 2021.
John Phillips (Sezoo) raised concerns about factual inaccuracies in some public discussions regarding the standard.
Actions Agreed: Research on ISO/mDL implementations and privacy concerns will be published via LinkedIn.
Verifier Control in Trust Frameworks
Discussion: Scott Perry (Digital Governance Institute) highlighted a challenge: while verifiers can be listed on the C2PA trust list, there's no mechanism to enforce their use or endorsement, or to control what they do with verified data.
Key Points:
John Phillips (Sezoo) acknowledged this problem, noting EIDAS has also considered it.
He suggested that embedding technology in wallets to warn or deny transactions with non-trusted verifiers could protect users but would also restrict their free choice.
The discussion touched upon how trust mechanisms emerge even in the absence of formal authority and law, as exemplified by the dark web's need for trust among participants.
--------------------------------------------------------------------------------
Next Steps/Follow-ups:
John Phillips (Sezoo) to share the draft Unc. Fact project document and the 50-page research report on trust registries with the group.
Neil Thomson (QueryVision) to follow up with Tim Boma regarding DIACC's definitive documents on trust registries, verifiers, holders, and issuers.
John Phillips (Sezoo) to publish research on ISO/mDL implementations and privacy concerns.
John Phillips (Sezoo) to follow up with the US delegation for Scott Perry's application to the UNCEFACT plenary.
Chat notes
00:02:20 John Phillips (Sezoo): Hi Kaylan, we record this sessions and make the recording public, we don't allow remote notetakers
00:13:53 John Phillips (Sezoo): https://sites.google.com/sezoo.digital/globaltrustregistry/home
00:33:46 Neil Thomson (QueryVision): https://www.hci.iao.fraunhofer.de/de/identity-management/identity-und-accessmanagement/TRAIN_EN.html
00:34:19 John Phillips (Sezoo): eSSIF-TRAIN by Fraunhofer-Gesellschaft - eSSIF-Lab
00:39:30 John Phillips (Sezoo): john@sezoo.digital
00:43:29 John Phillips (Sezoo): European Digital Identity Wallet - European Digital Identity
00:52:08 Makki Elfatih (Hkdolts): Is Server Retrieval Actually Optional? The Investigation That Revealed More Problems