Identosphere 42 • Life the Universe and Decentralized ID • UK ID and Attributes Consult • Ethical Design of DID

The latest news and updates in decentralized identity! European Digital Identity, Blockchain ID, information and educational content surrounding the SSI sector

Welcome and Thanks to our Patrons!

We created a Group on Tru.net

Upcoming

Call for Solutions

GovTech Lab Luxembourg (@GovTechLab_LU)

The #GovTechLab launches a new #callforsolutions "Trust My Data"! Do you have an idea to #digitise and #secure the exchange of state certified #data? Find out more and apply for the #innovation partnership

Big Picture

Bright Story: Self Sovereign Identity Brightlands (EN)

In this May 2019 blog post, the benefits (The good) of SSI are illustrated with a range of examples, comparing SSI-based business transactions to their current non-SSI-based equivalents and thus more cumbersome.

In addition, examples are given of the disadvantages (The bad); how SSI technology can be misused by unscrupulous organizations and how a combination of technology, knowledge and legislation could mitigate this risk.

Finally, we give examples of the harmful side (The ugly); how SSI technology can be used by criminals and what countermeasures are possible.

The challenge for self-sovereign identity (SSI)

The reason why we have seen less uptake in SSI solutions is because the people behind these solutions fail to recognise the design principles that will be most important to its success. Instead, we see people focusing on technological nirvanas like blockchain or an over-emphasis on governance.

Public Sector

New Directions for Government in the Second Era of the Digital Age Kuppinger Cole

The Blockchain Research Institute™, in collaboration with the Washington DC based Chamber of Digital Commerce and other experts have produced a 120-page report on how the Biden-Harris administration could reimagine US technology strategy and policy—and take action to implement it.

Digital identity and attributes consultation Gov UK

Digital access to the attributes these documents contain can solve these issues. It can also have benefits such as improving inclusion. If you do not have a passport, perhaps another government service can validate your age. There are also opportunities for data minimisation by disclosing only that information which is required (for example, that you’re over 18), rather than full disclosure of your data, including your date of birth, name, or address.

Plans for governing body to make digital identities as trusted as passports Gov.UK

The consultation sets out how the government can build confidence in digital IDs so they have a similar status in law as physical proofs of identity that businesses and individuals already trust.

The consultation is open to any member of the public and closes on 13 September.

European Digital Identity

European Self-Sovereign Identity Consortium (ESSIC) esatus, Danube Tech, TNO

Our approach connects various identity networks. The interoperability between those identity networks on a technical and governance level will thrive, the exchange of identity data between the networks will be simplified and cross-border use cases will be enabled. Our focus is to provide a solution to these current challenges.

Where Stands the Sovereign Self? Kuppinger Cole

Doc Searls, Co-founder and board member of Customer Commons, and Director of ProjectVRM, is to deliver a keynote entitled Where Stands the Sovereign Self? at theEuropean Identity and Cloud Conference 2021. [...] we asked Doc some questions about his planned presentation.

Lord Holmes discusses state of digital identity in the UK

The next iteration of the framework mentioned earlier is due to be published this summer and I look forward to that. It will be essential for that work to not only be underpinned by the twelve guiding principles but also to swiftly ‘sandbox’, stand up parallel proofs in specific sectors and proceed with pace.”

Healthcare

"Member as API" - The Interoperability and Patient Access final rule and Verifiable Credentials

The Interoperability and Patient Access final rule (CMS-9115-F) delivers on the government's promise to put patients first, giving them access to their health information when they need it most and in a way they can best use it. As part of the MyHealthEData initiative, this final rule is focused on driving interoperability and patient access to health information by liberating patient data using CMS authority to regulate Medicare Advantage (MA), Medicaid, CHIP, and Qualified Health Plan (QHP) issuers on the Federally-facilitated Exchanges (FFEs).

Advances in health "must ensure self-sovereign identity" Healthcare Global

Meanwhile a new report has found that the majority of the British public is willing to embrace digital healthcare tools  such as apps and digital therapies prescribed by a trusted healthcare professional. 

Shaw adds: “The vital point to make is this: innovations in health technology must ensure self-sovereign identity.

Standards Work

DIF Grant #1: JWS Test Suite

DIF announces its first community microgrant, sponsored by Microsoft and rewarding the timely creation of a comprehensive test suite for detached-JWS signatures on Verifiable Credentials

How a combination of Federated identity and Verifiable Credentials can help with Customer onboarding Pranav Kirtani

Before we dive into how Federated systems like OIDC and SAML along with Verifiable Credentials (VC) can help improve customer onboarding to your application, let us first understand what are the current methods being used for onboarding.

Use Case Implementation Workstream usecaseCCI@covidcreds.groups.io

This is the Use Case Implementation Workstream of theCOVID Credentials Initiative (CCI). This workstream identifies privacy-preserving verifiable credentials (VCs) that are most useful to the COVID-19 response and provides a forum and platform for those who are implementing COVID VCs to present their projects/solutions.

Company Updates

cheqd is launching a self-sovereign identity network on Cosmos this year

It's Verim in New clothes. Kaliya still doesn’t like this model. Requiring verifiers to pay issuers is really really privacy problematic.

We want to provide a common and public infrastructure easily accessible to anyone and any organisation that provides B2B and B2B2C payment rails between issuers, holders, and receivers of trusted data. [...] cheqd is not and does not plan on dictating a single payment model. Rather, our product vision is to enable each ecosystem to decide this on their own throughLayer 1 vs Layer 2 mechanisms and customisable tokenomics.

MyData

What is the Me2B Respectful Tech Specification?

The Me2B Respectful Tech Specification is a sorely needed ethical and safety standard for the internet. It consists of a series of tests that objectively measure the behavior of a connected product or service. The Specification helps people (“Me-s”) understand how technology is treating them, and helps businesses (“B-s”) build technology that is safe and respectful for the people that use it.

Why all data governance needs to consider children’s rights Emmaday

Last month, UNICEF published a Manifesto on Good Data Governance for Children, an initiative that was the result of a year of collaboration between a working group of 17 experts, many of them affiliated with the Berkman Klein Center for Internet & Society and UNICEF.

Research-Papers

Ethical Design of Digital Identity Environmental Implications from the Self-Sovereign Identity Movement

In a world that is becoming more digital, it is relevant to find some guidelines for organizations to design digital identity more ethically. A universal identity system on the internet is still missing and there are no clear standards for organizations to design digital identity. With this research, knowledge and insights have been obtained to advance organizations to design digital identity more ethically. A contribution has been made by proposing the conditions to enable improvements for a more ethical design. 

Sovereignty, privacy, and ethics in blockchain‑based identity management systems

Self-sovereign identity (SSI) solutions implemented on the basis of blockchain technology are seen as alternatives to existing digital identification systems, or even as a foundation of standards for the new global infrastructures for identity management systems. It is argued that ‘self-sovereignty’ in this context can be understood as the concept of individual control over identity relevant private data, capacity to choose where such data is stored, and the ability to provide it to those who need to validate it. 

Blockchain, Self-Sovereign Identity and Digital Credentials: Promise Versus Praxis in Education

This article is primarily interested in the affordances of the technology as a public good for the education sector. It levers on the lead author’s perspective as a mediator between the blockchain and education sectors in Europe on high-profile blockchain in education projects to provide a snapshot of the challenges and workable solutions in the blockchain-enabled, European digital credentials sector.

Identity Not SSI

Police in Latin America are turning activists’ phones against them

Experts say that seized devices have become a trove of information for authorities cracking down on social movements and opposition leaders.

Calls for New FTC Rules to Limit Businesses’ Data Collection and Stop Data Abuse

“I want to sound a note of caution around approaches that are centered around user control. I think transparency and control are important. I think it is really problematic to put the burden on consumers to work through the markets and the use of data, figure out who has their data, how it’s being used, make decisions … I think you end up with notice fatigue; I think you end up with decision fatigue; you get very abusive manipulation of dark patterns to push people into decisions.

Huge data leak shatters the lie that the innocent need not fear surveillance

Few pause to think that their phones can be transformed into surveillance devices, with someone thousands of miles away silently extracting their messages, photos and location, activating their microphone to record them in real time.

Such are the capabilities of Pegasus, the spyware manufactured by NSO Group, the Israeli purveyor of weapons of mass surveillance.

NSO rejects this label. It insists only carefully vetted government intelligence and law enforcement agencies can use Pegasus, and only to penetrate the phones of “legitimate criminal or terror group targets”

10 assertions about the future of social

We can’t solve identity. There will never be a single identity that we use across the web. Instead, there may be open protocols that allow us to auth with different providers.

Blockchain + Identity

Blockchain: A Holochain Perspective

The architects of Holochain began with a basic question: what if everyone could actually just hold their own data and share it with the network as needed? If everyone could just host themselves rather than relying on mining nodes to do it? We could avoid all this massive replication, which would obviously be much more efficient. We would just need to do it in a way that still ensures data integrity. We would have to be completely confident that, as everyone represents their own data to the network, there is no way for people to misrepresent their data.

Self-Sovereign Identity (w/ Fabian Vogelsteller & Constantin Kogan)

Constantin Kogan joins Fabian Vogelsteller, Ethereum developer, LUKSO founder, creator of Mist browser, web3.js, Feindura (CMS), ERC20, and ERC-725 protocols, and author of Meteor.js. 

Magic Raises $27M to Future-Proof Authentication

Magic makes it plug and play for developers to add secure, passwordless login, like magic links and WebAuthn, to their applications. Users are no longer exposed to password-related risks from the very start.

Thanks for Reading!

Read more \ Subscribe https://newsletter.identosphere.net

Support this publication https://patreon.com/identosphere

Contact \ Submission: newsletter [at] identosphere [dot] net