Identosphere 67 • IRS to Require Facial Scans • Users don't realize TOS is a contract • Marlinspike Web3 discussion on Public Credentials List
We curate the latest news and updates in decentralized identity, with upcoming events, standards talk, use-cases and business strategy.
Welcome! and Thanks to our Patrons <3
…or reach out to Kaliya if you have a “budget” spend some on us, we can send you an invoice ; )
Read previous issues and Subscribe : newsletter.identosphere.net
Content Submissions: newsletter [at] identosphere [dot] net
Data Space Launchpad MyData • Until 2/22
Decentralized Autonomous Organizations to revolutionize the way we work? Alex Puig • Caelum Labs 2/24
Web 3 has brought a new way to engage with websites, and dare I say, it is almost magical. No cookies, no username, no password, no sharing personal information. I can browse freely and pseudo-anonymously without having to worry about the cookies and terms I was forced to accept.
Understanding Digital Credentials BCdiploma
We are freeing ourselves from the management of “data hash” which leads to a centralization or complexification of verification procedures. This makes our solution new compared to traditional blockchain applications on the market.
TrustOverIP Model (interactive walkthrough)
Authority Does Not Require Centralized Power
As mentioned in my previous article, the trouble with centralization is that data is stored in a database. Once breached, a database can yield a treasure chest of information to be sold on the dark web.
Volume 10, Issue 2 : Glossary of decentralized technosocial systems Internet Policy Review
Self-sovereign identity Definition <-its quite good
Self-sovereign identity (SSI) is rooted in the belief that individuals have the right to an identity independent of reliance on a third-party identity provider, such as the state or any other central authority. Its implementation requires the development of technical standards, as well as socio-political adaptations rooted in legal amendments in order to be successful.
Indicio is proud to have been named by New York VC Network in their recently compiled list of the most exciting early-stage teams that they’ll be following closely this year!
The Trade Logistics Information Pipeline (TLIP) aims to create an interconnectivity technology highway for Eastern African businesses and governments’ agencies systems to communicate in a transparent and secure manner amongst themselves and with international counterparts.
BCG Report on Walt.id
Webinar Recording – 2021 Redux/2022 Trends To Watch Continuum Loop
For the attendees, and those folks that couldn’t make it, we’ve put together a breakdown and some key items for you.
Darrell started off the webinar talking about his top 5 stories from 2021.
At the root of the problem is the fact that uniquely identifying a person is hard to do and that people can create fake IDs for themselves quite easily.
photo attacks based on the presentation of facial evidence of an image of a face printed or displayed via a device’s screen.
video of user replay attack usually consisting of placing the screen of the attacker’s device in front of the camera.
3D mask attacks where 3D masks are crafted to reproduce the real traits of a human face and even include eyes holes to fool the liveliness detection based on eye gaze, blinking and motion.
deepfake attacks make use of leveraging software capable to create a synthetic video or image realistically representing someone else. Attackers are suspected to have access to a wide dataset containing images or a video of their target.
As part of the EU eSSIF Lab and the result of many months of work, Sphereon released an implementation of the DIF Presentation Exchange, an interoperable exchange of VC/VPs between Wallets and Verifiers.
The library is Open Source and Sphereon is donating all code and rights to the DIF.
The idea behind ID-Ideal is to create a basis for existing and future identity services. To achieve this, interoperability between the individual ecosystems is necessary. For this reason, the project mainly focuses on key aspects:
A) Trust Framework: harmonize various ID services and create standards for secure digital identities
B) High relevance to everyday life and very good usability to increase the incentive
C) Establishing a TrustNest initiative: an open community that promotes certification, exchange, and further development
ID.Me & the IRS - commentaries
Reality 2.0 Podcast with Kaliya & Doc: ID.Me vs. The Alternatives
Doc Searls and Katherine Druckman talk to Kaliya Young of the Internet Identity Workshop about ID.me, our concerns about its use as a national ID, and potential alternatives.
IRS Using Facial Scanning Phil Windley
The IRS will use ID.me's authentication and identity proofing service exclusively starting sometime this summer. The identity proofing portion employs facial scanning by a third party, causing some concern.
Rough Seas Ahead People MoxyTongue
Commentary from the man who invented the term Self-Sovereign Idenitty on the ID.me situation with the IRS.
Humanity does not come into existence inside a database. The American Government does not come into authority "of, by, for" database entries.
People prove birth certificates, birth certificates do not prove people.
IRS Will Soon Require Selfies for Online Access Krebs on Security
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me
Face Recognition Isn’t Just Face Identification and Verification: It’s Also Photo Clustering, Race Analysis, Real-time Tracking, and More EFF
All forms of face recognition are a menace to privacy, free speech, and racial justice. This post explores many of the various kinds of face recognition, and explains why all must be addressed by laws.
Not SSI \ Organization News
Emerging approaches for data-driven innovation in Europe JRC Publications
Europe’s digital transformation of the economy and society is framed by the European strategy for data through the establishment of a common European data space based on domain-specific data spaces in strategic sectors such as environment, agriculture, industry, health and transportation.
People Don’t Understand the Purpose of Privacy Policies and Terms of Service – New Research Published Me2B Alliance (Report)
Consumers are aware that legal policies exist on connected technologies and that they should read them, but they continue to choose to largely ignore them.
55% of survey participants did not understand that a TOS/TOU agreement is a legal contract. This has significant implications because a key requirement for legally binding contracts is mutual assent, which means that both parties have a “meeting of the minds” and must understand they’re entering into a contract.
None of the interview participants were aware of tools that explain or rate privacy policies and TOS/TOU documents, and half said that a score would not change their behavior.
The draft declaration covers key rights and principles for the digital transformation, such as placing people and their rights at its centre, supporting solidarity and inclusion, ensuring the freedom of choice online, fostering participation in the digital public space, increasing safety, security and empowerment of individuals, and promoting the sustainability of the digital future.
These rights and principles should accompany people in the EU in their everyday life: affordable and high-speed digital connectivity everywhere and for everybody, well-equipped classrooms and digitally skilled teachers, seamless access to public services, a safe digital environment for children, disconnecting after working hours, obtaining easy-to-understand information on the environmental impact of our digital products, controlling how their personal data are used and with whom they are shared.
The Missing Ingredient for Globally Compatible ESG Data Collation and Reporting? Standardized Digital Entity Identification GLEIF
Research conducted by GLEIF and the Data Foundation, indicates that the U.S. federal government alone uses 50 distinct and incompatible entity identification systems. When this fragmentation is amplified, taking into account the volume of different identifiers globally, it is easy to understand the challenges.
Over the course of two days from Jan. 24 – 25, the Better Identity Coalition, the FIDO Alliance, and the ID Theft Resource Center (ITRC) co-hosted the Identity, Authentication, and the Road Ahead Cybersecurity Policy Forum with representatives from government and industry providing insight into the policies, challenges and opportunities for identity and authentication in 2022 and beyond.
WTF are ‘Stealth Badges’?: The case of the O.G. Badger We are Open Coop
This information means that this particular badge, which is manually issued, can be given out in fair and equitable ways. It also means that someone else who engaged with the Open Badges community before 2017 could lay claim to it.
Stealth badges at scale require an automated system that issues badges depending on particular criteria. This is why they are very common in games-based environments. For example, I unlock some most weeks playing new and existing games on my PlayStation and Google Stadia.
Introduction to ToIP V2.0 (PDF)
This is the second-generation version of our original introductory white paper that would go more deeply into the origin and purpose of the ToIP stack and how it addresses the key challenges of decentralized digital trust infrastructure.
development of all aspects of the ToIP stack.
Marlinspike’s Web3 Reflection. Discussion: Public Credentials
Given the continuous discussions around centralization/de-centralization in our community, I found this essay by Moxie Marlinspike …
… to have aspects that have relevance to the DID/VC work.
Re: Web3 First Impressions by Moxie Marlinspike (was: Re: Ideals meet Implementations - Blockchains, NFTs, Decentralization, Oh My!) 1/25 Juan Caballero
I recently read a twitter thread by an academic who abandoned a book-length monograph on O'Reilly, with multiple chapters on the vicissitudes of what O'Reilly kept trying to make Web 2.0 "mean" and what it ended up meaning after billions of dollars of VC and a decade-long hype cycle's worth of marketing and spin had been applied to it. Web3 is likely to be an even bigger, uglier, stupid semantic tug-of-war for some time.
Anyways, I hope we can keep the CCG list a DMZ in this rapidly-escalating culture war, before "Web3" becomes the next "Critical Race Studies" or "Satanic Panic".