Identosphere Weekly #9 Global Blockchain & SSI Standards • Privacy and Human Rights
November 29 - December 6. Last week was jam-packed full of informative and insightful content: blog posts and reports aplently, a research paper on SSI for refugees, and much more!
Welcome and thanks for reading our 9th installment of Identosphere Highlights!
Feel free to share, subscribe, and read past issues at identosphere.substack.com.
We got a new patron last week! and are up to $74 a month and 9 patrons in total!
Thanks so much to our patrons! It’s pretty neat having 9 patrons for our 9th week of this newsletter. You can support the creation of this newsletter by visiting patreon.com/identosphere.
Number 9, number 9, number 9, number 9, number 9, number 9, number 9, number 9
On with the news:
Digital Health Passports for COVID-19
Data Privacy and Human Rights Law
This is a study of Digital Health Passports relating the benefits in managing the pandemic, while also detailing concerns around data protection and the private information at risk of being over-exposed. Recommendations include:
Policymakers should require digital health passport providers to adopt appropriate technical and organisational measures and undertake data protection [...] not only the potential risks for data privacy but also the situations in which the deployment of digital health passports is likely to result in a high risk to individuals’ rights and freedoms.
Any failure to address the issues of availability and affordability of COVID-19 tests and vaccines risks dramatically excluding already vulnerable populations from protection and may disproportionately restrict the exercise of their legal rights.
The Future of Work and Skills
MyData has a new report\presentation and video: The Future of Work & Skills – a human-centric skills data space, about what MyData means in the context of work and skills.
The European Strategy for Data (19.2.2020) calls for a common EU skills data space. In order to improve the competitiveness of EU’s workforce, the strategy identifies a need for high-quality data for qualifications, learning opportunities, jobs and skill sets of people.
They have several key insights.
We cannot talk about independent digital services, but of building ecosystems
The user experience, for it to be successful, must integrate different services that are currently lacking or fragmented
Value is complex. We must recognise different ways value is created, transferred and compensated for
New business models are needed within the ecosystem, considering value co-creation through partnerships
Quality of skills data and infrastructure enabling data flows are the prerequisite for building the ecosystem
Decentralised Identity: What’s at Stake?
A Position Paper by the INATBA Identity Working Group
This paper is very good and gets at the current state of SSI and issues with standardization.
INATBA has a specific Standards Committee to liaison with relevant standardisation committees and bodies. Some relevant standardisation committee and bodies include:
CEN/CENELEC JTC 19 “Blockchain and Distributed Ledger Technologies”
“Issuer” and “Verifier” API, Linked Data Vocabulary
The Future of Identity. A collection of interconnected research
An epic article was published a few days ago by Borg Brain, a new writer in the identity space. This article is both deep and wide-ranging, detailing learnings in SSI standards – the intersection of investments and crypto. It also shares relevant projects and concerns around AI, Biometrics – including the work of Baidu, Tencent, and related projects.
Spruce Systems Developer Update #4
The Tezos DID Method specifies how Tezos can be used for DID creation and management, compatible with the issuance, storage, and verification of Verifiable Credentials.
DIDKit is a cross-platform toolkit for working with W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).
Credible is Spruce’s native credential wallet for the consumption, storage, and presentation of Verifiable Credentials on Android and iOS.
Keylink is Spruce’s tool to link existing enterprise accounts to keypairs.
Intake is a smarter onboarding tool for businesses via secure document collection and processing. These artifacts can then be used as evidence to generate and issue credentials to the counterparty that originally uploaded them.
SSI and the Internet of Things
Relationships in the Self-Sovereign Internet of Things
DIDComm-capable agents provide a flexible infrastructure for numerous internet of things use cases. This post looks at Alice and her digital relationship with her F-150 truck. She and the truck have relationships and interactions with the people and institutions she engages as she co-owns, lends and sells it. These and other complicated workflows are all supported by a standards-based, open-source, protocol-supporting system for secure, privacy-preserving messaging.
Guardianship In Self-Sovereign Identity
This was a summary of the Vienna Digital Identity Meetup.
Video: Vienna Digital Identity Meetup #17
Guardianship is a complex topic, with many subtleties and layers. In the humanitarian sector the it is a reality of daily life when supporting and assisting migrants, refugees and displaced persons. It is a topic we all are faced with in our lifetimes; whether as a child (being cared for) or as an adult (caring for or being cared for). In this first event on this topic, Philippe has provided an overview of how SSI and Guardianship fit together and how SSI meets the lifecycle stages (Inception, Creation, Usage and Termination) of guardianship.
How to Create Connections in Trinsic Studio
In this blog post, we will explain how to create connections in Trinsic Studio. Throughout the steps below, we will be referring to a fictitious person, Alice Smith, who is a recent graduate of Faber College and is applying for a job. Alice has already received her digital diploma in the form of a verifiable credential and is wanting to apply to work for a company called ACME Corp. In order to start the online job application, Alice must first make a connection with ACME Corp.
Meeco announces VELA Solutions partnership
Together, Meeco and VELA have created a secure digital credentialing platform to help individuals and businesses adapt to the changing work environment and modernise their HR practices.
VOTES at Standards Orgs
OpenID has a few votes coming up:
2nd Vote for Proposed Implementer’s Drafts of 3 Fast Fed specs
2nd Implementers Draft of OpenID Connect User Questioning API Spec
Vote on Final FAPI 1.0 spec.
OpenOASIS vote on KMIP. <- Key Management Interoperability Protocol Specifications
From Identity Land (Not SSI)
IndieAuth Spec Updates 2020 by Aaron Parecki
This year, the IndieWeb community has been making progress on iterating and evolving the IndieAuth protocol. IndieAuth is an extension of OAuth 2.0 that enables it to work with personal websites and in a decentralized environment.
The Power of a Secret
A nice Tim Bouma talking about the evolution of secrets (hint it involves cryptography), and the precipice upon which we currently stand in relation to that story.
What had been discovered by Whitfield Diffie and Martin Hellman (and also Jame Ellis), is changing the world as we know it. It’s been only 43 years. Yes, that seems like an ice-age ago, but in the grand scheme of history, it is only a wink.
rules - unpacking the word
Tony Fish Dives in on what a Rule is building on the post he wrote with Kaliya last week about principles.
We know that words and our language itself are filled with convenient generalisations that help us to explain ourselves whilst at the same time avoid the controversy created by unique circumstances.
The Declarations of Cyberspace
This is an interesting piece that looks at the underlying political frame of various manifestos/declarations: Libertarian • Corporate • Nationalist.
Kaliya suggests none of these really capture the frame that the MyData, SSI, VRM, and Me2B Alliance communities are coming from. That is, centered around Human Values and Dignity.
They go on to talk about emerging narratives: Anti-Colonialist • Gender Rights • DWeb.
In case you missed it...
Self-Sovereignty for Refugees?
The Contested Horizons of Digital Identity by Margie Cheesman Oct 2020
I identify a series of competing logics in the debates around SSI’s emancipatory potential, which relate to four issues: (i) the neutrality of the technology, (ii) the capacities of refugees, (iii) global governance and the nation state, and (iv) new economic models for digital identity. SSI is simultaneously the potential enabler of new modes of empowerment, autonomy and data security for refugees and a means of maintaining and extending bureaucratic and commercial power.
Covid Travel solutions point to W3C Verifiable Credentials
World's Airports And Leading Airlines Join CommonTrust Network And Begin Roll-out Of CommonPass In December In Support Of Safer Border Reopening
The CommonTrust Network is enabled by a global network of labs, vaccine distributors, and health care providers that agree to provide individuals with digital access to their own health information using open, globally-interoperable standards (e.g. HL7 FHIR, W3C verifiable credentials). The network includes hundreds of health systems covering thousands of locations in the United States and a growing network of labs and health care providers around the world.
The Law Catches up with us…(maybe)
Foster Introduces Bipartisan Digital Identity Legislation that would:
Establish a task force made up of key federal agencies and state representatives.
Direct NIST to create a new framework of standards to guide agencies in implementing identity systems.
Establish a grant program within the DHS to support states in upgrading.
Global Standards Mapping Initiative
An overview of blockchain technical standards
This October report is the most comprehensive review of global standards around blockchain tech that we’ve seen. Here’s a list of standards bodies included in a chart towards the end:
IEEE (IoT; Cryptocurrency exchange & payment; tokens; energy; digital assets)
ISO (Security; identity)
IRTF (Identity; digital assets)
IETF (Cryptocurrency payment)
ITU-T (Security; IoT; identity; DLT requirements)
BSI (DLT requirements)
Standards Australia (Security; DLT taxonomy)
WIPO (Blockchain for intellectual property)
ETSI (Permissioned ledgers)
SAC (DLT requirements)
BRIBA (DLT requirements)
CESI (Tokens; security)
International Chamber of Commerce (Interoperability)
EEA (Interoperability; tokens)
Hyperledger (Interoperability; tokens)
IWA (Tokens; analytics)
National Blockchain and Distributed Accounting Technology Standardization Technical Committee (DLT requirements\terminology)
CDC (Digital assets)
MOBI (Vehicle identity; usage-based insurance; electric vehicle grid integration; connected mobility and data marketplace; supply chain and finance; securitization and smart contracts)
GDF (DLT requirements)
BIG (DLT requirements)
BiTA (Interoperability; DLT requirements)
In addition to a number of updated existing pages, these topics now each have a page on the site: CCPA • DIACC • XDI TC • XRI TC • Ethereum Oasis\Baseline Protocol • Consensys.
Infominer has done a ton of work ensuring that the tagging of each page is more complete, so every organization listed on the site should have a tag for each of its members, and so that all posts in each category listed on the home page are listed in order of which was most recently updated.
Thanks Again - See you Next Week!
Feel free to share, subscribe, and read past issues at identosphere.substack.com.
You can support this publication by visiting patreon.com/identosphere.