What is the MYDEX Prototype?

From IIW
Revision as of 23:41, 12 November 2010 by IdentityWoman (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Issue/Topic: What is the MYDEX Prototype?

Session: 1A

Conference: IIW-Europe October 11, London Complete Notes Page

Convener: William Heath and Iain Henderson

Notes-taker(s): Rod

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Announcing the Mydex Community Prototype

This was by way of an announcement of some real technology - mostly this was questions and answers about understanding the whys and wherefores of the product/ service.

See http://mydex.org/ for details - this is but a brief summary.

Opportunity:

  • Restoring user control of personal data
  • A shortage of money will require (especially governmental organizations) to innovate in order to save on costs
  • (and if done right the data will be more accurate, quicker)
  • Help people realize (both meanings) the value of their personal data.

So what we have (I understand) is a *real* *working*, albeit prototype product. This allows a limited group of people to see what can and cannot be achieved. "The world’s first VRM enabled personal data store". The principal themselves makes an assertion to the RP and this is then blessed by some secret sauce, including external verification.

So an example might be moving house. You know that you have moved and need to change address - you can make that statement, but in order for it to have credibility it needs to be accredited. Perhaps (in some futureworld) the lawyer handling the conveyancing can supply the token which makes your statement valid.

Another example - you seek to buy a mobile phone. The Phone shop consults Experian who makes a statement about your credit worthiness. Why should that not be information that you carry and assert (again suitably blessed).

The centre of this is the personal data store - think of it as a database with a single row (you) and many, many columns (all the information that anybody, including you, collects about you) which you can chose to give it to people as and when required.

But this is a sought after future - we need to start the bootstrapping process (without consumers why do the providers do anything, without providers what do the consumers care) and indeed to start to bootstrap the trust process.

Enter The Mydex Community Prototype - a first, tiny, but very real step. Three London Councils (Brent, Croydon, Windsor & Maidenhead) & one central government office (plus several other players) are acting as test RPs, and so people will/should/can (Iain, delete as appropriate) interact with them via this service (using Experian as the provider of external verification services).

Importantly (I believe) One council (Brent) is also willing to *push* data to the principal. So the principal doesn't have to start from scratch to manufacture their personal data store.

We get back to the well known (to Fed people) issue of "we then have to teach the RP's to only ask for what they really need" (and I'd guess then the answer of "and what happens if the user says no").

Project "Higgins" is the underlying technology.