10I/ Internet Governance - UDDI - Universal Declaration of Digital Identity

From IIW

Internet Governance - UDDI - Universal Declaration of Digital Identity

Wednesday 10I

Convener: Jeff Aresty, Kristina Yasuda, Jean Queralt
 Notes-taker(s): sankarshan

Tags for the session - technology discussed/ideas considered:

Internet governance, human rights, digital identity, Identity for All, Guardianship

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps

The UDDI is a call to action to IIW, which we've said before, to adopt a set of universal principles which can be used now to bring Identity for All projects to fruition.

I want to frame the UDDI discussion in terms of what we did with Jean at the last IIW - our work on the UDDI is step toward the larger humanitarian vision of a Universal Declaration of Digital Rights, which is what he is working on.

We should present the Universal Declaration of Digital Identity as a way to say what the users of tomorrow's technology expect from the technology created by industry and from their governments when it comes to a new digital world, where SSI is at the root of trust.

As we have presented these affirmations at prior IIW and since then to others - we can post a document in the session to get agreement on the affirmations in the UDDI.

This is a Call to Action for IIW to support our role as a convenor in this important area of human rights in cyberspace.

The UDDI Declarations we will discuss are these predicate conditions:

Reaffirming the human rights and fundamental freedoms enshrined in the Universal Declaration of Human Rights and relevant international human rights agreements such as the UN GP on BHR and Constitutional Rights;

Reaffirming the relevance of international human rights standards in the digital environment and the need to explore and expand new human rights guarantees for the future;

Recognizing that the ever constant digitalization of societies has created a number of digital spaces, defined by any network of communications where citizens’ data may be stored, with or without their knowledge and with or without their consent;

Recognizing that individuals in a democracy have full autonomous control over their beings;

Recognizing that while one individual may express itself differently over time, it remains the same individual as it already happens with the different digital identities managed by independent platforms;

Observing the developing nature of self-determination and digital identity as an emergent human right, necessary for the full realisation and proper enjoyment of economic opportunity, social inclusion, and cultural participation;

Acknowledging the increasing degree of responsibility situated upon individuals to administer the security of their personal identities with stakeholders across digital spaces;

Recognising that the conflicts of laws arising from competing jurisdictions in digital spaces have created confusion in the due application of the law, demonstrating conflict between societal norms and codified laws;

Recognizing that all interactions from citizens with digital spaces are performed and create data that cannot be dissociated from them, creating both digital identities and digital assets that belong to the originating source entity:

Affirming that this impossible dissociation entails the observance of Rights by all stakeholders to both the source entity and the associated representational entities;

Emphasizing the fundamental basis of identity as grounded in natural law, derived from the inherent nature of the world, independent of the roles of government and identity solution providers;

Deeply conscious of justice for all as the foundation for any society, where harmonization of the rule of law in digital spaces is central to addressing the trust deficit between governments and citizens;

Acknowledging that all individuals have agency to develop the normative behavior governing relationships affecting the well-being of societies, and to direct measures which rebuild trust in the rule of law in digital spaces and foster a new digital trust among digital stakeholders;

Concerned that attempts to control and exploit access to identity information through digital technologies for political, commercial, security or other reasons are contrary to democratic principles;

Deeply concerned by measures aiming to, or that intentionally prevent or disrupt access to an individual’s personal information in violation of human rights law;

Reaffirming the relevance of international human rights standards in the digital environment and the need to explore and expand upon novel human rights guarantees for the future;

At the end of the session, I am inviting anyone who wants to work on this to join an IBO working group which will continue the work on the remainder of the UDDI. When they join, they will receive a copy of the IBO White Paper - Digital Identity for Stateless Refugees - issued at the World Justice Project in May, 2019, for their comment and review.

  1. [Jeff] introduction and background context to his interest in this specific topic

    1. Standards fights over a long time leading to industry led standardization

    2. No international humanitarian law exists in cyberspace

      1. UN SDG talk about ‘Identity for All’; but there is balkanization happening around geo-political lines

      2. There is a need to speak from the ground up, including developers

      3. UDDR happened at the last IIW with JFQ

  2. See above for the basic principles

    1. Right to access (for cyberspace)

    2. Copyright law

    3. Who owns our data

  3. [JFQ] There does not exist a humanitarian law in cyberspace

    1. Not much of advancement has happened

    2. UN panel on digital cooperation could be considered as one of the attempts. The document produced fell short of expectations because it wasn’t looking into implementation

      1. UDHR was more focused on governments as BigTech was yet to take the shape/form as of now

    3. UN Guiding Principles on Business and Human rights

    4. National Action Plans which attempt to address this topic have a non-descriptive language and approach

  4. [Jeff] This specific place has been developed coming from State and other actors.

    1. The results of these efforts have not resulted in significant adoption

    2. Historically there are other ways to adopt global rules eg. trade routes were developed independently of state sponsorship, legislation

    3. The above could be a model which can be looked into for technologists to give voice to the notion

    4. SSI is not able to comprehensively the topics of ownership of data, control of identity and rights

  5. [Chris] Is this effort focused on identity data or all forms of data

    1. [jeff] identity data constitutes what could be called a ‘digital footprint’. All forms of data originate from/around the individual

    2. [Chris] Work at Sovrin focuses on ownership of identity credentials and data conversations. Identity credentials are not ‘owned’ by the identity holder (eg. DL)

    3. [Jeff] The possession of a DL indicates a data which originates from us - the journey includes an issuer and thereafter a credential is created to indicate specific condition is met. The source of this information originates at the individual

    4. [Scott David] See Jedediah Purdy (Yale) on issue of “property as a legal imagination”. Ownership of data and information “rights” may be a more tractable and scalable approach. Ultimately this is window dressing. We can call the structure anything we want. Property, according to Blackstone (codifier of English common law) is about the relationship that we have to each other vis a vis an object, rather than our relationship to the object. It is intrinsic artifact of the social contract. I mean that property issue is window dressing. The discussion is very important and serious Challenge of conflicting claims to control needs to be refereed by set of processes. That is birth of law. Licensing model may encounter scaling challenges. Can license/lease tangible property also, but all based on bilateral relationships? What are challenges of scaling bilateral arrangements up to multilateral scales?

    5. [JFQ] Is the DL example a more ‘participatory model’? The holder gets the choice when verification is being invoked. Data Protection laws are failing because there is transparent enforcement infrastructure which helps the user understand the nature of the technology as well as the facets of data management. Governments see data as intrinsically a part of their citizens.

    6. [Scott David] We know how and that licensing works. Query whether it is the most appropriate approach for human existential realization that is implicit in identity. I am not saying that it is not, but it is legitimate question of whether that is the “final enclosure” of late stage capitalism - where we self bind to enclose ourselves into tradable commodities. I think this may be a logical extension of Erving Goffman projections (see 1960s writing), but are we ready for that level of abstraction of self? What if “licensed”, but from a selling cooperative structure that represents the group? Like an identity grange? Better negotiating leverage? If you want my data, you have to agree to “OUR” community terms

      1. [Jeff] community is the key how you create the community is the challenge trusted online communities can have 'norms' which are enforced by the community members

      2. [Scott David] Seed crystal of self interest is at root of all organism and organization cohesions. Enlightened self interest is good if available.

      3. [Jeff] standards for what is a trusted online community are what is needed - and, that goes to the issue of who owns the source data I create

        1. [Line] @Jeffrey Would you consider the Principles of SSI an example of such ‘norms’?

        2. [Jeff] That's exactly what we are doing - taking Principles of SSI - broadening the stakeholder discussions, including the people especially whom we are serving from the Identity for All projects, and, giving them a seat at the table to develop the new norms for cyberspace - we have to raise our voice

ZOOM CHAT NOTES:

From Kristina Yasuda (US) to Everyone: 09:48 AM

Can you record this, Jeff?

From Scott David to Everyone: 10:10 AM

See Jedediah Purdy (Yale) on issue of “property as a legal imagination”

Ownership of data and information “rights” may be a more tractable and scalable approach.

Ultimately this is window dressing. We can call the structure anything we want. Property, according to Blackstone (codifier of English common law) is about the relationship that we have to each other vis a vis an object, rather than our relationship to the object.

It is intrinsic artifact of the social contract.

I mean that property issue is window dressing. The discussion is very important and serious@

Chaof conflicting claims to control needs to be refereed by set of processes. That is birth of law.

Licensing model may encounter scaling challenges.

Can license/lease tangible property also, but all based on bilateral relationships? What are challenges of scaling bilateral arrangements up to multilateral scales?

We know how and that licensing works. Query whether it is the most appropriate approach for human existential realization that is implicit in identity. I am not saying that it is not, but it is legitimate question of whether that is the “final enclosure” of late stage capitalism - where we self bind to enclose ourselves into tradable commodities. I think this may be a logical extension of Erving Goffman projections (see 1960s writing), but are we ready for that level of abstraction of self?

From Scott David to Everyone: 10:12 AM

What if “licensed”, but from a selling cooperative structure that represents the group? Like an identity grange? Better negotiating leverage?

If you want my data, you have to agree to “OUR” community terms

From Me to Everyone: 10:13 AM

community is the key

how you create the community is the challenge

trusted online communities can have 'norms' which are enforced by the community members

From Scott David to Everyone: 10:13 AM

Seed crystal of self interest is at root of all organism and organization cohesions. Enlightened self interest is good if available.

From Me to Everyone: 10:13 AM

standards for what is a trusted online community are what is needed - and, that goes to the issue of who owns the source data I create

From Line Kofoed to Everyone: 10:18 AM

@Jeffrey Would you consider the Principles of SSI an example of such ‘norms’?

From Me to Everyone: 10:19 AM

That's exactly what we are doing - taking Principles of SSI - broadening the stakeholder discussions, including the people especially whom we are serving from the Identity for All projects, and, giving them a seat at the table to develop the new norms for cyberspace - we have to raise our voice

From Scott David to Everyone: 10:25 AM

Precedent is all we have.

People outside of structured systems don’t even enjoy the artifacts of old institutions. Agreed.

They do have risks in common with others. They can be leaders, if provided with efficacy

Ethical constructions versus equitable constructions may be a useful parsing.

Norms precede laws.

Everyone can be a legislator, a judicial officer and perform operating/executive function if they have a phone.

The infrastructure is here.

The “meaning” framework is still geared toward maintaining precarity of large portions of the population.

Slums ring each city because that is where the workers live. Digital slums?

NFTs are amazingly hilarious

I once gave my wife the Brooklyn Bridge as a gift when we moved to Seattle. I should have used an NFT!

Symbolic space is here.

From Chris Raczkowski to Me: (Privately) 10:26 AM

Hey - Jeff. Great work to to call this session. I’ll have to peal away soon - but happy to join while I can.

From Me to Chris Raczkowski: (Privately) 10:27 AM

Thank you - and, I'd love to get your input/advice/help!

From Chris Raczkowski to Me: (Privately) 10:28 AM

Frankly - I see a lot of good progress. My personal plan is to focus the areas I can influence in a positive manner - and try to worry less about the usual bad actors that always exist. Hopefully good, positive results will marginalize bad actors. But that’s the best we can do.

From Scott David to Everyone: 10:31 AM

Human rights versus property rights.

Harms-rights-duties-breach-causation-damages-liability-insurance-reinsurance-financialization. The legal algorithm.

Start with sovereigns. They are ALL human creations (apologize for the blasphemy). SO ALL human rights ARE HUMAN creations. Self-regulation of the species.

From Chris Raczkowski to Everyone: 10:32 AM

Good discuss - which I’ve been happy to attend. I have to jump to another meeting . . .

From Scott David to Everyone: 10:35 AM

+1 Jean. Analog vs. digital. Consider notion of rule of law and equity-based protections for the shift.

From Line Kofoed to Everyone: 10:35 AM

Thanks!

From Scott David to Everyone: 10:42 AM

Harm to data - concept like conversion of personal property possibly?

Start with harms/anomalies.

Engineers and lawyers can agree what is “anomalous” in a system operation.

Harms is starting point. Nice.

Data is the vector through which the harms are communicated.

Also money is the vector through which the harms are quantiied

Democratizing the dark web.

We are moving into the space. This is happening.

Leaving it to the outside world to do it. SDGs have a nation state perspective.

Sovereigns wanting to remain relevant.

Paradigm shift. Awesome.

Standards as rule of law. Digital standards as equituy.

From Scott David to Me: (Privately) 10:51 AM

Let’s convene with Jean after IIW to work on this.

From Scott David to Everyone: 10:53 AM

Great stuff. Thanks for convening.

Humans first is an unfamiliar concept in the modern world.

We need to reestablish human auspices over human systems.

Identity is cultural enclosure.

Information is a dual use tech

From Me to [TIOF] Jean F. Queralt: (Privately) 10:54 AM

Let's meet after this session with Scott

From Me to Scott David: (Privately) 10:54 AM

Let's meet after this session

From Scott David to Everyone: 10:42 AM

Harm to data - concept like conversion of personal property possibly?

Start with harms/anomalies.

Engineers and lawyers can agree what is “anomalous” in a system operation.

Harms is starting point. Nice.

Data is the vector through which the harms are communicated.

Also money is the vector through which the harms are quantiied

Democratizing the dark web.

We are moving into the space. This is happening.

Leaving it to the outside world to do it. SDGs have a nation state perspective.

Sovereigns wanting to remain relevant.

Paradigm shift. Awesome.

Standards as rule of law. Digital standards as equituy.

From Scott David to Me: (Privately) 10:51 AM

Let’s convene with Jean after IIW to work on this.

From Scott David to Everyone: 10:53 AM

Great stuff. Thanks for convening.

Humans first is an unfamiliar concept in the modern world.

We need to reestablish human auspices over human systems.

Identity is cultural enclosure.

Information is a dual use tech

From Me to [TIOF] Jean F. Queralt: (Privately) 10:54 AM

Let's meet after this session with Scott

From Me to Scott David: (Privately) 10:54 AM

Let's meet after this session

From Shigeya Suzuki1 to Everyone: 10:56 AM

Interesting discussion.. thanks.

From Scott David to Everyone: 10:57 AM

I can beta test the test stack in my program possibly if useful

Tech stack

Git hub as project management back end. Nice.

Chat from post -session

Technically feasible systems. Are they “reasonable?”

Reasonable according to whom.

Do tech people have awareness of users and other affected stakeholders.

Tech as defect system structure and law.

Need feedback mechanisms to encourage P2P speech.

What is policy inputs

What are “lawmakers” in the new period.

Are they formal legislators or are they actors themselves.

AbuGhraib prisoners have been called “legislators” since they teach us as humans what we will not tolerate as behavior (torture in that case).

Legal authority delegations.

Ambiguity versus law as concept engineering

Rhetorical engineering. Mere removal of ambiguity adds value to systems.

Ambiguity IS the energy that drives markets. Disambiguation generates derisking for future interactions and therefore value.

Monopoly AND Monoposony should both be examined!

Lots of unpacking to do here.

First of all - ALL risks are in one of 4 categories. AAAA risk. Attacks, accidents, acts of nature, AI/ML. There are no other sources of threat/bulnerability. Each calls for different protections. Attacks versus accidental harm will have different profiles.

From Scott David to Everyone: 11:50 AM

Lawyers get paid by the hour. Efficient resolution of matters is uneconomic.

Is it data?

What if data is a commons? Co management regime rather than enclosure regime?

What if data is just a distraction. Is it co management of a risk commons?

UN SDGs don’t attend to side effects among SDGs/

What do humans have in common as a species that might be used as basis for common rules?

That is it!

sldavid@uw.edu

From Me to Everyone: 11:51 AM

jeffaresty@internetbar.org

From Karim Stekelenburg to Everyone: 11:51 AM

karim@animo.id

Retrieved from "https://iiw.idcommons.net/index.php?title=10I/_Internet_Governance_-_UDDI_-_Universal_Declaration_of_Digital_Identity&oldid=23734"