8A/ Trusted Digital Assistant - why I don't need to manage my identity
Trusted Digital Assistant - Why I don’t need to manage my identity
Wednesday 8A
Convener: Robert Mitwicki
Notes-taker(s): Judith Bush
Tags for the session - technology discussed/ideas considered:
Wallet, one universal wallet, TDA, trusted digital assistant, consent, negotiation, personalization, Dynamic data economy
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
TDA why digital wallet is not enough
TDA is not one thing running on a particular device, but is available across many/all your devices.
Consider Jarvis in the Iron Man/Marvel films
Digital Identity Management is hard
One doesn’t _manage_ one’s own passport (carry it yes, but not handle the security etc)
To truly manage, you need to understand the technology, understand the assurance, know what is safe to share where.
Consider managing your own email server….
Zoom Chat:
From Neil Thomson to Everyone: Reality check - we need a service like the legal profession for identity. Experts in configuring your identity and interactions with services (the right set of consents) consistent with your personal preferences.
From Eric Drury to Everyone: That’s Iowa AI for you
From Neil Thomson to Everyone: A TDA as describe is an Artificial Intelligence, which is beyond current tech.
From Eric Drury to Everyone: +1 Neil
From Neil Thomson to Everyone: An "Personal Identity Advocate"
From Joachim Lohkamp to Everyone: So do you imagine a TDA to be a algorithm that not only manages your identities, but it would also need to make decisions…. How does the TDA learn about your preferences, values, restrictions both personal and also legal?
From Neil Thomson to Everyone: +1
From Eric Welton (Korsimoro) to Everyone: @Neil - we touched on that a little bit last session as well. Even if we were going to try to whip up a quick expert system or rules system or something to try to capture a bare-bones information fiduciary, acting on machine readable (IEEE 7x?) policies - we are lacking a trust expression language
What TDA can do for me
You can inform it of your needs and wants before advertising analytics can deduce
It can more accurately collect demographic and behavioral data instead of having it deduced
Manage identity & Consent (keys, policy, T&C negotiation)
From Eric Welton (Korsimoro) to Everyone: I think that trying to "program" a TDA is not reasonable for broad adoption - and if we try to make it an adaptive AI, it is going to necessarily drive our behaviour towards the center of the AI model (central tendency)
From Eric Welton (Korsimoro) to Everyone: the idea of hiring a firm or agency to manage your trust is also, i think, not quite right - because it monetizes/capitalizes/commodifies your very personal value system - whereas relying upon social institutions with which you are already value-aligned might work - yet, what is their incentive.
Now for discussion….
Is there a need for a trusted advisor
For some populations (alien to digital world, folks without resources), a trusted advocate
Trusted organizations (digital driver's licenses)
What should we as tech security experts + legal experts be recommending regarding consent agreements?
Consider continual authentication, consent
Discussions yesterday night re minimal device needed for interaction with digital identity. Could red cross bootstrap a sandboxed identity environment on behalf of.
The more we work on our own data the more value (and potentially privacy) we can get out.
Digital Organizer for Information and Services: different UI (including voice) around 12 years ago. The tech is not absent. It’s true that the AI on the side of the user isn’t necessarily there, but setting preferences and curation do have tech to trust with setting/agreeing. Compare to setting limits on children’s access to media. We have the building blocks for intuitive and effective agents. - Nicki Hickman poorly paraphrased
From Eric Welton (Korsimoro) to Everyone: +q to comment on an early view of Aires Agents (pre-Aires) and information fiduciaries - maybe after Nicky?
From Me to Everyone: Libraries are available in many communities with information experts as advisors who already support broad spectrum of populations
From pknowles to Everyone: Attenborough is SO my curator!
From Eric Welton (Korsimoro) to Everyone: +1
From pknowles to Everyone: (… or Nicky’s mum!)
From Nicky Hickman to Everyone: (you don't want my mum as your curator - not unless you have an excellent sense of (british) humour)
Tension of personal vs cultural norm settings
Change the incentive so culture benefits first before corporate or individual: eg: individual users may be willing to exchange data for relatively low value in such a way as does not benefit culture (eg: causes harm to other individuals)
Aries client acting as a fiduciary agent. Consider LifeScope and Rebase projects (gather all my data and monitor it)
From Me to Everyone: It would be fab if there were creative commons equiv T&C
From Neil Thomson to Everyone: Consensus is required on use of identity, PII and related data consistent with “Minimal Disclosure of Privacy” (MDP) to work with DDE Services
• Education of consumers
• Best practice -> Regulations -> Standardization
• With tools assisting where possible
Pools of partial policies -- a vegan policy used at restaurants, grocery but not auto dealer -- could make configuration easier
A step between guardianship and a full sovereignty -- assisted sovereignty by an ai that --- also, this AI that has learned could assist one’s guardians if one loses capacity (age, illness)
From Nicky Hickman to Everyone: cool idea Eric, different groups could brand and customise their overlays. EG your local church, your political party, your yoga teacher
From Neil Thomson to Everyone: Currently difficult even for a person (curator, advocate, guardian) to advise on consent, recommended DDE services, etc. as use of PII and consent on PII is currently at least partially hidden by Google, FB, etc. as to what they ask for consent and what they actually do with the data
From Eric Welton (Korsimoro) to Everyone: exactly - we need appropriate legislative pressures - absent in China and the US but thankfully still alive in the EU
Paul Knowles suggests mapping a standard corporate structure to the trusted digital assistant .
TDA as a new type of web browser.
Birth attestation project led to the concept of a digital orphan - -hard to identify the owner of digital identity when a population is transient
Cost of correlation is the brown - possible but expensive, exceeds the value (blue line)
From pknowles to Everyone: Part 2 of the webinar (from 20 mins in). https://humancolossus.foundation/blog/invitation-core-public-utility-technologies-for-a-next-generation-internet
This demonstrates why we need to change the rules of the economics that drive correlative actions.
Create purpose bases services - get rid of apps and replace with services. Instead of having to download an app for every transit service (and read all of its T&C), have a standard service that the TDA can manage for any service. (The TDA could also determine routing, preferences in transit options, etc, as well as negotiate the T&C for the various options.) -- Dynamic data economy
Services provide services, not use services to get an app on someone’s device, and use data aggregation as the business model.
From Eric Welton (Korsimoro) to Everyone: q+ to mention idea about a personal TDA swarm/collective
Who is paying for the servers, etc? My agent for corporation X runs in corp X’s DMZ -- corp X pays for the hardware etc to run my micro-agent. Then all the micro-agents (the swarm) communicate back to my center. Removes the latency/ location issue of where my agent runs. -- Eric Welton (Korsimoro)
Robert replies: The trusted digital agent needs to be run by a trusted party (can the swarm agents be trusted)
Is the model pure capitalism (everything driven by capitalistic incentives) -OR- does the model of base infrastructure run as a collective effort? How to balance a private sector portion against the commons, so that the breadth of the community can continue to benefit from the commons.
If digital identity REQUIRES a phone, the solution isn’t JUST getting everyone a phone but also getting phones that are usable across the breadth of values and abilities.
Need to have technologies that are agnostic of the user interface. -- see minimal device discussion.
Compare to biometric archives that persist identity “papers” for those who might lose them…
Some personal data (e.g. you have Corona Virus) needs to be shared (you contract with your health service to share) for the public good.
Eric - Property Law (and legal support) is not the right model for “owning” data.
Data is like electricity (as a public resource) - it needs to be available to everyone (example during earthquake for emergency response) - but how is it gated.
Many people will be reluctant to share what may be vital to themselves (e.g. in emergency) at some later date or information that impacts others, but are reluctant to share (infectious disease).
Idea - make selling data illegal. You can use it and exchange it, but you cannot sell it.
Neil - that will be almost impossible as that is the new oil, which already makes Google (and others) too much money.
Governance frameworks are going to play a major role in how this pans out. One framework for everyone isn’t going to work. (e.g. by industry).
TDA - not necessary if “everyone is behaviour properly”.
Is digital paper vs. a smart device the minimal Identity device?
From Eric Welton (Korsimoro) to Everyone: TDA is like the early visions of an Agent - but I'm not sure if it matches the current Agent model, or if other folks agree with that assessment? Fiduciary. I just lost my driver's license (the plastic card one :( ) - and the AI chatbot in Iowa didn't help me get it back :(
From Me to Everyone: Reality check - we need a service like the legal profession for identity. Experts in configuring your identity and interactions with services (the right set of consents) consistent with your personal preferences.
From Eric Drury to Everyone: That’s Iowa AI for you
From Me to Everyone: A TDA as describe is an Artificial Intelligence, which is beyond current tech.
From Eric Drury to Everyone: +1 Neil
From Me to Everyone: An "Personal Identity Advocate"
From Joachim Lohkamp to Everyone: So do you imagine a TDA to be a algorithm that not only manages your identities, but it would also need to make decisions…. How does the TDA learn about your preferences, values, restrictions both personal and also legal?
From Me to Everyone: +1
From Eric Welton (Korsimoro) to Everyone: @Neil - we touched on that a little bit last session as well. Even if we were going to try to whip up a quick expert system or rules system or something to try to capture a bare-bones information fiduciary, acting on machine readable (IEEE 7x?) policies - we are lacking a trust expression language. I think that trying to "program" a TDA is not reasonable for broad adoption - and if we try to make it an adaptive AI, it is going to necessarily drive our behaviour towards the center of the AI model (central tendency) the idea of hiring a firm or agency to manage your trust is also, i think, not quite right - because it monetizes/capitalizes/commodifies your very personal value system - whereas relying upon social institutions with which you are already value-aligned might work - yet, what is their incentive.
From Eric Welton (Korsimoro) to Everyone: +q to comment on an early view of Aires Agents (pre-Aires) and information fiduciaries - maybe after Nicky?
From Judith Bush to Everyone: Libraries are available in many communities with information experts as advisors who already support broad spectrum of populations
From pknowles to Everyone: Attenborough is SO my curator!
From Eric Welton (Korsimoro) to Everyone: +1
From pknowles to Everyone: (… or Nicky’s mum!)
From Nicky Hickman to Everyone: (you don't want my mum as your curator - not unless you have an excellent sense of (british) humour)
From Judith Bush to Everyone: It would be fab if there were creative commons equiv T&C
From Me to Everyone: Consensus is required on use of identity, PII and related data consistent with “Minimal Disclosure of Privacy” (MDP) to work with DDE Services
• Education of consumers
• Best practice -> Regulations -> Standardization
• With tools assisting where possible
From Nicky Hickman to Everyone: cool idea Eric, different groups could brand and customise their overlays. EG your local church, your political party, your yoga teacher
From Me to Everyone: Currently difficult even for a person (curator, advocate, guardian) to advise on consent, recommended DDE services, etc. as use of PII and consent on PII is currently at least partially hidden by Google, FB, etc. as to what they ask for consent and what they actually do with the data
From Eric Welton (Korsimoro) to Everyone: exactly - we need appropriate legislative pressures - absent in China and the US but thankfully still alive in the EU
From pknowles to Everyone: Part 2 of the webinar (from 20 mins in). https://humancolossus.foundation/blog/invitation-core-public-utility-technologies-for-a-next-generation-internet
From Eric Welton (Korsimoro) to Everyone: q+ to mention idea about a personal TDA swarm/collective
From Eric Welton (Korsimoro) to Everyone: there's a name for transactional love.....Agunity did exactly that w/ the phones
From Judith Bush to Everyone: Who is going to make the phones accessible to all? It’s not just getting the phone
From Eric Welton (Korsimoro) to Everyone: +1
From Me to Everyone: +!
From Judith Bush to Everyone: I will be walking away in a few minutes to an appointment — anyone who wants to take over notes FEEL FREE!. Chat up to the swarm question is included. Thanks!
From Eric Welton (Korsimoro) to Everyone: I knew you were going to say that..... ;)
From Eric Welton (Korsimoro) to Everyone: I recommend the me2b-alliance as a group working on that sort of certification
