Legal Layer of the Stack

From IIW
Jump to: navigation, search

Attendees:

  • Scott David (Convener)
  • J. Trent Adams (Scribe)
  • Judith Bush
  • Rick Smith
  • Julie Martin
  • Mawaki Chango
  • Mason Lee
  • Steve Greenberg

Session Objectives:

  • Overview of concepts relating to legal/technology interfaces of identity
  • Identify potential useful work to "Map the Gap" between technology and law/regulation
  • Feed session results into a "Map the Gap" event planned for technologists and lawyers in Washington DC scheduled for February, 2010

General Discussion:

  • Linked information systems are "porous"
    • it is possible for data to be shared beyond the intended acquisition
  • Rapid technical innovation accelerating rate of information exchange
    • Law and culture lag behind technology advancement
    • Lawyers aren't in the business of predicting the future
    • Question of how to manage for "social" stability
  • Technology supports what are essentially "social" interactions / transactions
  • Business systems (driven by technology) require people to function
  • Interactions between people are codified by agreements (convention and contractual)
  • Interfaces between people are codified by legal agreements
    • "Lawyers are in the people-programming business" - Scott David
  • Part of effectively "mapping the gap" involves both technologists and lawyers
  • People need to understand both the technologies and laws
    • corollary: people need to understand technologists and lawyers
    • corollary: technologists and lawyers need to understand people (their needs & wants)
    • corollary: technologists and lawyers need to understand each other

Identified Needs:

  • Common nomenclature and/or translation scheme
  • Agreements for technology interoperability
  • Agreements for data-sharing interoperability
  • Guidelines for:
    • Effective interaction (technical and operational)
    • Violation monitoring / handling
    • Mitigation responses
    • Dispute resolution
  • Identifying cross-jurisdictional issues
  • Research & Evaluate Existing International Work:
    • Policies and regulations (legal)
    • Recommended guidelines (consortia)
    • Best practices (technology)

Next Steps:

  • Identify pain points
  • Potential solutions for the pain:
    • Taxonomy / common terminology across legal/technology gap
    • Scenario planning to understand long-range needs
    • Simple "test case" solution as starting point
      • E.g. Legal boiler plate defining the Attribution - Authentication - Authorization process in line with OMB 04-04 and NIST SB 800-63