Last Update 5:22 AM June 24, 2021 (UTC)

Organizations | Identosphere Blogcatcher

Brought to you by Identity Woman and Infominer.
Support this collaboration on Patreon!!

Thursday, 24. June 2021

Blockchain Commons

Gordian QR Tool Supports Vaccine Records, 2FAs, Cryptoseeds, and More

The state of California recently announced their Digital COVID-19 Vaccine Record system. It allows Californians to access a digital copy of their vaccine records, rather than having to depend entirely on their physical copy. The main entry point is a QR code containing a rudimentary Verifiable Claim (VC), which makes for great ease of use. However, Blockchain Commons has concerns over how the user

The state of California recently announced their Digital COVID-19 Vaccine Record system. It allows Californians to access a digital copy of their vaccine records, rather than having to depend entirely on their physical copy. The main entry point is a QR code containing a rudimentary Verifiable Claim (VC), which makes for great ease of use. However, Blockchain Commons has concerns over how the user experience (UX) design might negatively affect both privacy and security; we are working to address these with our new Gordian QR Tool for the iPhone, Blockchain Commons’ first Apple appstore release.

Read More

For a while now, increasingly personal information has been getting encoded as QRs. During the pandemic, COVID tests were often stored as QRs. There has also been extensive use of QR codes to transmit secure information across an airgap. Many people first saw this use of QRs when they read a QR code for a two-factor authentication seed into their phone’s Authenticator app. At Blockchain Commons, we similarly use QR codes as an encoding method to transmit seeds and keys.

Some possible architectural issues arise from using QR codes for confidential data, such as the fact that you’re actually transmitting the data (not a proof of the data), that the QRs tend to contain all of the data (not just a selection), and that there’s no way to rescind a QR or expire it. Those issues will have to be dealt with at a foundational level as we figure out what can safely be encoded as a QR — and more importantly how to offer restricted proofs rather than complete information.

However, there are also security & privacy UX issues related to the storage of QR codes that need to be resolved no matter what is encoded. The state of California itself demonstrated the bad habits that we’re already developing when they said in their official press release: “individuals are encouraged to screenshot the information and save it to their phone files or camera roll”.

Now, storing QRs as photos on a phone does meet some minimal security requirements. Most phones are closely held and protected by a PIN, a thumbprint, or a faceprint. They’re often backed up to a cloud service and that cloud data is mostly secured as well. Still, there are numerous opportunities for problems.

That’s in large part due to the fact that photos are built to be shared. It’s very easy to send a photo to a friend or a social network, which is great for photos, but less so for your QR codes. In addition, photos are built to be synced. Though your data might be relatively safe if it’s synced to the cloud, it’s not that secure when synced to your desktop computer, which is vulnerable to malware and other attacks.

Photos also aren’t built to be searched and their categorization systems are usually rudimentary. Even if your QR code was safe, you might not be able to easily find it.

That’s where Blockchain Commons’ Gordian QR Tool for the iPhone comes in. Though we can only make sure that our own uses of QR codes are architecturally secure, we can definitely provide better ways to store QR codes, and that’s what QR Tool does.

QR Tool lets you scan any QR code into an encrypted vault. It then protects your code with two-factor authentication: you initilally log in with your Apple login and password, and then anytime you want to view your codes, you additionally must use a biometric authentication, such as a fingerprint. Unlike your semi-porous camera roll, QR Tool was built to keep confidential information secure.

QR Tool also provides proof that your codes weren’t changed. Using Lifehash technology, QR Tool links each code to a unique, evocative, and unchanging graphical color representation. This will prove particularly useful when the Lifehash specification is adopted by other companies, so that you can transfer a QR code between applications and verify immediately that it’s the same — something that’s difficult with the QR code alone.

Finally, QR Tool resolves the problem of categorization by automatically recognizing a wide variety of QR codes and giving you the opportunity to change those categorizations as you see fit.

If the future we hope to see more fully featured Verifiable Credentials, but there’s no doubt that QRs are with us for the moment, and we need to make sure that they remain secure and easy to use. This is why we released QR Tool. It’s a reference implementation for the Gordian Principles, demonstrating how to store confidential data in a way that’s independent, private, resilient, and open: QR Tool ensures that you hold your own QRs, that they’re safe, and that you can easily transmit them to other services.

If you’ve got QRs of your own to secure, you can purchase QR Tool from the Apple Store or you can compile it directly from the source code found at the QR Tool repo on GitHub.

Wednesday, 23. June 2021

Oasis Open

Invitation to comment on AS4 Interoperability Profile for Four-Corner Networks v1.0

This specification defines an interoperability profile of the AS4 Profile of ebMS 3.0 for use in four-corner networks. The post Invitation to comment on AS4 Interoperability Profile for Four-Corner Networks v1.0 appeared first on OASIS Open.

First public review of draft specification - ends July 23rd

We are pleased to announce that AS4 Interoperability Profile for Four-Corner Networks v1.0 from the BDXR TC [1] is now available for public review and comment. This is its first public review.

This specification defines an interoperability profile of the AS4 Profile of ebMS 3.0 for use in four-corner networks. In a four-corner network, entities are exchanging business documents through intermediary gateway services (sometimes called Access Points).

The documents and related files are available here:

AS4 Interoperability Profile for Four-Corner Networks Version 1.0
Committee Specification Draft 01
02 June 2021

Editable source (Authoritative):
https://docs.oasis-open.org/bdxr/bdx-as4/v1.0/csd01/bdx-as4-v1.0-csd01.docx
HTML:
https://docs.oasis-open.org/bdxr/bdx-as4/v1.0/csd01/bdx-as4-v1.0-csd01.html
PDF:
https://docs.oasis-open.org/bdxr/bdx-as4/v1.0/csd01/bdx-as4-v1.0-csd01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:

https://docs.oasis-open.org/bdxr/bdx-as4/v1.0/csd01/bdx-as4-v1.0-csd01.zip

How to Provide Feedback

OASIS and the OASIS Business Document Exchange (BDXR) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 24 June 2021 at 00:00 UTC and ends 23 July at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=bdxr).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/bdxr-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the BDXR TC can be found at the TC’s public home page [1].

Additional references [1] OASIS Business Document Exchange (BDXR) TC
http://www.oasis-open.org/committees/bdxr/

[2] http://www.oasis-open.org/policies-guidelines/ipr

[3] http://www.oasis-open.org/committees/bdxr/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#Non-Assertion-Mode
Non-Assertion Mode

The post Invitation to comment on AS4 Interoperability Profile for Four-Corner Networks v1.0 appeared first on OASIS Open.


OpenID

OpenID Financial-grade API (FAPI) Conformance Tests Released for Final FAPI 1.0 Parts 1 and 2 Specifications

The OpenID Foundation is pleased to announce the release of Financial-grade API (FAPI) OP and RP conformance tests for the Final FAPI 1.0 Part 1 and 2 specifications announced on March 31, 2021. Many organizations and jurisdictions utilized the FAPI Implementer’s Draft 2 as the starting point of their adoption of FAPI in defining their open banking solution […] The post OpenID Fina

The OpenID Foundation is pleased to announce the release of Financial-grade API (FAPI) OP and RP conformance tests for the Final FAPI 1.0 Part 1 and 2 specifications announced on March 31, 2021.

Many organizations and jurisdictions utilized the FAPI Implementer’s Draft 2 as the starting point of their adoption of FAPI in defining their open banking solution stacks. To assist these organizations and jurisdictions in transitioning from the FAPI RW Implementers Draft 2 to the FAPI 1 Part 1 and 2 final specifications, Joseph Heenan, OpenID Certification Program Technical Lead, published a non-normative list of changes document.

This document is a non-normative list of the changes between the second implementer’s draft of FAPI1 part 1 (read only / baseline) and part 2 (read-write / advanced) and the final versions:

Changes are listed as major if they may require alterations to implementations. Changes are listed as minor if they are generally clarifications and are unlikely to require alterations to existing implementations that were already applying best current practice. Most changes have both client and server clauses that reflect the same change to the protocol; such a change is only listed once below in the interests of brevity.

More information about running the new FAPI OP conformance tests can be found here: https://openid.net/certification/fapi_op_testing/.

More information about running the new FAPI RP conformance tests can be found here: https://openid.net/certification/fapi_rp_testing/.

Please reference the OpenID Certification page for more information about the certification program and to review the current directory of certified implementations. Any questions about OpenID Certification can be sent to certification@oidf.org.

For more information on the Financial-grade API (FAPI) Working Group, please visit: https://openid.net/wg/fapi/.

The post OpenID Financial-grade API (FAPI) Conformance Tests Released for Final FAPI 1.0 Parts 1 and 2 Specifications first appeared on OpenID.

Oasis Open

STIX™ V2.1 and TAXII™ V2.1 OASIS Standards are published

Leading standards for representing and sharing cyber threat intelligence are now available. The post STIX™ V2.1 and TAXII™ V2.1 OASIS Standards are published appeared first on OASIS Open.

The newest OASIS Standards are now publicly available for download and implementation.

OASIS is pleased to announce the publication of its newest OASIS Standards, approved by the members on 10 June 2021:

STIX Version 2.1
OASIS Standard
10 June 2021

and

TAXII Version 2.1
OASIS Standard
10 June 2021

The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. The work was based initially on three specifications contributed by the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information Expression), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable Expression).

Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyber threat intelligence. STIX enables organizations and tools to share threat intelligence with one another in a way that improves many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.

The TC received 11 Statements of Use from Accenture Security, Anomali, Avast Software s.r.o., CISA, DarkLight, Inc., EclecticIQ B.V., Fujitsu, IBM, New Context, SEKOIA, and Trend Micro.

TAXII is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. it is specifically designed to support the exchange of CTI represented in STIX, but is not limited to STIX.

The TC received 9 Statements of Use from Avast Software s.r.o., Celerium, CISA, Cyware Labs, EclecticIQ B.V., FreeTAXII, Fujitsu, SEKOIA, and Trend Micro.

URIs

The OASIS Standards and all related files are available here:

STIX Version 2.1

Editable source (Authoritative):

https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.docx

HTML:
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html

PDF:
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.pdf

TAXII Version 2.1

Editable source (Authoritative):
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.docx

HTML:
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.html

PDF:
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.pdf

Distribution ZIP files

For your convenience, OASIS provides a complete package of the prose specifications and related files in ZIP distribution files. You can download the ZIP files here:

STIX Version 2.1: https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.zip TAXII Version 2.1: https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.zip

Our congratulations to the members of the OASIS Cyber Threat Intelligence (CTI) TC on achieving this milestone.

The post STIX™ V2.1 and TAXII™ V2.1 OASIS Standards are published appeared first on OASIS Open.


Good ID

World’s Largest Tech Companies Drive FIDO Alliance’s New User Experience Guidelines

By Andrew Shikiar, Executive Director and Chief Marketing Officer, FIDO Alliance FIDO Authentication has seen remarkable acceptance over the past few years, thanks in large part to standardization by the […] The post World’s Largest Tech Companies Drive FIDO Alliance’s New User Experience Guidelines appeared first on FIDO Alliance.

By Andrew Shikiar, Executive Director and Chief Marketing Officer, FIDO Alliance

FIDO Authentication has seen remarkable acceptance over the past few years, thanks in large part to standardization by the World Wide Web Consortium (W3C) and the subsequent adoption into leading device platforms and browsers. All told, we estimate over 4 billion devices (inclusive of Windows 10 PCs as well as every modern Apple and Android device) now support FIDO Authentication, as do over 88% of web browsers. Couple that addressable market with the ability for developers to write to the public FIDO2 WebAuthn API and you can see why so many enterprises are featuring FIDO support in request for proposals (RFPs) and accelerating related development plans.

However, while FIDO definitely does provide a simpler, stronger approach to user authentication, there is still a need to get users more accustomed to the user experience – and to optimize these flows as much as possible.  In short, “if you build it they will come” isn’t always sufficient for paradigm-changing technologies. We’ve heard from more and more relying parties that they would benefit from tips on how to most effectively implement FIDO in a way that resonates with consumers and works across major browsers and platforms.   

Over the past five years, the Alliance has conducted research that has consistently found consumers want to use FIDO authentication once they understand what it is and to have common “FIDO-enabled” signals to show where to obtain it. This illustrates the need for FIDO to be introduced to consumers in a user-friendly and consistent way in order for our protocols to be adopted at scale.  

To address this requirement, FIDO’s Board of Directors last year launched a User Experience (UX) Task Force (UXTF), drawing on world-class UX experts from many of our member companies, including Bank of America, eBay, Facebook, Google, HYPR, IBM, Intuit, JP Morgan Chase Bank, Microsoft, Trusona, Visa, and Wells Fargo. The UXTF was tasked with creating recommendations and best practices for how to deploy FIDO, factoring in utilization of FIDO messaging, logos and other visual cues. We partnered with consulting firm Blink UX to conduct the first formal usability research of FIDO user journeys, including registration and authentication steps and various use cases – all feeding into our Desktop Authenticator UX Guidelines.

To complement this effort, we constructed a strawman banking user journey that could be used to test various assumptions and to better examine the authentication steps actually employed by users. With IBM’s assistance, a website was created to reflect this use case and was utilized during our testing and analyses.  The site will remain live as a reference implementation of our UX Guidelines. 

We divided the typical FIDO journey into a series of four major steps:

Promote awareness of the availability of various biometric sign-ins, then perform the actual sign-in and determine if a user has a FIDO-eligible device that can be used in the authentication process. Invite users to register via FIDO, especially if they are using Windows Hello or Apple TouchID. The actual FIDO registration of the user’s desktop authenticator, along with messages showing success or failure. Making FIDO the primary sign-in path, and issue appropriate confirmation messages.

The UX tests were done in three different rounds. First was a qualitative series where we walked participants through a mock-up of the site and test. This allowed us to get feedback on some of our initial messaging and visual assumptions, which fed into the final site design. Next, we ran 100 subjects through independent quantitative testing – where they were assigned and had to complete a mock banking task, which included a prompt to enroll for FIDO login. Our last round of testing were qualitative video interviews, which provided an invaluable human element and insights on the FIDO value proposition. 

Collectively, these tests are what helped define and focus our messaging, logos and various other iconography and logic flows that were useful in developing UX guidelines and other best practices for FIDO implementations.

Our preliminary recommendations from these tests are:

Use a simple biometric image (such as a fingerprint icon) to trigger the initial user registration, then have FIDO logos at each touchpoint to confirm that a user is following the right sequence of steps. Make sure developers optimize for each type of environment (operating system and device form factors such as laptop or phone) for each FIDO-capable device. For example, Windows and MacOS have different icons that are used to designate fingerprint usage, as shown in the below screencaps. Use one of two suggested messaging styles: we tested and validated one style that is simple and one that is to “add an option.” For example, a simple message might say: “You’re eligible for a simpler sign-in! Learn how you can skip your password the next time you sign in. Register now.” And the optional message might say:  “Add an easy and safe way to access your account. Register now.” Take steps to educate consumers and customer support staff on FIDO. Promote FIDO awareness across multiple touch points and marketing channels such as email and direct postal mail campaigns and social media. This should include information about FIDO-capable device availability and how to use FIDO on Windows 10 Hello and Apple smartphones.  This also will help address potential user reluctance around using biometric sign-ins. Although many users view biometric sign-in as desirable, convenient, and secure, some users initially express hesitancy to share biometric or other computer sign-in information with their bank or with FIDO – and hence need to be educated that their biometrics stay safely on their device. Have a special “problem resolution” path for those customers who run into problems.

FIDO Alliance’s ultimate goal is to see as many service providers moving their customers away from password-based authentication as soon as possible – and we hope that these UX guidelines can help accelerate this movement.  As this is our first foray into usability guidance we’re also open to and appreciative of feedback from deploying organizations.  

 Read more about FIDO’s UX efforts and research here.

The post World’s Largest Tech Companies Drive FIDO Alliance’s New User Experience Guidelines appeared first on FIDO Alliance.


FIDO2 Enhancements for Enterprise & Complex Security Applications

By David Turner, Director of Standards Development, FIDO Alliance Today we are announcing enhancements to two of the core FIDO protocols, the Client To Authenticator Protocol (CTAP) v2.1 and WebAuthn […] The post FIDO2 Enhancements for Enterprise & Complex Security Applications appeared first on FIDO Alliance.

By David Turner, Director of Standards Development, FIDO Alliance

Today we are announcing enhancements to two of the core FIDO protocols, the Client To Authenticator Protocol (CTAP) v2.1 and WebAuthn Level 2 – which collectively comprise FIDO2. Both are significant advances in extending FIDO’s capabilities specifically for enterprise users and supporting more complex application use cases. These enhancements come at an appropriate time, given the increased demand and rate of adoption for FIDO methods as the pandemic and remote work continues throughout the world.

The FIDO2 WebAuthn protocol is a set of application programming interfaces (APIs) that describe how to enable authentications inside browser sessions. Level 2 is the latest version of the standard, which is maintained by the W3C organization and was released in April. This standard makes it easier to write web applications that use FIDO Authentication, which is now supported across the five major endpoint operating systems (Windows, MacOS, Linux, Android, ChromeOS, and iOS).  

There are six major improvements that we are announcing today:

Enterprise attestation

Today’s announcements increase support for enterprise management of devices and users. The CTAP and WebAuthn protocols have added features that make it easier for enterprises to add specific user identity data during the registration process, so corporate administrators can more easily track key distribution and usage. Because these features can reveal some private user information – information that they would have divulged anyway to their employer – this feature is not available directly to consumers’ authenticators. Instead, authenticators must be pre-programmed (before credential registration) with these enterprise attestations by the enterprises themselves. 

Cross-origin iFrame support

This feature allows web-based ecommerce transactions to be completed within pop-up windows on a browser, something that was forbidden in earlier FIDO versions as a way to protect potential man-in-the-middle and man-in-the-browser attack scenarios. The new standards make a very safe, secure and encrypted way to accomplish these transactions, without revealing data pulled from multiple domains such as the originating vendor, the user’s bank account, a credit card issuer, and so forth. It also helps in situations when users are connecting via bandwidth-limited circumstances (such as via Bluetooth or poor Wifi signals) to keep the authentication workflow moving without a lot of back-and-forth network traffic and latency delays. 

Support for Apple Attestations

FIDO Alliance has been pleased to have Apple as a contributing member for the past 18 months. This feature adds support for Apple’s method of doing attestation on their devices using the WebAuthn protocols.

Better biometric management

The CTAP v2.1 additions include better biometric enrollment and management features, so that users can register multiple fingerprints and other bio-markers. Additionally, enterprises can set minimum PIN lengths. As more mobile devices include facial and fingerprint recognition, this keeps FIDO current with the latest authentication technologies.

Large blob support

An alternative to running a centralized authentication service, this feature includes a way to store things like certificates that may be necessary for other authentication scenarios, such as using encrypted SSH connections. 

Resident credential improvements 

Now called discoverable credentials, this enables passwordless workflows to re-authenticate a user. The authentication dialog automatically finds and applies an existing credential and asks for user confirmation, thus making FIDO easier to use.

Always Require User Verification

This feature allows a user to protect the credentials on their authenticator with some form of user verification independent of the Relying Party. Platform authenticators and other authenticators with the feature enabled will always perform user verification. Some certification programs such as US FIPS 140-3 prohibit the authenticator performing signing operations without authentication.

The post FIDO2 Enhancements for Enterprise & Complex Security Applications appeared first on FIDO Alliance.


GS1

3.8 Contact change

A change to contact information refers to updates to details on how to communicate with a party/location. Changes to the contact information associated to a party or location do not require the allocation of a new GLN. ■ Change to contact details of legal entity □ Same GLN: When the legal entity contact details (visiting address, postal address, phone number, e-mail address, etc.) chang

A change to contact information refers to updates to details on how to communicate with a party/location.

Changes to the contact information associated to a party or location do not require the allocation of a new GLN.

■ Change to contact details of legal entity

□ Same GLN: When the legal entity contact details (visiting address, postal address, phone number, e-mail address, etc.) change

- Example: Change of the email address of the company headquarters

■ Change of the function contact details

□ Same GLN: When the function's contact details change

- Example: The individual within the accounting department that acted at primary point-of-contact for billing left the company, so all associated contact details were updated

- Example: Change to phone number for emergency contact for facilities/maintenance

- Example: An e-mail that supports the system identified by the GLN is added

Relevant guiding principles: While many situations involving contact changes will not impact the guiding principles, certain scenarios may. Refer to section 1.1 for more details.


3.7 Financial change

Financial changes refer to updates to information needed to process payments between business entities. Changes to the financial information associated to a party or location do not require the allocation of a new GLN. ■ Change to tax registration number of legal entity □ Same GLN: when the tax registration number of the legal entity changes - Example: VAT (value added tax) registration

Financial changes refer to updates to information needed to process payments between business entities.

Changes to the financial information associated to a party or location do not require the allocation of a new GLN.

■ Change to tax registration number of legal entity

□ Same GLN: when the tax registration number of the legal entity changes

- Example: VAT (value added tax) registration number of the legal entity changes.

■ Change to financial account information

□ Same GLN: When the financial account information associated with the function changes.

- Example: Bank routing number was changed

- Example: Financial information associated to a GLN was removed and not replaced with new information

Relevant guiding principles: While many situations involving financial changes will not impact the guiding principles, certain scenarios may. Refer to section 1.1 for more details.


3.6 Party/location name change

A name change occurs when updates to how a party/location is officially referred to take place. Changes to the name of a party or location do not require the allocation of a new GLN. ■ Change to legal name □ Same GLN: Change to enterprise legal name does not require the GLN to be changed. - Example: A company changes their legal, authoritative name - Example: A warehouse that was prev

A name change occurs when updates to how a party/location is officially referred to take place.

Changes to the name of a party or location do not require the allocation of a new GLN.

■ Change to legal name

□ Same GLN: Change to enterprise legal name does not require the GLN to be changed.

- Example: A company changes their legal, authoritative name

- Example: A warehouse that was previously called Warehouse West was updated to Warehouse Alpha

Note: Changes to names commonly result from changes outlined in other rules, such as, mergers, acquisitions, legal framework changes, or splits.

Relevant guiding principles: While many situations involving name changes will not impact the guiding principles, certain scenarios may. Refer to section 1.1 for more details.


3.5 Change to party/location address

A change to party/location address occurs when the location reference point for interacting with the party/location is modified. This may be a change to an address, coordinates, geofence, or other location reference. Figure 3‑1 provides an overview of the address changes included in section 3.5. Figure 3‑4 Change to party/location address overview Main Topic Use Case Example

A change to party/location address occurs when the location reference point for interacting with the party/location is modified. This may be a change to an address, coordinates, geofence, or other location reference.

Figure 3‑1 provides an overview of the address changes included in section 3.5.

Figure 3‑4 Change to party/location address overview

Main Topic

Use Case

Example

New GLN needed?

Physical location address change

Section 3.5.1

Location reference of physical location changes

A retail store moves from 123 Main Street to 1023 Standards Drive.

YES

Physical location address change

Section 3.5.1

Municipal address change without physical change

Municipality renames street. The location does not physically change place any way.

NO

Digital location address change

Section 3.5.1

Change to network address (retrieved via GLN)

URL access point changes from https://api.example.com/mycojmpany/invoce to https://api.example.com/mycojmpany/xml-invoce

YES

Mobile location address update

Section 3.5.1.1

GLN pre-designated as identifying a mobile location is expected to move

A food truck changes location based on season, time of day, and local events.

NO

Legal entity relocation

Section 3.5.2

Relocation of a legal entity where the GLN is NOT being used to also identify a location

Company moves from New York to Los Angeles. The GLN identifying the legal entity does not identify the physical location.

NO

Function relocation

Section 3.5.2

Changing operating location(s) of a function where the GLN is NOT being used to also identify a location

A human resources department moves from Cape Town to Johannesburg. The GLN identifying the function does not identify the physical location.

NO

Party operates at multiple locations

Section 3.5.2

A legal entity or function continually operates at multiple locations identified by different GLNs.

The maternity ward is based on the second floor, wing B, but sometimes also utilises rooms in wing C and wing D. Each wing has a unique GLN identifying the location that is separate from the GLN for the maternity ward function.

NO

3.5.1 Physical and digital location address change

Changes to the access point, coordinates, or other representation of location which impact the guiding principles require the allocation of a new GLN.

■ Change of the physical location

□ New GLN: When the access address of a physical location changes.

- Example: Moved to a different building

- Example: A physical location is required to register with a government body to comply with regulations.

■ Municipal address change without physical change

□ Same GLN: When the address of a physical location is changed by the authorities, but the actual physical coordinates of the location remain unchanged.

- Example: Municipality assigns new street names and numbers. A building stays physically at the same spot but its access address or entry gate changes.

■ Change to network address (retrieved via the GLN)

□ New GLN: Where the GLN is used as a key to retrieve the network address from a metadata repository.

- Example: URL access point changes from https://api.example.com/mycojmpany/invoce to https://api.example.com/mycojmpany/xml-invoce

Relevant guiding principles

This table represents the guiding principles most likely to be impacted by a party or location address change for a GLN identifying a legal entity, function, physical location, and digital location. Unique situations could occur that impact additional guiding principles. Refer to section 1.1 for more details.

Figure 3‑5 Relevant guiding principles for physical and digital location address change

Does a stakeholder need to distinguish the changed or new party/location from previous/current party/location?

Is there a regulatory/liability disclosure requirement by the stakeholder?

Is there a substantial impact to the supply chain?

Legal entity

Function

Physical location*

YES

YES

YES

Digital location

YES

YES

*Discontinuing or replacing GLNs identifying physical locations will impact any existing GLN extension components. See section 2.3.1 for more detail.

3.5.1.1 Mobile location exception

When a GLN is designated as identifying a mobile location, changes to address, coordinates, or other representation of location do not require the allocation of a new GLN.

■ Movement of mobile locations

□ Same GLN: Where a GLN is pre-designated as being a mobile, physical location that is capable of moving to different locations

- Example: An ambulance functions as a location where patients received treatment, assets are stored, and trade items must be stocked.

- Example: A food truck changes its location frequently throughout the day. The operator may have a need to track and share location for a variety of reasons that could including providing proof that it operated within permitted areas, where deliveries should be made to, and/or where those looking to interact with the food truck can find it.

- Example: Transport means such as ships and airplanes may also be shipment destinations. In such cases, these types of locations are best treated as facilities, with the GLN as main identifier. Although transport means do not have a fixed address the GLN allows for easy adoption of existing standards, such as eCommerce order-to-cash.

3.5.2 Legal entity and function relocation

Changes to the location(s) associated to a legal entity or function do not require the allocation of a new GLN.

■ Relocation of a legal entity

□ Same GLN: When a GLN identifying a legal entity that is not also being used to identify a physical location relocates to a different address, the GLN may remain the same.

- Example: Company moves from New York to Los Angeles

■ Changing operating location(s) of a function

□ Same GLN: When a GLN identifying a function that is not also being used to identify a physical location relocates to a different address, the GLN may remain the same.

□ Same GLN: For functions that continually operate at various locations, the GLN may remain the same.

- Example: The maternity ward is based on the second floor, wing B, but sometimes also utilises rooms in wing C.

Relevant guiding principles: While many situations involving party relocations will not impact the guiding principles, certain scenarios may. Refer to section 1.1 for more details.


3.4 Change of party/location use or purpose

A change of use or purpose occurs when the activities, purpose, or functionality of a party/location is modified resulting in persistent differences in how that party/location can be interacted with. Changes to the activities, purpose, or functionality of a party or location which impact the guiding principles require a new GLN. ■ Change to legal framework □ New GLN: In cases of changes t

A change of use or purpose occurs when the activities, purpose, or functionality of a party/location is modified resulting in persistent differences in how that party/location can be interacted with.

Changes to the activities, purpose, or functionality of a party or location which impact the guiding principles require a new GLN.

■ Change to legal framework

□ New GLN: In cases of changes to a legal entity which impact the guiding principles, a new GLN may be required. Please contact your local GS1 Member Organisation for additional information on local requirements.

□ Example: A company registered under the Canada Not-for-profit Corporations Act elects to become a for profit corporation and re-registers under the Canada Business Corporations Act.

■ Change of the function purpose

□ New GLN: In cases of changes to a function’s purpose which impact the guiding principles:

- Example: If cold storage reception no longer has a cold storage capability, a new GLN must be allocated.

■ Change of use of the physical location

□ New GLN: When activities carried out at a physical location or its purpose change in a way which impact the guiding principles, a new GLN is required.

- Example: A distribution centre is converted into office space

■ Change to system purpose / scope of a digital location

□ New GLN: In cases of changes to the purpose or scope of a digital location which impact the guiding principles, a new GLN is required.

- Example: The GLN will be changed when a major software update is made, e.g., different vendor or major upgrade.

- Example: Company A is using GLNs to identify systems for their EDI gateway. To distinguish between production, test and development environments, separate GLNs are used.

□ Same GLN: If changes to the purpose or scope of a digital location do not impact the guiding principles, the GLN can remain the same.

- Example: Software and/or hardware updates occur that do not impact the guiding principles.

Relevant guiding principles

This table represents the guiding principles most likely to be impacted by a change in party or location use or purpose for a GLN identifying a legal entity, function, physical location, and digital location. Unique situations could occur that impact additional guiding principles. Refer to section 1.1 for more details.

Figure 3‑3 Relevant guiding principles for change of party/location use or purpose

Does a stakeholder need to distinguish the changed or new party/location from previous/current party/location?

Is there a regulatory/liability disclosure requirement by the stakeholder?

Is there a substantial impact to the supply chain?

Legal entity

YES

YES

Function

YES

YES

Physical location*

YES

YES

YES

Digital location

YES

YES

*Discontinuing or replacing GLNs identifying physical locations will impact any existing GLN extension components. See section 2.3.1 for more detail.


3.3 Party/location merger

A merger occurs when two or more parties/locations are combined into a single party/location. When a party or location is merged with another so that they will no longer function independently, one of the existing GLNs may remain in use. All other GLNs merged SHALL be removed from active use once their transition is completed. Where the merger does not impact a GLN, one may keep the existing

A merger occurs when two or more parties/locations are combined into a single party/location.

When a party or location is merged with another so that they will no longer function independently, one of the existing GLNs may remain in use. All other GLNs merged SHALL be removed from active use once their transition is completed. Where the merger does not impact a GLN, one may keep the existing GLN, provided that the company is authorised to use the GS1 Company Prefix or individually licensed GLN.

■ Legal entities being merged or acquired

□ Same GLN: When two or more legal entities merge, one of the existing GLNs identifying a legal entity may remain in use to identify the merged functions.

□ Discontinue Use: The remaining GLNs that were merged.

■ Functions being merged

□ Same GLN: When two or more functions are merged one of the existing GLNs identifying a function may remain in use to identify the merged functions.

□ Discontinue Use: The remaining GLNs that were merged.

■ Physical locations being merged

□ Same GLN: When two or more physical locations are merged one of the existing GLNs identifying a function may remain in use to identify the merged functions.

□ Discontinue Use: The remaining GLNs that were merged.

■ Digital locations being merged

□ Same GLN: When two or more digital locations are merged, one of the existing GLNs may be retained to identify the whole digital location.

□ Discontinue Use: The remaining GLNs that were merged.

Note: Discontinuation of GLNs SHOULD be communicated to business partners

Relevant guiding principles

A party/location merger does not require a new GLN to be allocated.


3.2 Party/location split

A split occurs when the party/location being identified by a single GLN is divided into two or more parties/locations. This can include a single party or location dividing into multiple parties or locations or a GLN identifying a combination of party/location being divided to only represent a single part/location. When a party or location is divided into multiple parties/locations, one may ke

A split occurs when the party/location being identified by a single GLN is divided into two or more parties/locations. This can include a single party or location dividing into multiple parties or locations or a GLN identifying a combination of party/location being divided to only represent a single part/location.

When a party or location is divided into multiple parties/locations, one may keep the existing GLN, provided that the company is authorised to use the GS1 Company Prefix or individually licensed GLN.

Any party/location resulting from the split that does not keep the original GLN will be classified as being new and must be allocated a new GLN section 3.1.

■ Legal entity split

□ Same GLN: When a legal entity is split into multiple entities, one of the legal entities may keep the existing GLN.

□ New GLN: The other legal entities need to be allocated new GLNs.

- Example: When Company A (Same GLN) creates a wholly owned division which operates as Company B (New GLN)

■ Function split

□ Same GLN: When a function is split into multiple functions, one of these functions may keep the original GLN

□ New GLN: The other functions require new GLNs.

- Example: Shipping/Receiving is split to Shipping (Same GLN) and Receiving (New GLN)

■ Physical location split

□ Same GLN: When a physical location is split into multiple locations, one of the physical locations may retain the original GLN.

□ New GLN: The other physical locations require new GLNs.

- Example: Rural farmland can be divided into smaller units by the owner (no entity ownership changes or address change, e.g., rural route #1 or geopositioned location).

- Example: A retail location is split into two smaller locations by the building owner.

■ Digital location split

□ Same GLN: When a digital location is split into multiple digital locations, one digital location may retain the original GLN if the digital location remains with the original legal entity and keeps the same core attributes.

□ New GLN: The other digital locations will require new GLNs.

- Example: Where a test/development location is created to run in parallel to a live environment within the same framework.

Relevant guiding principles

This table represents the guiding principles most likely to be impacted by a party or location split for a GLN identifying a legal entity, function, physical location, and digital location. Unique situations could occur that impact additional guiding principles. Refer to section 1.1 for more details.

Figure 3‑2 Relevant guiding principles for party/location split

Does a stakeholder need to distinguish the changed or new party/location from previous/current party/location?

Is there a regulatory/liability disclosure requirement by the stakeholder?

Is there a substantial impact to the supply chain?

Legal entity

YES

YES

Function

YES

YES

Physical location*

YES

YES

YES

Digital location

YES

YES

*Discontinuing or replacing GLNs identifying physical locations will impact any existing GLN extension components. See section 2.3.1 for more detail.


3.1 New party/location introduction

A new party or location is considered an addition to what already exists and has been allocated a GLN. When a new party and/or location is added that will engage in business transactions, it must be allocated a new GLN. ■ Identification of a new legal entity □ New GLN: When a new legal entity is added that will engage in business transactions, it must be allocated a new GLN. ■ Identifi

A new party or location is considered an addition to what already exists and has been allocated a GLN.

When a new party and/or location is added that will engage in business transactions, it must be allocated a new GLN.

■ Identification of a new legal entity

□ New GLN: When a new legal entity is added that will engage in business transactions, it must be allocated a new GLN.

■ Identification of a new function

□ New GLN: When a new function is added that will engage in business transactions, it must be allocated a new GLN if it needs to be distinguished from other functions in business transactions.

■ Identification of a new physical location

□ New GLN: When a new physical location is added that will engage in business transactions, it must be allocated a new GLN.

■ Identification of a new digital location

□ New GLN: When a new digital location is added that will be used in business transactions it should be allocated a new GLN.

Relevant guiding principles

This table represents the guiding principles most likely to be impacted by identifying a new legal entity, function, physical location or digital location with a GLN. Unique situations could occur that impact additional guiding principles and would require a new GLN. Refer to section 1.1.for more details.

Figure 3‑1 Relevant guiding principles for new party/location introduction

Does a stakeholder need to distinguish the changed or new party/location from previous/current party/location?

Is there a regulatory/liability disclosure requirement by the stakeholder?

Is there a substantial impact to the supply chain?

Legal entity

YES

YES

Function

YES

YES

Physical location*

YES

YES

YES

Digital location

YES

YES

*Discontinuing or replacing GLNs identifying physical locations will impact any existing GLN extension components. See section 2.3.1 for more detail.


3 GLN Management Rules

This section details when a GLN must be allocated as the result of a new party/location being defined or a change to an existing party/location occurring. All of the guiding principles and GLN Management Rules need to be taken into account when making the final decision of whether or not to change a GLN. Note: The GLN Management Rules apply for changes occurring as a result of business co

This section details when a GLN must be allocated as the result of a new party/location being defined or a change to an existing party/location occurring.

All of the guiding principles and GLN Management Rules need to be taken into account when making the final decision of whether or not to change a GLN.

Note: The GLN Management Rules apply for changes occurring as a result of business continuity practices.


2.3 Impact of a GLN change on other GLNs

GLNs are used to uniquely identify one party/location from another. As a result, a change or discontinuation to one GLN SHALL NOT require another GLN to be changed or have its use discontinued if nothing has been otherwise modified. Important: If a change occurs that may affect multiple GLNs, all impacted GLNs SHALL be assessed independently based on the GLN Management Rules. (e.g., merger o

GLNs are used to uniquely identify one party/location from another. As a result, a change or discontinuation to one GLN SHALL NOT require another GLN to be changed or have its use discontinued if nothing has been otherwise modified.

Important: If a change occurs that may affect multiple GLNs, all impacted GLNs SHALL be assessed independently based on the GLN Management Rules. (e.g., merger or split) Other changes to GS1 Company Prefix or individual GS1 identification key licensing status SHALL be assessed based on GS1 General Specifications section 1.6 Allocation. GS1 Company Prefix or GS1 identification key licensees SHOULD refer to GS1 Member Organisations for details specific to their licences.

Example 1:

GS1 Garden Company dissolved their legal entity and then formed a new legal entity under a different framework. As a result, their legal entity GLN must change. A new GLN is allocated to the newly formed legal entity. All pre-existing GLNs that GS1 Garden Company had in use are reassociated to the new GLN identifying Dal Giardino as a legal entity. The pre-existing GLNs do not need to be discontinued or changed.

Figure 2‑7 Update to GLN example 1

Example 2:

A company has three GLNs allocated: GLN A identifies a legal entity, GLN B identifies a warehouse, and GLN C identifies an accounting department.

The company makes a change which requires them to change GLN B. No changes occurred to the GS1 Company Prefix licensing. GLNs A and C remain the same because the modifications only impact GLN B.

Figure 2‑8 Update to GLN example 2

2.3.1 Impact to GLN extension component

GLN extension components only have meaning when associated to a GLN identifying a physical location. A GLN extension component SHALL only be used internally by an organisation or through mutual agreement between partners to identify a sub-location on or within the location of the GLN identifying the physical location. See section 2.1.2.1 for details. Discontinuation of a GLN automatically discontinues the associated GLN extension component(s). When a sub-location associated to a discontinued GLN extension component needs to be identified within a new physical location, it would need to be allocated a new GLN or reassociated to a new GLN.

Example:

GLN H was discontinued as the result of a building remodel that modified the physical location. As a result, the GLN extension components that were associated to GLN H were also made inactive. The shelf slots remained relevant to the new space, so the GLN extension components were reassociated with GLN K.

Figure 2‑9 Update to GLN and GLN extension components

*EC is used to represent GLN extension component in Figure 2‑9


MyData

MyData Global joins ‘Team Data Spaces’ to support the EU’s plan to create ‘data spaces’ 

PRESS RELEASE [Helsinki, Finland, June 22, 2021] To realise the full potential of data sharing in the respect of EU values MyData Global announces to have joined forces with ‘Team Data Spaces’ – a coalition of leading European players with experience in standardising, creating and operationalising data sharing – to facilitate the development of European... Read More The post MyData Global j

PRESS RELEASE [Helsinki, Finland, June 22, 2021] To realise the full potential of data sharing in the respect of EU values MyData Global announces to have joined forces with ‘Team Data Spaces’ – a coalition of leading European players with experience in standardising, creating and operationalising data sharing – to facilitate the development of European...

Read More

The post MyData Global joins ‘Team Data Spaces’ to support the EU’s plan to create ‘data spaces’  appeared first on MyData.org.


WomenInIdentity

Remote work – taking a further step towards diversity and inclusion

Women in Identity member and Technology Strategist, Anna Sarnek, shares her thoughts on working in the “new normal” Remote and flexible work environments had become a point of interest and… The post Remote work – taking a further step towards diversity and inclusion appeared first on Women in Identity.
Women in Identity member and Technology Strategist, Anna Sarnek, shares her thoughts on working in the “new normal”

Remote and flexible work environments had become a point of interest and the new buzzword before the forced shift during the COVID pandemic. Flexibility gradually gained traction among the tech sector, particularly in the startup culture that started associating flexibility with work-life balance, accrediting it as fundamental to innovation, happier employees and better work culture. While there are companies like Auth0, Bug Crowd and GitHub (now part of Microsoft) that have been fully remote from their founding, perhaps the most notable pre-COVID flexibility came from Microsoft’s announcement of a 4-day work week and the productivity increase that the company noted.

For those of us who were office bees, the shift to a fully remote work environment gradually repositioned remote working as the “new normal”. This was further amplified by companies like Microsoft and Facebook as they announced their intent to allow employees to remain fully remote. Yet I’ve had several conversations with team leaders at a number of these companies over the last 16 months which highlighted that they fully expect their teams to be both home- and office-located. I started scratching my head at this mixed messaging. It seemed misaligned with the corporate message. I realzed that corporate intent does not always translate down to a specific team leader’s intent. This, in turn, led me to ask: “Are you actually ready to be remote?”.

Don’t get me wrong, I know that there are specific job functions that flourish from an in-person working environment, particularly in product development where innovation often spins out of coffee chats. I’m also not about to minimize the significance that the office environment brings to company culture – my teams and colleagues were part of what made my own career so enjoyable. I also recognize that my newest friends in the industry are those who I’ve met once in person and who reside in South Africa, California, Texas, and Washington State. What I question is whether organisations may have untapped pools of talent that they are missing by not exploring these remote options. And is there  and another layer to diversity and inclusion that we’re not addressing by dismissing the benefit of remote work.

It is no secret that we’ve made strides in closing the gender gap in employment as women in America have become the breadwinners of the family. It is easy to measure diversity and inclusion through data like headcount, demographic data and income statistics. (Although, I would point out that while US companies gather disability data, disability seems to be an often forgotten criterion in diversity and inclusion.) I wonder whether the next transformative step towards increased diversity and inclusion resides in cementing a work environment where location and commute are no longer a factor. At the end of the day, what makes us unique doesn’t just stop at human characteristics. It extends to our day-to-day environments – often the ones where we can best foster unique ideas and diverse perspectives. It is easy to claim successes in diversity by normalizing the entire employee base, stripping away the fact that environment is a substantial factor. There are unique characteristics as to how each family unit will operate, or how each individual will fit into society. These should be am important consideration when redesigning the “new normal” of workplace management.

At a personal level, I’m not currently constrained by a need to put my family first. Nor do I have a physical or hidden disability that affects my ability to work from an office. But as a partner of someone in the US military, I am all too aware of the tension that exists between juggling career and family life. So I ask you to think, is your team really ready to be remote?

Why not join the Women in Identity team to develop this theme at our interactive discussion on “Recruiting for Diversity”?                                        Tuesday 29th June at 16:30 BST

Recruiting for Diversity – an interactive workshop

The post Remote work – taking a further step towards diversity and inclusion appeared first on Women in Identity.


Commercio

The Cosmos blockchain ecosystem and Commercio.network

One of the most frequent questions we get asked is about the technology choice of Cosmos. Why do you use Cosmos technology ? why didn’t you choose Bitcoin or Ethereum ? The answer is simple : Horizontal scalability. At the beginning of computing history there were only a few few computers called Mainframes.   The first (Bitcoin) and second generation […] L'articolo The Cosmos blockchain eco

One of the most frequent questions we get asked is about the technology choice of Cosmos. Why do you use Cosmos technology ? why didn’t you choose Bitcoin or Ethereum ?

The answer is simple : Horizontal scalability.

At the beginning of computing history there were only a few few computers called Mainframes.   The first (Bitcoin) and second generation (Ethereum) blockchains are like Mainframes: a single large computer where everyone shares the same computing resources and writes code with Cobol-like languages. Vertical scalability on these blockchains is limited, and horizontal scalability is impossible.

Vertical Scalability: 

This includes methods to scale the blockchain itself. Moving away from Proof-of-Work and optimizing its components, Tendermint BFT can reach thousands of transactions per second. The bottleneck factor is the application itself. For example, an application such as a virtual machine (e.g., the Ethereum virtual machine) will impose a much lower limit on transaction throughput than an application where transaction types and state transition functions are directly embedded in it (e.g., standard Cosmos SDK application).

This is one reason why application-specific blockchains make sense.

Horizontal scalability: 

Even if the consensus engine and application are highly optimized, at some point the transaction volume of a single blockchain inevitably hits a wall that it cannot cross. This is the limitation of vertical scaling. To overcome it, the solution is to move to multi-chain architectures. The idea is to have multiple parallel chains running the same application managed by a common set of validators, making blockchains theoretically infinitely scalable. The details of horizontal scalability are quite complex and beyond the scope of this introduction.

We need the Internet. A network of networks where everyone runs their own server. We need the Internet of blockchains.

Cosmos is a decentralized network of independent parallel blockchains, each powered by the same consensus mechanism: Tendermint.

 

What is a Cosmos blockchain?

A Cosmos blockchain is a digital ledger maintained by a set of validators that remains correct even if some validators (less than a third) are malicious. Each validator stores a copy of the ledger on their computer and updates it according to the rules defined by the protocol protocol when they receive transaction blocks.

Cosmos technology makes sure that the ledger is properly replicated, which means that every honest party sees the same version of the ledger at all times. A Cosmos-based blockchain has the ability for actors to share a ledger without having to rely on a central authority.

Achieving 15,000 transactions per second, was one of the goals of commerce.network and the only technology that can do this with 100 validator nodes is Cosmos.

For this reason in 2018 we chose Cosmos.

 

L'articolo The Cosmos blockchain ecosystem and Commercio.network sembra essere il primo su commercio.network.


Digital Identity NZ

Applications now open for London Tech Week September 2021

Australia and New Zealand scale-ups considering expansion to the UK can now apply to join London Tech Week (LTW) 2021. The post Applications now open for London Tech Week September 2021 appeared first on Digital Identity New Zealand.

The UK’s Department for International Trade (DIT) is seeking tech companies from Australia and New Zealand who are considering the UK for international expansion. The selected group will join the official hybrid mission to London Tech Week in September 2021.

LTW is Europe’s largest technology festival. The annual event brings together the world’s most inspirational founders, global leaders, senior investors and rising talent. In 2020 the festival was held as a virtual event for the first time, attracting over 20,000 attendees from across the globe. The festival hosted over 700 sessions across 11 days, featuring upwards of 750 leading speakers and innovators.

Australian and Kiwi scale-ups who are considering expansion to the UK can apply to one of the following streams:

creative technology (AR/VR/MR, gamification, adtech, media, eCommerce, sportstech, marketing tech) digital health and wellness edtech future technology (AI, cyber, blockchain/distributed ledger, IoT, robotics, big data, space) impact technology (companies making a positive social or environmental impact)

The successful applicants will be invited to join a pre-mission in-person networking event in early September. They will then participate in a series of virtual evening sessions from 20 to 29 September 2021.

Those selected will join a programme curated for ANZ scale-ups. This will include sessions from key players in the UK tech ecosystem, who will provide exclusive insights on market opportunities and guidance on capital raising, R&D and support to set up.

British Consul General and Deputy Trade Commissioner Asia Pacific (Australia and New Zealand), Louise Cantillon said:

The UK tech sector has reached new heights and is the first country in Europe to reach 100 unicorns [tech companies valued at US$1 billion]. This means the UK now has the largest number of tech unicorns in Europe. With a fantastic track record for supporting tech companies and innovation, the UK is the ideal location for Australian and Kiwi tech companies who are ready to expand internationally.

The UK’s Department for International Trade team is delighted to be running this mission again. Despite physical restrictions, this is a great platform for the tech community to come together and for Australian and NZ companies to explore the opportunities the UK market has on offer. Good luck to everyone applying.

DIT’s delegation last year was the largest ever from Australia and New Zealand. 130 tech founders and industry representatives joined the mission.

LTW is part of a broader programme of initiatives to increase digital trade and investment opportunities between the UK and ANZ tech sectors. Earlier this year the UK launched the Digital Trade Network (DTN) for Asia Pacific. The network will support UK-ANZ tech collaboration and support UK tech scale-ups in the region.

The LTW application process is open to Australian and New Zealand companies only. Victorian companies need to apply via the Global Victoria application.

Applications to join the mission will close on Friday 30 July 2021.

Apply Now

Find out more information on LTW and how to apply.

Further information there are currently 100 UK tech companies valued at US$1 billion or more the UK joins China and the US as the only nations to have triple-digit unicorn in 2021, 13 UK unicorns have already been created, compared to 7 in the whole of 2020, and has increased by 127% since 2017 the UK has more tech unicorns than Germany (42), France (22) and the Netherlands (18) combined, and is the first country in Europe to reach 100 unicorns the UK’s 100 tech unicorns have raised almost €28.9 billion (US$32 billion) in VC investment, as venture capital reached record highs in the first half of this year About the UK’s Department for International Trade:

The UK’s Department for International Trade (DIT):

helps businesses export drives inward and outward investment negotiates market access and trade deals champions free trade

Find out more about DIT.

The post Applications now open for London Tech Week September 2021 appeared first on Digital Identity New Zealand.

Tuesday, 22. June 2021

Velocity Network

Velocity Network Foundation and the Future of Employment Screening

As founding members of the Velocity Network Foundation, Cisive is revolutionizing background screening processes for the benefit of everyone with the power of data self-sovereignty. The post Velocity Network Foundation and the Future of Employment Screening appeared first on Velocity.

Oasis Open

Universal Business Language V2.3 OASIS Standard published

The latest version of the electronic interchange format for business documents is now an OASIS Standard. The post Universal Business Language V2.3 OASIS Standard published appeared first on OASIS Open.

The latest version of the electronic interchange format for business documents is now an OASIS Standard.

OASIS is pleased to announce the publication of its newest OASIS Standard, approved by the members on 15 June 2021:

Universal Business Language Version 2.3
OASIS Standard
15 June 2021

Universal Business Language (UBL) is the leading electronic interchange format for business documents. It is designed to operate within a standard business framework such as ISO/IEC 15000 (ebXML) to provide a complete, standards-based infrastructure that can extend the benefits of existing EDI systems to businesses of all sizes.

The European Commission has declared UBL officially eligible for referencing in tenders from public administrations, and in 2015 UBL was approved as ISO/IEC 19845:2015.

Specifically, UBL provides:

A suite of structured business objects and their associated semantics expressed as reusable data components and common business documents. A library of schemas for reusable data components such as Address, Item, and Payment, the common data elements of everyday business documents. A set of schemas for common business documents such as Order, Despatch Advice, and Invoice that are constructed from the UBL library components and can be used in generic procurement and transportation contexts.

Version 2.3 is a minor revision to v2.2 that preserves backwards compatibility with previous v2.# versions. It adds new document types, bringing the total number of UBL business documents to 91.

The TC received 4 Statements of Use from IBM, ClearView Trade, the Swedish Procurement Agency, and Philip Helger.

URIs:

The OASIS Standard and all related files are available here:

Editable source (Authoritative):
https://docs.oasis-open.org/ubl/os-UBL-2.3/UBL-2.3.xml

HTML:
https://docs.oasis-open.org/ubl/os-UBL-2.3/UBL-2.3.html

PDF:
https://docs.oasis-open.org/ubl/os-UBL-2.3/UBL-2.3.pdf

Code lists for constraint validation:
https://docs.oasis-open.org/ubl/os-UBL-2.3/cl/

Context/value Association files for constraint validation:
https://docs.oasis-open.org/ubl/os-UBL-2.3/cva/

Document models of information bundles:
https://docs.oasis-open.org/ubl/os-UBL-2.3/mod/

Default validation test environment:
https://docs.oasis-open.org/ubl/os-UBL-2.3/val/

XML examples:
https://docs.oasis-open.org/ubl/os-UBL-2.3/xml/

Annotated XSD schemas:
https://docs.oasis-open.org/ubl/os-UBL-2.3/xsd/

Runtime XSD schemas:
https://docs.oasis-open.org/ubl/os-UBL-2.3/xsdrt/

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

https://docs.oasis-open.org/ubl/os-UBL-2.3/UBL-2.3.zip

Our congratulations to the members of the UBL TC on achieving this milestone.

The post Universal Business Language V2.3 OASIS Standard published appeared first on OASIS Open.


Kantara Initiative

Kantara Initiative Names New Executive Director

Kay Chopard Named To Lead Digital Identity Association Washington, D.C., – June 22, 2021 – Kay Chopard has been named Executive Director of the Kantara Initiative.  She takes over the position from long-time Kantara Executive Director, Colin Wallis, who is semi-retiring.  Kantara is the international ethics-based, mission-led non-profit industry ‘commons’ whose mission is to grow and ful

Kay Chopard Named To Lead Digital Identity Association Washington, D.C., – June 22, 2021 – Kay Chopard has been named Executive Director of the Kantara Initiative.  She takes over the position from long-time Kantara Executive Director, Colin Wallis, who is semi-retiring.  Kantara is the international ethics-based, mission-led non-profit industry ‘commons’ whose mission is to grow and fulfil the market for trustworthy use of identity and personal data. “Our sincere thanks go out to Colin for his leadership, management and contributions.  He has been responsible for and central to much of Kantara’s technical progress, market awareness and membership growth over the…

The post Kantara Initiative Names New Executive Director appeared first on Kantara Initiative.


Elastos Foundation

Elastos ID Sidechain Goes Live On Mainnet, Enabling DID 2.0

...

Digital ID for Canadians

DIACC Membership Appoints 2021 Board of Directors

June 22, 2021 – The Digital Identification and Authentication Council of Canada, (DIACC) today announced the appointment of five (5) nominees to the five seats…

June 22, 2021 – The Digital Identification and Authentication Council of Canada, (DIACC) today announced the appointment of five (5) nominees to the five seats up for election at its Virtual Annual General Meeting held online on June 17, 2021. 

Newly elected to the Board: 

Iliana Oris Valiente, Managing Director at Accenture

Re-elected to the Board:

Colleen Boldon, Director, Digital Lab and Digital ID Programs, Public Services and Smart Government, Province of New Brunswick Neil Butters, Head, Digital Identity Innovation & New Ventures, Interac Corp. Robert Devries, Assistant Deputy Minister, Platforms, Government of Ontario Louis Jacob, Vice President, Core Engineering and Transformation, Manulife

“On behalf of the DIACC, I am pleased to welcome Iliana to the Board. Her expertise in innovation and emerging technologies will bring great strategic value to the group,” congratulates President Joni Brennan, “The DIACC will make important progress in the year ahead, as Canada’s largest and most inclusive community of digital identity leaders.”

“I look forward to continuing working alongside our qualified and esteemed Board to drive forward digital ID as a national priority,” said Dave Nikolejsin, Board Chair. “Together we will work to champion, educate, and ensure the adoption of digital identity to empower people, businesses, health care centres, academic institutions, and civil society.”

DIACC Directors are elected industry leaders who set the organizational strategic directions and ensure good governance is practiced, ensuring policies and procedures are continually improved and align with the vision and representation of DIACC membership. 

The full listing of the DIACC Board of Directors: 

Dave Nikolejsin, Strategic Advisor, McCarthy Tetrault & Board Chair Franklin Garrigues, Vice President Digital Channels, Mobile for Everyone, TD Bank & Board Vice-Chair Andre Boysen, Chief Identity Officer, SecureKey & Board Treasurer David Attard, SEVP, Head of Personal and Business Banking, CIBC Colleen Boldon, Director, Digital Lab and Digital ID Programs, Public Services and Smart Government, Province of New Brunswick Marc Brouillard, Chief Technology Officer, Government of Canada Neil Butters, Head, Digital Identity Innovation & New Ventures, Interac Corp. Patrice Dagenais, Vice President, Payment and Business Partnerships, Desjardins Cards Services (DCS) Susie De Franco, General Manager, Digital Channel & Products, Canada Post Robert Devries, Assistant Deputy Minister, Enterprise Digital Services Integration Division, Ministry of Government and Consumer Services, Government of Ontario Louis Jacob, Vice President, Core Engineering and Transformation, Manulife Hugh McKee, Head, BMO Partners Iliana Oris Valiente, Managing Director, Accenture CJ Ritchie, Associate Deputy Minister & Government Chief Information Officer, Province of BC Eros Spadotto, Executive Vice-President, Technology Strategy, TELUS

2021 marked the end of the three year term of Allan Foster, Vice President of Global Partner Success, Forgerock on the Board. DIACC thanks him for his service and dedication, and looks forward to continuing to work with Forgerock as a DIACC member organization.

Following the trend of the past few years, the number of nominees far exceeded the number of Board seats available. DIACC thanks all highly qualified nominees for taking part in the process. This reflects the growing interest and investment by Canadian individuals, governments and businesses in making digital ID a national priority.

About the Digital ID and Authentication Council of Canada (DIACC)

The DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian digital identification and authentication framework to enable Canada’s full and secure participation in the global digital economy. The DIACC was created as a result of the federal government’s Task Force for the Payments System Review and members include representatives from both the federal and provincial levels of government as well as private sector leaders.

Monday, 21. June 2021

DIF Medium

Bloom donates WACI

A simple starting point for cross-stack Wallet-Credential Interactions WACI = Wallet And Credential Interactions WACI was introduced at the annual IIW32 Workshop, where it was received quite warmly as a step forward for open specification. Its goal is simple: to specify interactions between a wallet and a Relying Party (RP) such as an issuer or a verifier, in an ergonomic and agnostic way.

A simple starting point for cross-stack Wallet-Credential Interactions

WACI = Wallet And Credential Interactions

WACI was introduced at the annual IIW32 Workshop, where it was received quite warmly as a step forward for open specification. Its goal is simple: to specify interactions between a wallet and a Relying Party (RP) such as an issuer or a verifier, in an ergonomic and agnostic way.

At its core, WACI can be thought of as a handshake using classic, industry-standard JWTs: the “Relying Party” signs a token given to the end-user’s wallet, and the wallet signs over a “challenge” contained within it, proving ownership of a DID.

From there, credentials can be issued or exchanged on the basis of the resulting channel. This channel can also double as a secure authentication, an application “log in” (for DID-based accounts), and a WACI is to offer a way to log into an application without a password with Verified Credential (VC) based authentication that cannot be faked.

Here’s lead editor Jace Henley giving a demo of Bloom’s sample implementation, demostrating the flows being specified further at DIF:

WACI at DIF

Bloom has been a core member of DIF’s Claims and Credentials WG for years, and a core contributor to many of its work items, which focus on specifying and standardizing protocols and libraries that create, exchange, and verify what the SSI community calls “[verifiable] credentials,” and what other sectors of the software industry call “claims” [about a subject]. In fact, WACI evolved out of the earlier, more foundational Presentation Exchange specification, and like its sister specification, the Credential Manifest, its primarily function is to extend the functionality of PE and create an onramp to adoption and implementation of it as a protocol. In a nutshell, Presentation Exchange’s scope ends at how the data is sent between the holder and issuer/verifier, which is where WACI’s begins.

WACI isn’t being donated as a snapshot or as a reference implementation of a finished protocol, however; it’s being donated as a starting point for an ongoing work item in C&C WG that will round out the spec to be more robust and flexible. A first application of this set of interactions is a complex interoperability exercise, developing an interoperability profile for quickly achieving tentative wallet-credential interactions between systems that have implemented all of Presentation Exchange OR all of DIDComm– without having to implement all of both. On the basis of this prototyping experiment, the WACI group expects to fold some extensions and refinements back into the next generation of the WACI specification.

Next Steps for Bloom and C&C collaborators Achieve v1 release of WACI-Presentation-Exchange specification. Fold back in lessons and extensions from #1 and then flush out remaining sections to achieve v1 feature-completeness for v1 of the WACI specification and sample implementation Potentially, work on a new profile (“WACI-OIDC”?) when the next-generation of specifications currently being incubated with DIF participation at the OIDF AB/Connect working group are published Register a custom URI schema (waci://)

Bloom donates WACI was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.


DIF Blog

Bloom donates WACI

A simple starting point for cross-stack Wallet-Credential Interactions

WACI brings UX primitives to a wide range of implementers WACI = Wallet And Credential Interactions

WACI was introduced at the annual IIW32 Workshop, where it was received quite warmly as a step forward for open specification. Its goal is simple: to specify interactions between a wallet and a Relying Party (RP) such as an issuer or a verifier, in an ergonomic and agnostic way.

At its core, WACI can be thought of as a handshake using classic, industry-standard JWTs: the "Relying Party" signs a token given to the end-user's wallet, and the wallet signs over a "challenge" contained within it, proving ownership of a DID.

From there, credentials can be issued or exchanged on the basis of the resulting channel. This channel can also double as a secure authentication, an application "log in" (for DID-based accounts), and a WACI is to offer a way to log into an application without a password with Verified Credential (VC) based authentication that cannot be faked.

Here's lead editor Jace Henley giving a demo of Bloom's sample implementation, demostrating the flows being specified further at DIF:

Watch a tour of WACI by Bloom's Jace Henley WACI at DIF

Bloom has been a core member of DIF's Claims and Credentials WG for years, and a core contributor to many of its work items, which focus on specifying and standardizing protocols and libraries that create, exchange, and verify what the SSI community calls "[verifiable] credentials," and what other sectors of the software industry call "claims" [about a subject]. In fact, WACI evolved out of the earlier, more foundational Presentation Exchange specification, and like its sister specification, the Credential Manifest, its primarily function is to extend the functionality of PE and create an onramp to adoption and implementation of it as a protocol. In a nutshell, Presentation Exchange's scope ends at how the data is sent between the holder and issuer/verifier, which is where WACI's begins.

WACI isn't being donated as a snapshot or as a reference implementation of a finished protocol, however; it's being donated as a starting point for an ongoing work item in C&C WG that will round out the spec to be more robust and flexible. A first application of this set of interactions is a complex interoperability exercise, developing an interoperability profile for quickly achieving tentative wallet-credential interactions between systems that have implemented all of Presentation Exchange OR all of DIDComm– without having to implement all of both.  On the basis of this prototyping experiment, the WACI group expects to fold some extensions and refinements back into the next generation of the WACI specification.

Next Steps for Bloom and C&C collaborators Achieve v1 release of WACI-Presentation-Exchange specification. Fold back in lessons and extensions from #1 and then flush out remaining sections to achieve v1 feature-completeness for v1 of the WACI specification and sample implementation Potentially, work on a new profile ("WACI-OIDC"?) when the next-generation  of specifications currently being incubated with DIF participation at the OIDF AB/Connect working group are published Register a custom URI schema (waci://)

Friday, 18. June 2021

Elastos Foundation

Elastos Bi-Weekly Update – 18 June 2021

...

Commercio

How to scale your Blockchain project using the Agile Method 

How to scale your Blockchain project using the Agile Method The Agile Method is a particular project management approach that is used in software development. This method helps teams respond to the unpredictability of building software through the use of incremental and iterative work sequences, commonly known as sprints.  The general principles of the Agile method Our top priority is […] L

How to scale your Blockchain project using the Agile Method

The Agile Method is a particular project management approach that is used in software development. This method helps teams respond to the unpredictability of building software through the use of incremental and iterative work sequences, commonly known as sprints.

 The general principles of the Agile method

Our top priority is to satisfy the customer by releasing valuable software, right out of the box and continuously.
We embrace changes in requirements, even at advanced stages of development.
Agile processes leverage change for the customer’s competitive advantage.
We frequently deliver working software, ranging from a couple of weeks to a couple of months, preferring short periods.
Clients and developers must work together on a daily basis for the duration of the project.
We base projects on motivated individuals.
We give them the environment and support they need and trust in their ability to get the job done.
A face-to-face conversation is the most efficient and effective way to communicate with and within the team.
Working software is the primary measure of progress. – Agile processes promote sustainable development.
Sponsors, developers, and users should be able to indefinitely maintain a steady pace.
Continued focus on technical excellence and good design enhances agility.
Simplicity – the art of maximizing the amount of work not done – is essential.
The best architectures, requirements, and design emerge from self-organizing teams.
At regular intervals, the team reflects on how to become more effective, after which it adjusts and adapts its behavior accordingly.

History of the Agile Method 

Many of the Agile ideas emerged in the 1970s. Studies and reviews were conducted on the Agile Method explaining its birth as a reaction against traditional approaches to project development. In 1970, Dr. William Royce published a paper discussing the management and development of large software systems. The paper outlined his specific ideas about sequential development. Specifically, his presentation stated that a project could be developed like a product on an assembly line: each phase of development had to be completed before the next phase could begin. The idea required that developers had to first put together all the requirements for a project. The next step was to complete its architecture. Code writing followed, and the development sequences continued in increments aimed at closing integral parts of the project. When these steps are completed, there is little or no contact between the specialized groups completing each phase of the project. The pioneers of the Agile Method believed that if developers studied the process, they would find the most logical and useful solution for software development.

Companies that use the Agile Method

Although there is no official list of companies that use the Agile Method for their projects, IBM is one of the companies that openly uses this method to develop software. In fact, many companies adopt it within their development structure, but they are not always open about their choice to use it. According to IBM, the use of the Agile Method generates significant organizational changes. IBM believes that many Agile software development teams will increase their chances of success by collaborating with reliable guidance. That company also helps clients implement their own Agile software development strategies for their projects and provides critical guidance that will help Agile software development teams avoid common pitfalls of adoption, expansion and implementation.

L'articolo How to scale your Blockchain project using the Agile Method  sembra essere il primo su commercio.network.


Blockchain Model Canvas (BMC)

Blockchain Model Canvas (BMC) Alex Osterwalder in his famous book explains a fantastic method to describe any business idea: the Business Model Canvas. With nine blocks in a grid drawn with a marker on a whiteboard and post-it notes he manages to explain any business in the universe.  No wonder that because of the clarity of the information and the […] L'articolo Blockchain Model Canvas (BM

Blockchain Model Canvas (BMC)

Alex Osterwalder in his famous book explains a fantastic method to describe any business idea: the Business Model Canvas. With nine blocks in a grid drawn with a marker on a whiteboard and post-it notes he manages to explain any business in the universe.  No wonder that because of the clarity of the information and the ease of use of the Business Model Canvas, Osterwalder was so successful. Next, we created our own model called BMC, more based on Ash Mayura’s work, which is fast, concise and in a single page represents the entire business model of a Blockchain project

What is the Business Model Canvas? 

We use a nine-block model called the Blockchain Model Canvas (BMC) (based on the work of Ash Mayura and Alexander Osterwalder) to describe your vision and a method called Lean Startup (based on the work of Eric Ries) to test validity.

The problem and the customers

Having found these first two elements, everything else in the BMC is easier to complete. It is for this reason that it always pays to analyze them together. Writing three main problems for the customer segment you have in mind, describe the three main problems that need to be solved.

The Value Proposition (VP)

At the heart of the BMC is the most important element of the entire model, and incidentally also the hardest to hit on the first shot. The VP must contain why the product is different, and that difference must matter. People who visit a site for the first time spend an average of eight seconds there. The Value Proposition is their first interaction with the product.

The Solution

Now you are ready to tackle the various solution scenarios. Understand that since everything we write about BMC is just an untested hypothesis, it is not advisable to convince yourself that you have found a definitive solution to your customers’ problems. At this stage, it is best to simply sketch out the salient features of the product alongside each problem. Ideally, you should strive to associate a solution to the client’s problem as late as possible, at least after you’ve spoken to the client once…

The Metrics

There are only five key metrics that drive a Blockchain project

Acquisition How users arrive and from what channels they arrive at your service
Activation How users first register with your service
Retention How users come back to your service again and again
Referral How users like your service enough to suggest it to others
Revenue How users buy your service

Channels

How to distribute our Value Proposition to the customer? In addition to defining the right product to build, it’s just as critical to start finding, building and testing a path to your customers from day one. There are a variety of distribution channels: some may be inapplicable in the early stages of your startup, while others may be feasible during the later stages of your startup.

The Relationship

In the first phase, you need to find potential clients (prospects) to talk to. You need to remember that you are looking for people who are suffering from a problem and who, as a result, should be willing to pay to have your solution. How do you find and reach prospects? There is no right answer, no magic formula. It depends on the resources available.

Revenues and Costs

Many companies postpone the “pricing question” because they don’t think their product is ready. Time and time again, you hear the phrase, “how do we charge for an MVP?” MVPs are supposed to solve big problems for the identified customer segment and so, by definition, the MVP must offer enough value to justify the expense.

 

 

 

L'articolo Blockchain Model Canvas (BMC) sembra essere il primo su commercio.network.


Own Your Data Weekly Digest

MyData Weekly Digest for June 18th, 2021

Read in this week's digest about: 6 posts, 3 Tools
Read in this week's digest about: 6 posts, 3 Tools

Thursday, 17. June 2021

GLEIF

The LEI: A Swiss Army Knife for the World’s Digital Economy

According to a recent global study from McKinsey & Company, Covid-19 has accelerated business’ digital initiatives by, on average, seven years. In acknowledgement of this monumental leap forward, GLEIF has launched several strategic initiatives over the past year designed to broaden the value of the Legal Entity Identifier (LEI) in the fields of digital identity, digitized counterparty verif

According to a recent global study from McKinsey & Company, Covid-19 has accelerated business’ digital initiatives by, on average, seven years.

In acknowledgement of this monumental leap forward, GLEIF has launched several strategic initiatives over the past year designed to broaden the value of the Legal Entity Identifier (LEI) in the fields of digital identity, digitized counterparty verification and their related use-cases.

As Germany celebrates Digital Day on June 18, GLEIF looks back at these milestones and considers what the future holds for the LEI and the global digital economy.

The Validation Agent: Opening the door to business ID services for legal entities

In September, GLEIF introduced a new role into the Global LEI System called the Validation Agent. The role is designed to help financial institutions and other supervised organizations make immediate gains in client lifecycle management and begin to develop innovative business identity services for their clients.

Validation Agents leverage their know-your-customer (KYC), anti-money laundering (AML) and other regulated ‘business-as-usual’ onboarding processes to obtain LEIs for their customers. By equipping their business client base with LEIs, Validation Agents can promote financial inclusion and create new value by pioneering revenue generating digital services in corporate identity management and cross-border supply chain relationships.

Validation Agents can also utilize the LEI to accelerate their internal digital transformation, in areas such as customer onboarding, payments and other transactions, and contract signing.

Since its launch at the end of 2020, the Validation Agent framework has gained significant traction around the world. Two significant institutions, J.P. Morgan and the China Financial Certification Authority (CFCA), have already completed the qualification process, with many more to follow.

The vLEI: Enabling instant, automated verification of business identity

Until now, the absence of an independent governance authority capable of establishing universal digitized trust between legal entities has presented an industry-wide barrier to innovation. To overcome this obstacle, GLEIF launched a cross-industry development program in 2020 to create a digitally verifiable LEI (vLEI). When complete, the vLEI will extend the Global LEI System to create a fully digitized LEI service that can enable instant and automated identity verification between counterparties operating across all industry sectors, globally.

With GLEIF acting as the ‘root of trust’, the vLEI service creates a cryptographically secure chain of trust that can replace the manual processes required to access and confirm an entity’s LEI data. This will give organizations worldwide the capacity to use their LEI’s non-repudiable identification data relating to their legal status, ownership structure and authorized representatives in a huge number of digital activities, many of them automated, enabling them to participate in the global digital economy for years to come.

As a result, the vLEI has the potential to become one of the most valuable digital credentials in the world; it will be the hallmark of authenticity for all legal entities everywhere.

In February 2021, GLEIF unveiled the official issuance and technical infrastructure models which will support the development of the vLEI and now invites software developers to engage with the program’s stakeholders to explore how the vLEI can be leveraged in future applications.

Digital Certificates: Embedding the LEI to uphold trust in the system

As legal entities’ use of digital certificates continues to grow in both number and use-case application, so too does the time and cost required to maintain them. The increasing complexity of this task is already undermining the trust system that digital certificates were designed to create.

To address this problem GLEIF has worked closely with the International Standards Organization (ISO) to standardize the process of embedding LEIs into digital certificates at the point of issuance, which will make certificates easier to manage, aggregate and maintain, as well as increasing transparency across the digital identity ecosystem. By becoming the common link between digital certificates, the LEI will provide certainty of identity in any online interaction, making it easier for everyone to participate with confidence in the global digital marketplace.

GLEIF is actively engaged with Certification Authorities (CAs) and Trust Service Providers (TSPs) to support and encourage LEI adoption in digital certificates as part of its new CA Stakeholder Group, announced in March 2021. This group aims to facilitate the transfer of mutually beneficial information between stakeholders in a joint effort to develop best practice guidelines and case studies for LEI integration. Following this, GLEIF welcomed the first commercial demonstration of an LEI embedded within a digital certificate with the launch of the China Financial Certification Authority’s (CFCA) TrustSign® software in March 2021.

LEI Search 2.0: Enriching and automating access to LEI data

GLEIF has also been hard at work to ensure the LEI’s own tools stay ahead of the digitalization curve.

In 2020, in line with its vision to enable broader, automated use of the LEI, GLEIF completed its migration to LEI Search 2.0, a new LEI search engine with rich data functionality, and published a companion API enabling third-parties to set up fast, customized and automated searches and retrieve open, higher quality LEI data from within their application environments.

By expanding the number of search parameters available, LEI Search 2.0 delivers a new level of transparency over how legal entities have evolved over time, enabling faster and more sophisticated counterparty due diligence, heightened granularity in regulatory oversight procedures and richer reporting potential for market data aggregators.

What’s next?

In the coming months GLEIF will continue working hard to advance these strategic initiatives.

The Validation Agent Framework is maturing and GLEIF’s focus is now on championing the roles benefits and encourage take-up from financial institutions and other supervised organizations around the world.

The vLEI continues to evolve at pace as stakeholders across healthcare, pharmaceutical, telecom, automotive and financial services begin to build out sector-specific applications.

In collaboration with members of the CA Stakeholder Group, GLEIF continues to combat complexity and advance trust and transparency across the digital certificate ecosystem around the world.

The LEI’s legacy is proudly rooted in financial services and regulation. Its future, however, undeniably points beyond to broader, digitized adoption and utilization across public and private sectors around the world. The Global LEI System is the only open, commercially neutral, and regulatory endorsed system capable of establishing digitized trust between all legal entities everywhere. It was established as a public good, and GLEIF remains committed to ensuring that every last drop of value is wrung from the system, and used to the benefit of all.


Ceramic Network

Geo Web is connecting digital content to the physical world with NFTs and Ceramic

Learn how Geo Web is creating an open and fair AR metaverse by combining Ceramic, NFTs, and Harberger taxes.

The COVID-19 pandemic has given many consumers their first taste of virtual content tied to physical locations, with restaurants around the world replacing menus with QR codes for customers to scan. This trend is accelerating, with augmented reality (AR) and integrated digital/physical experiences becoming more commonplace. But the merging of our physical and digital worlds can't really take off while we rely on QR codes posted everywhere or siloed smartphone apps for each use case.

Geo Web is creating a set of open protocols to anchor digital content in the physical world on a shared, fair, decentralized network. By using NFTs and a creative system of property rights, Geo Web hopes to create the virtual land layer that can be overlaid on the offline "meatspace" for any use case.

Decentralizing ownership of the web's AR platform

As augmented reality (AR) technology matures and it becomes easier to layer digital content into physical spaces, a key question becomes "who controls the platform?"  With a purely open, unconstrained platform there will be competing content that drowns out high-value data with noise and spam. And with closed, proprietary platforms, one dominant gatekeeper could exert massive power.

Geo Web co-founder Graven Prest first started thinking about geospatial AR after seeing one such platform in 2014:

I realized that whoever created that platform would control a global virtual real estate market.

Unlike with virtual reality (VR) and "other metaverses," with AR it's likely important that we all share a single platform so that we can interact with it together. As Prest puts it, "We have one Earth we all share, and I don't want to be walking down the street and be in a different metaverse than you are. We need to coordinate our collective attention, and the only way we're going to do that is by being fair and legitimate."

In pursuit of this vision, Geo Web combines decentralized AR content stored on Ceramic with a system of digital property rights tied to physical land which keeps the content of every land parcel productive, while enabling open participation and community ownership of an augmented, shared reality.

NFTs for digital land parcels

Geo Web accomplishes this by representing each parcel of physical land as an NFT in a registry smart contract. The owner of that NFT has exclusive rights to control the digital content associated with that parcel of land, which is stored in streams on Ceramic.

Claiming a Geo Web land parcel NFT in Times Square with the Geo Web Cadastre

The parcel owner can anchor any kind of digital content to that land on the Geo Web Cadastre. For example, a restaurant can purchase the parcel it resides on and show its menu to guests or today's specials to people walking down the street. Sports teams can purchase parcels near their stadium or in their hometown to show highlights and news. Governments can rent space to display public service announcements (PSAs). Collectors can display their digital art, or museums could add digital information to their physical exhibits.

Geo Web uses a unique property rights system called partial common ownership (aka Harberger Taxes) that works as follows:

Parcel owners pay a license fee to the network (similar to a property tax). This fee goes to fund public goods on the network. The fee is based on the owner's self-assessed value of the land. At any time, anyone else can purchase the parcel at that self-assessed value.

This ensures fair market pricing over time, and that valuable virtual land is being used productively. If a digital real estate mogul is squatting on valuable property and self-assessing a below-market rate to avoid paying fair fees, this model incentivizes a new virtual property developer to come in and purchase that land to put it to more productive use.

Each parcel owner can choose how they wish to use their digital airspace, and can change it freely over time. Individual consumers, standalone businesses, or broader efforts like gaming studios or media platforms can all participate on the same network and AR metaverse. This means users don't need to constantly switch applications, but instead can benefit from AR technology on a single easy, fair, and collectively-owned network that resembles the open web. Geo Web can become a shelling point for augmented reality tied to physical geography.

Managing dynamic, decentralized content at scale

To tie virtual content to specific parcels, Geo Web needed a way to store and manage that content such that:

The content can be anything - from text to digital art to videos Only the current parcel owner is able to control it The content can change often at a reasonable cost

Essentially, Geo Web needed a way to manage dynamic, ever-changing IPFS content, with access control permissions limited to the current NFT holder. They considered using an end-to-end smart contract solution for storing the CIDs of static IPFS files, but the team ultimately decided that this model would be prohibitively expensive and cumbersome since it would have required a smart contract interaction for every content update.

Ceramic streams for decentralized content storage

In their search for the best way to anchor digital content to NFTs, Geo Web discovered Ceramic's mutable data streams. Says Prest:

Ceramic is the best, easiest way to manage mutable information peer-to-peer

Ceramic provides a completely trustless way to save and update content that can operate at the scale they needed, without requiring blockchain transactions. In their design, each NFT points to a Ceramic stream where the NFT's owner is the only one able to publish, select, and update the digital content they want displayed for that physical location.

A simple Geo Web browsing experience seen as if you were in Antarctica

When any user navigates to a parcel's corresponding real-world location, they will be able to see and interact with this content through Geo Web's geospatial browser or any other browser that supports the Geo Web protocol.

Decentralized identity for personalized experiences

Geo Web is also using IDX, Ceramic's identity protocol, for user identity. In addition to basic profiles, this lets Geo Web store the keys for all Ceramic streams a user has control over. As Geo Web matures, they will also store settings and preferences with IDX, giving Geo Web the ability to implement user-centric controls, reputation systems, and filters for the content that users prefer or would like to avoid, for a more personalized and fine-tuned user experience. This lets Geo Web stay neutral and open at the base protocol layer while enabling each user to create their own customized experience.

DID:NFT for NFT-based access control

In the future, Geo Web plans to add DID:NFT - a standard that turns any NFT into a decentralized identity (DID) that can control content on Ceramic - to give the current owner of each land parcel exclusive access to update the Ceramic stream that contains the parcel's entire content history.

With DID:NFT, because the content that is anchored to a Geo Web parcel can actually be owned by the parcel itself, when someone buys the land they're also getting the infrastructure that's been built up on that land.

Without DID:NFT, each time a parcel is sold a new stream must be created. This means that every ownership transfer wipes the previous content from the land. However, tying content ownership and rights directly to the land NFT opens up new and exciting use cases – both for Geo Web's property model, but also for NFT use cases in general.

Geo Web envisions an ecosystem of "digital real-estate developers" building infrastructure, tooling, applications, and marketplaces around NFT land parcels. We may see virtual fixer-uppers and physics-defying architecture in the AR metaverse before too long.

What's next for Geo Web?

Geo Web is actively researching and testing Ethereum L2 roll-up solutions for a mainnet fair launch later this year. The team will also be adding to the network's open publishing and browsing infrastructure, including integrating DID:NFT and releasing native browser apps for more immersive augmented reality experiences. If you want to support their open source work, Geo Web has a grant active in Gitcoin's GR10.

If you're a digital artist, app developer, or Web 3.0 enthusiast interested in learning more about the Geo Web, get in touch with the team in their Discord, @thegeoweb on Twitter, or through the project website.

Thanks to 0xElle for contributing to this article.

Ceramic website | Twitter | Discord | GitHub | Docs | Blog | IDX Identity


Energy Web

ENGIE Energy Access and Energy Web Announce DeFi Crowdfunding Platform to Help Scale Solar, Mini…

ENGIE Energy Access and Energy Web Announce DeFi Crowdfunding Platform to Help Scale Solar, Mini Grids in Sub-Saharan Africa Seth Doyle | Unsplash Zug, Switzerland and Berlin, Germany — 17 June 2021 — Today nonprofit Energy Web and ENGIE Energy Access — one of the leading off-grid, Pay-As-You-Go (PAYG) solar and mini-grid solutions providers in Africa — announced a partnership to accelerate e
ENGIE Energy Access and Energy Web Announce DeFi Crowdfunding Platform to Help Scale Solar, Mini Grids in Sub-Saharan Africa Seth DoyleUnsplash

Zug, Switzerland and Berlin, Germany — 17 June 2021 — Today nonprofit Energy Web and ENGIE Energy Access — one of the leading off-grid, Pay-As-You-Go (PAYG) solar and mini-grid solutions providers in Africa — announced a partnership to accelerate energy access in sub-Saharan Africa through a decentralized finance (DeFi) crowdfunding platform. The DeFi application will be built on the open-source Energy Web tech stack and enable investors to provide microloans that support clean energy deployment.

In 2019, an estimated 580 million people in sub-Saharan Africa remained off grid and in the dark, accounting for three-quarters of the global population without electricity access. After years of steady declines since 2013, that number has risen in 2020 due to the Covid 19 pandemic. Thus rapid deployment of solar home systems (SHSs) and clean energy mini-grids is a crucial humanitarian cause that supports health, quality of life, and economic growth in off-grid regions of the subcontinent.

ENGIE Energy Access integrates and unites ENGIE’s solar home system companies, Fenix International and ENGIE Mobisol, as well as its mini-grids provider, ENGIE PowerCorner, under one entity and one name. “To date, ENGIE Energy Access has served over 1 million customers and 6 million people in 9 countries throughout sub-Saharan Africa. The new DeFi platform in partnership with Energy Web will help ENGIE Energy Access deploy more solar faster, by directly tackling a key challenge: access to low-cost financing,” commented Gillian-Alexandre Huart, CEO of ENGIE Energy access.”

“We’re excited to bring crypto-based decentralized finance to rural electrification in Africa,” said Stefan Zelazny, Head of Software and IT at ENGIE Energy Access and previously CIO at ENGIE Mobisol. “We believe this can accelerate much-needed clean energy deployment throughout the region by connecting impact-oriented investors with unbanked rural customers. Combining the technology that remotely connects and controls our Solar-Home-Systems with the Energy Web Chain will result in the first smart asset-backed NFT where asset use can be controlled via the chain.”

The first phase of this initiative will focus on integrating the Energy Web software tech stack with ENGIE’s platform to further promote rural electrification in Africa. The crowdfunding platform to be developed by Energy Web will allow micro-investors to finance the installation of clean energy assets by staking Energy Web Tokens (EWT), the native token of the Energy Web Chain, in exchange for a fixed interest rate. This setup will unlock capital from the global cryptocurrency market, bringing a significant new source of capital to clean energy deployment in Africa. To help mitigate the risk for everybody involved, the Community Fund of Energy Web will back this first phase of the platform. Giving people in Africa access to new green electricity solutions utilizing the Energy Web DOS is a great first use case for the Community Fund.

In the second phase, Energy Web will work together with ENGIE Energy Access to give a unique decentralized identifier (DID) to each one of the home appliances and rooftop solar deployed by ENGIE. This way, one can directly add credits to the appliances owned by locals to support their access to electricity and its services.

“Creating positive impact in people’s lives is one of our core principles at Energy Web. But the global energy transition must also reach those who don’t yet have access to electricity,” explained Energy Web’s Walter Kok. “We are happy that ENGIE — one of the biggest energy players in the world and one of the founding members of the Energy Web Chain — has embraced the Energy Web technology stack to support such an important mission.”

About ENGIE Energy Access
ENGIE Energy Access is the leading Pay-As-You-Go (PAYGo) and mini-grids solutions provider in Africa, with a mission to deliver affordable, reliable and sustainable energy solutions and life-changing services with exceptional customer experience. The company is a result of the integration of Fenix International, ENGIE Mobisol and ENGIE PowerCorner; and develops innovative, off-grid solar solutions for homes, public services and businesses, enabling customers and distribution partners access to clean, affordable energy. The PAYGo solar home systems are financed through affordable installments from $0.14 per day and the mini-grids foster economic development by enabling electrical productive use and triggering business opportunities for entrepreneurs in rural communities. With over 1,700 employees, operations in nine countries across Africa (Benin, Côte d’Ivoire, Kenya, Mozambique, Nigeria, Rwanda, Tanzania, Uganda and Zambia), over 1 million customers and 6 million lives impacted so far, ENGIE Energy Access aims to remain the leading clean energy company, serving millions of customers across Africa by 2025.

For more, please visit https://engie-energyaccess.com/

Contact : stefan.zelazny@engie.com

About Energy Web
Energy Web is a global, member-driven nonprofit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. We enable any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors our tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

For more, please visit https://energyweb.org.

Contact : Lab@energyweb.org

ENGIE Energy Access and Energy Web Announce DeFi Crowdfunding Platform to Help Scale Solar, Mini… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 16. June 2021

Oasis Open

Invitation to comment on LegalRuleML Core Specification Version 1.0 before call for consent as OASIS Standard – ends Aug 14th

Extending the RuleML standard (http://ruleml.org/index.html) with formal features specific to legal norms, guidelines, policies and reasoning. The post Invitation to comment on LegalRuleML Core Specification Version 1.0 before call for consent as OASIS Standard – ends Aug 14th appeared first on OASIS Open.

Extends the RuleML standard with formal features specific to legal norms, guidelines, policies and reasoning.

OASIS and the LegalRuleML TC [1] are pleased to announce that LegalRuleML Core Specification Version 1.0 is now available for public review and comment.

LegalRuleML is designed to extend the RuleML standard (http://ruleml.org/index.html) with formal features specific to legal norms, guidelines, policies and reasoning. It defines a specification, expressed with XML-schema and Relax NG, that is able to represent the particularities of the legal normative rules with a rich, articulated, and meaningful markup language.

The TC has received 4 Statements of Use from Livio Robaldo, Swansea University, CSIRO Data61, and CirSFID-AlmaAI [2].

The Committee Specification now enters the 60-day public review that precedes the call for consent as an OASIS Standard. General information about this public review and previous reviews can be found in http://docs.oasis-open.org/legalruleml/legalruleml-core-spec/v1.0/cs02/legalruleml-core-spec-v1.0-cs02-public-review-metadata.html

The candidate specification and related files are available here:

LegalRuleML Core Specification Version 1.0
Committee Specification 02
06 April 2020

HTML (Authoritative):
https://docs.oasis-open.org/legalruleml/legalruleml-core-spec/v1.0/cs02/legalruleml-core-spec-v1.0-cs02.html

Editable source:
https://docs.oasis-open.org/legalruleml/legalruleml-core-spec/v1.0/cs02/legalruleml-core-spec-v1.0-cs02.docx

PDF:
https://docs.oasis-open.org/legalruleml/legalruleml-core-spec/v1.0/cs02/legalruleml-core-spec-v1.0-cs02.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:

https://docs.oasis-open.org/legalruleml/legalruleml-core-spec/v1.0/cs02/legalruleml-core-spec-v1.0-cs02.zip

Public Review Period

The 60-day public review starts 17 June 2021 at 00:00 UTC and ends 14 August 2021 at 23:59 UTC.

This is an open invitation to comment. OASIS solicits feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility as explained in the instructions located via the button labeled “Send A Comment” at the top of the TC public home page, or directly at:

https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=legalruleml

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

http://lists.oasis-open.org/archives/legalruleml-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review of “LegalRuleML Core Specification Version 1.0 CS02,” we call your attention to the OASIS IPR Policy [3] applicable especially [4] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information

[1] OASIS LegalRuleML TC
https://www.oasis-open.org/committees/legalruleml/

[2] Statements of Use:

Links to Statements of Use

Livio Robaldo Swansea University (in conjunction with the Scottish Government’s Parliamentary Counsel Office and the University of Paris) CSIRO Data61 Centro Di Ricerca Interdipartimentale (CirSFID) Alma Mater Research Institute for Human-Centered Artificial Intelligence

All: https://www.oasis-open.org/committees/download.php/68193/StatementofUse.zip

[3] http://www.oasis-open.org/policies-guidelines/ipr

[4] http://www.oasis-open.org/committees/legalruleml/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-Limited-Mode
RF on Limited Terms Mode

The post Invitation to comment on LegalRuleML Core Specification Version 1.0 before call for consent as OASIS Standard – ends Aug 14th appeared first on OASIS Open.


OpenDocument V1.3 OASIS Standard published

Open standard specifying the characteristics of an XML-based application-independent and platform-independent digital document file format, as well as the characteristics of software applications which read, write and process such documents. The post OpenDocument V1.3 OASIS Standard published appeared first on OASIS Open.

Free, open XML-based document file format for office applications is now an OASIS Standard.

OASIS is pleased to announce the publication of its newest OASIS Standard, approved by the members on 27 April 2021:

Open Document Format for Office Applications (OpenDocument) Version 1.3
OASIS Standard
27 April 2021

The OpenDocument Format is a free, open XML-based document file format for office applications, to be used for documents containing text, spreadsheets, charts, and graphical elements. OpenDocument Format v1.3 is an update to the international standard Version 1.2, which was approved by the International Organization for Standardization (ISO) as ISO/IEC 26300(2015). OpenDocument Format v1.3 includes improvements for document security, clarifies under-specified components, and makes other timely improvements.

The OpenDocument Format specifies the characteristics of an open XML-based application-independent and platform-independent digital document file format, as well as the characteristics of software applications which read, write and process such documents. It is applicable to document authoring, editing, viewing, exchange and archiving, including text documents, spreadsheets, presentation graphics, drawings, charts and similar documents commonly used by personal productivity software applications.

The TC received 3 Statements of Use from The Document Foundation, CIBlabs GmbH, and Collabora Productivity.

URIs:

The OASIS Standard and all related files are available here:

Part 1: Introduction
https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part1-introduction/OpenDocument-v1.3-os-part1-introduction.odt

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part1-introduction/OpenDocument-v1.3-os-part1-introduction.html

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part1-introduction/OpenDocument-v1.3-os-part1-introduction.pdf

Part 2: Packages
https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part2-packages/OpenDocument-v1.3-os-part2-packages.odt

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part2-packages/OpenDocument-v1.3-os-part2-packages.html

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part2-packages/OpenDocument-v1.3-os-part2-packages.pdf

Part 3: OpenDocument Schema
https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part3-schema/OpenDocument-v1.3-os-part3-schema.odt

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part3-schema/OpenDocument-v1.3-os-part3-schema.html

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part3-schema/OpenDocument-v1.3-os-part3-schema.pdf

Part 4: Recalculated Formula (OpenFormula) Format
https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part4-formula/OpenDocument-v1.3-os-part4-formula.odt

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part4-formula/OpenDocument-v1.3-os-part4-formula.html

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/part4-formula/OpenDocument-v1.3-os-part4-formula.pdf

XML/RNG schemas and OWL ontologies:
https://docs.oasis-open.org/office/OpenDocument/v1.3/os/schemas/

Distribution ZIP files

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

https://docs.oasis-open.org/office/OpenDocument/v1.3/os/OpenDocument-v1.3-os.zip

Our congratulations to the members of the OASIS Open Document Format for Office Applications (OpenDocument) TC on achieving this milestone.

The post OpenDocument V1.3 OASIS Standard published appeared first on OASIS Open.


Energy Web

Introducing The Lab, an Energy Web Innovation Hub

Energy Web Names Chief Commercial Officer Jesse Morris as Energy Web CEO, Outgoing CEO Walter Kok will lead Lab.EnergyWeb Zug, Switzerland — 16 June 2021 — Today we’re excited to introduce The Lab (Lab.EnergyWeb), a new R&D initiative housed within Energy Web to build out cutting-edge functionality, services, SDKs, and other enhancements on the Energy Web stack. Initial projects under develop
Energy Web Names Chief Commercial Officer Jesse Morris as Energy Web CEO, Outgoing CEO Walter Kok will lead Lab.EnergyWeb

Zug, Switzerland — 16 June 2021 — Today we’re excited to introduce The Lab (Lab.EnergyWeb), a new R&D initiative housed within Energy Web to build out cutting-edge functionality, services, SDKs, and other enhancements on the Energy Web stack. Initial projects under development within our new Lab unit include a DeFi application for crowdfunding energy-sector projects in emerging economies via Energy Web Tokens, additional staking models on the Energy Web stack, migrating non-energy crypto applications to the Energy Web Chain, and launching the development of Energy Web Chain 2.0. The announcement comes as we celebrate the second anniversary of the launch of the Energy Web Chain later this week. Walter Kok will lead this new initiative whilst he steps down as CEO.

In tandem, we’re pleased to announce that Jesse Morris, our longtime chief commercial officer, has been named Energy Web’s new CEO. Since our founding in 2017, Morris’ leadership has been fundamental to the growth of Energy Web into the world’s largest ecosystem of energy companies focused on accelerating the energy transition with open source digital technology.

“This is an exciting moment for Energy Web, as we move into the next phase of the organization’s evolution,” explained Jules Kortenhorst, EW Foundation Council member and CEO of Energy Web co-founder RMI. “Walter came to Energy Web to launch the world’s first public blockchain tailored to the energy sector. Under his leadership the Energy Web community experienced very rapid growth while adoption of the EW tech stack has scaled in a growing list of major projects around the world — especially impressive against the backdrop of a global pandemic. The next era of Energy Web with Jesse’s leadership promises to be just as revolutionary. Jesse has been instrumental to the success of Energy Web since its incubation and together with Walter leading the Lab we will continue to accelerate the energy transition through digital tech.”

In a similar move of promoting from within, Kok was Energy Web’s chief operating officer before being named its second CEO in August 2019. He came to Energy Web from a 30+ year career spanning ING Bank, Vodafone Global Enterprise, and NEC Corporation and several startups. Prior to joining the co-founding team of Energy Web, Morris was a principal in the electricity practice at RMI, where he partnered with utilities, technology providers, developers, and regulatory stakeholders to help distributed energy resources become an integral, widely-accessible part of the global electricity system.

“Walter and I have been working closely together for years now and we’re both excited about our new roles and responsibilities,” reflected Morris. “Me taking the reins as CEO will free up Walter to incubate a series of bleeding-edge crypto and digital projects under the new Lab. This move will make it easier for not just Energy Web as an organization but for our entire community to continue innovating well ahead of the energy market.”

“Coming from major enterprises like ING Bank and Vodafone, it’s been an incredible experience to lead the Energy Web team. There are so many talents at Energy Web and Jesse stepping into the CEO role is a great example of how we develop the new breed of leaders.” added Kok. “We are growing fast around the world, and I’m thrilled to continue informing our strategy as we forge ahead with The Lab. We will kick-off additional bleeding edge projects to demonstrate the level of innovation that is possible with our EW-DOS today. We are going to speed up the pace and will bring other sectors to our carbon-neutral Energy Web Chain too. Acting our way into new thinking”

Energy Web’s core team has grown rapidly under Kok’s watch — scaling alongside our ambition and work with the global energy and crypto sectors — almost tripling since the EW Chain’s one-year anniversary in 2020. In less than two years, the EW Chain’s validator network has grown to 44 companies spanning four continents. Some 45,000 wallet addresses have already generated 28 million transactions. Yet the biggest gains are ahead.

Morris concluded by saying, “The two industries we straddle — crypto and grid digitization — are still in their infancy. For as much as we’ve collectively accomplished until now, we’re just getting started.”

Learn more about The Lab at lab.energy.org.

About Energy Web
Energy Web is a global, member-driven nonprofit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. We enable any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors our tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Introducing The Lab, an Energy Web Innovation Hub was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


Digital Identity NZ

The Trust Economy in a Future New Zealand

All the latest news from the Digital Identity New Zealand community The post The Trust Economy in a Future New Zealand appeared first on Digital Identity New Zealand.

Over the last couple of weeks I’ve been thinking quite a lot about the concept of the Trust Economy.  What is it? And why should we care about it?

My interest was first piqued when I came across two videos on YouTube from Rachel Botsman and Philipp Kristian Diekhöner.   

Trust has always been at the centre of society overall and commerce in particular.  There’s a reason why during the first industrial revolution banks always built the most impressive, secure looking buildings in town – so you trusted them to deposit you money there!

Now with the 4th industrial (digital) revolution the old vertical, siloed trust models are breaking down and we are moving to a more horizontal, distributed environment.  The decline in trust in the media (fake news) and the lack of trust we are all now feeling with the way big tech is monetising our personal data is creating ever increasing demands from people to significantly improve trust models for the future.   

I have a strong sense that Aotearoa New Zealand has always projected a reasonably trusted persona globally;  good people, good morals, good global citizens etc… and now our Covid-19 response would appear to have bolstered the level of trust people have in us across the planet. 

An example of this is the Global Soft Power Index which for its 2021 ranking had Aotearoa New Zealand as the fastest improving nation in the Index, claiming 16th place in the ranking (up from 22 last year), citing “perceptions of New Zealand have no doubt been bolstered as nations such as the UK and the US cede their usual place as leaders in public health, with both battling repeated waves of the COVID-19 virus. 

There would now appear to be a real opportunity for us to focus on really enhancing our trust position globally.  100% Pure New Zealand was a really strong brand position.  Might something like 100% Trusted New Zealand be a branding idea for our future?

And in the context of the digital economy, digital identity and trust go hand in hand as cornerstones of the Trust Economy.

Ngā Mihi,

Michael Murphy
Executive Director

Digital Identity NZ

To receive our full newsletter including additional industry updates and information, subscribe now

The post The Trust Economy in a Future New Zealand appeared first on Digital Identity New Zealand.

Tuesday, 15. June 2021

Energy Web

Energy Web Cofounders RMI and Grid Singularity Reaffirm Their Commitment to the Mission

When Energy Web launched in early 2017, we did so with the support of two key cofounders: RMI, a leading global think-and-do tank focused on the energy transition, and Grid Singularity, an award-winning energy blockchain developer. Two years later in June 2019 we launched the Energy Web Chain in partnership with a global community of energy companies, grid operators, and other enterprises that ha

When Energy Web launched in early 2017, we did so with the support of two key cofounders: RMI, a leading global think-and-do tank focused on the energy transition, and Grid Singularity, an award-winning energy blockchain developer.

Two years later in June 2019 we launched the Energy Web Chain in partnership with a global community of energy companies, grid operators, and other enterprises that had grown into the world’s largest energy blockchain ecosystem. Within the first year of the EW Chain’s operation, solutions and transactions on the network grew quickly, while the validator network more than tripled.

As we now look ahead to the third year of the Energy Web Chain’s growing prominence in the energy and crypto spaces, the cofounders remain as committed as ever to the Energy Web mission of accelerating the energy transition by unleashing the potential of blockchain and other digital technologies.

For example, RMI partnered with Energy Web and the Alliance for Innovative Regulation (AIR) earlier this year to launch the Crypto Climate Accord. Meanwhile, Grid Singularity has continued to focus on building energy market exchanges on top of the Energy Web tech stack.

Thus on this EW Chain anniversary, we are pleased to share these statements from our cofounders, who are re-affirming their commitment to supporting the Energy Web Chain, the Energy Web Community, and the greater Energy Web ecosystem moving forward:

Statement from RMI

“RMI will continue to strongly support the value created by the Energy Web Foundation and the Energy Web Decentralized Operating System. As a steward of EWF’s mission and a broader champion of the energy transition, RMI commits to employ its EWT only where necessary to build new business models, engage in bonding and chain-related activities, and more broadly stimulate the advance of critical decentralized digital markets that support a rapid transition to a zero-carbon economy. We recognize that building a successful utility token platform will take time and know that EWF is well on its way to creating a world-changing model that fuses decentralized, low carbon generation with distributed ledgers and computing.”

Statement from Grid Singularity

“Grid Singularity will continue to strongly support the value created by the Energy Web Foundation and the Energy Web Decentralized Operating System. Grid Singularity intends to use held EWT to scale the development of the Grid Singularity energy exchange for peer-to-peer and community trading, to invest in community applications and to contribute to the next growth stage of EWF 2.0, leveraging Polkadot technology, such as by staking, bonding for parachains, and advancing on-chain governance.”

Their statements are a testament to their continued trust and investment in the potential of blockchain and other decentralized, digital technology—including the evolving Energy Web tech stack—to accelerate the energy transition.

Energy Web Cofounders RMI and Grid Singularity Reaffirm Their Commitment to the Mission was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


Oasis Open

Samvera Advances Community-Sourced Repository Solutions as OASIS Foundation-as-a-Service Partner

15 June 2021 – OASIS Open, the international open source and open standards consortium, and Samvera, an international open source community with best in class digital asset management solutions, are pleased to announce their Foundation-as-a-Service partnership. The program streamlines the process of forming and running foundations by letting groups operate independently while enjoying the benefits

New Alliance Promotes Wide Adoption of Free Tools that Make the World’s Digital Collections Accessible Now and Into the Future

15 June 2021 – OASIS Open, the international open source and open standards consortium, and Samvera, an international open source community with best in class digital asset management solutions, are pleased to announce their Foundation-as-a-Service partnership. The program streamlines the process of forming and running foundations by letting groups operate independently while enjoying the benefits of the OASIS nonprofit corporate structure and expertise.

A vibrant community of information and technology professionals, Samvera’s suite of repository software tools offers flexible and rich user interfaces tailored to distinct content types on top of a robust back end, and can enable a wide range of repository solutions for the digital collections held by libraries, archives, museums, and other organizations.

“There is unanimous support in the Samvera Community for this transition to OASIS Open’s Foundation as a Service,” said Rosalyn Metz, Associate Dean of Library Technology and Digital Strategies at Emory University Libraries and Samvera Board Chair. “Being aligned with OASIS, while maintaining Samvera’s well established governance structure and sovereignty, gives us the best of both worlds. We believe this partnership will ensure our autonomy and help promote our sustainability.”

“We are excited to welcome Samvera to the OASIS community,” said Guy Martin, OASIS Executive Director. “This partnership was a natural fit for both of our organizations, as we share the values of inclusivity, openness, and transparency. We look forward to providing Samvera with administration & governance support so that they can continue to focus on delivering value to their users and helping their open source community thrive.”

From its beginning in 2008, Samvera (originally called Hydra) set out to build a community to support and sustain its software, which is free and open source. The Samvera Community creates sustainable solutions using a common infrastructure within which there is flexibility to tailor solutions to local demands and workflow. Its partners include institutions, service providers, and other organizations that have formally committed to contributing to the Samvera Community.

“We are excited to partner with OASIS and have already benefited from the expertise of their program staff,” said Heather Greer Klein, Samvera Community Manager. “Foundation-as-a-Service is an excellent fit for the Samvera Community, and I believe this model offers a new approach to sustainable stewardship of open technologies that we’ve not seen before in the scholarly and cultural heritage ecosystem.”

OASIS welcomes inquiries from groups seeking to form or transition existing open source Foundations using the Foundation-as-a-Service Program.

Media inquiries:

communications@oasis-open.org
+1.941.284.0403

The post Samvera Advances Community-Sourced Repository Solutions as OASIS Foundation-as-a-Service Partner appeared first on OASIS Open.

Monday, 14. June 2021

CU Ledger

Bonifii Releases New Versions of CUFX Standards with a Focus on Digital Identity and Open API Exchange

Denver, CO (JUNE 14, 2021) – Bonifii, an industry leader in privacy- and security-enhanced solutions, announces the release of CUFX versions 4.5 and 5.0. More than just a recent update, the two versions are a milestone in the evolution of CUFX (Credit Union Financial Exchange). Credit unions can share data between banking systems by leveraging [...] The post Bonifii Releases New Versions of CUFX

Denver, CO (JUNE 14, 2021) – Bonifii, an industry leader in privacy- and security-enhanced solutions, announces the release of CUFX versions 4.5 and 5.0. More than just a recent update, the two versions are a milestone in the evolution of CUFX (Credit Union Financial Exchange). Credit unions can share data between banking systems by leveraging CUFX, the open integration standard designed to make products and services available to their members more quickly, while reducing implementation costs.

CUFX was created by and continues to be a community of thought and technology leaders to advance a financial services ecosystem standard that reduces technical complexity, drives down costs, and improves speed to market.

With the acquisition by Bonifii earlier this year, CUFX is a protocol for the exchange of data supported by a systems integration standard that will allow credit unions the ability to increase the speed to become more digital,” says John Ainsworth, president/CEO of Bonifii. “We’re very pleased these new updates will enable greater security and privacy of information transmitted between credit union systems.”

Key Feature of CUFX Version 4.5

CUFX, Version 4.5, has been published and will expand the capability to accept verified credentials, establish secure connection protocols, and pass decentralized identifiers for verification in the credential group message. These new capabilities will enable CUFX to utilize cutting-edge technologies for superior security in communications, identity, and fraud prevention that will benefit not only credit unions and their members but the providers that service this industry.

Key Features of CUFX Version 5.0

Open API 3 upgrade so that users can now show the override and properly show the examples in Swaggerhub. This will allow architects to pass content in the message body where it is more secure and encrypted. New data elements have been expanded for all account types to ensure their availability and consistent use for all account types—deposits, loans, and investments. For remote deposit, the update improves the organization of data for images and image validation for better results.

To access the CUFX standards or for more details about these new versions, click here. To learn more about CUFX and Bonifii, please visit Bonifii’s website at www.bonifii.com.

About Bonifii

Denver-based Bonifii is the financial industry’s first verifiable exchange network designed to enable trusted digital transactions using open standards and best-of-breed security technologies. Its mission is to provide a premier digital network of peer-to-peer financial exchange for financial cooperatives. The network brings a high degree of assurance to the exchange of value between peers over the Internet and other digital networks and streamlines processes affected by expensive, inefficient, proprietary, and siloed systems. In 2021, Bonifii acquired the Credit Union Financial Exchange (CUFX) from CUNA’s Technology Council. Under Bonifii, CUFX positioned as the exchange of data supported by a systems integration standard and will allow credit unions to increase the speed to become more digital. To learn more about Bonifii, visit www.bonifii.com, email us at info@cufxstndards.com, or follow the company on the Bonifii blog, LinkedIn, or Twitter.

Bonifii Contact:

Julie Esser, SVP Client Engagement

jesser@memberpass.com

608.217.0678

The post Bonifii Releases New Versions of CUFX Standards with a Focus on Digital Identity and Open API Exchange appeared first on Bonifii.


Oasis Open

A Collaborative Approach to Meeting the Challenges in President Biden’s Executive Order on Improving US Cybersecurity

Industry has been given a mandate to help the U.S. government solve its cybersecurity challenges, but neither one nor many vendors with their proprietary solutions will be enough. The post A Collaborative Approach to Meeting the Challenges in President Biden’s Executive Order on Improving US Cybersecurity appeared first on OASIS Open.

By Jason Keirstead, OASIS Open board member

On May 12, U.S. President Joe Biden signed the Executive Order on Improving the Nation’s Cyber Security, charging U.S. federal agencies to partner with the private sector to foster a more secure cyberspace and protect the nation from malicious cyber actors. As both a board member as well as an active participant, I believe that OASIS Open’s members and projects are uniquely qualified to facilitate this public-private partnership and help guide the creation of cybersecurity standards.

Securing the Software Supply Chain

One key aspect outlined in Section 4 of the Executive Order (EO) is securing the software supply chain. At issue here is the reality that the U.S. federal government—like nearly any other organization on the planet that uses computer technology in any form—relies on not just one but numerous types of software to process data and run operational equipment. The sources of the software can vary—from proprietary software purchased from vendors to open source software downloaded from Git repositories to custom software created by in-house developers. To make matters more complex, most software today is itself a compilation of pieces of code that come from a variety of sources, with each component being inherently subject to flaws and vulnerabilities. In order to secure the software supply chain, we need to be able to document the provenance of software code, i.e, its origin and path of development or, as it is phrased in the legal field, the code’s “chain of custody.”  

One tool for documenting provenance is the Software Bill of Materials or “SBOM.” It’s a list of all the components that make up a codebase, the source of each component, the versions of those components, their patch status and the licenses that govern them. The concept of an SBOM is derived from manufacturing, where manufacturers keep detailed inventories of the parts that are used to build a product (such as a car) and the sources of those parts. Such bills of materials can be vital not only for production, procurement and maintenance purposes but also for initiating appropriate responses (e.g., a recall) when a part is found to be defective. Similarly, a software bill of materials is essential to responding quickly when vulnerabilities or security breaches are discovered in a piece of code. 

Members at OASIS have, for quite some time, been working on a standard that will be a critical feeder into SBOMs—the Common Security Advisory Framework (CSAF). CSAF is a standard way for vendors and open source projects to report vulnerabilities in their products to the outside world. SBOMs and CSAF go hand in hand; in fact, without the information that originates in CSAF, an SBOM cannot fulfil its purpose with respect to cybersecurity. 

Here’s an example of how SBOMs and CSAF create a cybersecurity feedback loop. Suppose you are managing Microsoft Windows. You’re using Python, and Python’s SBOM lists OpenSSL as a component. If the OpenSSL project issued a new CSAF advisory, the advisory could automatically cascade upstream to Python, and then cascade upstream again to Microsoft Windows. Microsoft could then issue its own CSAF advisory, essentially completing a virtuous feedback loop to help eliminate vulnerabilities throughout the supply chain.

Allan Friedman, the Director of Cybersecurity Initiatives at the US Department of Commerce, National Telecommunications and Information Administration (NTIA), is tasked with managing cybersecurity multi-stakeholder processes to bring together industry, academia, and the hacker community to tackle key security policy issues. He and his team are currently evaluating options for SBOM standards and policies and are already working closely with CSAF, because no matter how the standard gels, CSAF will play an essential role.

SBOMs Just Scratch the Surface of the EO Mandate

There is much, much more to the EO than SBOMs and the supply chain, and OASIS has much to offer in the other areas as well. 

EO Section 2, for instance, is devoted to sharing threat intelligence. OASIS supports several standards that could play a role here, including: 

STIX, a language for expressing cyber threat and observable information. TAXII is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. TAC is a common knowledge framework that enables semantic interoperability of threat actor contextual information and standardized vocabularies for threat actor characterization.

EO Section 3 deals with modernization. The SAML project is highly applicable here. Security Assertion Markup Language is an XML-based framework for communicating user authentication, entitlement, and attribute information. As its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject (an entity that is often a human user) to other entities, such as a partner company or another enterprise application.

EO Section 6 addresses the government’s need for a uniform series of playbooks for responding to vulnerabilities and incidents. OpenC2 and CACAO are ready-made for this challenge. OpenC2 is a standardized language for the command and control of technologies that provide or support cyber defenses. By providing a common language for machine-to-machine communication, OpenC2 is vendor and application agnostic, enabling interoperability across a range of cyber security tools and applications.  CACAO is a standard for defining and sharing cybersecurity playbooks, and how these playbooks can be created, documented, and shared in a structured and standardized way across organizational boundaries and technological solutions.  It’s an ideal format for what the government wants to create.

EO Section 7 is focused on improving detection of vulnerability and incidents, which is what CSAF is all about, as I mentioned earlier.
And the OCA is relevant to all of it. The OCA (Open Cybersecurity Alliance) is an ideal forum for vendors and entities who want to participate in an ecosystem where cybersecurity products interoperate without the need for customized integrations. Using community-developed standards and practices, OCA is simplifying integration across the threat lifecycle. As regulations to implement the EO become codified by CISA, NIST, and other federal agencies, a standards-based and vendor-neutral approach will be required in order to facilitate a healthy and competitive cybersecurity marketplace. The OCA is an ideal forum where this kind of cross-industry collaboration can and should take place.

Beyond Standards: Orchestrating Harmony & Progress

Yes, many standards relevant to the EO are already in development under the OASIS umbrella. But the organization has more to offer this challenge than simply a library of projects: namely, its acumen for creating harmony and progress from heterogeneity and complexity.

OASIS Open is one of the most respected, non-profit standards bodies in the world. People and organizations join OASIS to advance projects for cybersecurity, blockchain, IoT, emergency management, cloud computing, legal data exchange, and much more. (You can check out all the projects here.) The priceless asset OASIS offers its communities is the ability to harness the power of global collaboration to advance the fair, transparent development of open source software and standards. That’s what it’s going to take to address the challenges laid out in the EO. 

A common adage today is “it takes a village,” and I suppose that applies in the case of the EO. Certainly, industry has been given a mandate to help the U.S. government solve its cybersecurity challenges, but neither one nor many vendors with their proprietary solutions will be enough. Likewise, simply defining a standard—whether de facto or de jure—will not be enough. And although open source will certainly play a role (e.g., bridging the gap between a proprietary solution and the standard by building and testing reference implementations), open source alone can’t solve the problem either. Interoperability of solutions in this space, whether proprietary or open source, will require open standards that have been collaboratively built and designed with open integration in mind from the beginning.

It’s going to take a village—a harmonious combination of standards, vendor solutions, and open source—to accomplish this. Creating and nurturing that kind of village is precisely what OASIS does best.

The post A Collaborative Approach to Meeting the Challenges in President Biden’s Executive Order on Improving US Cybersecurity appeared first on OASIS Open.


Commercio

Diplomas and Certificates no more falsifiable, thanks to the APP DIPLOMI on blockchain by T.S.C. srl on Commercio.network.

Diplomas and Certificates no more falsifiable, thanks to the APP DIPLOMI on blockchain by T.S.C. srl on Commercio.network. 18 students of the Re-Europe training path for young graduates , will receive in Herculaneum their certificates with electronic delivery (eDelivery) on blockchain. Ercolano, June 14th, 2021 , 18 students of the Re Europe training path, to enhance the skills necessary to […]

Diplomas and Certificates no more falsifiable, thanks to the APP DIPLOMI on blockchain by T.S.C. srl on Commercio.network.

18 students of the Re-Europe training path for young graduates , will receive in Herculaneum their certificates with electronic delivery (eDelivery) on blockchain.

Ercolano, June 14th, 2021 ,

18 students of the Re Europe training path, to enhance the skills necessary to support the management of European and regional funds, will receive their certificates that will be certified on blockchain.

The benefits of using this innovative technology in the school environment and consequently also for the working context are many.

The first is certainly to allow all parties involved, such as students, colleges, universities and companies, to easily and immediately verify if the digital diploma in possession is the original one and does not present alterations from the one produced by the Institute or by the ‘Issuing Body.

Thanks to the solution developed by T.S.C Technology srl and to the use of the blockchain technology of Commercio.network the students will be able to guarantee the authenticity and the integrity of their electronic diplomas and certificates to potential employers all over the world, in a simple and immediate way.

In fact, this innovative solution allows students to generate an electronic diploma or certificate. Each digital document has a unique and unchangeable fingerprint. This fingerprint is recorded in an unchangeable way on the blockchain, through a special transaction called ShareDOC. This transaction certifies the electronic delivery (eDelivery) of the diploma from the Issuing Institution to a student’s personal wallet (ewallet) that can in the future contain all of the student’s educational and biographical information while maintaining the highest degree of privacy currently possible.

The electronic certificate visually looks like a classic paper diploma, where all the identifying information is present: school year, name of the student, name of the school or institution, type of course attended, date and place.

Therefore, it is not simply a matter of having a digitized copy of a paper certificate.  Due to its decentralized nature, blockchain technology cannot be tampered with, and the certification of graduation remains forever.

The blockchain record contains encrypted information without any personal data, and therefore cannot be directly traced to the student at all.

The adoption of blockchain in schools is already law in Malta and is used on an experimental basis in several prestigious universities abroad such as MIT in Boston, Holberton School in San Francisco and Imperial College in London. In Italy, a few institutions have launched similar initiatives, waiting for the school system to massively adopt these solutions.

 

L'articolo Diplomas and Certificates no more falsifiable, thanks to the APP DIPLOMI on blockchain by T.S.C. srl on Commercio.network. sembra essere il primo su commercio.network.


Velocity Network

Interview with Kelly Ryan Bailey, Global Skills Evangelist at Emsi

We sat down with Kelly Ryan Bailey, Global Skills Evangelist at Emsi to chat about the importance of having a platform like Velocity to bring together complex career and educational records. The post Interview with Kelly Ryan Bailey, Global Skills Evangelist at Emsi appeared first on Velocity.

Friday, 11. June 2021

EdgeSecure

How should Technology Serve as an Accelerator in Higher Education? A Tech Economist Answer

More clearly than before, we are seeing the recent pandemic as a catalyst and accelerator for Digital Transformation, or Dx as the term is now designated. As many higher education institutions have been on a Dx trajectory, there is now no denying that higher education’s future is digital. The post How should Technology Serve as an Accelerator in Higher Education? A Tech Economist Answer appeare

In short, the way to [advancement], if you desire it, is as plain as the way to market. It depends chiefly on two words: industry and frugality.

–Benjamin Franklin
‘The Way to Wealth” (1758)

Technology investment is regarded by many leaders as the single most strategic investment that institutions of higher learning can make to accelerate their mission and achieve their business strategy in a timely and effective manner. Yet, all too often institution senior leadership bemoan the fact that technology investment continues to increase as a share of annual operational expense while returning little return on that investment. This dilemma begs a few questions. First, why is this the case ? What can/should leadership do to extract maximum value from their escalating technology costs?

Ideally, technology should be an accelerator for higher education, yet many institutions suffer chronically from overpriced and under utilized technology assets.  Over time these assets become expenses that do  little more than keep the lights on for an institution, constraining IT leaders from emerging as thought leaders in support of the overall institutional mission and vision.  The effort required to maintain legacy systems often prevents IT from emerging as a strategic asset that is able to meet the wants and needs of faculty, students, and staff.  The unwise investments lead to the law of diminishing returns as these technology investments chip away at the institution’s balance of technology expense versus value.  This is evinced annually through the escalating price of licensing and maintenance fees for hardware, software, and technical services which in reality produces very little improvement to automation, workflow, or true cloud hosting and cloud management.  

Adding to key functional officer and executive stakeholder frustration, these same technologies often accrue increasing indirect expenses in the form of time spent by the resident-based functional office and technical office labor resources, namely people, and the good people  always seem to bear the brunt of the burden.  Shadow IT organizations emerge, that is, functional office staff self-modifying or sometimes by management decree perform more and more duties aligned with that of technical professionals as a result of underutilized technology, slow and poor upgrades and configurations.  Shadow IT also emerges because actual IT spend increases the amount of knowledge, skill, and effort required to maintain information systems as opposed to maturing them. This lack of technical professional unity results in haphazard cybersecurity protocols whenever new tools are supplied by functional offices to authenticate behind the firewall, whereas they ought to be demanded by functional offices and supplied by a centralized IT authority, or at a minimum, a decentralized IT community that is centralized on standard operating procedures, practices, and policies through formal and executive sponsored governance.  I’m fine with shadow IT, so long as it stands in the shadow of my department.  In the worst of these scenarios, and unfortunately all too common, technology is refreshed as an annual budget surprise to the CIO and the CFO because of poor planning in IT management ranks, and the lack of coordination with functional office managers, resulting in sudden death (i.e., premature-obsolescence) of the technology system.  

The opportunity cost couldn’t be more clear; the same functional and technical staff would best serve each other, the faculty, students, and the institutional mission if they could afford sufficient time to evolve and mature their knowledge, skill, and effort so as to keep up with the latest trends, reduce costs through improved efficiency, and add value through increased output, in other words; accelerate.  Some accelerators include, but are not limited to; cabinet leadership enterprise thinking regarding information systems and data governance, reorganizing IT into its various IT reference disciplines (e.g., network, security, cloud, user support, emerging technologies etc.) and empowering its staff to achieve excellence in their specialization.  Lackluster and legacy IT departments, staff, and tools cause presidents, CFOs, Deans, faculty, and more, to assert technology as an expensive cost center, as opposed to a valuable investment, to evoke cliches for technology resources and IT leadership such as “the gift that keeps on giving.”

Begs The Question – Savings, Capital, and Technology
Okay Mr. Smart guy, then what’s the silver bullet?  Well, none exists, but the application of business and social science to assist information technology/information systems management is an option.  Economists in this space have been gathering and synthesizing data into useful information and wisdom for over a century, Nobel prizes have been awarded for theoretical proofs leading to practical benefits and heuristics, and application of these by microeconomic entrepreneurs have evinced their real value.  Classical and neoclassical economists such as Adam Smith, David Ricardo, Ludwig Von Mises asserted institutions would best serve themselves, their constituency, and the overall economy through frugality and savings.  Others, such as John Maynard Keynes and new keynesian economists Stanley Fischer and Gregory Mankiw, assert that while this may work for individuals and firms, there may be antithetical results at higher levels of aggregation in economic policy, hence the paradox of thrift. Still, both major schools of economic thought agree that the best microeconomic policy for individual decision makers and collective wills of the institution (the firm), in public, private, and non-profit sectors is one that incorporates frugality in expenses and a strong focus on savings in both purchasing power as well capital planning and services.

Technical Progress
Economist Robert Solow, Nobel Prize winner, Harvard graduate, and professor of technology and growth economics at MIT, discovered something of significance for the world of enterprise as well as key decision makers of public and non-profit institutions that he refers to as the Solow Growth Model.  First, he concluded that savings and frugality has a positive impact on growth, but that savings, frugality, and capital planning are subject to the law of diminishing returns just like anything.  Second, Solow calculated that about four fifths (⅘ths) of growth in output per worker was attributable to technological progress and entrepreneurship.  Technology seems to be more important to institutional economic growth, when acquired and adopted correctly, than savings, frugality, labor, research and development, and natural resources.  According to Solow, increasing saving and capital investment, even with aid, isn’t enough to stimulate growth; the adoption of technology is essential.

Finally, entrepreneurship and technology subject matter expertise are in short supply and high demand, especially in our volatile time due to the pandemic.  Because of the constant change in technology and business process, exasperated by the recent pandemic, it is of paramount importance that higher education institutions partner for success with the right experts and innovators.  Subject matter experts, leaders, and innovators who possess the knowledge, skill, and ability as well the solutions and services to truly add value and accelerate the mission of higher education.  Expertise and knowledge alone are not enough. Partners who have deliberately defined, designed, and applied this expertise and knowledge for the benefit of institutions by way of a defined ecosystem of solutions and services are necessary for real value to be rendered.  As a non-profit minded organization, given birth by to by a highly esteemed council of university and college presidents, Edge represents the quintessential technology solutions and services organization as it has proven itself to be a maturely formed ecosystem of technology solutions, services, experts, and innovators who have aligned with every aspect of the student lifecycle to render real value to the higher education community.  Our approach is an economic advancement one, it is a results based approach that leverages the collective and collaborative power of a fully mature technological economy that is at the ready and forefront always to serve the mission of higher education.

1 The Works of Benjamin Franklin. Edited by Jared Sparks. Vol. 2. (Boston, 1836), p.103.

2 Handler, R. and Maizlish, B. IT Portfolio Management Step by Step: Unlocking the Business Value of Technology. Wiley & Sons. (2005), p.37. 

3 Markham, Christopher R. Leading Questions: A CIO’s Answer to Leadership. CIO Insight Magazine. January, 2016. 

4 Mankiw, N. Gregory (1985). Small Menu Costs and Large Business Cycles: A Macroeconomic Model of  Monopoloy. The Quarterly Journal of Economics. 100 (2), pg. 529-538. 

5 Skousen, Mark Ph.D, “Economic Logic 5th Edition” (2017). Regnery Capital, pg. 401-402.

Contact Us to Learn More

About The Author

Christopher R. Markham, Vice President Information Technology and Economic Advancement

When it comes to the strategy behind return-on-investment for technology spend, Chris applies nearly two decades of education and experience to assist our member institutions with the complexities of cloud, enterprise computing, and educational technologies. Having served in technology support and leadership roles since 2001, he most recently served as Vice President for Information Technology and Chief Information Officer at SUNY Empire State College, where he successfully completed a transition of the institution’s enterprise resource planning (ERP) system. Prior to that role, Chris served as Vice President for Information Technology and Chief Information Officer at Florida State College. While in that role, he successfully managed the completion of a $30 million digital transformation effort to enhance operations among the institution’s six campuses and more than 50,000 students. Today, Chris works with Edge member institutions on digital transformation initiatives, information technology leadership, technology service management and the business process re-engineering required to recruit and educate students in today’s digital world. Chris applies his graduate education in economics in concert with his technology background to ensure the value of technology is optimal in its application. Chris currently serves in the United States Army Reserves. Standing ready to assist in the success of our member institutions, more and more Edge members are starting conversations with Chris to leverage Edge’s resources in professional services, learning and teaching technologies, and information technology service management.

The post How should Technology Serve as an Accelerator in Higher Education? A Tech Economist Answer appeared first on NJEdge Inc.


Berkman Klein Center

The Metaverse: A brave, new (virtual) world

If we accept the premise that on the Internet “if you’re not paying, you’re the product”, in the Metaverse you will become a walking — talking billboard. The Metaverse, art by the author of this post under license by PicMonkey. Intro: Video games now Amongst the changes that “lockdowns” and “new normality” have brought, there is a revalorization of digital interactions as valuable and meanin
If we accept the premise that on the Internet “if you’re not paying, you’re the product”, in the Metaverse you will become a walking — talking billboard. The Metaverse, art by the author of this post under license by PicMonkey. Intro: Video games now

Amongst the changes that “lockdowns” and “new normality” have brought, there is a revalorization of digital interactions as valuable and meaningful. Ironically, what was once regarded as isolationist or a poor substitute for “real life” (an expression used as an interchangeable semantic proxy for “in-person”) experiences, has become the glue that holds the social fabric together.

Connecting in and through digital spaces has been a staple of 2020: from work or formal education moving to online alternatives, to recreational uses of video platforms. In these virtual spaces, human ingenuity has found new testing grounds to deal with the challenges presented by the pandemic. It can be a thoughtful provocation to say that since lockdowns started, we might have been living in a proto-version of the Metaverse.

The silver lining is an accelerated digital transformation, even for those areas traditionally reluctant to innovate or that deemed remoteness incompatible with organizational culture (like small businesses adopting digital payments as opposed to inveterate cash-only business practices, or governmental bureaucracies offering online alternatives to otherwise mandatory in-person procedures).

Amidst this burgeoning digital life, video games have experienced an influx of new players, growing revenue, and newfound mainstream respect. One year after designating video game addiction as a mental health disorder, the OMS has taken a more nuanced position, acknowledging their positive value for socialization.

Beyond their collective value, in times of uncertainty video games constitute a space to regain some sense of control and security, as well as a place to exercise empathy. By design, challenges in gaming are presented to the player with the implicit promise that they can be solved with the tools provided beforehand, and the skills gained along the way. Good game design will equip players with prerequisite skills and knowledge to arrive at that stage with a chance of success, and never confront them with a challenge that is impossible to win. With the unspoken pact that there is always -at least- one guaranteed possibility of triumph, losing just becomes a matter of trying but not a failure. With the reassurance of success looming ahead, losing becomes just another moving part of the game, a rehearsal in the path to winning.

Considering games as a narrative medium that separates itself from others by its interactivity, gaming presents unprecedented potential as a rehearsal space for empathy. When we play, we are able to try a different skin and participate in a story from a privileged insider perspective that no other medium can match.

Video games are consumed not only by playing but also by communal activities like engaging in watching others play. Streaming platforms such as Twitch and YouTube are popular amongst youth due to the added value of interpersonal interaction, a sense of belonging, and community building.

The Metaverse, defined as an encompassing, persistent, virtual world, can be seen as the newest iteration of the Internet, both an evolutionary step and a fusion of social networks and online gaming. As gaming becomes more ubiquitous and social media platforms resort to gamification mechanics to promote interaction between users, the frontiers between these two worlds tend to blur: platforms become games and games take the place of social media spaces. Twitch, which started as a platform to watch other people play games, has evolved into a community-building space where games are also played with the audience, by using overlays and gamified mechanics of interaction.

Fortnite has been a pioneer in this space, not only with its “Party Royale” mode and providing concerts and movie screenings (separated from the core gameplay but organically integrated as a whole) but also by creating a gaming experience that incentivizes socialization. Gaming platforms have become the new town square, where bonds, friendships, and rivalries are forged over voice chat.

Besides social aspects of play, in a receding economy for industries related to in-person activities (affected by the pandemic through overstressed supply chains and reduced demand), the video game industry and its ecosystem have been one of the few to increment growth. With changes in consumer behavior driven by stay-at-home routines, it is no surprise that fashion, movies, and other related domains are moving into digital spaces and seeking to create digital doppelgangers of the goods and services they provide in the tangible world. Marketing and advertising are increasingly interested in the Metaverse, as the next frontier for expanding their brand’s business and targeting prospective new audiences.

The recent explosion of the NFTs market is a closely related phenomenon, and its rise is partly attributable to their ability to create artificial scarcity. Through maiming their essentially infinitely replicable with near-zero marginal cost attribute, NFTs provide to digital goods the non-fungibility characteristic of analog goods. Decentralized blockchain applications and NFT’s based business models allow the creation of secondary markets for digital goods, providing a foundational economic backbone for the Metaverse.

Paired with advancements in VR/XR and AR technology, investment and funding attracting new players, all of these factors converge into creating a critical juncture for the pursuit of the Metaverse.

“Metaverse/s” and virtual worlds

The term Metaverse is attributed to Neal Stephenson and his book Snow Crash, a novel about a protagonist (actually, a Hiro Protagonist) interacting in a persistent, immersive, shared, virtual world.

“Neal Stephenson — Snow Crash” by RA.AZ is licensed under CC BY 2.0

The concept, which both echoes and modifies the idea of “cyberspace,” a term popularized by the 1984 William Gibson novel “Neuromancer,” has been revisited in other sci-fi works like Ready Player One by Ernest Cline. Both movie and book portray OASIS (which stands for Ontologically Anthropocentric Sensory Immersive Simulation), as a massively multiplayer online simulation accessible via haptic devices, that hosts entertainment, commercial and educative hubs.

People will participate in these spaces through a digital representation of themselves, as avatars or skins, that could assume any possible shape or form. Restrictions will probably come from the terms of service, community standards or policies, intellectual property infringements, or licensing requirements.

The Metaverse is different from virtual worlds in the sense that it aspires to contain all or several of these virtual worlds, or at least, to create interoperable gateways to connect them, functioning as an all-encompassing, unified portal and hub. That poses an interesting tension between the pretended decentralization where blockchain advocates see an intersection with the Metaverse, against its own monopolistic proposition. One friction that only can be solved by creating a pipeline of true interoperability, both technical and legal, that enables the flow and uniform treatment of data (by uniform data protection laws) and content (likewise, for intellectual property regulations).

The architecture of the Metaverse can be fragmented into several attributes that should be checked by those aspiring candidates:

ubiquity: the Metaverse will need to encompass different aspects of human experience, from leisure to education, finances, political expression, etc. Adult clubs have a prominent role in Second Life. synchronicity; with events happening in real-time or a shared time-scale interconnection: allowing the transition between several virtual worlds (relevant questions here will be about the portability of digital goods from one world to another, and if they will remain functional) persistent, implying that events will take place at its pace no matter whether the person remains or not logged; and that they can`t probably be reset or modified (as in loading a saved game) virtual/ immersive; being a digital representation that sets the Metaverse apart from AR interfaces that add layers of extended meanings and content to the physical world. collective and shared; as in virtual worlds populated by other beings ( question remains if human, artificial, or both)

Necessarily, it should provide a self-representation construct (in the form of skins, avatars, or any sort of digital manifestation able to interact within the virtual world), and arguably, building tools that enable creative outlets for the expansion of these worlds through a creator-centric approach.

Questions remain on how those spaces will be adjudicated and governed. The answers to that will shape further attributes, such as: openness, decentralization, portability, artificial scarcity, and interoperability (allowing to interface with other applications, not just to create with the building tools provided as in user-generated content).

The core idea behind the Metaverse proposition is to create an immersive digital place that duplicates reality without physical constraints. Nevertheless, that doesn’t necessarily imply that real-world rules don’t apply in the Metaverse. Paraphrasing an iconic Morpheus quote from The Matrix, “some rules can be bent, others can be broken”, and even when the laws of physics may not apply, that most certainly won’t be the case of intellectual property rules and other regulatory frameworks. Governance challenges arise in similar ways to those already existing around the Internet, only to be enhanced by the invasive and intimate nature of this immersive technology with sensors and devices connected close to the body and extracting biometric sensitive data, -like eye-tracking devices-, that is ripe for abuse. Digital wellbeing and the effects of virtual embodiment representations should be carefully considered.

The Matrix, one of the cornerstones of simulation narratives.

Adding to that, the fact that it will be a privatized playground, with the potential to construct inferences by statistical mining; and the use of generative artificial intelligence paired with biometric data raises high privacy and self-determination concerns, in an ecosystem that could further lead to reinforcing tech- solipsism tendencies.

Even with strong contenders like Minecraft, Roblox, or Fortnite, that already have a huge player base and infrastructure to become aspiring Metaverses, the fact remains that there is still none that can claim the title. In the meanwhile, digital rights communities, academics, and policymakers should remain vigilant, and engage in this brave, new, virtual world.

(Note: This article is an excerpt of a forthcoming paper on the Metaverse and its governance).

The Metaverse: A brave, new (virtual) world was originally published in Berkman Klein Center Collection on Medium, where people are continuing the conversation by highlighting and responding to this story.


Good ID

Announcing the FIDO Developer Challenge for Developers Across the Globe

By Joon Hyuk Lee, APAC Market Development Director, FIDO Alliance Welcome to the Challenge The FIDO Alliance is pleased to announce our first global FIDO Developer Challenge, where participating developer […] The post Announcing the FIDO Developer Challenge for Developers Across the Globe appeared first on FIDO Alliance.

By Joon Hyuk Lee, APAC Market Development Director, FIDO Alliance

Welcome to the Challenge

The FIDO Alliance is pleased to announce our first global FIDO Developer Challenge, where participating developer teams will create and demonstrate compelling and innovative applications leveraging FIDO standards and technologies. Prior challenges based in Korea over the past two years proved to be very successful and  we are now pleased to expand this program globally.

FIDO has come a long way since the Alliance’s inception in 2012, going from a whiteboard concept to a core technology supported by billions of consumer devices worldwide.  With over 85% of browsers now supporting FIDO Authentication, now is the time for web developers to ditch password-based logins in favor of FIDO’s approach, which provides a superior user experience and prevents phishing and other computer hacks. We are looking forward to seeing the selection  of implementations the developer community comes up with this year, leveraging the public FIDO2 WebAuthn API to bring FIDO Authentications to websites and services.  

Projects we are looking for 

We are looking for projects that address a technical or social challenge in today’s world. There is no limit on the development ideas, but we expect implementation of FIDO Authentication to take place in various fields such as Fintech, eCommerce, IoT, retail, blockchain, gaming and education. Samples from the previous regional challenge include projects like FIDO-based IoT storage services for low-income families, FIDO-based drone platforms, FIDO-based smart home security systems, FIDO- and DID-based smart health insurance card services and a FIDO-based passwordless WiFi router control system. We are happy to expand this year’s program globally to attract even more innovative ideas to solve technical and social challenges.

The process

The FIDO Developer Challenge takes place in a virtual format and focuses on implementation of the FIDO2 WebAuthn API. The Challenge is open to students, individual developers, and pre-seed stage venture companies only.

Our website contains all the details on how to participate in the FIDO Developer Challenge. Here are a few milestones we are looking forward to:  

We will be accepting applications until July 2. Upon receiving applications from all over the world, we will do the initial screenings and announce the top 20 teams within two weeks of the application submission deadline.   Then, we will invite 20 teams to implement the FIDO2 WebAuthn API in their inventions, online services or products. The teams that successfully implement FIDO2 will be invited to the final evaluation step, where they will give an online presentation and demo. They will also  participate in a Q&A with our judges. The judges will select the top three teams, all of which will be featured in a session at our Authenticate conference (Oct 18-20 in Seattle, WA; USA), with the winner being offered the opportunity to attend with all their expenses paid by the FIDO Alliance.  

Prizes and opportunities

In addition to exposure at Authenticate, the top three teams will receive prizes from FIDO members, awarded public recognition, and the unique opportunity to share their business vision with panels of early-stage investors. More details can be found on the Challenge website. 

We encourage you to think outside the box, considering new experiences and benefits that FIDO can bring to users and developers alike. Best of luck to you all. We cannot wait to see your submissions!

For more information visit https://fidoalliance.org/fido-developer-challenge/

The post Announcing the FIDO Developer Challenge for Developers Across the Globe appeared first on FIDO Alliance.


Own Your Data Weekly Digest

MyData Weekly Digest for June 11th, 2021

Read in this week's digest about: 6 posts, 1 question, 2 Tools
Read in this week's digest about: 6 posts, 1 question, 2 Tools

Thursday, 10. June 2021

Me2B Alliance

Shedding Light on Dark Patterns

New Presentation Available on Dark Patterns and Digital Harms. Watch Video >

Shedding Light on Dark Patterns

Me2B Alliance’s Head of Validation Research, Noreen Whysel, recently presented “Shedding Light on Dark Patterns: A Case Study in Digital Harms,” at the 2021 Information Architecture Conference.

Me2B Alliance’s Head of Validation Research, Noreen Whysel, recently presented “Shedding Light on Dark Patterns: A Case Study in Digital Harms,” at the 2021 Information Architecture Conference. Whysel’s presentation was aimed at the digital creators in attendance. These designers, developers and product managers are responsible for developing technology products, and thus may perpetuate harmful or disrespectful patterns. Social media companies designing addictive apps – on purpose – is an extreme example of this.  

Whysel began the talk by describing the Me2B Alliance’s approach to respectful technology behavior and her contribution to our standards development and independent testing work.  She then introduced the product integrity framework based on the Me2B Alliance’s Respectful Technology Specification, currently in development. The Specification incorporates routine information architecture heuristics and prioritizes clear communication with users – especially regarding their control over what they do and share, as well as what data may be collected from them. Whysel’s presentation included examples of digital harms known as “dark patterns.” She also encouraged the audience to rethink the labels themselves, asking, “is calling it a ‘Dark Pattern’ itself a dark pattern?” — pointing out the inherent racism of describing negative things as dark. She closed with advice on how to work with digital creators to avoid harmful patterns and create a path toward healthy technology relationships. 

WATCH PRESENTATION

Oasis Open

A revival at the intersection of open source and open standards

Our world has big problems to solve, and something desperately needed in that pursuit is the open-source and open-standards communities working together. See the complete article by Guy Martin, the Executive Director of OASIS Open, with input from Chris Ferris, IBM Distinguished Engineer, in Tech Crunch. The post A revival at the intersection of open source and open standards appeared first on O

Tech Crunch features article by Guy Martin, OASIS Executive Director

Our world has big problems to solve, and something desperately needed in that pursuit is the open-source and open-standards communities working together. See the complete article by Guy Martin, the Executive Director of OASIS Open, with input from Chris Ferris, IBM Distinguished Engineer, in Tech Crunch.

The post A revival at the intersection of open source and open standards appeared first on OASIS Open.


Human Colossus Foundation

Linux Foundation Public Health introduces the Global COVID Certificate Network to operationalize the Good Health Pass Interoperability Blueprint

After more than a year of pandemic restrictions that resulted in a greater than 70% decline in travel and tourism activity, health status exchange to enable economies and borders to reopen has generated a heated debate at the interface of public health, personal freedom, and economic imperatives. To provide a collaborative roadmap to address some of the critical interoperability challenges, th

June 10, 2021, Geneva Switzerland: After more than a year of pandemic restrictions, resulting in a greater than 70% decline in travel and tourism activity, health status exchange will enable economies and borders to reopen. On February 9th, 2021, the Good Health Pass Collaborative (GHPC) was launched to build an interoperable bridge blueprint to accommodate varying standards-based health credential formats, driven by disparate governing authorities to serve the complex travel industry.

To implement a subset of its recommendations, on June 8th, 2021, Linux Foundation Public Health (LFPH) announced the facilitation of the Global COVID Certificate Network (GCCN), a network of expert collaborators to facilitate trust building and interoperable exchange of COVID certificates for safe reopening of borders globally by operationalizing the Good Health Pass Interoperability Blueprint.

“The first wave of apps for proving one’s COVID status did not allow that proof to be shown beyond a single state or nation, did not avoid vendor lock-in, and did not distinguish between rich health data and simple passes. The Blueprint gives this industry a way to solve those issues while meeting a high bar for privacy and integrity, and GCCN turns those plans into action.”

Brian Behlendorf, General Manager for Blockchain, Healthcare and Identity at the Linux Foundation

 

Good Health Pass Collaborative (GHPC) Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit

[Official GHPC press release here]

As a global multi-sector initiative to establish guiding principles for digital health passes while streamlining the standards development process, GHPC grew from 25 partners to more than 125 companies and organizations from across the health, travel, and technology sectors within weeks. 

Initiated by leaders from the ID2020 Alliance, a collaborative effort was launched to produce the Good Health Pass Interoperability Blueprint. The Blueprint addresses – in considerable depth and detail – nine technical and interoperability challenges around which global consensus must be reached: 

Consistent User Experience

Security, Privacy, and Data Protection

Identity Binding

Standard Data Models and Elements

Credential Formats, Signatures, and Protocols 

Paper Credentials

Rules Engines

Trust Registries

Governance and Trust Frameworks

The nine drafting groups brought together more than 120 experts from the health, travel, and technology sectors, managed through a partnership with the Trust Over IP Foundation – a Linux Foundation project.

On June 7th, 2021, GHPC announced the release of their eagerly-anticipated Blueprint in draft form [download here] for three weeks of stakeholder consultations and public comments. The primary intention of the announcement was to stimulate discussion at the G7 Summit, which opens on Friday, June 11th, in Carbis Bay, Cornwall, UK.

Paul Knowles, Head of the Advisory Council at the Human Colossus Foundation, co-led the Standard Data Models and Elements drafting group, one of the nine interconnected GHPC drafting groups, to spearhead group recommendations on data elements, common models for data exchange, and semantic harmonization. The recommendations of that drafting group will help to enable data interoperability without putting any undue burden on existing health systems and workflows. 

Key recommendations from the Standard Data Models and Elements drafting group include:

Data elements. The drafting group specified standard data elements for three COVID-19 credentials —vaccination, test, and recovery— based on the European Commission’s eHealth Network recommendations. The group also defined data elements for a standard travel pass consisting of name, date of birth, and an event-specific status indicator; 

A common model for data exchange. To standardize and facilitate the exchange, sharing, and storing of data from multiple sources, the drafting group specified HL7 FHIR (release 4) as a common data model for COVID-19 credentialing initiatives to promote interoperability between systems that encode healthcare data in different ways.; and

Semantic harmonization. The final group recommendation was Overlays Capture Architecture (OCA) as a solution for semantic harmonization between data models and data representation formats, devised explicitly for data object interoperability, acting as a catalyst for standardized credential issuance in multiple languages.

“Digital health passes offer our best hope to safely, confidently, and promptly restore global travel and restart the global economy – but only if they are widely trusted and adopted by the public and universally accepted by airlines and border control agencies. The standards proposed in the Good Health Pass Interoperability Blueprint will make it possible for digital health pass systems around the world to be interoperable with one another, thus creating a trusted, convenient, and seamless experience for travellers as well as for airlines, airports, and border control agencies.”

Dakota Gruener, Executive Director, ID2020

“To allow international travel to resume safely, we must take every possible step to limit the spread of new Covid-19 variants. We urgently need an internationally-recognised system of health passes so that travellers can quickly and easily prove their health status, in a way that is secure and privacy-preserving. The Good Health Pass Collaborative is doing critical work to develop the standards we need to support this. Now political leaders need to lend their weight to this effort. The G7 group of nations should commit to establish a network of globally interoperable health passes, and set up the necessary working groups to deliver it.”

Tony Blair, Executive Chairman of Tony Blair Institute for Global Change and Former UK Prime Minister

 

Linux Foundation Public Health creates the Global COVID Certificate Network (GCCN)

[Official LFPH press release here | Official LFPH blog post here]

To implement a subset of its recommendations, on June 8th, 2021, LFPH announced the launch of GCCN, a network of expert collaborators to provide technical implementation guidance to operationalize the Blueprint. GCCN will include a global directory of trust registries to enable cross-border certificate verification, and be a home for toolkits and community-managed support for those building and managing COVID certificate systems. This next phase of implementation will help governments and public health authorities (PHAs) to build interoperable solutions respecting privacy with the aim to reopen international borders.

GCCN will implement a technological framework in a bid to enable citizens to move safely and freely across borders during the global COVID pandemic. The defined infrastructure hopes to allow interoperable and trustworthy exchanges of COVID certificates between countries for safe travel.

To knit together all of the necessary components and gain sufficient momentum behind the launch of GCCN, the network partners have focused on alignment with the EU Member States and other key organizations implementing COVID systems for governments and industry alliances.

“We are interested to learn about how LFPH is taking bold steps in creating the Global COVID Certificate Network in order to facilitate trust building and interoperability for safe borders reopening, since it still seems that there are many challenges and barriers to overcome, for example the need for a European eID agreement. The Science and Technology Options Assessment (STOA) Panel of the European Parliament (EP) is looking into the challenges that the pandemic has introduced, and also we explore potential technological solutions and their impact based on scientific data, credible sources of information and the respect of the European values. I look forward to the next steps of the LFPH that could provide us with more ideas and insights on strategies that enhance the use of a certificate in a safe way, and also to provide further technical options for the EU that could be adopted and could help and enable our system to work in a harmonised way. As soon as we achieve that, then we could immediately share the methodology to connect with the rest of the world and move to the new normal of our post COVID digital era, always in respect of the European charter for human rights and the regulation for privacy and personal data.”

Eva Kaili, MEP and Chair of the STOA Panel of the European Parliament

 

In this collaborative effort, The Human Colossus Foundation brings its expertise in the domain of decentralized semantics. With the aim to help jurisdictional (and sectoral) governance authorities to reopen international borders while respecting citizen privacy rights, we will continue to offer consultancy and implementation guidance on decentralized technologies across the inputs, semantic, and governance domains.

“A key consideration for international travel requirements is to enable the resolution of digital credentials in multiple languages. The Human Colossus Foundation will contribute to the Global COVID Certificate Network in the development of a transformation pipeline to enable semantic harmonization between the recommended HL7 FHIR (release 4) data model for data exchange and the implementation of OCA where linguistic overlays can support multi-language credentialing following the W3C Verifiable Credentials Data Model 1.0 standard."

Paul Knowles, Head of the Advisory Council, Human Colossus Foundation

 

GCCN has gained the initial support of government and industry implementation partners and technology experts that have committed to developing and moving the initiative forward.

Permalink


SelfKey Foundation

Buy KEY Using the Moonpay Integrated SelfKey Wallet

The article will help in guiding you on how to use the Moonpay integrated SelfKey Wallet to buy KEY tokens. The post Buy KEY Using the Moonpay Integrated SelfKey Wallet appeared first on SelfKey.

The article will help in guiding you on how to use the Moonpay integrated SelfKey Wallet to buy KEY tokens.

The post Buy KEY Using the Moonpay Integrated SelfKey Wallet appeared first on SelfKey.


Commercio

Blockchain Product Design = Design Thinking + Lean Startup + Agile

Blockchain Product Design = Design Thinking + Lean Startup + Agile Blockchain Product Design is a method that combines three known and respected approaches to addressing each of these stages: Design Thinking: empathize with users, define and ideate Lean Startup: turn ideas into business models and test if a market exists Agile: build and deliver product incrementally and faster through […] L'art

Blockchain Product Design = Design Thinking + Lean Startup + Agile

Blockchain Product Design is a method that combines three known and respected approaches to addressing each of these stages:

Design Thinking: empathize with users, define and ideate
Lean Startup: turn ideas into business models and test if a market exists
Agile: build and deliver product incrementally and faster through Agile processes.

Design Thinking (Problem/Solution fit)

Design Thinking is an interattive process in which we seek to understand the user’s problem, question assumptions, and redefine problems in order to create new Blockchain-based strategies and solutions. Unlike “Brainstorming”, Design Thinking promotes “Painstorming” to fully understand the user’s “pain” or problem.

The steps of Design Thinking are as follows:

Empathize with users.
Define users’ needs, their problems.
Ideate by questioning assumptions and creating innovative hypotheses.
Develop a Blockchain Proof of Concept (POC) of these solutions.

Design Thinking is a user-centered approach to innovation to integrate the needs of people, the possibilities of technology, and the requirements for business success.

Lean Startup (Product/Market fit)

Lean Startup is a methodology for business and product development that aims to shorten product development cycles and quickly discover whether a proposed business model is viable. This is achieved by adopting a combination of business hypothesis-driven experimentation, iterative product releases, and validated learning.

The steps of Lean Startup are as follows:

Create a business model based on the Blockchain problem and solution.
Test the solution and get feedback from customers.
Move interactively from a POC to the Blockchain. Minimum Viable Product by listening to customer feedback.
Understand if there is a market for this Blockchain Minimum Viable Product by finding paying customers/users.

Globally, 90% of startups fail (Forbes) and the main reason is market failure: “They make products no one wants”(Fortune). The Lean Startup methodology originated in Silicon Valley in the 1990s, but the use of the word “lean” has its roots in Toyota’s lean manufacturing system. Toyota’s lean manufacturing system was used to build things efficiently, but it doesn’t say what should be built.

Using the words of Eric Ries:

“Lean Startup provides a scientific approach to creating and managing startups and getting the desired product into the hands of customers faster. It is a principled approach to new product development.”

Agile (scale)

Agile is a scalable way of working, based on iterative development, incremental delivery and continuous re-evaluation of a product. Primarily used in software development, it is based on a clear idea of the product concept and its market. Unlike the idea of focusing on a set of features to be developed, Agile focuses on high-value features first.

Agile is about producing tangible, working results after each iteration. According to the twelve principles of the Agile Manifesto, “Working software is the primary measure of progress.”

 

L'articolo Blockchain Product Design = Design Thinking + Lean Startup + Agile sembra essere il primo su commercio.network.

Wednesday, 09. June 2021

Velocity Network

Global Background Verification & The Changing World Of Screening

Guy Abramo, President & CEO of HireRight, recently spoke at the “Powering Up the European Banking Workforce" event hosted by the Velocity Network. Read more about Guy's experience and why is here to embrace verifiable credentials and the Internet of Careers®! The post Global Background Verification & The Changing World Of Screening appeared first on Velocity.

Elastos Foundation

New DID Sidechain Slated to go Live June 18

...

Oasis Open

Invitation to comment on OSLC Core V3.0 and OSLC Query V3.0 before call for consent as OASIS Standard – ends August 8th

Two new Project Specifications from the OSLC Open Project start the 60-day public review that precedes the call for consent as an OASIS Standard. The post Invitation to comment on OSLC Core V3.0 and OSLC Query V3.0 before call for consent as OASIS Standard – ends August 8th appeared first on OASIS Open.

Two new Project Specifications from the OSLC Open Project start the 60-day public review that precedes the call for consent as an OASIS Standard. 

OASIS and the Open Services for Lifecycle Collaboration (OSLC) Open Project [1] are pleased to announce that OSLC Core Version 3.0 and OSLC Query Version 3.0 are now available for public review and comment.

The OSLC (Open Services for Lifecycle Collaboration) initiative applies Linked Data principles, such as those defined in the W3C Linked Data Platform (LDP), to create a cohesive set of specifications that can enable products, services, and other distributed network resources to interoperate successfully.

OSLC Core defines the overall approach to Open Services for Lifecycle Collaboration based specifications and capabilities that extend and complement the W3C Linked Data Platform. The OP received 3 Statements of Use from KTH Royal Institute of Technology, SodiusWillert, and IBM [2].

OSLC Query provides a mechanism for a client to query or search for RDF resources that match a given criteria. The response to a successful query includes the RDF of a query result container that references the member resources found by the query, and optionally includes selected properties of each member resource. The OP has received 3 Statements of Use from KTH Royal Institute of Technology, Koneksys, and IBM [3].

The candidate specifications and related files are available here:

OSLC Core Version 3.0.
Project Specification 02
23 April 2021

Part 1: Overview

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/oslc-core.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/oslc-core.pdf

Part 2: Discovery

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/discovery.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/discovery.pdf

Part 3: Resource Preview

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/resource-preview.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/resource-preview.pdf

Part 4: Delegated Dialogs

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/dialogs.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/dialogs.pdf

Part 5: Attachments

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/attachments.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/attachments.pdf

Part 6: Resource Shape

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/resource-shape.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/resource-shape.pdf

Part 7: Vocabulary

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/core-vocab.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/core-vocab.pdf

Part 8: Constraints

HTML:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/core-shapes.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/core-shapes.pdf

Machine Readable Vocabulary Terms
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/core-vocab.ttl

Machine Readable Constraints
https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/core-shapes.ttl

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:

https://docs.oasis-open-projects.org/oslc-op/core/v3.0/ps02/core-v3.0-ps02.zip

OSLC Query Version 3.0
Project Specification 01
01 October 2020

HTML:
https://docs.oasis-open-projects.org/oslc-op/query/v3.0/ps01/oslc-query.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/query/v3.0/ps01/oslc-query.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:

http://docs.oasis-open-projects.org/oslc-op/query/v3.0/ps01/query-v3.0-ps01.zip

Public Review Period

The 60-day public review starts 10 June 2021 at 00:00 UTC and ends 08 August 2021 at 23:59 UTC.

This is an open invitation to comment. OASIS solicits feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

Comments may be submitted to the OP via the project mailing list at oslc-op@lists.oasis-open-projects.org. To subscribe, send an empty email to oslc-op+subscribe@lists.oasis-open-projects.org and reply to the confirmation email.

Please append the hashtag #publicreview to the end of the subject line of your message.

All emails to the OP are publicly archived and can be viewed at:

https://lists.oasis-open-projects.org/g/oslc-op/topics

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the OP members. In connection with this public review of OSLC Core V3.0 and OSLC Query V3.0, we call your attention to the open source licenses applicable to the work [4]. All members of the OP should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information

[1] Open Services for Lifecycle Collaboration (OSLC) Open
Project

https://open-services.net/

GitHub organization: https://github.com/oslc-op

[2] OSLC Core V3.0 statements of use

KTH Royal Institute of Technology:

https://lists.oasis-open-projects.org/g/oslc-op/message/526

Sodius Willert:

https://lists.oasis-open-projects.org/g/oslc-op/message/530

IBM:

https://lists.oasis-open-projects.org/g/oslc-op/message/567

[3] OSLC Query V3.0 statements of use

KTH Royal Institute of Technology:
https://lists.oasis-open-projects.org/g/oslc-op/message/526 Koneksys:
https://lists.oasis-open-projects.org/g/oslc-op/message/519 IBM:
https://lists.oasis-open-projects.org/g/oslc-op/message/567

[4] https://github.com/oslc-op/oslc-admin/blob/master/LICENSE.md

The post Invitation to comment on OSLC Core V3.0 and OSLC Query V3.0 before call for consent as OASIS Standard – ends August 8th appeared first on OASIS Open.

Tuesday, 08. June 2021

OpenID

2021 OpenID Foundation New Corporate Member Representative Election Results

Thank you to all Corporate members who voted in the new 2021 OpenID Foundation Corporate Member Representative election. Each year, Corporate members of the OpenID Foundation elect a member to represent them on the board. Ashish Jain was elected by Corporate members during the 2021 elections that were conducted in January 2021. Ashish was at […] The post 2021 OpenID Foundation New Corporate Membe

Thank you to all Corporate members who voted in the new 2021 OpenID Foundation Corporate Member Representative election.

Each year, Corporate members of the OpenID Foundation elect a member to represent them on the board. Ashish Jain was elected by Corporate members during the 2021 elections that were conducted in January 2021. Ashish was at eBay at the time of his nomination and being elected but soon after left eBay and joined Arkose Labs at Chief Product Officer. Arkose Labs then joined the Foundation.

The Foundation’s bylaws Section 5.4(e) provides that vacancies in the Board of Directors “(e) of a corporate director due to the resignation … of such director, shall be filled in an election by the corporate members …”

Per the bylaws, the Foundation conducted a new election with a request for nominations. All Corporate members were eligible to nominate and vote for candidates with Ashish Jain and Dale Olds with VMware nominating themselves for this new election.

I am very pleased to welcome Ashish Jain, Chief Product Officer at Arkose Labs, to the Board as Corporate Member Representative. Ashish served on the Foundation board in the past and has been a contributor over the years.

I would like to thank Dale Olds of VMware, for his continued support of the Foundation and participating in this most recent election. Dale served as the Corporate Member Representative for the last few years and like so many in our community, I appreciate his contributions to the Foundation and the community at large.

I want to thank all Foundation board of directors for their service and contributions to the OpenID Foundation.

 

Gail Hodges
Executive Director
OpenID Foundation

The post 2021 OpenID Foundation New Corporate Member Representative Election Results first appeared on OpenID.

Monday, 07. June 2021

Me2B Alliance

Digital Harms Dictionary 2.0

Check out the updated Digital Harms Dictionary now including legislation for each harm >

OpenID

Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification

The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification: OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0 A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the specifica

The OpenID MODRNA Working Group recommends approval of the following specification as an OpenID Final Specification:

OpenID Connect Client-Initiated Backchannel Authentication Flow – Core 1.0

A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision. This note starts the 60-day public review period for the specification draft in accordance with the OpenID Foundation IPR policies and procedures. Unless issues are identified during the review that the working group believes must be addressed by revising the draft, this review period will be followed by a seven-day voting period during which OpenID Foundation members will vote on whether to approve this draft as an OpenID Final Specification. For the convenience of members, voting will actually begin a week before the start of the official voting period, for members who have completed their reviews by then.

The relevant dates are:

Final Specification public review period: Monday, June 7, 2021 to Friday, August 6, 2021 (60 days) Final Specification vote announcement: Saturday, July 24, 2021 Final Specification voting period: Saturday, August 7, 2021 to Saturday, August 14, 2021 (7 days)*

* Note: Early voting before the start of the formal voting will be allowed.

The MODRNA working group page is https://openid.net/wg/mobile/. Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration. If you’re not a current OpenID Foundation member, please consider joining to participate in the approval vote.

You can send feedback on the specification in a way that enables the working group to act upon it by (1) signing the contribution agreement at https://openid.net/intellectual-property/ to join the working group (please specify that you are joining the “MODRNA” working group on your contribution agreement), (2) joining the working group mailing list at https://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile, and (3) sending your feedback to the list.

The post Public Review Period for Proposed Final OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core Specification first appeared on OpenID.

ID2020

Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7…

Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit In an effort to restore global travel and restart the global economy, the Good Health Pass Collaborative today announced the release of the eagerly-anticipated Good Health Pass Interoperability Blueprint. The Blueprint — released today in draft form for a three-week period of stakeholde
Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit

In an effort to restore global travel and restart the global economy, the Good Health Pass Collaborative today announced the release of the eagerly-anticipated Good Health Pass Interoperability Blueprint.

The Blueprint — released today in draft form for a three-week period of stakeholder consultations and public comment — is intended to stimulate discussion at the G7 Summit, which will open Friday in Carbis Bay, Cornwall, UK.

This announcement follows on the heels of a May 18 letter, sent by the Good Health Pass Collaborative to G7 leaders, urging them to adopt a statement of principles for digital health passes. The letter also called for the formation of a working group — composed of senior ministerial staff from G7, G20, and European Union health and transport ministries — with the task of reaching an international consensus on standards by July 16.

Unprecedented global collaboration — between governments, nonprofits, universities, and the private sector — propelled the rapid development and distribution of highly effective COVID vaccines. A similar level of collaboration is urgently needed to ensure that verifiable digital health passes for international travel can be issued and universally accepted worldwide by airlines, border control agencies, and others.

Most governments already require proof of travelers’ COVID status — either through a recent negative test or, increasingly, proof of vaccination– as a precondition of entry. While dozens of solutions have been rushed to market to meet this growing demand, they vary greatly in the extent to which they protect user privacy and security and enable individuals to control access to their personal health information.

The absence of internationally recognized, consensus-based open standards — to which all solutions adhere — could leave individuals uncertain about the security and privacy of their data and even unsure of whether their health pass will be accepted for travel.

“Digital health passes offer our best hope to safely, confidently, and promptly restore global travel and restart the global economy — but only if they are widely trusted and adopted by the public and universally accepted by airlines and border control agencies,” said ID2020 executive director, Dakota Gruener. “The standards proposed in the Good Health Pass Interoperability Blueprint will make it possible for digital health pass systems around the world to be interoperable with one another, thus creating a trusted, convenient, and seamless experience for travelers as well as for airlines, airports, and border control agencies.”

Restoring international travel is vital to restarting the global economy. The World Travel and Tourism Council estimates that 61.6 million tourism-related jobs worldwide have been lost as a result of the pandemic. In 2020, travel and tourism contributions to global GDP decreased by 49.1%, a loss of $4.5 trillion (USD), nearly 18 times the impact experienced during the 2009 global financial crisis.

Under normal circumstances, it would take years to develop standards for digital health passes.

In February, ID2020 launched the Good Health Pass Collaborative, a multi-sector, global initiative to establish guiding principles for digital health passes and dramatically streamline the standards development process. Within weeks, the Collaborative grew from 25 partners to more than 125 companies and organizations from across the health, travel, and technology sectors.

Nine “drafting groups”, bringing together more than 120 experts from the health, travel, and technology sectors were managed through a partnership with the Trust Over IP Foundation the Covid-19 Credentials Initiative and Linux Foundation Public Health — all projects of the Linux Foundation.

The resulting Good Health Pass Interoperability Blueprint addresses — in considerable depth and detail — nine technical and interoperability challenges around which global consensus must be reached:

Design principles Creating a consistent user experience Standard data models and elements Credential formats, signatures, and exchange protocols Security, privacy, and data protection Trust registries Rules engines Identity binding (ensuring the authenticity of the holder) Governance
“This draft blueprint is historic, both in its depth and breadth of proposed standards, as well as the number of expert volunteers who contributed their time to its development,’’ said Gruener. “When we partnered with the Trust Over IP Foundation, we committed to an open and inclusive process. Releasing the draft for public comment today takes that commitment a step further. We felt this was incredibly important, given the range of public and private entities expected to play a role in the issuance and acceptance of digital health passes and the need to build public trust and support their adoption.”

The UK government — in its capacity as president of the G7 — has identified “leading the global recovery from coronavirus, while strengthening our resilience against further pandemic” as the highest policy priority for this 47th G7 Summit. International agreement on principles and standards for digital health passes is critical to achieving this policy priority.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and implementation of user-managed, privacy-protecting, and portable digital ID solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implementation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights while ensuring data remains private and in the hands of the individual.

www.id2020.org


OpenID

Public Review Period for Two Proposed SSE Implementer’s Drafts

The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note star

The OpenID Shared Signals and Events (SSE) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts:

OpenID Shared Signals and Events Framework Specification OpenID Continuous Access Evaluation Profile

An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period for the specification drafts in accordance with the OpenID Foundation IPR policies and procedures. Unless issues are identified during the review that the working group believes must be addressed by revising the drafts, this review period will be followed by a seven-day voting period during which OpenID Foundation members will vote on whether to approve these drafts as OpenID Implementer’s Drafts. For the convenience of members, voting will actually begin a week before the start of the official voting period.

The relevant dates are:

Implementer’s Drafts public review period: Monday, June 7, 2021 to Thursday, July 22, 2021 (45 days) Implementer’s Drafts vote announcement: Friday, July 9, 2021 Implementer’s Drafts voting period: Friday, July 23, 2021 to Friday, July 30, 2021 (7 days)*

* Note: Early voting before the start of the formal voting will be allowed.

The SSE working group page is https://openid.net/wg/sse/. Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration. If you’re not a current OpenID Foundation member, please consider joining to participate in the approval vote.

You can send feedback on the specifications in a way that enables the working group to act upon it by (1) signing the contribution agreement at https://openid.net/intellectual-property/ to join the working group (please specify that you are joining the “SSE” working group on your contribution agreement), (2) joining the working group mailing list at https://lists.openid.net/mailman/listinfo/openid-specs-risc, and (3) sending your feedback to the list.

Note that the originally posted -00 drafts were replaced with updated -01 drafts on Wednesday, June 9, 2021 to correct some editorial issues discovered. No normative changes were made.

— Michael B. Jones – OpenID Foundation Board Secretary

The post Public Review Period for Two Proposed SSE Implementer’s Drafts first appeared on OpenID.

Oasis Open

Call for Consent for OSLC Requirements Management V2.1 as OASIS Standard

Building on OSLC's Core Specification to define the resources, properties and operations to be supported by an OSLC Requirements Definition and Management server. The post Call for Consent for OSLC Requirements Management V2.1 as OASIS Standard appeared first on OASIS Open.

Second candidate for OASIS Standard put forward by the OSLC Open Project.

The OASIS Open Services for Lifecycle Collaboration (OSLC) OP members [1] have approved submitting the following Candidate OASIS Standard to the OASIS Membership in a call for consent for OASIS Standard:

OSLC Requirements Management Version 2.1
Project Specification 02
28 May 2021

This is a call to the primary or alternate representatives of OASIS Organizational Members to consent or object to this approval. You are welcome to register your consent explicitly on the ballot; however, your consent is assumed unless you register an objection [2]. To register an objection, you must:

Indicate your objection on this ballot, and Provide a reason for your objection and/or a proposed remedy to the OP.

You may provide the reason in the comment box or by email to the Open Project on its comment mailing list [2]. If you provide your reason by email, please indicate in the subject line that this is in regard to the Call for Consent. Note that failing to provide a reason and/or remedy may result in an objection being deemed invalid.

OASIS Open Services for Lifecycle Collaboration (OSLC) is an OASIS Open Project operating under the Open Project Rules [3]. Specifically, Requirements Management V2.1 has proceeded through the standards process defined in https://www.oasis-open.org/policies-guidelines/open-projects-process/#project-specifications and is presented for consideration as an OASIS Standard following the rules in https://www.oasis-open.org/policies-guidelines/open-projects-process/#oasis-standard-approval-external-submissions [4]. PS01 was produced with Non-Material Changes to correct errors reported during the 60-day public review. This was done in accordance with the procedures outlined in section 2.8.2 of the TC Process [5].

Details

The Call for Consent opens at 08 June 2021 00:00 UTC and closes on 21 June 2021 23:59 pm timezone. You can access the ballot at:

Internal link for voting members: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=3629

Publicly visible link: https://www.oasis-open.org/committees/ballot.php?id=3629

OASIS members should ensure that their organization’s voting representative responds according to the organization’s wishes. If you do not know the name of your organization’s voting representative is, go to the My Account page at

http://www.oasis-open.org/members/user_tools

then click the link for your Company (at the top of the page) and review the list of users for the name designated as “Primary”.

Information about the candidate OASIS Standard and the OSLC Open Project

The OSLC initiative applies Linked Data principles, such as those defined in the W3C Linked Data Platform (LDP), to create a cohesive set of specifications that can enable products, services, and other distributed network resources to interoperate successfully.

Requirements Management V2.1 builds on OSLC’s Core Specification to define the resources, properties and operations to be supported by an OSLC Requirements Definition and Management server.

The OP received 3 Statements of Use from SodiusWillert, IBM, and KTH Royal Institute of Technology [6].

URIs
The prose specification document and related files are available here:

Part 1: Specification

HTML:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-spec.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-spec.pdf

Part 2: Vocabulary

HTML:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-vocab.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-vocab.pdf

Part 3: Constraints

HTML:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-shapes.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-shapes.pdf

Requirements Management Vocabulary definitions file:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-vocab.ttl Requirements Management Resource Shape Constraints definitions file:
https://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/requirements-management-shapes.ttl Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specifications and related files in a ZIP distribution file. You can download the ZIP file here:


http://docs.oasis-open-projects.org/oslc-op/rm/v2.1/ps02/rm-v2.1-ps02.zip

Additional information

[1] OASIS Open Services for Lifecycle Collaboration (OSLC) OP
https://open-services.net

OP IPR page
https://github.com/oasis-open-projects/administration/blob/master/IPR_STATEMENTS.md#oslc

[2] Comments may be submitted to the OP via the project mailing list at oslc-op@lists.oasis-open-projects.org. To subscribe, send an empty email to oslc-op+subscribe@lists.oasis-open-projects.org and reply to the confirmation email.

All emails to the OP are publicly archived and can be viewed at https://lists.oasis-open-projects.org/g/oslc-op/topics

[3] Open Project Rules
https://www.oasis-open.org/policies-guidelines/open-projects-process/

[4] Timeline Summary:

PS02, revised with non-material changes, approved for submission as a candidate for OASIS Standard 21 May 2021: https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/143 and correction https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/146 PS01 submitted for 60 day public review, 09 March 2021: https://lists.oasis-open-projects.org/g/oslc-op/message/483 PS01 approved as a candidate for OASIS Standard 05 March 2021: https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/115 Project Specification 01 approved 03 September 2020: https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/72 Project Specification Draft 02 approved 01 October 2019: https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/40

[5] https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26/#OSpublicRev.

[6] Statements of Use:

SodiusWillert :
https://lists.oasis-open-projects.org/g/oslc-op/message/420 IBM:
https://lists.oasis-open-projects.org/g/oslc-op/message/426 KTH Royal Institute of Technology
https://lists.oasis-open-projects.org/g/oslc-op/message/413

The post Call for Consent for OSLC Requirements Management V2.1 as OASIS Standard appeared first on OASIS Open.


Commercio

The three phases of development of a Blockchain project on Commercio.network

The three phases of development of a Blockchain project on Commercio.network The process is divided into three distinct macro phases that must answer three specific questions. 1) Problem/Solution Fit Phase Do I have a problem that can be solved with a Blockchain solution? Before you invest months or years in efforts to build a Blockchain project that no one wants, […] L'articolo The three phases

The three phases of development of a Blockchain project on Commercio.network

The process is divided into three distinct macro phases that must answer three specific questions.

1) Problem/Solution Fit Phase Do I have a problem that can be solved with a Blockchain solution?
Before you invest months or years in efforts to build a Blockchain project that no one wants, you need to determine if this product is something worth building. The only way to do this is to separate the problem from the solution and calibrate both through a series of interactions with potential customers. Problem Testing allows you to understand if you have a “problem worth solving” on your hands long before you invest the time, money and effort to set out to build a solution. In business circles, a “worthy problem” means someone can spend money to see it solved. Having reached this point, it is possible to determine the minimum number of features our Blockchain product must have to solve the problem and move on to the first draft of the solution, creating a Proof of Concept (POC).

2) Product/Market Fit Phase Have I built something that people want?
As soon as you find a problem worth solving and after developing the Proof of Concept, you need to create a business model hypothesis based on this problem/solution. You can start the learning process by going to customers/users to test how well your Blockchain solution solves the problem. After several customer interactions, you progressively move from POC to Minimum Viable Product (MVP). The essence of this phase is to maximize this type of learning. Achieving traction (i.e. finding a crossover between the product and the market) is the first significant milestone for a Blockchain project.

3) Scaling Phase How can I accelerate growth?
After finding the Product and Market intersection, achieving a decent level of success is almost always guaranteed. The focus in this final phase shifts to accelerating the business actions that lead to company growth (scaling).

 

L'articolo The three phases of development of a Blockchain project on Commercio.network sembra essere il primo su commercio.network.


Trust over IP

Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit

In an effort to restore global travel and restart the global economy, the Good Health Pass Collaborative today announced the release of the eagerly-anticipated Good Health Pass Interoperability Blueprint. The... The post Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit appeared first on Trust Over IP.

In an effort to restore global travel and restart the global economy, the Good Health Pass Collaborative today announced the release of the eagerly-anticipated Good Health Pass Interoperability Blueprint.

The Blueprint – released today in draft form for a three-week period of stakeholder consultations and public comment – is intended to stimulate discussion at the G7 Summit, which will open Friday in Carbis Bay, Cornwall, UK.

This announcement follows on a May 18 letter, sent by the Good Health Pass Collaborative to G7 leaders, urging them to adopt a statement of principles for digital health passes. The letter also called for the formation of a working group – composed of senior ministerial staff from G7, G20, and European Union health and transport ministries – with the task of reaching international consensus on standards by July 16.

Unprecedented global collaboration – between governments, nonprofits, universities, and the private sector – propelled the rapid development and distribution of highly effective COVID vaccines. A similar level of collaboration is urgently needed to ensure that verifiable digital health passes for international travel can be issued and universally accepted worldwide by airlines, border control agencies, and others.

Most governments already require proof of travelers’ COVID status – either through a recent negative test or, increasingly, proof of vaccination– as a precondition of entry. While dozens of solutions have been rushed to market to meet this growing demand, they vary greatly in the extent to which they protect user privacy and security and enable individuals to control access to their personal health information.

The absence of internationally recognized, consensus-based open standards – to which all solutions adhere – could leave individuals uncertain about the security and privacy of their data and even unsure of whether their health pass will be accepted for travel.

“Digital health passes offer our best hope to safely, confidently, and promptly restore global travel and restart the global economy – but only if they are widely trusted and adopted by the public and universally accepted by airlines and border control agencies,” said ID2020 executive director, Dakota Gruener. “The standards proposed in the Good Health Pass Interoperability Blueprint will make it possible for digital health pass systems around the world to be interoperable with one another, thus creating a trusted, convenient, and seamless experience for travelers as well as for airlines, airports, and border control agencies.”

Restoring international travel is vital to restarting the global economy. The World Travel and Tourism Council estimates that 61.6 million tourism-related jobs worldwide have been lost as a result of the pandemic. In 2020, travel and tourism contributions to global GDP decreased by 49.1%, a loss of $4.5 trillion (USD), nearly 18 times the impact experienced during the 2009 global financial crisis.

Under normal circumstances, it would take years to develop standards for digital health passes.

In February, ID2020 launched the Good Health Pass Collaborative, a multi-sector, global initiative to establish guiding principles for digital health passes and dramatically streamline the standards development process. Within weeks, the Collaborative grew from 25 partners to more than 125 companies and organizations from across the health, travel, and technology sectors.

Nine “drafting groups”, bringing together more than 120 experts from the health, travel, and technology sectors were managed through a partnership with the Trust Over IP Foundation the Covid-19 Credentials Initiative and Linux Foundation Public Health – all projects of the Linux Foundation.

The resulting Good Health Pass Interoperability Blueprint addresses – in considerable depth and detail – nine technical and interoperability challenges around which global consensus must be reached:

Design principles Creating a consistent user experience Standard data models and elements Credential formats, signatures, and exchange protocols Security, privacy, and data protection Trust registries Rules engines Identity binding (ensuring the authenticity of the holder) Governance

“This draft blueprint is historic, both in its depth and breadth of proposed standards, as well as the number of expert volunteers who contributed their time to its development,” said Gruener. “When we partnered with the Trust Over IP Foundation, we committed to an open and inclusive process. Releasing the draft for public comment today takes that commitment a step further. We felt this was incredibly important, given the range of public and private entities expected to play a role in the issuance and acceptance of digital health passes and the need to build public trust and support their adoption.”

The UK government – in its capacity as president of the G7 – has identified “leading the global recovery from coronavirus, while strengthening our resilience against further pandemic” as the highest policy priority for this 47th G7 Summit. International agreement on principles and standards for digital health passes are critical to achieving this policy priority.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and implementation of user-managed, privacy-protecting and portable digital ID solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implementation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights, while ensuring data remains private and in the hands of the individual. www.id2020.org

 

The post Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit appeared first on Trust Over IP.


DIF Blog

🚀DIF Monthly #19 (June, 2021)

📯  Between Good Health Pass work, WACI-PEx, and lots of OIDF activity, there has been more prototyping and less discussion than average this month, but there are plenty of announcements just around the corner: not one but two new working groups at DIF, lessons from WACI-PEx being folded back

📯  Between Good Health Pass work, WACI-PEx, and lots of OIDF activity, there has been more prototyping and less discussion than average this month, but there are plenty of announcements just around the corner: not one but two new working groups at DIF, lessons from WACI-PEx being folded back into its source protocols, the European Commission releasing more technical details about its next steps, and much more.

Table of contents Group Updates; 2. Member Updates; 3. Funding; 4. Members; 5. Jobs; 6. Metrics; 7. Join DIF 🚀 Foundation News DIF Communication Director.

DIF is looking for a part-time Communications director/manager to manage and coordinate DIF’s communications channels and overall messaging strategy.

Steering Committee Elections - results are in and ratified!

We had a strong number of candidates representing many faces of our growing decentralized identity community, and our first election according to the new election process went smoothly. The steering committee now consists of:

Kendra Bittner (Workday, US) Daniel Buchner (Microsoft, US) Juan Caballero (Spruce, US) Sam Curren (Indicio, US) Karyl Fowler (Transmute, US) Joachim Lohkamp (Jolocom, DE) Catherine Nabbala (Finema, TH) Markus Sabadello (DanubeTech, AT) Brent Zundel (Evernym, US) Wallet Security WG begins its work

After a long process of finding leadership, hammering out a charter, and defining an optimistic scope, the new transatlantic leadership is hammering out a tentative work plan and scope reductions to line up all the ducks. Public meetings have begun this week to include the whole working group in this discussion about deliverables and timelines. Stay tuned and register for the mailing list.

First public meeting of the Cryptography WG approaches

A younger group with a narrower scope has, in parallel, also been forming around cryptographic primitives and dependency analysis. Leadership has already been selected by consensus and the charter is being fine-tuned-- a charter DocuSign and a scheduling doodle might be ready for interested parties as soon as time of press for the next newsletter. Join the mailing list in the meantime if specifying cryptographic primitives across different tooling stacks sounds like a priority for your organization.

🛠️ Group Updates ☂️ InterOp WG (cross-community) Jace from Bloom gave us a tour of the WACI spec. Q&A about the v0.1 and v1 scopes for the WACI-PEx work item/draft spec, with Brent Zundel (work item maintainer) as respondent. Blogpost on Setting Interop Targets. IIW Review and discussion on the best sessions. All notes can be found here. iGrant presented on their Aries Interop Playground harness (for background, see this recording of an earlier presentation and Q&A about the Playground at a ToIP call) and Indy/AIP interop journey so far. 💡 Identifiers & Discovery Alen Horvat (AceBlock) is now co-chair of ID WG, replacing Sam Smith (KERI WG, Sovrin Foundation, ProSapien) who is stepping down to focus more on the new WG. New Special Work Item Calls DID Registration Work Item Call - Wednesdays 1000 ET Universal Resolver Work Item Call - Wednesdays 1300 ET Persistence and versioning of JSON-LD contexts, and implications on Linked Data Signatures. Data structures and other topics in the CCG's Universal Wallet Interop specification. Discussion of Fission (CA)'s proposed approach to DID resolution / discovery in signing up for an account / linking DIDs. Giving every user an end-to-end encrypted data store building on IPFS Fission-specific, human-readable user-account namespace for discovery and usability, with each account controlling a DID "under the hood" UNIVERSAL REGISTRAR - An Overview Issue: Onboarding/getting access to a DID registry is usually DID-registry-specific. Proposals: Consider the most frequent flows: Redirect to a webpage (authentication or other operations are performed outside the wallet) Authentication via API (some existing Universal Registrar drivers support this) Proposal should work for most DID methods (e.g., did:web, Sovrin, sidetree). A more detailed compatibility analysis is required. Outcomes: Proposals will be further analysed and discussed in the Universal Registration call. Issues will be opened in the Universal Registration repository Discussions about: Gataca's DID method. Historical resolution & different properties/categories of methods WRT historical options. DID revocation: historical signature retroactively invalidated or do they survive? 🛡️ Claims & Credentials Workitem Status: WACI-PEX - Breakneck specification/prototyping underway of a Presentation Exchange extension that would make a "minimum viable" cross-stack VC flow. See InteropWG section for scope/explanation. Workitem Status: PE (Maintenance) + Credential Manifest - monitoring developments in CM, WACI-PEx, OIDF, and Aries RFCs with an eye to next major version. Workitem Status: VC Marketplace Plug-fest idea to create a 6-8week sprint to prove the viability of the work-item Microsoft kicking off the first donation to a DIF Grant: Funding will support a refresh/upgrade of the JwtProof2020 signature suite and other dependencies of JWT libraries developed in and maintained in DIF. 🔓 DID Auth DIF-OIDF joint meetings - follow along on the bitbucket issues if the timing doesn't work for you! DID Chooser for SIOP. OIDC VPs draft document was ADOPTED by A/B Connect WG within OIDF, iterative evolution to follow (specifying grants, incl SIOPv2!) Other adjacent specs and documents such as Mattr/Convergence Cred Prov spec & Claims Aggregation spec (N. Sakimura's more general, accomodates VC+Other claims) also being worked on in parallel and aligned. Aligning VP draft and PresEx being actively discussed already - some good DIF involvement there for now - reach out if you want to support and get involved representing DIF! 📻 DID Comm Discussion on Keys By Value / ID issue. 191 XChaCha / Ethereum Compatible Key Wrapping - Oliver Sender Key/ID Encryption Keys by Value or By ID PRs 195 - anoncrypt warning/non-normative headsup. 185 - kid and skid headers. 172 - Fix inconsistencies with to/next attributes in a forwarded message. 161 - Attachments. 📦 Secure Data Storage Calls are alternating weekly between the two specifications: Identity Hubs and EDVs. EDV: Discussed PR to add option to get full documents from queries. Support was noted for a separate pagination proposal. History API for listing changes labelled ready for PR and some design decisions/resolutions taken Identity Hub: Review candidate issues for transfer; discuss DAG-JOSE and other implementation details around interfaces and encodings. 🔧 KERI Signature/Digest Algorithm Forward Compatibility. TEL Design Comparison - TELs can function as the KEL-equivalent for making a self-certifying VC and storing its auditable history, among other use-cases. Simplify Delegated Events using Hetero Attachments were created. Issues (among others): Omnibus changes to KERI events post-IIW; coming soon to KeriPy. Anchor field in inceptions. Simplified delegation also simplifies delegation exchange. 🌱 Sidetree Sidetree DID Type Registry approved during WG Call. DID Test Suite now has an Ion entry and an Orb entry!
* equivalentID and canonicalId and DIDComm Service Blocks all represented in DID-Core (no longer at risk?) outstanding issues: work items for specifying generalizable Orb primitive (like activity anchors) need to be spun up Activity Anchors (core to Orb but more generalized) - how to anchor things (not just Sidetree event digests) in ActivityPub and CAS (i.e. IPFS) Sidetree DID Type Registry - Daniel (https://github.com/decentralized-identity/sidetree/pull/1120/files) Next action: clarify how the type number is related to the Sidetree property value. ⚙️ Product Managers Presentation: "Open Badges and Verifiable Credentials: how to build the ecosystem." Discussed future topics to work on. What is the credential payload? (Keith can format presentation) Usability demos + conversations How do we make wallets accessible to everyone? How do I trust the issuer? What do interoperable ecosystems look like? Business Models for Respective Markets 💴 Finance & Banking SIG Invited speaker Nacho Alamillo Domingo from Alastria. 🏥 Healthcare SIG Hibernated until further notice. 🦄 Member Updates

DIF Associate members are encouraged to share tech-related news in this section. For more info, get in touch with operations.

Affinidi Affinidi's PoCathon 2021, a virtual hackathon for developing verifiable credential based applications concluded and the winners have been announced. Check out the 25+ Proofs of concepts that have been submitted by the participants in this link! Check out this article describing the similarities and differences between NFTs and VCs. 💰 Funding OSCAR HAS AN EMA

eSSIF LAB (EU) - Infrastructure-Oriented call

Infrastructure-Oriented Open Call, with grants of up to 155 000 € (9 months projects). The call is open to European innovators and focuses on the development and interop testing of open-source SSI components. Some examples of SSI components include Wallets, server proxies, revocation, cryptographic enforcer policies, integration, interoperability, compatibility, just to name a few. Please note the final-round deadline:  7th July 2021, 13:00 CET (Brussels local time).

Apply here

eSSIF LAB (EU) - First Business-oriented Call

Infrastructure-Oriented Open Call, with grants of up to 106 000 € . The call is open to European innovators and focuses on extending of the eSSIF-Lab basic infrastructure/architecture with business solutions that makes it easy for organizations to deploy and/or use SSI, reduce business risks, facilitate alignment of business information, etc. Please note the final-round deadline:  7th July 2021, 13:00 CET (Brussels local time).

Apply here

NGI Open Calls (EU)

Funding is allocated to projects using short research cycles targeting the most promising ideas. Each of the selected projects pursues its own objectives, while the NGI RIAs provide the program logic and vision, technical support, coaching and mentoring, to ensure that projects contribute towards a significant advancement of research and innovation in the NGI initiative. The focus is on advanced concepts and technologies that link to relevant use cases, and that can have an impact on the market and society overall. Applications and services that innovate without a research component are not covered by this model. Varying amounts of funding.

Learn more here.

🎈 Events

Identiverse 2021
June 21 - 23, 2021: Hybrid Experience
June 23 - July 2, 2021: Continued Experience

Check out the Agenda of Identiverse 2021! 💼 Jobs

Members of the Decentralized Identity Foundation are looking for:

Software engineer (remote) SDK developer (Berlin, DE)

Check out the available positions here.

🔢 Metrics

Newsletter: 4.55k subscribers | 31% opening rate
Twitter: 4.514 followers | 3.7k impressions | 1.75k profile visits
Website: 19.080 unique visitors

In the last 30 days.

🆔 Join DIF!

If you would like to get involved with DIF's work, please join us and start contributing.

Can't get enough of DIF?
follow us on Twitter
join us on GitHub
subscribe on YouTube
read us on our blog
or read the archives

Got any feedback regarding the newsletter?
Please let us know - we are eager to improve.

Friday, 04. June 2021

Elastos Foundation

Elastos Bi-Weekly Update – 04 June 2021

...

EdgeSecure

Enabling Rapid Deployment of Remote Education with Virtual Desktops

Enabling Rapid Deployment of Remote Education with Virtual Desktops.mp4 from Edge on Vimeo. The post Enabling Rapid Deployment of Remote Education with Virtual Desktops appeared first on NJEdge Inc.

Commercio

Blockchain project development: first question is blockchain needed ?

Blockchain project development: first question is blockchain needed ? When companies define strategies they often make a few missteps. They usually collect past data and make predictions about the future based on it, and often this same data doesn’t tell what future customers expect. Alternatively, they make risky bets based on gut instinct instead of evidence. Blockchain Product Design is […] L

Blockchain project development: first question is blockchain needed ?

When companies define strategies they often make a few missteps. They usually collect past data and make predictions about the future based on it, and often this same data doesn’t tell what future customers expect. Alternatively, they make risky bets based on gut instinct instead of evidence. Blockchain Product Design is a strategic process that seeks to avoid these mistakes through a series of methodologies applied by startups seeking a profitable, repeatable, and scalable business model.

The first and only universally valid rule is to build something that people want.

This means finding a problem for whose solution someone would be willing to pay something.

In our case, it’s important to understand whether the problem can be solved with Blockchain alone.

To understand this, we just need to answer six questions:

 

Do I need to register status? (True) (False) Are there multiple people who need to write data? (True) (False)  Do you NOT want/can you delegate to a single third party? (True) (False)  Are all the people writing data NOT known? (True) (False)  Are all people who write data NOT trusted? (True) (False)  Is public verification of all transactions required? (True) (False) 

If you answered False to any of these questions, there is no need for a Public Blockchain, at most a Federated or Private Blockchain.

Blockchain Product Design is a strategic process that employs three methodologies from the world of innovative design, the startup world, and the world of software development.

 

L'articolo Blockchain project development: first question is blockchain needed ? sembra essere il primo su commercio.network.


MyData

Guest post: The “Secure Platform” concept for Europe – a trusted and secure foundation for a human-centric digital world

Written by MyData Global member esatus AG With the steady acceleration of digital transformation, information technology has become an indispensable driver of societal well-being and is now omnipresent: whether we place an online order, follow a virtual business meeting or do our daily workout routine. Everywhere we leave traces of information about us, which means... Read More The post Gue

Written by MyData Global member esatus AG With the steady acceleration of digital transformation, information technology has become an indispensable driver of societal well-being and is now omnipresent: whether we place an online order, follow a virtual business meeting or do our daily workout routine. Everywhere we leave traces of information about us, which means...

Read More

The post Guest post: The “Secure Platform” concept for Europe – a trusted and secure foundation for a human-centric digital world appeared first on MyData.org.


Own Your Data Weekly Digest

MyData Weekly Digest for June 4th, 2021

Read in this week's digest about: 11 posts, 2 questions, 3 Tools
Read in this week's digest about: 11 posts, 2 questions, 3 Tools

Wednesday, 02. June 2021

EdgeSecure

Your Future Dream Assignment as a Technical Support Specialist is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment as a Technical Support Specialist is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment as a Technical Support Specialist is Currently in Development. appeared first on NJEdge Inc.


Your Future Dream Assignment as a Software Engineer is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment as a Software Engineer is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment as a Software Engineer is Currently in Development. appeared first on NJEdge Inc.


Your Future Dream Assignment in Project Management is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment in Project Management is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment in Project Management is Currently in Development. appeared first on NJEdge Inc.


Your Future Dream Assignment in Network Support is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment in Network Support is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment in Network Support is Currently in Development. appeared first on NJEdge Inc.


Your Future Dream Assignment as a Database Administrator is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment as a Database Administrator is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment as a Database Administrator is Currently in Development. appeared first on NJEdge Inc.


Your Future Dream Assignment in Cybersecurity is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment in Cybersecurity is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment in Cybersecurity is Currently in Development. appeared first on NJEdge Inc.


Your Future Dream Assignment as a Business Processing Modeling/Notation is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment as a Business Processing Modeling/Notation is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment as a Business Processing Modeling/Notation is Currently in Development. appeared first on NJEdge Inc.


Your Future Dream Assignment as an Application Developer is Currently in Development.

Submit your resume NOW so you’re first in line for consideration when the position posts. The post Your Future Dream Assignment as an Application Developer is Currently in Development. appeared first on NJEdge Inc.
Submit your resume NOW so you’re first in line for consideration when the position posts. [contact-form-7]

The post Your Future Dream Assignment as an Application Developer is Currently in Development. appeared first on NJEdge Inc.


Schema

Schema.org is ten!

Schema.org was announced ten years ago this week! Without getting all emotional, this feels like an appropriate moment to thank everyone who has contributed to this effort in any way - from publishers, technologists and standards experts to those who build applications that use the markup, or who work on publishing it from sites across the web. Some but not all of you are named in our documentatio
Schema.org was announced ten years ago this week! Without getting all emotional, this feels like an appropriate moment to thank everyone who has contributed to this effort in any way - from publishers, technologists and standards experts to those who build applications that use the markup, or who work on publishing it from sites across the web. Some but not all of you are named in our documentation (about us; release notes);  but the truth is that the success of Schema.org comes in large part from the millions of sites who have adopted it as a practical way to communicate the meaning of their content using structured data. 
Schema.org was founded on the idea of making it easier and simpler for the ordinary, everyday sites that make up the web to use machine-readable data, and for that data to enable an ecosystem of applications used by millions of people. While it's hard to predict exactly what the next decade will bring, if we can all keep these founding concerns in mind as we improve, refine and curate our growing collection of schemas, we'll be doing our part to continue improving the web.
Dan & Guha For Schema.org.

Digital Scotland

Building Scotland’s Cryptocurrency Ecosystem – Digitizing Scotland’s SMEs

Integrated crypto payments and digital marketing services for small businesses is the key platform to grow Scotland's digital economy. The post Building Scotland’s Cryptocurrency Ecosystem – Digitizing Scotland’s SMEs appeared first on Digital Scotland.

A headline theme for building Scotland into a world leading digital nation is the development of it’s ‘cryptocurrency ecosystem’. This refers not only to the adoption of cryptocurrencies like Bitcoin, but also the development of the new ventures and products that build upon it to achieve innovative new business models.

The basic concept is eloquently explained by Anthony Pompliano.

In this discussion, from 9m:50s, he describes a tiered financial system that builds upon gold as the foundation asset at level one, the issuing of cash money based on its value at level two, and then an increasing sophistication of electronic use of money at levels three and above.

He states that the cryptocurrency world is in the process of creating an equivalent system, where Bitcoin functions as the level one asset, aka “digital gold”, and we’ll see a comparable services ecosystem build upon it through layers two and above.

Vendor technologies like Hiro demonstrate a great example of this effect, providing the tools to build upon this layer with new applications, with major market innovations like Mastercard planning to build upon CBDCs, like launching like a crypto rewards card, a great example of a level three service.

In China they are already active and the competitive repercussions are becoming evident. As the Cointelegraph reports the banks are promoting the CBDC, the ‘digital yuan’, over the incumbent payment providers like Alipay and WeChat Pay. JD.com has started paying staff in the digital yuan.

Open Banking

As we consider the dynamics of building a Scottish crypto ecosystem a key industry trend to factor in is Open Banking. This is a global market opportunity for Scotland.

Matthew Enubuje provides a helpful overview of where the two sectors overlap, and the potential for their synergy.

He makes the key point that reflects the insights described by Anthony Pompliano, that where the Blockchain industry has excelled at the level one core digital asset infrastructure, they haven’t been as progressive in terms of developing the higher layer of interconnecting, value adding apps. Open Banking has.

The advantages of crypto over Open Banking are mainly those to do with circumventing the banking system and the technological features of the Blockchain – The decentralized control of assets by users themselves not banks, and the transparent integrity of the transactions.

He describes the opportunity for the crypto industry being to basically expand to the higher levels of the ecosystem introduced in this article, citing examples such as Nexo, a crypto lending platform with no credit checks and instant credit lines, and where their revenue comes from their 5.9% interest on loans.

This adds equity to their crypto as it can be used to get a loan and by users holding it for long periods, they receive 30% dividends and this offsets the demand to supply ratio.

Matthew suggests a few other examples of this ecosystem, such as Helium, a crypto company distributing hotspot devices and people earn their crypto when they use it, and the mobile app Emma — it lets you connect to your bank accounts and crypto exchanges.

The killer innovation central to both trends is interoperability. Open Banking is achieved through API-based data flow between banks and apps, and for crypto cross-chain integration is the holy grail of its next major phase of evolution. The CoinTelegraph explores this in detail here, with major innovations setting out to address the challenge including Cosmos.

Building Back Better – Digitizing Scotland’s SMEs

So in practical terms what does this mean for Scotland, how should we act to exploit their trend and opportunity?

To answer this question we can consider other strategic objectives, with the most notable being to ‘Digitize Scotland’s SMEs’ – To better enable Scotland’s small businesses to make use of technology to grow their business, especially so after the pandemic.

This provides a very practical lens to view the above market insights; in short the ecosystem will be most effective when it produces these types of tools. For example early adopters of crypto payments in Scotland include the Aberdeen Taproom, an Edinburgh School of Music and a Falkirk cafe.

Scotland’s startups making possible this type of service are thus the essential foundation, highlighting ventures like Zumo, who have launched innovations like a virtual payment card.

To the point of this article what’s really key is their Developers SDK. Accepting payments is just the building block, as highlighted above the real secret sauce for what will be of great value to SMEs is the increasingly sophisticated functionality that builds upon this, in a way that truly supports and enables the growth of their business, such as a loyalty rewards scheme for example. Zumo’s SDK would enable other digital entrepreneurs to create these types of solutions.

With this type of functionality in mind other Scottish startups to highlight include Stampede. While not a crypto company they are a great example of a provider of technology to Scottish SMEs, in the hospitality sector, to help them grow their business, via functionality such as a Wifi portal, email and SMS marketing and digital gift cards.

Given their type of client would include the Aberdeen Taproom mentioned, the most powerful accelerant of Scotland’s ecosystem is the integration of these capabilities, one that combines crypto payments with these digital marketing services, so that Scotland’s SMEs have access to a one stop shop for easily adopting the full suite.

This is the most effective route to achieving the goal of Scotland becoming a world leading digital nation – Scotland’s SMEs are the backbone of its economy, and empowering them to adopt the latest technologies that can grow their business, via utilizing local Scottish tech startups, creates a rising tide that floats all boats multiplying effect.

The post Building Scotland’s Cryptocurrency Ecosystem – Digitizing Scotland’s SMEs appeared first on Digital Scotland.


SelfKey Foundation

SelfKey Progress Report for May 2021

Last month was one of the biggest in terms of developments and updates. Here is a compilation of all those in the SelfKey Progress Report for May 2021. The post SelfKey Progress Report for May 2021 appeared first on SelfKey.

Last month was one of the biggest in terms of developments and updates. Here is a compilation of all those in the SelfKey Progress Report for May 2021.

The post SelfKey Progress Report for May 2021 appeared first on SelfKey.

Tuesday, 01. June 2021

Digital Scotland

Building an Independent Scotland on the Blockchain – Strategies for a Scottish Digital Currency

An independent Scotland can meet it's need for a currency through simultaneously pioneering global technology leadership. The post Building an Independent Scotland on the Blockchain – Strategies for a Scottish Digital Currency appeared first on Digital Scotland.

The number one topic at the heart of the Scottish Independence debate is what currency would be used. This OpenDemocracy article sets the scene through a critical analysis of the SNP’s Growth Commission plans, being especially harsh of their currency strategy.

Thought leaders pioneering alternative ideas in Scotland include Tim Rideout, heading up the ReserveBank.scot initiative, Common Weal who have published this paper on how to make a Scottish currency, Richard Murphy and Modern Money Scotland.

See all of them together discussing the topic on this panel discussion webinar.

Pioneering the Future of Money

Rather than this being a weak point for the Independence argument, the smart move is to seize it as the moment for global technology leadership it represents, an opportunity to kill two birds with one stone – One being the need for a currency, the second being the aspiration to become a world leading digital nation.

A key trend to highlight are “CBDCs” – Central Bank Digital Currencies, the full blown digitization of national currencies, which is the grand prize of this space and given Scotland’s history of pioneering financial innovations including founding banks et al, presents us with a unique window to lead the trend globally.

It’s a behemoth of a worldwide opportunity now taking shape – In the USA former CFTC chair Chris Giancarlo has set up a not-for-profit called the Digital Dollar Foundation, to pioneer the creation of a US central bank digital currency (CBDC). In his presidency campaign Michael Bloomberg proposed creating a regulatory framework for cryptocurrencies in a new financial regulation plan.

The World Economic Forum says it’s time to take them seriously, CNBC explores what they would look like, the US Federal Reserve published a literature review, the IMF a set of considerations for their use and Brookings a set of design options. The Bank of England offers this discussion paper to explore the topic in detail and HSBC comments on them here.

Early pioneers include SwitzerlandGhana and the Marshall Islands seeking to blaze the trail, and China has ambitions to lead the world in this field.

There are concerns and critics of course. Coin Telegraph writes that they have the potential to upend global finance, and also that they are dead in the water, and the Economist asks if they will break the banking system.

“Programmable Money”

Furthermore the real magic lies in the concept of ‘Smart Money’ aka Programmable Money. This is not just about the straight digitization of money as we understand it, but an entire transformation of how money ‘works’.

As the term suggests it refers to creating an intrinsic intelligence for money. Reporting on IBM being awarded a patent for a “bespoke programmable crypto token,” Cointelegraph explores how specific functionality can be programmed into the behaviour of digital monies.

The LSE explores the idea, asking ‘Do we need programmable money?’, where they define it in terms of both Open Banking and crypto:

“In non-crypto fintech, ‘programmable money’ seems to refer to leveraging open banking APIs to build new, automated use-cases over legacy bank payment infrastructure but in our crypto world, the ‘programmable money’ refers to digital cash hosted on a blockchain, where cash can be placed under the control of a smart contract.”

A key standard that could make it possible is ‘DAML’, a programming language for creating Blockchain smart contracts that run across multiple infrastructure options. DigitalAsset is the world’s expert on this and explore the trend in more detail in this series of blogs.

Not only does this provide the technology to digitally enable currencies as they behave now, but to make possible a future of Programmable Money, where a variety of behaviours and actions can be coded into the flow of money not possible with physical currency.

A Canadian visionary in this field is Alex Tapscott. Indeed he defines it as the wholesale reinvention of capital, a journey he foresees in his 2016 presentation ‘Blockchain is Eating Wall Street‘.

“Digital assets are smart and programmable. Let’s say you’re sending money to your kid studying in college. You can now program the money to only work at certain retailers like Walmart and Whole Foods, rather than the Ontario Cannabis Store or LCBO.

By rethinking capital, we can reimagine markets, money and finance. Entire swaths of the financial services industry currently worth trillions of dollars — banking, payments and even money itself — will be questioned, challenged and upended in the years to come.”

The post Building an Independent Scotland on the Blockchain – Strategies for a Scottish Digital Currency appeared first on Digital Scotland.

Monday, 31. May 2021

Digital ID for Canadians

Canada’s Community of Digital Identity Leaders Grows to Over 100 Members

Digital ID and Authentication Council of Canada (DIACC) welcomes the Canadian Centre for Cyber Security, City of Toronto, Deloitte, the Province of Quebec, and VISA…

Digital ID and Authentication Council of Canada (DIACC) welcomes the Canadian Centre for Cyber Security, City of Toronto, Deloitte, the Province of Quebec, and VISA as members.

Toronto, June 1, 2021 — Governments and businesses across Canada are embracing the opportunities presented by digital ID to deliver secure, trusted and privacy-enhancing digital services to enable Canadians to transact efficiently and securely online. As Canada’s community of public and private sector digital ID leaders, the DIACC is pleased to welcome the Canadian Centre for Cyber Security, City of Toronto, Deloitte, the Province of Quebec, and VISA as members. 

“Today, more than ever before, our communities, our businesses, and our citizens are looking to the leaders within the DIACC to help deliver a robust, secure, trusted digital ID ecosystem that works for all Canadians. Our economy depends on it,” stated David Nikolejsin, Chair of the DIACC Board.

“We are thrilled to welcome this new cohort of public and private sector members to the DIACC,” said Joni Brennan, DIACC President. “With over 100 members including the government of Canada, provincial governments, municipal governments, financial institutions, telcos, technology companies, consulting companies, SMEs, academic partners, international organizations, and nonprofits, the DIACC is Canada’s largest and most inclusive community of digital ID leaders.”

“When the DIACC began nearly a decade ago, it was a small group of passionate public and private sector organizations committed to unlocking economic opportunities for Canadian consumers and businesses while protecting and promoting Canadian values and perspectives in the digital economy,” said Eros Spadotto, EVP, Telus. 

“Building on the vision of the founding members, the non-profit DIACC coalition has grown to over 100 private and public sector leaders who are working together towards establishing an interoperable ecosystem that Canadians can use with confidence,” added Robert Devries, Assistant Deputy Minister Platforms, Ontario Digital Service.

In 2020 the DIACC  delivered on that vision with the launch of the Pan-Canadian Trust Framework™, a robust, privacy-enhancing trust framework shaped by Canadian values that permits trusted digital identity and provides clear guidelines on digital interoperability. 

Recent research by the DIACC underlines Canadians’ desire for, and expectation of secure, trusted and convenient digital transactions – a desire that has increased as a result of the pandemic. 

“From receiving emergency pandemic benefits to ensuring health records are correct and helping children and youth with online education, there are many ways in which a secure digital ID is essential to the functioning of daily life during a pandemic – and beyond,” added CJ Ritchie, CIO of the Government of British Columbia. 

According to the DIACC research, the majority of Canadians believe it is important for federal and provincial governments to move quickly on enabling digital ID in a safe and secure manner, according to the survey. It also shows that collaboration between governments and the private sector continues to be considered the best approach to create a pan-Canadian digital ID framework. 

With the addition of these new members and increasing demand from Canadians, it is clear that there is no better time for governments and businesses to invest in making digital ID a national public policy priority.

ABOUT THE DIACC

The DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian digital identification and authentication framework to enable Canada’s full and secure participation in the global digital economy. The DIACC was created as a result of the federal government’s Task Force for the Payments System Review and members include representatives from both the federal and provincial levels of government as well as private sector leaders.

FOR MORE INFORMATION

Krista Pawley 

Krista@ImperativeImpact.com

416-270-9987


Our digital future and economic recovery rests on getting digital ID right

As Canada’s economy reopens and talk of requiring vaccination proof heats up, it is essential to remember that security and privacy are paramount.  Proof of…

As Canada’s economy reopens and talk of requiring vaccination proof heats up, it is essential to remember that security and privacy are paramount. 

Proof of vaccination, sometimes called “vaccine passports,” may provide a tool for accelerating economic recovery, and the validity of these proofs requires a safe and secure relationship to an identity behind it. Solving digital ID challenges with priority  in a meaningful way is the most impactful way to empower people, prevent fraud, and privacy breaches as Canadians return to attending school in person, going to concerts, travelling, eating indoors in restaurants and more. 

We can no longer wait — it’s time for Canada to take leadership and get serious about solving digital identity or someone else outside of our country will.

As privacy commissioners across Canada have said, “Privacy should be front and centre as governments and businesses consider COVID-19 vaccine passports as a tool to help Canadians return to normal life.”

Data minimization must be the standard, where TWO things are essential for a secure and smooth transition to our digital economy: 

1) only share the necessary information to prove a user’s identity, and 

2) only share the data needed to fulfill the transaction at hand. 

That’s why, for 10 years, the DIACC has built up the important digital ID sector as the trusted voice for driving the public and private sector development of a Pan-Canadian Trust Framework, industry standards, policy advisory, and proof of concept initiatives that support the establishment and adoption of a fully digital, and privacy-respecting country that benefits Canadians.

Canadians and businesses need clarity and leadership from governments on implementing a safe and secure digital ID so that society and the economy can reopen more safely. A cohesive public and private sector approach  is needed. And governments must make solving digital identity, with privacy and security, a stated priority now. Our country cannot afford to address digital identity as siloed and individual projects. Canada needs to take the lead by establishing Canadian principled solutions that will work at home and export our values around the world.

Implementing a digital identity ecosystem now will allow for a more effective transition to secure Canada’s full and beneficial participation in the digital economy, whether it’s introducing digital vaccine proofs, receiving government benefits, updating an immigration status, entering the workforce and more.

As Canada’s trusted voice on digital ID, the DIACC’s 100-plus members from both the private and public sectors have the business, legal, technical and deep real-world experience to continue spearheading the establishment of a digital identity ecosystem that is designed to benefit people.

While technologies for creating digital proofs of identity and vaccination (passports) are here now, residents and businesses need provincial and federal governments to take leadership by establishing clear policy and guidance for usage to ensure that no Canadians are left behind.

If Canadian governments prioritize the establishment  of digital ID that works for people, governments, and the economy, then vaccine proofs (passports) and myriad  other uses can be implemented with security and privacy embedded by design.

Digital ID is not about surveillance, tracking Canadians’ online activity, or data collection. It’s about empowering Canadians with the choice to safely share their existing credentials (eg: passports, driver’s licenses, health cards, citizenship cards) for digital transactions.

With digital identity done right, a vaccine proof (passport) would allow Canadians to securely prove who they are, verify that they were vaccinated, and have a digital credential to use in any instance that requires it — all in a safe and secure way that does not divulge any other private health record. 

Our digital future and economic recovery rests on getting digital ID right.

About the Author:

Joni Brennan is the President of the Digital ID & Authentication Council of Canada (DIACC) and builds on 15 plus years of experience in Digital Identity innovations and standards development. She helps DIACC to fulfill its vision of unlocking interoperability of public and private sector capabilities through the establishment of an identity trust framework that will grow Canada’s economy.


Velocity Network

Interview with Samuel Isaac, Senior VP of Strategy at Neeyamo

We sat down with Samuel Isaac, Senior VP of Strategy at Neeyamo to chat about why Neeyamo joined forces with the Velocity Network. The post Interview with Samuel Isaac, Senior VP of Strategy at Neeyamo appeared first on Velocity.

Nyheder fra WAYF

European Student Identifier: Hvad skal der til?

Artiklen her kan med udbytte læses omhyggeligt af uddannelsesinstitutioners it-organisation og studieadministration i forening. Den opdateres løbende, i takt med udviklingen på området, og tåler derfor jævnlig genlæsning: Language Danish Read more about European Student Identifier: Hvad skal der til?

Artiklen her kan med udbytte læses omhyggeligt af uddannelsesinstitutioners it-organisation og studieadministration i forening. Den opdateres løbende, i takt med udviklingen på området, og tåler derfor jævnlig genlæsning:

Language Danish Read more about European Student Identifier: Hvad skal der til?

Commercio

Breaking News : Commerc.io Wallet  to manage the Tokens of Commercio.network is now available on the Google Play Store App.

Commerc.io Wallet  to manage the Tokens of Commercio.network is now available on the Google Play Store App. Commerc.io srl is glad to announce that from today is available on the Google Play Store App the wallet  to manage  all the operations related to the tokens of Commercio.network. Thanks to this new application a user can create his own non custodial […] L'articolo Breaking N

Commerc.io Wallet  to manage the Tokens of Commercio.network is now available on the Google Play Store App.

Commerc.io srl is glad to announce that from today is available on the Google Play Store App the wallet  to manage  all the operations related to the tokens of Commercio.network.

Thanks to this new application a user can create his own non custodial wallet.

In a non custodial wallet, the real owner of the tokens is the person who has access to them. In other words, unlike when using a hosted wallet managed by a third party, only you can operate because you are the only one who has the private key.
A non custodial wallet doesn’t have a password recovery system, so it’s essential to store the 12 Words properly. If you lose them you have lost your tokens forever.
Here are the features of the Commerc.io app wallet

CREATE AND IMPORT A WALLET: you can create a wallet ex novo or import the 12/24 of the cards distributed to the validator nodes by Commercio.network.
SEND AND RECEIVE COM thanks to the app you can send and receive COM with a simple scan of a QR Code.
COM STAKING Stake through the bonding of your COMs on the active validator nodes of Commercio.network and make unbonding after 21 Days.
VBR REWARDS Collect daily Rewards of the COMs that you have delegated to the active validator Nodes of the Commercio.network.
TOTAL PRIVACY OF YOUR WALLET No registration is required and the app connects directly to Commercio.network You are in total control of your privacy and your Wallet.

The wallet can be downloaded at this address: https://play.google.com/store/apps/details?id=io.commerc.preview.one

 

Thanks in advance for all your five star reviews!

 

L'articolo Breaking News : Commerc.io Wallet  to manage the Tokens of Commercio.network is now available on the Google Play Store App. sembra essere il primo su commercio.network.


Digital Scotland

Scotland – Europe’s Blockchain Capital

A vision and ambition for Scotland to become Europe's Blockchain capital. The post Scotland – Europe’s Blockchain Capital appeared first on Digital Scotland.

The objective of our Digital Nation Action Plan is to identify the individual entrepreneurs visions for how to achieve a world leading Scottish digital nation, and aggregate these into one overall action plan.

On The Crypto Standard podcast they interview Nick Jones of Zumo, exploring the details of their exciting venture pioneering a cryptocurrency payments app.

Concluding the interview Jordan highlights how Wyoming is becoming a crypto and blockchain global hub, and asks if Scotland could replicate a similar success.

Nick believes this is entirely doable, given how Scotland is a small, relatively cash rich country with highly educated people, and with many pressing social inequality issues to address could act as an incredible ‘sandbox’ for cultivating innovative applications of the technology that leverage Scotland’s deep legacy of financial expertise.

To crystallize a strategy to unify Scotland’s many different initiatives and assets around a single vision of making Scotland the Blockchain Capital of Europe, Nick quantifies the end result through stating key metrics such as having 10 of the top 50 startups, three relevant university courses and a £500m venture fund for supporting the ecosystem.

“Weak on Blockchain”

The nature of the challenge is very succinctly captured by Andrew Noble of Par Equity in this TechCrunch artlcle. While reporting on the general success of Scotland’s startup scene in his analysis he comments that Scotland is “weak on Blockchain”.

He’s not wrong. Scotland has a handful of great Blockchain startups like Zumo, Siccar and Appii, but to Nick’s point we’re well short of how many there should be, there’s no real funding initiatives to address this and adoption in key ‘big lever’ sectors like Government is non existent. Therefore the essence of our Action Plan should be to address exactly this.

A keystone foundation is regulation and legislation, the right approach could either inhibit innovation or unlock an unparalleled scale of economic growth. As Coindesk reports a new German law could theoretically bring as much as €350 billion (~$425 billion) of institutional investment into their cryptocurrency market.

In this blog Bill Buchanan describes how countries should legislate a Blockchain Act, emulating pioneers like Liechtenstein, providing the legal framework to truly achieve a wholly digital nation.

The Tokenization of Everything

Legislation is a slow moving process outwith our control, so the second, more important foundation is simply to drive large scale adoption, an effect that can be characterized as “The Tokenization of Everything”.

Despite our claims of living in a digital society the reality is that so much of our economy is still paper-based, from mortgages to opening a bank account requiring the endless shuffling of paper and the centuries old practice of ‘wet’ signatures or what Bill describes as ‘fake digital’, the practice of visually emulating these via tools like Docusign. Instead he defines that:

“We need to move into a world which properly replaces paper, and moves towards crypto-assets and digital signing with private keys.”

The digitization of all documents and processes via the Blockchain would give rise to what Bill describes as ‘The Token Economy’:

“But some countries are now defining the required legal infrastructure around blockchain, and finding ways to integrate into their existing legal frameworks, and also provided increased trust in the new economy — the token economy.” 

and that

“The key requirement is for national regulation infrastructure and which builds on a total anonymous distributed ledger infrastructure, as well as mapping trusted identities into a regulation infrastructure.”

Demonstrating the potential Scotland has to not only adopt but also pioneer this massive trend is local startup Blockchain Technology Partners, who specializes in the ‘smart contracts’ that Bill defines as the linchpin to this new digital universe. They also envisage the complete digitization of all facets of our economy, describing ‘The Tokenization of Everything‘.

As the title suggests this refers to an evolution where every asset with inherent value will eventually be represented by a cryptographic token on a Blockchain.

Scaling Scotland’s Blockchain Ecosystem

Nick offers an ideal starting point for a Digital Nation Action Plan – A big audacious ambition and clear metrics for quantifying when it is achieved.

By incorporating the equivalent views from other Scottish tech entrepreneurs we can refine a detailed strategy and set of steps for truly realizing the goal of building a world leading Scottish digital nation.

The post Scotland – Europe’s Blockchain Capital appeared first on Digital Scotland.


Platform Architecture for Covid-19 Digital Passports

A showcase of the inspiring Covid technology innovation from Scotland's NDS team, and the potential to build world class solutions atop their platform. The post Platform Architecture for Covid-19 Digital Passports appeared first on Digital Scotland.

This is post 6 of 6 in the series “Government as a Platform”

Government as a Platform in Scotland Payments as a Platform – The Scottish Government Payments Service The NES Digital Service – A Platform approach for building a unified digital health and care service for Scotland Learning from Heart FM – How Radical Digital Thinking Can Preserve Our Public Services Lego Government : API-Enabled Government as a Platform Platform Architecture for Covid-19 Digital Passports

The core principle of Government as a Platform is that a common foundation makes possible multiple different services that share this capability, to avoid reinventing the wheel for repeated functions like authentication and data sharing.

With these building blocks in place developers are then freed to concentrate on building the apps that more quickly deliver real business value.

Vaccination Passports

A great example of the need for this rapid approach is ‘Covid Vaccination Passports’. Clearly there has been a requirement for a quick response to critical public health needs, and one that utilizes existing government systems so that there is a complete integrity of the data produced.

MIT asks if you will have to carry this on your phone, where it might function like an actual passport, being shown as you arrive at airports, and could also act like a work authorization at your job, or a pass to get into restaurants, bars, and shopping malls.

Highlighting the type of issues that need addressed such as a booming black market in fake test results that is diminishing trust in printed records and driving demand for cheat-proof digital documents, they define the medical and technology challenges and nature of this opportunity:

“There are a lot of players in the field, including IBMthe Commons Project, and the Covid Credentials Initiative.

They’re coming at the problem from different angles but are ultimately chasing the same goal: let people share required information about their health, while protecting other private information. Yet it’s still too early to rely on any of these for a fast and widespread solution.”

Many governments, as well as airlines and other businesses are trialing or in talks to build “health pass” apps, which let users ask participating labs and health systems to send authenticated test results and other data straight to the app, bypassing verification concerns.

Scotland’s Opportunity – A Digital Healthcare Ecosystem

To begin zeroing in on the specific opportunity for Scotland, we can first identify the core technology challenge:

Connecting any systems across borders means navigating a patchwork of languages, databases, and privacy laws.

This highlights the work of Scotland’s NDS team, who are building the ‘National Digital Platform‘, the technical architecture which ensures that key things are only done in one way across Scotland such as how people are identified and where clinical data is stored.

As they explain here, their National Clinical Data Store (NCDS) is storing vaccinations data and being made accessible to healthcare staff, via their VMT app.

“Under the bonnet, the VMT sends copies of the records of immunisations to the NCDS. For those that may be interested, this is achieved using a “FHIR API” based on the UK FHIR Core Immunisation Profile. A FHIR API is essentially an industry standard way of sharing digital health data. The NCDS can then securely share citizens’ immunisation history records to other services, again using a FHIR API.”

As we’ll explore in the upcoming and future webinars, Scotland’s opportunity is to build upon this core innovation through a collaborating community, a Digital Healthcare Ecosystem, to flesh it out in multiple directions including ways to expand user uptake and to enable new scenarios for how users interact with and update data.

This is particularly relevant when we consider the broader context of Scotland’s overall digital agenda. In their just released digital strategy, the Scottish Government describes a key objective of:

“Adopt a common approach to online identity where personal data is controlled by the individual.”

This highlights a couple of key vendor solutions:

Appii – Appii has developed their Health Passport, a service that verifies your identify through a selfie photo, is populated through recording your test result at one of their partner sites (eg. Lloyds Pharmacy) and provides a digital certification. Digi.me – Digi.me is a specialist in general data sharing services and have developed a number of apps that build on this capability, including a Covid-19 solution.

What all of this highlights is the importance of the platform approach. A Covid certification service is just one of the many apps governments need to deploy, and each and every one will feature repeated requirements to verify the identity of users and share data across multiple systems.

Furthermore this should feed an innovation ecosystem, where for example the NDS National Clinical Data Store is a data set securely exposed to third party developers so that they can create new apps that leverage the data in new ways, for scenarios like Covid 19 as just one of many that will be required on an ongoing basis. Vendors like Appii and Digi.me would be ideal for this type of accelerated app innovation.

The post Platform Architecture for Covid-19 Digital Passports appeared first on Digital Scotland.

Sunday, 30. May 2021

GLEIF

How to Prepare for the New ROC Policies

By March 31, 2022, the Global LEI System will have implemented three new Regulatory Oversight Committee (ROC) policies to further increase the level of open, standardized, and high-quality legal entity reference data available to users. From March 1, 2022, all GLEIF services will accept and display data in new Common Data File (CDF) formats in line with the new policies. Public users of the Glob

By March 31, 2022, the Global LEI System will have implemented three new Regulatory Oversight Committee (ROC) policies to further increase the level of open, standardized, and high-quality legal entity reference data available to users.

From March 1, 2022, all GLEIF services will accept and display data in new Common Data File (CDF) formats in line with the new policies. Public users of the Global LEI System will therefore need to be able to process data in the new format from this date onwards. The month of March will be used as a transition period during which all LEI issuing organizations will migrate to the new formats and perform testing to ensure smooth operations. During this month, therefore, public users of Global LEI System should prepare to support both formats when performing LEI data analysis. This blog outlines the preparatory steps public users are required to take and provides links to more detailed reference information.

Details of the new policies

The new policies apply to:

Legal Entity Events: Specifies events that alter the entity, the relationship data of a legal entity, or result in the retirement and/or creation of LEIs. Fund Relationships: Introduces three new distinct relationship types that can be collected for funds. General Government Entities: Allows certain legal entities to be classified as Government Entities or International Organizations.

How to prepare for the new policies

The following users must take action to implement the updated file formats to ensure uninterrupted access to LEI data beyond March 1, 2022:

All users of the GLEIF Concatenated files All users of the Golden Copy and Delta files All users who access the content of the Golden Copy files via the GLEIF API

GLEIF has published further technical details, example files and additional documentation specifying the transition steps and the impact on associated data here.

Additional support

Following March 31, 2022, GLEIF anticipates a period of up to one year before the Global LEI System will be fully populated with information on Legal Entity Events, Fund Relationships and Government Entities. Data is generally collected at the time of new LEI issuance or existing LEI renewal.

If you have questions or need additional support ahead of the March 1 deadline, please email GLEIF: info@gleif.org.

Saturday, 29. May 2021

WomenInIdentity

Meet our newest volunteer- Razia Ali

Razia joined the Women in Identity team early in 2021, helping to co-ordinate our sponsorship programme. Tell us about your job and what gets you out of bed in the… The post Meet our newest volunteer- Razia Ali appeared first on Women in Identity.

Razia joined the Women in Identity team early in 2021, helping to co-ordinate our sponsorship programme.

Tell us about your job and what gets you out of bed in the morning?

My journey originally started with a degree in Cognitive Science and I wanted to incorporate ‘diverse thinking’ in my daily working life. In 2019 I decided to take a step back from corporate life. After a year travelling across the USA and Asia and I took the decision to retrain decided as a life coach.

With my new-found skillset, I learned how to tap into my blind spots, focussing on understanding the difference between means goals and end goals.

I worked hard.

But I spent little time with family and friends.

My work-life balance wasn’t particularly healthy – even though I was accomplishing the goals I had set for myself.

I was not showing up in the best version of myself.

I realised I needed to be a part of something more meaningful. Something that meant I was contributing towards the bigger things in life.

I had given over years of my life in trying to attain fulfilment by having money in my bank account. I could buy what I wanted, had great job titles so I was generally seen as successful. I realised I was pursuing a need to be recognized – for my work on this project or that initiative. These are the values I grew up with; the values I thought I needed in order to be viewed as “successful”.

During my travels, I took time to understand what I really wanted – namely to show up with unique ideas that would really contribute to making a difference – not just having a smart job title. I wanted to travel more and spend genuine, quality, time getting to know my friends and family again.  I decided to start connecting with people who have really inspired me and in late 2019 launched my first podcast.

I now work with non-profit organizations that are passionate about making a real difference. I feel like I work within several communities, each one driving change around the diversity and inclusion agenda. It’s why I wanted to get involved with Women in Identity and I joined the volunteer team earlier this year.

How did you get to where you are today?

I always worked very hard, putting in the hours, but later in my career I realized that hard work has very little to do with success.

I recognized the importance of learning to slow down. I have worked with FTSE 100 companies to Silicon Valley start-up and – honestly – I now realise how important it is to never stop learning. I have volunteered with many different organizations, simply because it taught me so many things outside my experience.

What is the most important lesson you have learned along the way?

To tell myself every day that I have a unique combination of infinite potential and divine possibilities. There is no one else exactly like me so if I don’t show up for myself, I can’t expect others to do so.

The second biggest lesson for me was outgrowing the things I originally wanted and learning the art of “surrender”.  I believe we need to have goals but also to keep a sense of what it means to keep learning, keep growing.  an entrepreneurial vision. If your business or you fail in a particular role, the real question to ask yourself is: “did I grow?” The jobs I do are simply a means to me achieving my bigger goal: to keep on growing.

What would be your pitch to CEOs in the identity space? What do you suggest they START / STOP / CONTINUE doing and why?

 People have been treated badly throughout history due to organizations having policies and practices that have disadvantaged people. I would like our leaders to make self-reflection a fundamental part of management and leadership training.

If organisations within the Identity space want to create environments that are truly free of racism and sexism, they need to look to hire people from different genders, faiths and races, different educational and economic backgrounds. This will help eliminate the stereotyping that we all fall foul of – and stop us building computer programs that perpetuate them.

Many organisations understand that having women in leadership groups increases productivity by 40%. We need to continue this momentum so we can finally stop having to find statistics to justify what should be a no-brainer!

Why does diversity matter to you?

Diversity means accepting an individual’s differences, creating a judgement-free environment where EVERYONE is comfortable talking about things, sharing opinions openly. For me, diversity is about having diverse thinking.

What book/film/piece of art would you recommend to your fellow members?

I would like to recommend Vishen Lakhiani’s work at Mindvalley. I love listening to his podcast and all the speakers he brings from different backgrounds.

Reading-wise, I would recommend Rebel Ideas by Matthew Syed. It’s a great read for anyone looking to understand more about diverse thinking.

What advice would you give to the teenage ‘you’?

 Read more, take off the pressure and have fun!

Surround yourself with people who bring out the best in you or inspire you.

I read somewhere that “entrepreneurs don’t confront the world; they create and change the world. When you have real conviction, you have the power, literally, to change the world.’

I now take this with me into every aspect of my life.

Connect with Razia through the Women in Identity team, at LinkedIn or on Twitter

 

The post Meet our newest volunteer- Razia Ali appeared first on Women in Identity.

Friday, 28. May 2021

Ceramic Network

Ceramic and IDX now available on NEAR

3Box Labs has partnered with NEAR to bring streaming data and cross-chain identity protocols to their fast-growing ecosystem.

Developers building on the NEAR blockchain now have a powerful way to manage user identities and dynamic off-chain data in their applications. Ceramic, the decentralized network for data stream processing, now supports NEAR wallets.

NEAR is currently hosting an Open Web Community hackathon with a prize for integrating IDX profiles on Ceramic with a NEAR Sputnik DAO.

NEAR + Ceramic: Sputnik DAO Bounty NEAR + Ceramic: Sputnik DAO Bounty We are so excited to partner with Ceramic Network! Developers building on NEAR Protocol have powerful ways to manage user identities and dynamic off-chain data in their applications. Ceramic, the decentralized network for data stream processing, now supports NEA… NEAR Forumjlwaugh Blockchain, Data & Identity: a full stack for Web3 developers

NEAR Protocol offers developers the most scalable and dev-friendly infrastructure for building decentralized apps and services. Great Web3 and DeFi apps require more than a smart contract platform. They also need sophisticated, scalable and dependable data management infrastructure. Ceramic provides advanced database-like features such as mutability, version control, access control, and programmable logic. It is also the foundation for IDX, Web3's first cross-chain identity model.

Now that NEAR and Ceramic can easily be used together, developers can:

Build data-rich user experiences and social features on fully decentralized tech Give users cloud-like backup, sync and recovery without running a centralized server Publish content on the open web without the need to anchor IPFS hashes on-chain Leverage interoperable profiles, social graphs and reputations across the Web3 ecosystem Ceramic now supports NEAR wallets

Starting today, developers building applications on NEAR can easily add support for Ceramic and IDX in their application with a seamless user experience. NEAR key pairs have been added as a supported signing and authentication method for Ceramic's data streams, so users can now perform transactions on Ceramic with their existing NEAR wallets.

Developers have already begun to combine these two networks to create applications like NEAR Personas:

NEAR: Easy to build on & easy to use

NEAR Protocol is a Proof-of-Stake, climate-neutral, layer one blockchain protocol and smart contract platform. Developer experience and end-user accessibility are the top priorities for NEAR, all the way down to the protocol level. Developers can use familiar tools, such as Rust or AssemblyScript, to build on NEAR’s WASM-based runtime, and the application build/test/deploy cycle is much faster and simpler than on most networks––with fast finality and very low transaction fees (usually less than one cent).

NEAR’s unique contract-based account model provides the flexibility to onboard users to an application who either don’t hold NEAR tokens or have never interacted with a blockchain, a process that can take dozens of steps and fiat onramps with most other networks. Human-readable, named account addresses (i.e. ceramic.near) replace long, clunky hex strings and can support multiple names within a single public key. With progressive onboarding, the crypto elements of using decentralized apps on NEAR can be 100% abstracted away from the user and the complexities of gas fees, storage costs, seed phrases, and keys are obscured from their experience until they are ready to claim their wallet and hold their own tokens.

Ceramic: Decentralized data streams

Ceramic provides developers with database-like functionality for storing all kinds of dynamic, mutable content. This finally gives developers a Web3 native way to add critical features like rich identities (profiles, reputation, social graphs), user-generated content (posts, interactions), dynamic application-data, and much more.

Ceramic's unique stream-based architecture is designed for web-scale volume and latency and to handle any type of data model. Built on top of open standards including IPFS, libp2p, and DIDs and compatible with any raw storage protocol like Filecoin or Arweave, all information stored on Ceramic exists within a permissionless cross-chain network that lets developers tap into an ever growing library of identities and data while using their preferred stack.

IDX: Cross-chain identity and user-centric data

Identity is the first use case enabled by Ceramic's building blocks for open source information. IDX (identity index) is a cross-chain identity protocol that inherits Ceramic's properties to provide developers with a user-centric replacement for server-siloed user tables. By making it easy to structure and associate data to user's personal index, IDX lets applications save, discover and route to users' data.

The IDX SDK makes it simple to manage users and deliver great data-driven experiences using the same NEAR keys and wallets as developers and users are already relying on. Users can also link multiple keys, from any wallet and multiple blockchains, to the same identity. This is essential to developers who want to serve users over time, as it enables key rotation, data interoperability across accounts, and rich cross-chain profiles, reputations and experiences (including 50,000+ profiles on Ethereum today).

Getting started with Ceramic on NEAR

NEAR is currently hosting an Open Web Community hackathon! There is a prize for integrating Ceramic profiles with a NEAR Sputnik DAO.

To install NEAR, follow their documentation. To add IDX to your project, follow this installation guide. To use Ceramic for streams without IDX, follow this installation guide. Regardless of which option you choose, you should also select 3ID Connect as your DID wallet during the authentication process which handles the integration with NEAR wallets. Check out this quick start template for a vue dapp using NEAR and Ceramic. For questions or support, join the Ceramic Discord and the NEAR Discord.

Website | Twitter | Discord | GitHub | Documentation | Blog | IDX Identity


OwnYourData

Digital Immunization Passport Project Completion

Der Beitrag Digital Immunization Passport Project Completion erschien zuerst auf www.ownyourdata.eu.

This blog post summarizes the key highlights of the Digital Immunization Passport (DIP) project. We implemented and evaluated an end-to-end workflow for handling immunization information in a human-centric way, and we provided the necessary infrastructure for all participating stakeholders to demonstrated the functionality in real-world use cases: Yellow Fever and Tick-borne encephalitis vaccination.
The project has received funding from NGI_DAPSI (DAPSI 1st open call), the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 871498.

The focus of this project is on Data Interoperability & Compatibility through establishing interfaces between health industry and individuals as well as pushing forward on standardized interfaces for data stores. Additionally, we address Data Transparency (Usage Policies and Data Provenance in Semantic Containers) and Security & Privacy (by applying blockchain technology and digital watermarking on data sharing). A key challenge in making institutional data available to individuals is authentication. In this project we demonstrated the use of biometric features to identify individuals and generate a unique identifier that can either be managed as a decentralized identifier (DID) or via a national Public Key Infrastructure (PKI).

The project team consisted of the partners OwnYourData (OYD) and the Human Colossus Foundation (HCF), who shared conceptual and development work. As a result the following deliverables were made available:

D1.1 Project Management Handbook D2.1 Requirements Specification D2.2 Design Document D3.1 Semantic Container Implementation
selected relevant Github repositories:

https://github.com/sem-con/sc-base https://github.com/sem-con/srv-semantics https://github.com/sem-con/sc-sharing D4.1 Personal Data Store Implementation
selected relevant Github repositories:

https://github.com/OwnYourData/oyd-pia2 https://github.com/OwnYourData/oyd-databud https://github.com/OwnYourData/vaultifier D5.1 Trusted Digital Assistant Implementation
selected relevant Github repositories:

https://github.com/THCLab/aries-cloudagent-python https://github.com/THCLab/tda-backend-services-plugin https://github.com/THCLab/tda_web_client https://github.com/THCLab/oca-form D6.1 End Report

The project was presented at the NGI DAPSI final event on June 2nd, 2021: The Web after the Platforms.  There we showed the following short summary video of our projet.

If you have any questions about the Digital Immunization Passport or about OwnYourData in general don’t hesitate to contact us as support@ownyourdata.eu.

Der Beitrag Digital Immunization Passport Project Completion erschien zuerst auf www.ownyourdata.eu.


eSSIF-Lab

Still a chance for the last questions on eSSIF-Lab calls

eSSIF-Lab is organising a Q&A session about both its Infrastructure-oriented and its Second Business-oriented Open Call to help potential applicants craft an effective proposal and to help them solve their doubts and questions about the application proccess.

When:

On Friday, 18th of June 2021 at 11:00 am (Brussels Local Time), we will be answering all your questions about the application process, the programme, framework and the value of the eSSIF-Lab’s Open Calls during this session.

Where? 

The Q&A session is online, free and open to all interested people.

REGISTER NOW!

 

The Infrastructure-Oriented Open Call targets the development and testing of open source Self-Sovereign Identity components for eSSIF-Lab Framework which fall within the SSI concept (i.e. technologies which allow individuals to control their electronic identities and guard their privacy) and offers funding up to 155,000 € to selected companies.

On the other hand, Second Business-oriented Open Call is looking for proposals to develop and demonstrate SSI working solutions for a real-world, domain-oriented problem or opportunity, in prioritized eSSIF-Lab areas (Health Tech, e-Government and Education), or in the Open Disruptive Innovation track and offers to selected companies an 8-month acceleration programme, including business and technical support to integrate eSSIF-Lab and other SSI technology with market propositions, and funding up to 106,000 € (for the best in class).

The deadline to apply for both Open Calls is on 7th of July 2020 at 17:00 (Brussels Local Time).

 

Join the Q&A session and find out all you need!


Own Your Data Weekly Digest

MyData Weekly Digest for May 28th, 2021

Read in this week's digest about: 4 posts, 2 Tools
Read in this week's digest about: 4 posts, 2 Tools

Thursday, 27. May 2021

Nyheder fra WAYF

Kræftens Bekæmpelse indtrådt i WAYF

For nylig er Kræftens Bekæmpelse indtrådt i WAYF som brugerorganisation. Ansatte her kan derfor nu identificere sig som sådanne over for de mange webtjenester i WAYF og eduGAIN af relevans for forskning og uddannelse. Language Danish Read more about Kræftens Bekæmpelse indtrådt i WAYF

For nylig er Kræftens Bekæmpelse indtrådt i WAYF som brugerorganisation. Ansatte her kan derfor nu identificere sig som sådanne over for de mange webtjenester i WAYF og eduGAIN af relevans for forskning og uddannelse.

Language Danish Read more about Kræftens Bekæmpelse indtrådt i WAYF

Wednesday, 26. May 2021

Berkman Klein Center

A Deep-Dive on Digital Self-Determination

Rory Torres shares her experience as part of Berkman Klein’s latest global research sprint In an increasingly digital world, our experiences online are shaped by data gathered and wielded to tailor experiences. But what control do users have over that data, where it goes, and how it is used? Questions of control over personal data were a cross-cutting theme throughout a Research Sprint
Rory Torres shares her experience as part of Berkman Klein’s latest global research sprint

In an increasingly digital world, our experiences online are shaped by data gathered and wielded to tailor experiences. But what control do users have over that data, where it goes, and how it is used?

Questions of control over personal data were a cross-cutting theme throughout a Research Sprint co-hosted by the Berkman Klein Center for Internet & Society and Digital Asia Hub. The Sprint also examined other important dimensions of self-determination in the digitally networked world, for instance, self-expression and participation in civic life and the digital economy, or relationship-building and well-being, to name just a few application areas.

The three-month program for graduate students focused on digital self-determination spanning a range of geographies, backgrounds, and contexts. The cohort, who came from 21 countries across the globe, convened regularly to participate in critical discussions and create accessible educational resources — including a Wikipedia page and a Wikiversity Living Syllabus — on the topic.

Mary Rhauline “Rory” Torres, Harvard Law LL.M. ’21 was a participant in a recent Research Sprint from the Berkman Klein Center. Courtesy image.

One participant, Mary Rhauline “Rory” Torres, Harvard Law LL.M. ’21, joined the sprint from Mangaldan, Pangasinan, in the Philippines. We spoke with Torres about her experience in the program, what she learned, and how it informed her work.

What motivated you to join the Research Sprint and explore digital self-determination?

I learned about the Research Sprint when Professor Urs Gasser posted it in his Comparative Digital Privacy course. The call to participate resonated with me because there was a huge surge of new Internet participants in South East Asia when the pandemic hit. That’s 40 million new users of the Internet who are basically opening up their lives to the digital world. It’s an exciting place, but also has threats and harms. Even those of us who have been connected for a while are still scrambling to find our place in the digital space. I thought learning about digital self-determination can help all of us make sense of our role in the Internet as individuals and as a community, and thrive in it.

How has your understanding of the concept changed or evolved over the past few months?

Prior to the Research Sprint, my understanding of digital self-determination was limited to empowering an individual to participate in a digital environment and being equipped to do so responsibly, much like digital citizenship. I didn’t realize how digital self-determination is a labyrinth until we started to talk about it with related concepts like digital rights, digital colonialism, informational self-determination; to situate it in various contexts like digital health, digital economy, digital information; and to ground it in principles that would realize self-determination, such as trustworthy data spaces. It’s all very interesting and complex!

The Research Sprint is interdisciplinary and international by design. What was that experience like working with graduate students around the world to explore digital self-determination?

The Sprint is composed of an amazing group of people from all over the world with so many diverse backgrounds. There are students studying psychology, communication, political science, social science, and culture. The diversity of language, culture, and studies makes the task of understanding digital self-determination challenging because we all have different contexts. But there’s also beauty in it because it allows us to find connections, confront ourselves with different, sometimes opposing perspectives, and accept and respect that.

Your cohort is coming together to create a Wikipedia entry on digital self-determination. Could you explain the processes behind that task, and what you hope the impact is of the entry?

We started with gathering a bibliography of articles that relate to digital self-determination. Building on that bibliography, the group created an outline in a shared Google document. We’ve since then expanded that outline by communicating through Slack, gathered volunteers to write sections that are of interest to them, and some have met through Zoom or smaller chat groups to get feedback, do peer review, and make changes.

The Wikipedia entry is divided into three parts: first, an overview of the history of self-determination in philosophy, psychology, and its legal adaptations, and defining self-determination in the digital sphere; second, identifying practical elements that support the realization of digital self-determination, such as digital infrastructure, equal access, privacy protections; and third, current issues relevant to digital self-determination, including a discussion on regulation and legal frameworks, which I am contributing to.

Having a Wiki entry on digital self-determination is a big first step to bringing the principle out into the digital space, making it more accessible and understandable, and keeping in mind that the concept is a work in progress.

What was the most interesting topic you explored during the program?

The session on Information Diet was extremely interesting because it relates so well to our daily lives: living at a place and time where information seems to be everywhere and nowhere at the same time. One of the first things I do in the morning is open my phone, read the “recommended stories” of the New York Times on my account, open the Telegram information group on the situation of COVID-19 in the Philippines, check my emails and I’m bombarded by the newsletters that I’ve subscribed to, and then there’s Facebook. There’s just so much information, so there’s this burden of having no excuse not to know about an important issue. And there’s so much disinformation, that filtering out reliable from unreliable content has become so overwhelming.

So I really loved Professor Sarah Genner’s presentation on Information Diet and what it means to be in the driver’s seat in the digital age and not the other way around and having an overview of how to disconnect, do a digital detox, and avoid digital distractions. While studying for my exams, I used the Pomodoro Technique and the amount of studying I was able to clock in was almost cathartic.

Was there a particular speaker that stood out to you, or sparked a new interest?

I was fascinated by Professor Nishant Shah’s talk on the formation of our identities in the digital age. He provoked a lot of questions on how an individual defines one’s identity through digital artifacts — that one may or may not have created or uploaded for oneself; how digital spaces may constrain our definition of ourselves in and out of cyberspace; and how do we preserve these identities — or do we even want to?

You host a blog about parenting. From your perspective, how should adults address digital self-determination with children?

In the same talk, Professor Shah’s example of his nephew’s thousands of photos in the cloud uploaded for him by his relatives resonated with me as a parent. As a mother of a four-year-old, it’s so difficult to restrain me from uploading pictures of my child — what Professor Leah Plunkett calls “Sharenthood.” Parents create digital footprints of our children and so much of their private moments are in the digital space already. But beyond the dangers of violating the privacy of children, the creation of this catalog of children’s lives online may limit their ability to define who they are, to reflect on their experiences, to associate objects to their memories, because so much has already been documented for them.

So when is digitization too much that it harms children’s self-determination — is a topic I want to explore further. It goes hand-in-hand with other parenting issues in the digital era, like safety. Parents should educate themselves about technology and how our children interact with it because it’s not going away and it plays a large role in how they define themselves and their realities. I personally recommend Professor Urs Gasser’s book “The Connected Parent” as a starting point.

Rory Torres with her daughter. Courtesy image. How did your studies as an LL.M. student at Harvard Law School — and your interests in tech and the law — inform or shape your perception of the program?

When we talk about law and technology, there’s always a discussion of seemingly competing but often interacting concepts: the individual and the collective, the private and the public, the offline and the online. As an LL.M. student, what I have realized in studying these concepts as they relate to technology is that technology is highly contextual and it is fast-changing, such that, as a student of the law, it is difficult to create a single universal approach to encourage innovation that would provide a positive impact to the world or to address the harms or threats that technology can bring. This is the attitude that I have brought with me to the Research Sprint, and it has helped me broaden my perspective and try to see self-determination from the lens of participants and speakers with various backgrounds and expertise.

How did participating in the Research Sprint inform your time at HLS and your future trajectory?

Finding my trajectory after HLS is an exercise of self-determination! At HLS, I curated my law and technology courses for business and technology, and Internet and society, because there’s always that tension between commercial interests and social issues. The Research Sprint in particular expanded my thinking beyond legal frameworks and allowed me to explore the field of social science and the Internet, and was especially inspired by Professor Lokman Tsui’s work on free expression, digital rights, and Internet policy in Asia. In relation to that, I’m also keen on exploring Privacy-by-Design and studying how to integrate digital self-determination into its principles, beyond respect for user privacy, and experimenting with startups on how to integrate Privacy-by-Design and digital self-determination as they develop their platforms.

A Deep-Dive on Digital Self-Determination was originally published in Berkman Klein Center Collection on Medium, where people are continuing the conversation by highlighting and responding to this story.


Velocity Network

How Blockchain Benefits Recruiters, Job Candidates

Andrew Cunsolo, Senior Director of Product Management for Jobvite, a prominent member of the Velocity Network Foundation said "[The Velocity Network] enables recruiters to make hiring decisions faster by being able to review all of a candidate's verified credential data upfront in one place. The post How Blockchain Benefits Recruiters, Job Candidates appeared first on Velocity.

Me2B Alliance

Me2BA May 2021 Newsletter

Read about the latest Me2BA updates in our recent newsletter >

Digital ID for Canadians

Spotlight on Sterling Backcheck

1.What is the mission and vision of Sterling Backcheck? Sterling Backcheck’s mission is to provide the foundation of trust and safety for our clients so…

1.What is the mission and vision of Sterling Backcheck?

Sterling Backcheck’s mission is to provide the foundation of trust and safety for our clients so they can create great environments for their most essential resource, people. Sterling Backcheck’s vision is the world where verified identity information should be owned and accessible easily by the individual.

2. Why is trustworthy digital identity critical for existing and emerging markets?

So much of our lives is now in a digital format, both personally and professionally. We rely on technology to handle sensitive information, which, if not done correctly, can put us in jeopardy. Digital Identity is a crucial safeguard to preventing identity fraud, which could result in a significant damage to people’s life. Digital Identity is a key enabler to unlocking the next frontier of the digital economy. Through trustworthy Digital Identity, we can enable a safe digital future.

3. How will digital identity transform the Canadian and global economy? How does your organization address challenges associated with this transformation?

The World Bank estimates that roughly 1 billion people lack an official foundational identification. Millions have forms of identification that cannot be reliably verified or authenticated, resulting in exclusion from economic opportunities. Our parent company, Sterling, has been working on the creation of a digital identity wallet to help address the challenges worldwide. By joining DIACC, Sterling Backcheck hopes to help bridge that gap and offer a platform for trustworthy ID verification.

4. What role does Canada have to play as a leader in this space?

Canada has always been the pioneer on the identity front. For example, unlike many other countries, ID verification is required before starting a background check in Canada. In addition, Canada has always emphasized the importance of data privacy and storage. Building on those principles, Canada is well positioned to lead the conversation on digital identity services.

5. Why did your organization join the DIACC?

At Sterling Backcheck, we aspire to a vision that Digital identity verification should only have to occur once and personal identity verification should only be shared, when necessary and proportional to the need. Individuals and organizations should mutually benefit from digital identity innovation. While technology has created opportunities to enhance digital identity, we’ve also noticed examples of some migration away from sound identity verification practices. We see DIACC as an important vehicle to bolster and promulgate sound digital identity practices. We joined to help forward the mission of DIACC towards that goal.

6. What else should we know about your organization?

Sterling Backcheck is a pioneer in background screening, having revolutionized the industry with eConsent, a fully online platform for collecting candidate consent prior to starting their check. Through our proactive and collaborative approach working with the federal authorities that govern our industry, we have continuously offered a safe and secure way for organizations to conduct background screening. We conduct over a million criminal record checks on behalf of thousands of employers annually. There is no question that our processes have been refined over the years. We’re always looking for ways to innovate and continue to offer best in class service to our clients.


omidiyar Network

The push for fairness, equity, and safeguards in the data economy

MIT Technology Review Insights explores, in a new report released today, how a growing number of voices — including economists, lawyers, civil rights groups, and Omidyar Network — are constructing a new social contract between the tech industry and citizens. Sushant Kumar, a principal of responsible technology, reflects on the need and pathway for this paradigm shift in the forward of “Data fairne

MIT Technology Review Insights explores, in a new report released today, how a growing number of voices — including economists, lawyers, civil rights groups, and Omidyar Network — are constructing a new social contract between the tech industry and citizens. Sushant Kumar, a principal of responsible technology, reflects on the need and pathway for this paradigm shift in the forward of “Data fairness: A new social contact for the 21st century economy.”

Incentives drive behavior. Currently, tech giants are incentivized to collect as much data as possible so they can narrowly target advertising to consumers, which in turn, increases their earnings. Big tech does everything it can to increase users’ screen-time and engagement, all in service of data collection. And it’s working quite well for them. Facebook’s profits in the first quarter of 2021 nearly doubled and advertising revenue rose by 46% compared to last year.

But while these platforms are seeing record profits, it’s coming at the expense of other stakeholders in the system: government, communities, gig workers, and the users themselves. Government is losing out because these companies don’t pay their fair share of taxes in countries of operation, thereby constraining public investments. These platforms use extractive and intrusive ways to collect data, stripping communities and individuals of privacy and control. And Big Tech uses data to control their employees, especially gig workers, which leads to suppressed wages and deteriorating work conditions for people working in the gig economy.

Omidyar Network, a social change venture, believes we must learn how to balance the data economy so that it is equitable for all stakeholders, not just serving the interests of the big tech giants. That’s why we’ve partnered with MIT Technology Review Insights. We wanted to have a better understanding of potential pathways to reimagine the data economy that is rife with systemic flaws. This paper is intended to share emerging ideas, spark debate, and solicit feedback.

This paper is informed by early scholarship from individuals and institutions that are investigating this issue. They have found three emerging pathways to reimagine the data economy. First, the essential infrastructure that enables a global, open internet must focus on generating public value rather than private profits. Second, governments will need a holistic approach to regulating the data economy. Traditional antitrust and privacy measures need to be complemented by data governance that creates necessary safeguards and room for innovative applications for data. Finally, the data economy needs mechanisms for participatory governance and practice-based intermediation approaches. This report provides examples from Estonia and Taiwan and shares the progress made by entrepreneurs in the field of data trusts and data collaboratives. These approaches can be strengthened with regulatory support and public funding.

We hope these pathways provoke a much needed reckoning of the data economy. As we continue our journey to reimagine the data economy, we invite you to join us.

We are grateful for our partnership with MIT Technology Review Insights for its in-depth exploration into the data economy, and our many partners, including The Rockefeller Foundation, that share our commitment to building a more equitable data economy.

The push for fairness, equity, and safeguards in the data economy was originally published in Omidyar Network on Medium, where people are continuing the conversation by highlighting and responding to this story.


The push for fairness, equity, and safeguards in the data economy

MIT Technology Review Insights explores, in a new report released today, how a growing number of voices — including economists, lawyers, civil rights groups, and Omidyar Network — are constructing a new social contract between the tech industry and citizens. Sushant Kumar, a principal of responsible technology, reflects on the need and pathway for this paradigm shift in the forward of “Data fairne

MIT Technology Review Insights explores, in a new report released today, how a growing number of voices — including economists, lawyers, civil rights groups, and Omidyar Network — are constructing a new social contract between the tech industry and citizens. Sushant Kumar, a principal of responsible technology, reflects on the need and pathway for this paradigm shift in the forward of “Data fairness: A new social contact for the 21st century economy.”

Incentives drive behavior. Currently, tech giants are incentivized to collect as much data as possible so they can narrowly target advertising to consumers, which in turn, increases their earnings. Big tech does everything it can to increase users’ screen-time and engagement, all in service of data collection. And it’s working quite well for them. Facebook’s profits in the first quarter of 2021 nearly doubled and advertising revenue rose by 46% compared to last year.

But while these platforms are seeing record profits, it’s coming at the expense of other stakeholders in the system: government, communities, gig workers, and the users themselves. Government is losing out because these companies don’t pay their fair share of taxes in countries of operation, thereby constraining public investments. These platforms use extractive and intrusive ways to collect data, stripping communities and individuals of privacy and control. And Big Tech uses data to control their employees, especially gig workers, which leads to suppressed wages and deteriorating work conditions for people working in the gig economy.

Omidyar Network, a social change venture, believes we must learn how to balance the data economy so that it is equitable for all stakeholders, not just serving the interests of the big tech giants. That’s why we’ve partnered with MIT Technology Review Insights. We wanted to have a better understanding of potential pathways to reimagine the data economy that is rife with systemic flaws. This paper is intended to share emerging ideas, spark debate, and solicit feedback.

This paper is informed by early scholarship from individuals and institutions that are investigating this issue. They have found three emerging pathways to reimagine the data economy. First, the essential infrastructure that enables a global, open internet must focus on generating public value rather than private profits. Second, governments will need a holistic approach to regulating the data economy. Traditional antitrust and privacy measures need to be complemented by data governance that creates necessary safeguards and room for innovative applications for data. Finally, the data economy needs mechanisms for participatory governance and practice-based intermediation approaches. This report provides examples from Estonia and Taiwan and shares the progress made by entrepreneurs in the field of data trusts and data collaboratives. These approaches can be strengthened with regulatory support and public funding.

We hope these pathways provoke a much needed reckoning of the data economy. As we continue our journey to reimagine the data economy, we invite you to join us.

We are grateful for our partnership with MIT Technology Review Insights for its in-depth exploration into the data economy, and our many partners, including The Rockefeller Foundation, that share our commitment to building a more equitable data economy.

Tuesday, 25. May 2021

Velocity Network

Interview with John Healy, Vice President and Blockchain Taskforce Chair, World Employment Confederation

We sat down with John Healy, Vice President and Blockchain Taskforce Chair, World Employment Confederation to talk about why the WEC is a big supporter of the Velocity Network. The post Interview with John Healy, Vice President and Blockchain Taskforce Chair, World Employment Confederation appeared first on Velocity.

OpenID

Public Review Period for Two Proposed FAPI 2.0 Implementer’s Drafts

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts: FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period for the specification

The OpenID Financial-grade API (FAPI) Working Group recommends approval of the following specifications as OpenID Implementer’s Drafts:

FAPI 2.0 Baseline Profile FAPI 2.0 Attacker Model

An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This note starts the 45-day public review period for the specification drafts in accordance with the OpenID Foundation IPR policies and procedures. Unless issues are identified during the review that the working group believes must be addressed by revising the drafts, this review period will be followed by a seven-day voting period during which OpenID Foundation members will vote on whether to approve these drafts as OpenID Implementer’s Drafts. For the convenience of members, voting will actually begin a week before the start of the official voting period.

The relevant dates are:

Implementer’s Drafts public review period: Tuesday, May 25, 2021 to Friday, July 9, 2021 (45 days) Implementer’s Drafts vote announcement: Saturday, June 26, 2021 Implementer’s Drafts voting period: Saturday, July 10, 2021 to Saturday, July 17, 2021 (7 days)*

* Note: Early voting before the start of the formal voting will be allowed.

The FAPI working group page is https://openid.net/wg/fapi/. Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration. If you’re not a current OpenID Foundation member, please consider joining to participate in the approval vote.

You can send feedback on the specifications in a way that enables the working group to act upon it by (1) signing the contribution agreement at https://openid.net/intellectual-property/ to join the working group (please specify that you are joining the “FAPI” working group on your contribution agreement), (2) joining the working group mailing list at https://lists.openid.net/mailman/listinfo/openid-specs-fapi, and (3) sending your feedback to the list.

— Michael B. Jones – OpenID Foundation Board Secretary

The post Public Review Period for Two Proposed FAPI 2.0 Implementer’s Drafts first appeared on OpenID.

WomenInIdentity

Member interview with Claire Norman

WiD   Tell us about your day – what gets you out of bed in the morning? CN   I am the Head of Financial Crime for a credit card company. I… The post Member interview with Claire Norman appeared first on Women in Identity.

WiD   Tell us about your day – what gets you out of bed in the morning?

CN   I am the Head of Financial Crime for a credit card company. I am also studying for a PhD in Criminal Justice Studies, looking at the role of insider fraudsters within business.

In my spare time I run STUC (Stammerers Through University Consultancy), an initiative which collaborates with universities nationwide offering better support for students and staff who stammer.

I’m really fascinated by the world of financial crime and how to prevent it. No two days are ever the same because the fraud landscape is continually changing.

WiD   How did you get to where you are today?

CN   Employment-wise, I graduated with a French degree from the University of Warwick in 2014 and landed a job at Amazon working as a bilingual fraud investigations specialist. They hired me for my language skills and trained me in fraud detection and prevention on the job. From that point, I was hooked. I subsequently worked in the financial crime sector at Cifas, World First and, currently, Jaja Finance. I also completed a MSc in Counter Fraud & Counter Corruption Studies before starting on my PhD. I wanted to have a combination of both professional and academic background in my line of work.

Allow everyone to be themselves and work in a way that suits them. Your teams will feel more valued and much more loyal
WiD   What is the most important lesson you have learned along the way?

CN   I’d say it is that the person I was when I started my first graduate job in 2014 is completely different to who I am now. I used to be shy, naïve, desperate to please and anxious of making the tiniest of mistakes. Now I am so much more confident, much less anxious. I understand that you can’t please everyone and that making mistakes is part of how you learn.

I’ve also learned that whilst having a great manager is invaluable to aid your personal and professional development, having not-so-great managers will teach you just as much.

WiD   What’s your pitch to CEOs in the identity space? What would you suggest they START / STOP / CONTINUE doing and why?

CN   Diversity and inclusion should be at the forefront of everything you do, as well as instilling a culture that promotes acceptance and versatility. Trying to mould people to fit a certain type of employee will only deter them and staff turnover will be high. If you allow everyone to be themselves and work in a way that suits them, they will feel more valued and will show loyalty.WiD   In one sentence, why does diversity matter to you?

CN   Diversity is a necessity for the progression, learning and development of both individuals and businesses.

WiD   What book/film/piece of art would you recommend to your fellow members and why?

CN   I always used to try too hard to people-please. I’d obsess over what people thought of me, and regularly put myself in uncomfortable situations under the belief that it would help me be liked. So my recommendation would be The Life-Changing Magic of Not Giving a F**k by Sarah Knight!

WiD   What advice would you give to the teenage ‘you’?

CN   Your stammer doesn’t define your success. One day you’ll decide that you can’t substitute words anymore and that if you stammer, so what? People may not understand it, they may not react in a way you like, but you’ll rise above it and will be able to live the life you want – because you’ll learn that your words are just as important as everyone else’s.

Connect with Claire on LinkedIn or Twitter

The post Member interview with Claire Norman appeared first on Women in Identity.


In conversation with Rosa Akbari

I’d much rather keep tabs on pastoralists use of SMS or small business owners workarounds for digital payments than reading the latest news onTechCrunch. Tell us about your role and… The post In conversation with Rosa Akbari appeared first on Women in Identity.
I’d much rather keep tabs on pastoralists use of SMS or small business owners workarounds for digital payments than reading the latest news onTechCrunch.
Tell us about your role and what gets you out of bed in the morning

Functionally, I support when / where / why / how to integrate digital technologies (and partners, service providers) into resource constrained contexts, primarily for purposes of humanitarian response. Most recently, I’ve been focused on supporting large-scale humanitarian cash transfer programmes, as well as supporting essential work in mobile health, agriculture, nutrition and supply chain programs.

I love helping others to make informed decisions around what will be the most impactful technologies, partnerships etc. and I typically serve as a bridge between technologists and non-technologists. I suppose I’m a kind of trusted broker and often my role is hidden.  Slowly, I think people are starting to realize this can be integral to the success of a large scale tech project and I love the feeling that my role is so connected to the success of projects that have such an impact on fellow human beings.

I also love learning how people are bending simple technologies for their own needs, in seemingly “less developed” locations or within “complex crises.” I’d much rather keep tabs on pastoralists use of SMS or small business owners workarounds for digital payments than reading the latest news on TechCrunch.

How did you get to where you are today?

Luck, curiosity and cautiously stumbling along unexpected pathways. I’m fairly up front about what I know and what I don’t know. This results in a lot of leaning in on others to help develop the situational awareness we need to piece together the best outcomes re digital integrations.

More specifically, my interest in the world of “impactful tech” was sparked when I spent a very brief time in Haiti a few days after the 2010 earthquake. Basic ICT and mobile technology was accessible to many and I was fascinated how it became an invaluable tool, updating (OpenStreet) maps to allow for better co-ordination of logistics etc.. I’ve basically followed that curiosity ever since.

What is the most important lesson you have learned along the way? Trust is key. Technology / ICT is an industry. Regardless of goodwill intent, this should never be forgotten. “Being an expert” is very relative. It’s been quite fascinating to observe the quick ascent of experts in “emerging technologies” (e.g. AI, ML, blockchain / digital ID) and how they will “most definitely” impact “the unbanked” or other demographics in the developing world. All I can say is it seems there are a lot of experts who understand technology and its potential. But I believe there are far fewer who can navigate how to make it all work sustainably in a new context, with new populations. What’s your pitch to CEOs in the identity space? What do you suggest they START / STOP / CONTINUE doing and why? START educating people on what actually makes a recognized identity. What are the fundamental building blocks? Which public policies and stakeholders / authorities should be involved? STOP selling pipe dreams based solely on product designs. No ID app or platform will hold meaning unless the right stakeholders (and regulators) are engaged and on board. Thankfully we are seeing a reduction in Marketing campaign that promote “digital ID for all refugees” or the like. CONTINUE promoting standards that uphold interoperability. Continue to educate governments on what makes a good public technology / societal platform, as well as share successes of large-scale (and govt led) technology initiatives. Digital ID is the backbone of a new age of digital governance. Ot needs to be treated as more than just a pilot project, dependent on archaic RFP / tender processes. What does diversity mean to you?  *
Without diversity, my perspectives on life would be much less interesting (or balanced) !!
What book, film or piece of art would you recommend to fellow WiD members?

My book would be: Fake Like Me, by Barbara Bourland.  Full disclosure ….. the author is a friend! But it’s a fun read for summer that’s ostensibly a murder mystery based in an artists’ colony. Ultimately, it’s also a witty introspection into identity and how easy it is to create (and destroy) it.

Art – https://artscoops.com/  I know it’s not a single piece, I know, but it’s a great place to keep revisiting you’re wanting to support artists from the Middle East.

Finally, what advice would you give to the teenage ‘you’?

“You won’t end up in Law School. Though maybe don’t tell Mom just yet!!”

Connect with Rosa on LinkedIn or via her website

The post In conversation with Rosa Akbari appeared first on Women in Identity.


Ceramic Network

Ceramic and IDX now available with Moonbeam

Developers building on Moonbeam's Ethereum-compatible smart contract Polkadot parachain can now use Ceramic's streaming data and cross-chain identity protocols.

Developers building multi-chain applications have a powerful new combination to work with, as Ceramic now supports Moonbeam applications.  Moonbeam offers developers an Ethereum-compatible smart contract parachain on Polkadot, providing an easy path to a multi-chain implementation. Ceramic adds support for advanced data management and cross-chain identity. Together, this enables developers and users to depend on the same accounts and wallets to manage transactions, identities, and data across Ethereum and Polkadot applications.

A full stack for cross-chain applications

Since Moonbeam uses the same keypairs and wallets as Ethereum, signing and authentication for Ceramic's data streams is also supported out of the box. Now that Moonbeam and Ceramic can easily be used together, developers can:

Build data-rich user experiences and social features on fully decentralized tech Give users cloud-like backup, sync and recovery without running a centralized server Publish content on the open web without the need to anchor IPFS hashes on-chain Leverage interoperable profiles, social graphs and reputations across the Web3 ecosystem

"Moonbeam devs and users will now be able to easily implement Ceramic's streaming data and cross-chain identity protocols due to the same keys and wallets being utilized that developers and users are already familiar with," says Nate Hamilton, Director of Business Development at Moonbeam.

The Ceramic and Moonbeam teams look towards the same goal: proving the best-in-class user experience

Currently, Moonbase Alpha, the Moonbeam TestNet, has been added as a supported chain. Users can now perform transactions on Ceramic and Moonbase Alpha with their existing wallets. Currently, Moonbeam is compatible with MetaMask and MathWallet.

About Moonbeam:

Moonbeam is an Ethereum-compatible smart contract platform on the Polkadot network that makes it easy to build natively interoperable applications. This Ethereum compatibility allows developers to deploy existing Solidity smart contracts and DApp frontends to Moonbeam with minimal changes. As a parachain on the Polkadot network, Moonbeam will benefit from the shared security of the Polkadot relay chain and integrations with other chains that are connected to Polkadot. Currently, in active development by PureStake, Moonbeam is expected to reach MainNet by mid-2021.

Learn more: https://moonbeam.network/.

About Ceramic

Ceramic provides developers with database-like functionality for storing all kinds of dynamic, mutable content. This finally gives developers a Web3 native way to add critical features like rich identities (profiles, reputation, social graphs), user-generated content (posts, interactions), dynamic application-data, and much more.

Ceramic's stream-based architecture is designed for web-scale volume and latency and to handle any type of data. Built on top of open standards including IPFS, libp2p, and DIDs and compatible with any raw storage protocol like Filecoin or Arweave, all information stored on Ceramic exists within a permissionless cross-chain network that lets developers tap into an ever growing library of identities and data while using their preferred stack.

IDX: Cross-chain identity and user-centric data

Identity is the first use case enabled by Ceramic's building blocks for open source information. IDX (identity index) is a cross-chain identity protocol that inherits Ceramic's properties to provide developers with a user-centric replacement for server-siloed user tables. By making it easy to structure and associate data to a user's personal index, IDX lets applications save, discover and route to users' data.

The IDX SDK makes it simple to manage users and deliver great data-driven experiences using the same keys and wallets as developers and users are already relying on. Users can also link multiple keys, from any wallet and multiple blockchains, to the same identity. This is essential to developers who want to serve users over time, as it enables key rotation, data interoperability across accounts, and rich cross-chain profiles, reputations and experiences (including 50,000+ profiles on Ethereum today).

Getting started with Ceramic and Moonbeam To get started on Moonbeam visit their documentation site To add IDX to your project, follow this installation guide To use Ceramic for streams without IDX, follow this installation guide. For questions or support, join the Ceramic Discord and the Moonbeam Discord

Website | Twitter | Discord | GitHub | Documentation | Blog | IDX Identity


Digital Scotland

Lego Government : API-Enabled Government as a Platform

The core dynamic of GaaP is a modular, 'plug and play' approach to digital service design, interconnecting services via APIs. The post Lego Government : API-Enabled Government as a Platform appeared first on Digital Scotland.

This is post 5 of 6 in the series “Government as a Platform”

Government as a Platform in Scotland Payments as a Platform – The Scottish Government Payments Service The NES Digital Service – A Platform approach for building a unified digital health and care service for Scotland Learning from Heart FM – How Radical Digital Thinking Can Preserve Our Public Services Lego Government : API-Enabled Government as a Platform Platform Architecture for Covid-19 Digital Passports

In the Harvard white paper on Digital Government Transformation Richard Pope provides a working definition of ‘GaaP’ – Government as a Platform. “GaaP should reorganize the work of government around a network of shared APIs and components, open-standards and canonical datasets, so that civil servants, businesses, and others can deliver radically better services to the public more safely, efficiently, and accountably.”

He explores the topic through a summary round up of how this approach has been pioneered and adopted in countries like India, Estonia and the UK.

Our white paper builds on this, providing detailed blueprint analysis of GaaP implementations across the world.

#LegoGovernment – Plug and Play Service Design

GaaP is such a powerful approach because it address the root issue that inhibits integrated Government services.

Like all large enterprise organizations Governments are structured via rigidly delineated departments and agencies, and typically deploy their own dedicated IT for only their business processes, creating isolated silos. The DWP develops their own standalone IT systems, Tax and Healthcare does the same, … and so on.

As the Harvard paper describes:

“There is a lot of duplication in government. Generally, departments and agencies are vertically integrated, with each running its own version of a system (a public website, a payment gateway, a printing service, an address lookup, etc.) that’s similar but not identical to all the others. Platforms have been cited as a way to remove that duplication and break down organizational silos.

Siloed approaches to transformation don’t work,” Mike Bracken wrote in 2015. “Reinventing the wheel every single time we build a service has led to far too much duplication and waste. That’s not good enough.”

This is a critical point for those working in public sector service design. When we consider how services are actually delivered we see that the workflow processes that enable them cut across these silos, as illustrated through this simple example:

This sets the scene for the concept of “Lego Government”. Rather than the traditional approach of building Government services via dedicated line of business applications, they are created via coupling together modular components.

This PublicTechnology interview explores in detail how the DWP are working with APIs. For example when the NHS undertakes a real-time check for prescription charge exemption they call the DWP passport benefit API which validates the enquiry. They also perform this check for the Department for Education for free school meals entitlement and for local authorities for the disabled Blue Badge award.

They make the critical point that they endevour to reuse existing APIs wherever possible, and where they don’t they develop them via ‘microservices‘ – Small snippets of code intended only for this purpose. This enables very rapid solutioning, only four weeks in some cases.

Underpinning the business logic and service design layer the core technology architecture is the API Gateway platform.

As the DWP describes:

“Once we identified – or built – the API that met the requirement, we deployed it onto our current shared API Gateway which was already hosted in our internet-facing cloud. This meant that all the infrastructure was already in place so, once the API was tested and proven to be suitable, it could be deployed really easily through the existing shared infrastructure. Historically, the process of building the underlying infrastructure could take months; we deployed new APIs, or extended throughput on existing APIs within two days. This would not have been possible without the API Library or the shared API Gateway.”

Hosting their API gateway in a cloud environment allowed the team to scale up in near real-time, after completing assessment of forecasted API volumes. This microservices approach will build the pathway towards the future, with the hope that eventually they will be able to “join up services across government and one initiative is that we’re creating a central cross-government API Registry that will enable us to share what APIs we already have available, as well as being able to see what APIs other government departments have available.”

The post Lego Government : API-Enabled Government as a Platform appeared first on Digital Scotland.


Commercio

Breaking News: Commerc.io Wallet iOS App to manage the Tokens of Commercio.network is now available on the AppStore

Commerc.io Wallet iOS App to manage the Tokens of Commercio.network is now available on the AppStore Commerc.io srl is glad to announce that from today is available on the AppStore the wallet iOS app to manage on your iPhone, iPad and Mac with the new M1 processor, all the operations related to the tokens of Commercio.network. Thanks to this new […] L'articolo Breaking News: Commerc.io Wallet iO

Commerc.io Wallet iOS App to manage the Tokens of Commercio.network is now available on the AppStore

Commerc.io srl is glad to announce that from today is available on the AppStore the wallet iOS app to manage on your iPhone, iPad and Mac with the new M1 processor, all the operations related to the tokens of Commercio.network.
Thanks to this new application a user can create his own non custodial wallet.
In a non custodial wallet, the real owner of the tokens is the person who has access to them. In other words, unlike when using a hosted wallet managed by a third party, only you can operate because you are the only one who has the private key.
A non custodial wallet doesn’t have a password recovery system, so it’s essential to store the 12 Words properly. If you lose them you have lost your tokens forever.
Here are the features of the Commerc.io app wallet

CREATE AND IMPORT A WALLET: you can create a wallet ex novo or import the 12/24 of the cards distributed to the validator nodes by Commercio.network.
SEND AND RECEIVE COM thanks to the app you can send and receive COM with a simple scan of a QR Code.
COM STAKING Stake through the bonding of your COMs on the active validator nodes of Commercio.network and make unbonding after 21 Days.
VBR REWARDS Collect daily Rewards of the COMs that you have delegated to the active validator Nodes of the Commercio.network.
TOTAL PRIVACY OF YOUR WALLET No registration is required and the app connects directly to Commercio.network You are in total control of your privacy and your Wallet.

The iOS wallet can be downloaded at this address: https://apps.apple.com/it/app/commerc-io/id1397387586

 

Thanks in advance for all your five star reviews!

 

L'articolo Breaking News: Commerc.io Wallet iOS App to manage the Tokens of Commercio.network is now available on the AppStore sembra essere il primo su commercio.network.


The Future of Decentralized Escrow: Smart Payments

The Future of Decentralized Escrow: Smart Payments Blockchain Development A Smart payment, which occurs via a Hashed-Timelock Contract (HTLC), is a transfer of Tokens where the payment condition is enforced by the Blockchain. It is a concept originated within the Bitcoin community that is applied on Lightning Network and can be used on Ethereum, and in Cosmos chains Condition is […] L'articolo T

The Future of Decentralized Escrow: Smart Payments

Blockchain Development
A Smart payment, which occurs via a Hashed-Timelock Contract (HTLC), is a transfer of Tokens where the payment condition is enforced by the Blockchain. It is a concept originated within the Bitcoin community that is applied on Lightning Network and can be used on Ethereum, and in Cosmos chains

Condition is a Hashlock.

A Hashlock or the digest of a cryptographic hash function, such as SHA-256, is a type of impediment that restricts the expenditure of an output until a specific piece of data is
publicly disclosed. Hashlocks have the useful property that once a Hashlock is made public, any other Hashlock protected by the same key can also be opened. This allows for the creation of multiple outputs that are all encumbered by the same Hashlock and that all become executable at the same time.

The timelock is a time impediment, like a time safe, where the Smart Contract states that the recipient can claim the funds by presenting
a valid pre-image of the hash digest before a specified deadline (timeout). After the timeout, the funds are automatically returned to the sender.

HTLCs are enforced by the Blockchain, so the transacting parties only need to trust that the Blockchain is executing the contract correctly, (not the counterparty.) It can also be expected that HTLCs can be executed on different Blockchains and even without the presence of a Blockchain, with Agreements (HTLAs).

Conditional Payments
Two parties using an HTLA on a Blockchain that does not support Hashlock and Timeout could proceed as follows: the sender sends a message to the recipient telling it that it wants to “prepare” a transfer with a specified Hashlock and Timeout. The parties agree that if the recipient submits the pre-image hash before the
Timeout, the transfer is executed and the sender owes the money to the recipient. Debts are settled through simple transfers on the Blockchain.

In the case of a post-funding agreement, the sender can settle its debt with the recipient for every payment if its Blockchain is fast and has low fees, or once the total amount owed reaches the parties’ credit limit. In this case, the recipient must rely on the sender to pay what they owe. The risk can be reduced by limiting the amount of money the sender can send before payment.

For pre-funded agreements, the sender transfers the amount of a single payment or a large amount to the recipient and benefits from the equivalent of a line of credit.
The recipient then deducts the amount of any “conditional transfer” executed from the pre-funded amount. In this case, the sender must trust that the recipient will not steal the pre-funded amount, but this risk can obviously be reduced by limiting the pre-funded amount.

HTLAs thus work with Blockchains that support Hashlock and timelock (such as HTLC) and with Blockchains that do not support them.

In the future, this methodology could be used in the CommercioPay module in the Commercio.network Blockchain.

 

 

L'articolo The Future of Decentralized Escrow: Smart Payments sembra essere il primo su commercio.network.

Monday, 24. May 2021

Good ID

Announcing the New Streamlined and Simplified Metadata Service for Authenticator Vendors and Customers

By Rae Rivera, Ph.D., Director of Certification, FIDO Alliance The FIDO Alliance today  introduced a significant update to its Metadata Service (MDS). The service provides information about the certification status […] The post Announcing the New Streamlined and Simplified Metadata Service for Authenticator Vendors and Customers appeared first on FIDO Alliance.

By Rae Rivera, Ph.D., Director of Certification, FIDO Alliance

The FIDO Alliance today  introduced a significant update to its Metadata Service (MDS). The service provides information about the certification status of authenticators, authenticator capabilities, and any known security issues. The FIDO MDS provides organizations deploying FIDO servers with a centralized and trusted source of information about FIDO authenticators. 

MDS is a web-based repository where vendors can publish metadata about their certified FIDO authenticators. Relying parties use this information  to validate authenticator attestation and prove the authenticity of the device model. 

With over 100 authenticator products on the market today, and demand for strong authentication on the rise, the need for an easy-to-use repository to load and view FIDO Certified authenticators has grown in importance. 

Just last week, the Biden administration mandated multi-factor authentication for all government agencies to thwart phishing attempts and protect against account takeover.  Governments and other regulated industries such as banking and healthcare especially need to know that authenticators being used to access their systems are genuine and meet certain requirements, including FIDO Certification status, compliance and other organizational requirements. The new features in the FIDO MDS allow organizations to more quickly and easily verify the attributes of the FIDO Authenticators being used to log in to their web services and applications. 

Today’s news is significant in several areas:

The new MDS has a more efficient and effective user interface that greatly simplifies the uploading and publishing of metadata.  There is a simplified API for relying parties to download metadata. Metadata updates are now available daily instead of monthly, which ensures relying parties have access to the most up-to-date information. The new MDS data format is now a single JSON structure, making it more compatible with standard web development tools. The new MDS format uses human-readable strings instead of numerical values, making it easier to read and understand. The MDS data is now linked to the FIDO Certification program, which will ensure the reliability of the validity of metadata of FIDO Certified products.  The service now uses cloud caching to provide high availability and download performance. 

For more information visit https://fidoalliance.org/metadata/

The post Announcing the New Streamlined and Simplified Metadata Service for Authenticator Vendors and Customers appeared first on FIDO Alliance.


Energy Web

Energy Intelligence Company Inavitas Joins Energy Web

Zug, Switzerland — 24 May 2021 — Today Energy Web announced that Inavitas — an energy intelligence company with offices in Australia, India, and Turkey — has joined as its newest member and plans to host a validator node for the Energy Web Chain. Inavitas offers digital solutions for customers ranging from utilities and large renewable energy generators to homes and businesses, including SCADA int

Zug, Switzerland — 24 May 2021 — Today Energy Web announced that Inavitas — an energy intelligence company with offices in Australia, India, and Turkey — has joined as its newest member and plans to host a validator node for the Energy Web Chain. Inavitas offers digital solutions for customers ranging from utilities and large renewable energy generators to homes and businesses, including SCADA integration, cost reduction, and renewables optimization.

“We are intensely focused on digital transformation of the energy sector to create a clean energy future,” explained Alper Terciyanlı, CEO of Inavitas. “We are proud to become an Energy Web member and join the broader Energy Web ecosystem to harness the potential of digital tech to accelerate the energy transition.”

Last year, Inavitas received the Biggest Climate Impact Award at the Green Invitation: Startup Pavilion 2020, an event co-hosted by BLEE Hackathons and the European Commission.

“We are pleased to welcome Inavitas into the Energy Web family,” added Jesse Morris, EW’s chief commercial officer. “It is more important than ever to have companies like Inavitas help the world’s electricity grid operators and energy companies navigate the digital transformation en route to a low-carbon future.”

About Inavitas
inavitas is at the forefront of researching, developing, and delivering smart energy monitoring and management solutions for all scales’ energy systems. inavitas provides real-time monitoring, control and analytical tools for use in both commercial and residential energy systems in terms of consumption and even production. For industry players in renewable energy production and smart grids, inavitas provides workforce management tools, production/distribution optimization tools and state of the art SCADA systems, including the completion of turnkey design, training and installation.

About Energy Web
Energy Web is a global, member-driven nonprofit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. We enable any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors our tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Energy Intelligence Company Inavitas Joins Energy Web was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.

Friday, 21. May 2021

Me2B Alliance

Me2BA Sees Progress in Google Announcement on App Store Privacy

Me2BA Sees Progress in Google Announcement on App Store Privacy

Me2BA Sees Progress in Google’s “Pre-Announcement” for an Independently Audited Safety Section in Google Play Store

On May 6, 2021, two days after the Me2B Alliance published our report on data sharing in school utility apps, Google issued a “pre-announcement” describing major improvements to app labeling in the Android app store. The announcement signals a serious intention to not only catch up to Apple’s privacy label, but surpass it, by introducing independent validation of the Android app p

On May 6, 2021, two days after the Me2B Alliance published our report on data sharing in school utility apps, Google issued a “pre-announcement” describing major improvements to app labeling in the Android app store: 

We work closely with developers to keep Google Play a safe, trusted space for billions of people to enjoy the latest Android apps. Today, we’re pre-announcing an upcoming safety section in Google Play that will help people understand the data an app collects or shares, if that data is secured, and additional details that impact privacy and security.
[Source:  https://android-developers.googleblog.com/2021/05/new-safety-section-in-google-play-will.html ] 

The announcement signals a serious intention to not only catch up to Apple’s privacy label, but surpass it, by introducing independent validation of the Android app privacy information.   

According to the announcement, the official policy will be published in Q3 2021, and by Q2 2022, all apps in the Google Play store will need to provide the new “safety section” information.  Details on the new “safety section” are where the rubber meets the road, and as we noted in our report, there currently isn’t adequate privacy or safety labeling for apps. Nevertheless, we’re encouraged by the new policy, and hope that Google’s new safety section includes SDKs by name and owner.

[Source:  https://android-developers.googleblog.com/2021/05/new-safety-section-in-google-play-will.html ] 

The announcement also makes clear that the new “safety section” will be independently audited, though unclear if that will take effect in Q2 2022. 

The Me2B Alliance currently performs independent audits of apps and websites and looks forward to learning more about Google’s independent app auditing.  

But why wait until next year when you can get your app or website audited by us today?  Contact us to get started.


Elastos Foundation

Elastos Bi-Weekly Update – 21 May 2021

...

Own Your Data Weekly Digest

MyData Weekly Digest for May 21st, 2021

Read in this week's digest about: 4 posts, 1 Tool
Read in this week's digest about: 4 posts, 1 Tool

Thursday, 20. May 2021

ID2020

ID2020 Alliance Welcomes Newest Member: TECH5

The ID2020 Alliance is thrilled to announce that TECH5, an identity management innovator, headquartered in Geneva, has joined our growing community of public and private sector organizations devoted to the advancement of good ID. With branches in the US, Europe, and Asia, TECH5 is dedicated to the design, development, and distribution of identity management solutions featuring best-in-class

The ID2020 Alliance is thrilled to announce that TECH5, an identity management innovator, headquartered in Geneva, has joined our growing community of public and private sector organizations devoted to the advancement of good ID.

With branches in the US, Europe, and Asia, TECH5 is dedicated to the design, development, and distribution of identity management solutions featuring best-in-class biometric authentication services. TECH5 was founded in 2018 by a team of experienced industry professionals, who have been iterating on multi-modal biometric matching solutions for more than two decades.

“We are delighted to welcome Tech5 to the ID2020 Alliance,” said Head of Advocacy and Communications, Ethan Veneklasen. “Over the past two months, they have been contributing to the work of the Good Health Pass Collaborative. We are now thrilled to have them involved with ID2020's work more broadly and look forward to working closely with their team to promote the implementation and adoption of ethical approaches to digital ID.”

The TECH5 team combines deep technical expertise with programmatic know-how to offer beneficial identity solutions at the leading edge of verification and authentication technologies. TECH5’s slogan “Technologies for Inclusion” evidences its commitment to providing unabridged access to goods and services for all. Leveraging privacy-by-design principles, TECH5 builds solutions that recognize the unique needs of its users, demonstrating a strong commitment to the principles embedded in the ID2020 Manifesto.

“Today, I am happy to announce our partnership with ID2020, one of the most inspiring alliances that share our same founding principles. ID2020’s focus on Inclusive and Foundational ID as the framework for a modern and fair National ID implementation perfectly aligns with TECH5’s vision of Digital IDs that should be private, inclusive, and secure,” said TECH5 Co-founder and CEO Machiel van der Harst.

The ID2020 Alliance continues to grow, welcoming organizations from the public and private sectors that share our commitment to user-managed privacy-protecting, and portable digital ID. As an Alliance, we continue to scale our impact as we add new innovative partners. We are thrilled to add TECH5 to the partnership as we continue — together — to push for good ID for all.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and ethical implementation of user-managed, privacy-protecting, and portable digital identity solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing programs, and advocating for the ethical implantation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights and reap the benefits of economic empowerment and to protecting user privacy and ensuring that data is not commoditized.

About Tech5

TECH5 is an international technology company headquartered in Geneva, Switzerland, with branches in the US, Europe, and Asia, dedicated to the design, development, and distribution of biometrics-driven Identity Management solutions. The company was founded by a team of seasoned industry professionals, who have been innovating in the area of multi-modal biometric matching solutions for more than 20 years. The TECH5 market focus is on highly scalable products built on the experience gained by the implementation of large deployments. TECH5 target markets include Government and Private sectors with products powering Civil ID, Private ID, as well as Authentication solutions that deliver Identity assurance for use cases such as digital onboarding and eKYC when opening a Bank account, applying for a document, or a service.


SelfKey Foundation

Data Breaches & How SelfKey Offers Protection Against It

The SelfKey Wallet offers its users complete control over their personal data, as well as personal documents. The SelfKey Wallet never stores or retrieves your data onto a centralized database. Rather it stores your data on your local system, under your control. Thus offering protection against data breaches. The post Data Breaches & How SelfKey Offers Protection Against It appeared first on

The SelfKey Wallet offers its users complete control over their personal data, as well as personal documents. The SelfKey Wallet never stores or retrieves your data onto a centralized database. Rather it stores your data on your local system, under your control. Thus offering protection against data breaches.

The post Data Breaches & How SelfKey Offers Protection Against It appeared first on SelfKey.

Wednesday, 19. May 2021

Me2B Alliance

Me2BA Executive Director Lisa LeVasseur featured on Masters of Privacy podcast

Me2BA Executive Director Lisa LeVasseur was recently featured on the Masters of Privacy podcast, as part of a series of conversations with thought leaders working at the intersection of marketing, data, privacy, and technology.

Me2BA Executive Director Lisa LeVasseur was recently featured on the Masters of Privacy podcast, as part of a series of conversations with thought leaders working at the intersection of marketing, data, privacy, and technology.

In the interview, Lisa describes Me2BA’s approach to respectful technology behavior and discusses the Alliance’s work in standards development and independent testing.  The conversation touches on the broader issues of our evolving and personal relationships with technology products and services, and the potential for respectful behavior to provide a deeper and better level of engagement, to the benefit of individuals and businesses alike. It offers an excellent introduction to the Me2BA philosophy, approach, and goals. Take a listen, and share with your community.

The Masters of Privacy podcast is produced by PrivacyCloud, a Spanish and US company that develops tools to help people, marketers, and publishers take control of their data, their money, and their experiences, and is hosted by Sergio Maldonado, Privacy Cloud CEO, lawyer and leader in the marketing technology and data analytics space.


Ceramic Network

Community Call 5.07.21

The latest news from the Ceramic ecosystem and protocol.

HIP Platform

Digital IDs in the humanitarian sector: what’s the big deal?

Being able to prove one’s identity is critical in modern society. This is no less the case for people being served by humanitarian organizations. Indeed, those without official identification are among the most vulnerable. While previous solutions to this challenge have relied on traditional means, these are not ideal, especially in the context of the current COVID-19 pandemic. Recent technol

Oldoniyro, Kenya 2018: In a field pilot utilizing cash assistance and blockchain technology conducted by the Kenya Red Cross and IFRC, it was recognized that lack of official ID was a hindrance to receiving assistance. In the published learning review it was noted that 25% of the Kenya Red Cross’ caseload have no official IDs, highlighting the need to address the issue of identities.

Photo credit: Kenya Red Cross

In disaster and crisis situations, members of affected communities who do not have an officially recognized form of identification (ID) can face barriers to receiving aid. Without ID, people made vulnerable by their situations cannot prove who they are, making it impossible for aid agencies to “know their customer” – often a pre-requisite for delivering services in an accountable way. While these challenges can sometimes be overcome, for instance through trusted proxies who do have an ID, such analogue solutions are not ideal.

Through a series of expert interviews and case studies of existing projects, a new report written by Oxford Centre for Technology and Development, commissioned by IFRC, and supported by the DIGID consortium (Norwegian Red Cross, Norwegian Refugee Council, Norwegian Church Aid, Save the Children Norway), Digital Identity: An Analysis for the Humanitarian Sector looks at the opportunities offered by digital identity technologies in humanitarian contexts, but also the risks. The report lists technical, ethical and sustainability aspects of digital ID solutions for organizations looking to explore, learn, and invest in such solutions.

For affected communities, obtaining a digital ID issued by humanitarian organizations can make it much easier (or indeed possible in the first place) to access services, including cash and voucher assistance, in multiple ways. First, they can use the digital ID to prove their identity where this was not previously possible due to a lack of official ID. Second, they can store certain attributes or credentials digitally, allowing them to have portable access to information such as training or education certificates, health records or legal records that might otherwise be left behind or destroyed when a disaster hits. Third, they can choose to reveal only relevant pieces of information instead of all their digital wallet’s contents.

“Without ID, people made vulnerable by their situations cannot prove who they are, making it impossible for aid agencies to “know their customer” – often a pre-requisite for delivering services in an accountable way.”

The report points out that in an ideal world, digital ID technology would be “interoperable” throughout the sector whereby different humanitarian organizations would be able to recognize digital ID credentials, check the issuer, and extract only the data that is being shared by the owner of the digital ID. In this way, members of affected communities could avoid having to register repeatedly (and potentially having to relive trauma as they recount their story), better preserving their dignity.

Meanwhile, the report finds that aid organizations would also benefit from avoiding such repeat registration as their process could be made more time- and cost-efficient by deploying digital ID systems. Another advantage of an interoperable solution would be that trust and collaboration between aid organizations would be enhanced. The DIGID consortium was established for this very purpose: to see how different agencies can work together to best deliver services instead of developing siloed systems.

But the report also discusses challenges to the successful implementation of digital IDs and makes recommendations to address these:

Developing and rolling out a solution has a considerable cost, in terms of both money and time, including the need to upskill staff and volunteers.

Concerns around data privacy must also be addressed to maintain trust between organizations and the communities they serve.

Digital ID solutions depend on certain levels of literacy and access to technology and devices that can be variable and limited in crisis-affected communities.

Despite these difficulties, the report offers hope that digital IDs will come to form an integral part of delivering humanitarian services, including cash and voucher assistance. In a rapidly evolving ecosystem of assistance and technology, humanitarian actors must involve themselves in the process from the outset, or risk having to play catch-up in an environment over which they have little or no control.

The DIGID consortium also held a webinar introducing this report, as part of Data and Digital Week in April 2021.

Permalink


Energy Web

Energy Web and Energy Peace Partners Announce Peace Renewable Energy Credit (P-REC) Digital…

Energy Web and Energy Peace Partners Announce Peace Renewable Energy Credit (P-REC) Digital Marketplace Platform Zug, Switzerland and Sausalito, Calif. — 19 May 2021 — Today, Energy Web and Energy Peace Partners (EPP) announced a new partnership to develop a digital marketplace platform to accelerate the development of renewable energy projects in fragile, energy-poor countries. EPP leverages cli
Energy Web and Energy Peace Partners Announce Peace Renewable Energy Credit (P-REC) Digital Marketplace Platform

Zug, Switzerland and Sausalito, Calif. — 19 May 2021 — Today, Energy Web and Energy Peace Partners (EPP) announced a new partnership to develop a digital marketplace platform to accelerate the development of renewable energy projects in fragile, energy-poor countries. EPP leverages climate finance solutions to promote peace and development by extending the renewable energy revolution to some of the planet’s most vulnerable populations. EPP developed the Peace Renewable Energy Credit (P-REC), which certifies the social co-benefits of renewable energy in addition to renewables’ traditional environmental benefits.

An energy attribute certificate (EAC) — including renewable energy certificates (RECs) in the United States and guarantees of origin (GOs) in the EU — is an internationally-traded virtual commodity that represents 1 megawatt-hour (MWh) of renewable energy generated. P-RECs are issued under the I-REC Standard, the EAC standard in 40+ developing countries, and are issued as I-RECs with additional social co-benefits from new projects in fragile, energy-poor regions. To date, EPP has been authorized as the country issuer of P-RECs and I-RECs in the Democratic Republic of Congo (DRC) and South Sudan. The first-ever P-REC transaction occurred in the DRC in 2020 through a groundbreaking collaboration between Microsoft, Nuru, 3Degrees (an Energy Web member), and EPP.

The digital marketplace platform will leverage the Energy Web Origin open-source software development toolkit, harmonize with The IREC Standard, and be prepared to integrate with Energy Web Zero, an application to find and digitally source verified, emissions-free renewable energy globally. Simply put, the platform will lead to the development of a digital P-REC purchase option for renewable energy buyers, including individuals, that want to support the development of high-impact renewable energy projects for communities where these projects are installed.

The platform will help EPP market P-REC projects, increase demand among a wider set of corporate and individual buyers, scale up the global P-REC market, and facilitate P-REC transactions in a streamlined way. For Energy Web, this partnership will generate new open-source functionality for EW Origin to support digitized EAC “forward agreements” that enable buyers to easily commit to supporting additional renewable energy facilities, which in turn helps reduce the upfront costs of new facilities and improve financing terms.

“This is an incredibly exciting partnership and project,” said Sherwin Das, Managing Director of EPP. “Together we’re bringing a cutting-edge, digital solution that will contribute to scaling up the market for P-RECs and, in doing so, unlock more renewable energy investment in high-impact projects around the world.

“We’re proud to partner with EPP on this renewables marketplace,” added Doug Miller, global markets lead for Energy Web. “This partnership represents Energy Web’s first engagement with projects in Africa and a breakthrough opportunity to introduce digital tools that make it easy for local communities to attract renewable energy buyers who can help expand clean energy access and related social co-benefits in a frictionless way. This partnership will also result in a new standardized digital approach to renewable energy forward agreements that we think will serve as an attractive product for renewable energy buyers that want to support additional products outside of Africa, yet are simpler to implement than power purchase agreements, especially in regulated markets like most I-REC markets.”

Both EPP and I-REC Standard are also advisors to EW Zero, which in December received a grant from the Good Energies Foundation to commercialize the platform. For the EPP P-REC marketplace, the joint team expects to complete an initial proof of concept (POC) by the end of 2021.

About Energy Web
Energy Web is a global, member-driven nonprofit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. We enable any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors our tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

About Energy Peace Partners
The mission of Energy Peace Partners (EPP) is peace and stability for all, powered by renewable energy. EPP brings together expertise in international peacebuilding and renewable energy in order to leverage climate finance solutions that support peace in places affected by violent conflict. We believe that a paradigm shift toward climate-sensitive development can deliver enduring benefits to the planet’s most vulnerable populations. Our efforts create an enabling environment for introducing renewable energy that can serve as the building blocks for peace.

Energy Web and Energy Peace Partners Announce Peace Renewable Energy Credit (P-REC) Digital… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.

Tuesday, 18. May 2021

aNewGovernance

Leveraging the trust of nurses to advance a digital agenda in Europe

From the press of the European Commission Open Research Europe, the article Eric Pol, Chairman of aNewGovernance, had the privilege to be invited to co-author by the European Federation of Nurses. A pleasure to have collaborated with incredible team: Paul De Raeve and Elisabeth Adams (EFN) , Patricia Davidson (John Hopkins University), Franklin A. Shaffer (CGFNS International) and Amit Kumar Pandey (Socients AI and Robotics).

This article brings together insights from a unique group of stakeholders to explore the interaction between AI, the co-creation of data spaces and EHRs, and the role of the frontline nursing workforce. We identify the pre-conditions needed for successful deployment of AI and offer insights regarding the importance of co-creating the future European Health Data Space.

aNewGovernance is now looking forward to making this paradigm shift a reality through the implementation of a fair and human-centric data-infrastructure.

See article

Monday, 17. May 2021

Digital ID for Canadians

Letter to the Hill Times Editor

May 7, 2021 Re: A little-known Trans-Canada digital identity regime in the works, in whose interest? by Ken Rubin, The Hill Times, May 3, 2021.…

May 7, 2021

Re: A little-known Trans-Canada digital identity regime in the works, in whose interest? by Ken Rubin, The Hill Times, May 3, 2021.

Dear Editor, 

In his column, “A little-known Trans-Canada digital identity regime in the works, in whose interest?”, Ken Rubin inaccurately writes that “On the legislative front, business-backed groups like the Digital Identification and Authentication Council of Canada are calling for revamping Canada’s outdated public-sector Privacy Act to allow for a more permissive legal regime that clears the way for digital IDs and one-stop digitized government services. … Canadian governments need to hit ‘pause’ and rethink their digital identity scheme and digital legislation which are pushing sufficient and secure privacy protection largely aside.”

The Digital Identification and Authentication Council of Canada (DIACC) was created following the federal government’s Task Force for the Payments System Review to bring together public and private sector partners in developing a safe and secure digital ID ecosystem that will enable Canada’s full and beneficial participation in the global digital economy.

The DIACC has more than 100 members spanning several sectors including public policy leaders and chief information officers from the federal and provincial governments, networks for payments and for identity verification, technology service providers, strategy and integration experts and financial institutions.

The DIACC fully shares the author’s concern for Canadian’s privacy. This concern is why, for 10 years, the DIACC has built up this important sector as the trusted voice for driving the development of a pan-Canadian trust framework, standards, and initiatives that support the establishment of a fully digital, and privacy-respecting country that Canadians want. DIACC prioritizes a federated approach to work in alignment with Canada’s federal, provincial, territorial, and Indigienous governments. This approach does not support linking of identities, rather, it leverages and extends Privacy by Design principles to enable Canadians to choose which identity credentials they wish to use respecting diversity and promoting inclusion. 

According to recent research, the majority of Canadians believe it is important for federal and provincial governments to move quickly on enabling digital ID in a safe and secure manner. It also shows that collaboration between governments and the private sector continues to be considered the best approach to create a pan-Canadian digital ID framework.

In today’s digital economy, and as the pandemic has made clear, Canadians should be empowered to give informed consent for its use across multiple platforms and in economic areas where proving identity is crucial for secure transactions.

Establishing digital ID that works for Canadians is not about creating one identity to be used for surveillance or tracking. It’s about using the credentials that Canadians already have offline (eg: passports, driver’s licenses, health cards, citizenship cards, bank cards, student cards); having those credentials securely issued digitally; and being able to use them for digital transactions  —  from opening a bank account from the comfort of home, to accessing medical records, to receiving government benefits quickly and easily.

When it comes to legislation, there is no clear policy directive in C-11 that allows Canadians to understand what they can expect in terms of accessing the data the public services have about them. This is why it’s essential for the federal government to empower Canadians to be able to use the credentials associated with them in a modern digital economy, with security and privacy. If Canada is going to be a modern digital society and economy, Canadians must understand what they can expect about data that exists about them in both the public and private sectors. 

Canadian governments should not ‘hit pause’ on digital ID, they should be investing in truly unlocking digital. Investing in digital ID not only makes economic sense but also establishes digital tools to support societal trust, provides security, strengthens privacy, and mitigates fraud. This is a win for all.

Sincerely,

Joni Brennan
President, Digital Identification and Authentication Council of Canada


Equitable digital identity access as the key to unlocking sustainable development

Owning and accessing an official proof of identity remains a challenge for over 1 billion people in the world. This lack of documented identity disproportionately…

Owning and accessing an official proof of identity remains a challenge for over 1 billion people in the world. This lack of documented identity disproportionately affects marginalized groups like women and ethnic minorities, especially in developing nations where barriers exist to the issuing of basic credentials like birth certificates or national identity documents. Without a functional identity, marginalized communities remain unable to take advantage of key financial, educational, and political resources the digital world can provide. This disparity is a primary focus for the global community. The UN’s Sustainable Development Goals even enumerated Goal 16.9 with a specific target: By 2030, providing legal identity for all, including birth registration. If even basic analog identifiers are out of the reach of people across the globe, then digital identity proves nearly impossible for them to obtain. Though Canada remains a leader in digital identity, challenges remain with complete integration of marginalized communities into their developed digital identity ecosystems. This post stands to outline the global problem, and provide insight into a global solution framework which could possibly be applied to the Canadian context. 

A gender divide in digital access has been prevalent for decades, and has widened over the past years between developed and developing countries. Roughly 330 million fewer women than men have access to a smartphone and the mobile internet. They are 26% less likely to own a mobile device, and in South Asia and Africa those proportions stand at 70% and 34% respectively. Without access to the mobile internet and the ability to affirm their digital identity, people are left unable to utilize key resources that could help sustain them and their families. These resources could include access to financial accounts, employment opportunities, microfinance applications, digital platforms to create independent income, public health and healthcare initiatives, and the breadth of the Internet as a place to gain knowledge and skills. With ready access to these digital platforms, marginalized communities can find financial stability and health resources that will improve their quality of life. 

Economic development organizations such as the World Bank are developing strategies to introduce Digital ID frameworks to its member countries. The World Bank’s Identity for Development (ID4D) Diagnostics provides a possible methodology to identify ways to improve identity management systems around the world. Inclusion is a key priority for ID4D, with a focus on systems with high levels of coverage and access. The universality of coverage is defined in both longitudinal and latitudinal terms. Longitudinal coverage spans the lifetime of an individual, while latitudinal coverage refers to the breadth of society the system covers. Accessibility requires the removal of barriers to usage and disparities in the availability of information and technology. ID4D stresses the importance of “inclusion by design”, tasking system builders to communicate with marginalized communities to see where legal, social, and economic gaps may exist to avoid further exacerbating them. According to ID4D, these identity systems should also possess a high level of interoperability. Interoperable systems are more efficient, both in time and money, and allow for integration across multiple platforms. It also suggests using open standards, rather than proprietary technology, which foster innovation in the system and encourage technological advances to be made.

Does the way that ID4D is applied in developing nations provide any lessons for how a developed country can better serve its marginalized communities? Do other solution frameworks exist to map a developed digital identity ecosystem for gaps in coverage and access? By asking these questions, we begin a conversation that will result in improving identity access for all. When connected to a digital identity, marginalized communities are able to take advantage of a wealth of resources that can improve their financial, social, and political standing. In turn, this supports sustainable growth in their home country and contributes to a system where all can benefit. 

About the Author:

Kyra John is a technology coordinator in the wireless industry and passionate about diversity, inclusion, and global citizenship. She has always been drawn to complex problems, and is excited to work as a Community Volunteer with DIACC to delve deeper into topics relating to technology and equity. She has a degree in international affairs and conflict resolution from The George Washington University and enjoys music, reading, and alpine hiking in her free time.

Sources:

http://www.oecd.org/digital/bridging-the-digital-gender-divide.pdf http://documents1.worldbank.org/curated/en/370121518449921710/Guidelines-for-ID4D-Diagnostics.pdf Goal 16 | Department of Economic and Social Affairs https://www.gsma.com/mobilefordevelopment/wp-content/uploads/2019/04/Exploring-the-Gender-Gap-in-Identification-Policy-Insights-from-10-Countries-Web.pdf How Women Are Using Technology to Advance Gender Equality and Peace Digital identity is coming of age in Canada in 2020 | IT World Canada News Most Canadians want digital identity for online government services, DIACC plans its role | Biometric Update

Digital Scotland

China’s Digital Currency Explained

This video is about, why and how China decided to go digital. What is the Digital Yuan? How does the Digital Currency work? Is DCEP a cryptocurrency? Is the digital Yuan blockchain based? Video Summary The nature of money is something that the average person living a thousand or one hundred or maybe even ten … The post China’s Digital Currency Explained appeared first on Digital Scotland.

This video is about, why and how China decided to go digital. What is the Digital Yuan? How does the Digital Currency work? Is DCEP a cryptocurrency? Is the digital Yuan blockchain based? Video Summary

The nature of money is something that the average person living a thousand or one hundred or maybe even ten years ago spent a very little time thinking about outside of a few major economic crashes.

Money was a relatively constant and predictable thing in our lives, but in the last decade or so, the very nature of it has started to change with digital payments, mobile wallets, cryptocurrency and most recently the first ever attempt at a real digital currency by a major economy. The Chinese government started rolling out its digital Yuan, officially called the DCEP (Digital Currency Electronic Payment) and small pilot projects last year.

China started talking about its own digital currency in 2013 for the first time the same year, WeChat, the country’s most popular messaging and social app, launched its mobile wallet, following in the footsteps of Alibaba Alipay. Alibaba’s Alipay was launched in February 2004.

Four years after that is in 2009 Bitcoin was launched. At first, the new digital currency seemed like little more than a side project of the government going through a couple of years of relatively slow research and development phase. But their focus started intensifying dramatically around 2017, leading to the first public trials in 2020 spending for Chinese cities and hundreds of merchants. And the timing of this increased interest is no coincidence.

At the end of 2017, Bitcoin hit its first real peak in valuation, creating widespread awareness for cryptocurrency around the world. In 2018, Facebook announced Libra with bold ambitions to create a cross-border currency for its over two billion users during this year’s mobile wallet exploded in popularity and China online lending through Internet companies ballooned to huge proportions in the country.

And the United States government launched its trade war against China, which increased the risk of financial sanctions. Within the span of just a few years, the entire Chinese monetary system, including its currency and its traditional banking sector, started facing major threats from both inside and outside of the country. Domestically, Tencent and Alibaba, China’s two largest tech companies, started to gobble up the entire finance industry of the country.

Their respective mobile wallets came to dominate the category, and mobile payments skyrocketed in popularity to mind blowing 32 percent of all sales in the country, leading to many merchants simply stopping to accept other payment methods, including cash or credit cards completely. Given their incredible growth, the two are now on a path to swallow up almost all payment in the country within just a few years.

And these two giants were increasingly starting to strike exclusivity deals with more and more merchants, meaning that consumers even now often have no choice but to use their services. Not only that, most giants and group especially also got heavily involved in offering other financial services like loans or insurances on the backs of their wallets. The group has an incredibly detailed picture of its users, including how they make and spend money both online and offline.

Combining financial services with e-commerce and social media profiles in real time create such strong synergies that traditional institutions simply cannot compete with them. And to top things off, a few months back, Jack Ma from the Alibaba Group even expressed in his now infamous speech that he thought the law’s traditional financial institutions have to operate under strict rules on the amount of cash banks have to keep in reserves in order to avoid potential bankruptcy.

The Chinese government was also becoming increasingly wary internationally. In 2019, vice president of the China Center for International Economic Exchanges, explained why he thought the country needed an alternative to the SWIFT system. SWIFT is an organization that handles the communication for the majority of international bank transfers. Basically, most of the time somebody wants to make an international transaction. They send the message to SWIFT, who processes it and sends it to the right recipient.

The system is slow and ancient and the organization does most of its processing in Europe and the U.S. and the U.S. in particular has used Swift in the past to spy on transactions using the NSA. It has ceased transactions between citizens of third-party countries like Germany and Denmark that it had deemed unlawful. China, especially since the start of its trade war with the United States, sees its reliance on the swift system as a major source of danger for its sovereignty and thinks that the system could be used to essentially cut it out of the international financial world altogether.

And finally, China also started getting increasingly nervous about crypto currencies, as on the long term, those could potentially replace the Yuan altogether, leaving no control over its currency in the government’s hand at all. It has banned cryptocurrency exchanges and then the cryptocurrency themselves from being used as money to pay for things in the country. A couple of years down the line, cryptocurrency could become a real danger to their control over the economy.

China decided to turn to the digital yuan project, among other things, starting with its most urgent domestic priorities. It designed the DCEP to specifically combat mobile wallets by giving it not only the convenience of those wallets, but also many of the characteristics of a national currency like the regular Yuan. Digital Yuan is issued by the People’s Bank of China and can be withdrawn by them as well. The value of the two are designed to match. They are supposed to be freely exchangeable. Interestingly, the DCEP is also supposed to be usable even without an Internet connection, just like cash. So two users in a remote part of the country could transact on their phones and their transactions would sync back up once they got online again.

And importantly, the DCEP is also designed to be a legal tender again, just like a cash, meaning that, legally speaking, everybody taking digital payments into the country would have to accept it as a payment method. Once it rolls out a policy. There is no doubt specifically aimed at breaking up the quasi monopolies and which they have built over the years. And DCP intends to be just as convenient to the end user as existing mobile wallets as well. So users could get a mobile wallet from a number of approved financial institutions like banks.

They would sign up for an account with a phone number and then they would pay by scanning QR codes via NFC, etc.. The big difference, of course, is that it’s not Alibaba or WeChat processing the day to day transactions, but the banks, many of which are state owned and all of which are closely regulated.

Jack Ma disappeared from public life completely for over two months. Already, it seems clear that the government prefers to deal with the traditional finance players over the tech companies. Now, these banks will then all have to periodically report all DCEP transactions back to the government, which means the government will be able to see all transactions in the system. It could trace each one back to real human existence or phone numbers are legally required to be tied to real identities in China. It could create similarly detailed profiles of its citizens based on their shopping habits that currently WeChat and Alibaba can. It could simply directly give citizens with a DCEP wallet, money, safe or tax returns or unemployment benefits or whatever.

Earlier this year, the first pilot programs for the currency have started in the country. Citizens don’t particularly seem to care about it, since it doesn’t seem to do functionally anything new over their existing mobile wallets already. The Chinese government theoretically has plenty of unfair advantages over commercial players. While the DCEP cuts out Swift as a middleman, which is indeed important for China, it simply adds the Chinese government as an even more powerful overlord there.

Instead, in its current form, the DCEB is a fully centralized system. For example, the Chinese government on its own can monitor all transactions and it can basically create and destroy money across users wallets as it pleases. While this might work domestically for its own citizens and companies, but any major country would accept doing serious business over it in its current form. International payments and decentralization for now are a big question mark.

The Bahamas and Cambodia technically both beat China by launching their respective digital currencies called the Sand Dollar & Bakong. The Cambodian currency is even block chain based unlike China. Sand dollar might just be the coolest official currency name ever.

The most interesting and definitely most unfortunate example of a country trying and failing to launch a state issued cryptocurrency has to be Venezuela and it is called the Petro. It was announced in 2017 as an alternative currency backed by the country’s vast oil and mineral reserves. While the country’s regular currency was going through some of the world’s worst hyperinflation, it sadly didn’t work.

Video Timeline

0:30 – Nature of Money
1:20 – China’s DCEP and how it started
2:30 – Digital Currency’s effect in traditional banking and Companies
5:42 – Alternative of SWIFT system
9:24 – Government’s interference in the system
11:30 – Pilot Program For Currency
14:00 – Sand Dollar and Bakong

The post China’s Digital Currency Explained appeared first on Digital Scotland.


SelfKey Foundation

SelfKey Partners With Moonpay: Buy KEY Tokens Using SelfKey Wallet

SelfKey partners with MoonPay. The Moonpay integrated SelfKey Wallet will allow its users to buy KEY tokens using their debit/credit cards. The post SelfKey Partners With Moonpay: Buy KEY Tokens Using SelfKey Wallet appeared first on SelfKey.

SelfKey partners with MoonPay. The Moonpay integrated SelfKey Wallet will allow its users to buy KEY tokens using their debit/credit cards.

The post SelfKey Partners With Moonpay: Buy KEY Tokens Using SelfKey Wallet appeared first on SelfKey.


Velocity Network

The Newest Economy: Welcome to the Credential Currency Revolution

Credential Engine (CE) and the Velocity Network Foundation (VNF) are operating together to assist with a system that links all the education and training providers with credential earners and employers. The post The Newest Economy: Welcome to the Credential Currency Revolution appeared first on Velocity.

Sunday, 16. May 2021

Velocity Network

Interview with Jim Owens, President and CEO of Cisive

We sat down with Jim Owens, President and CEO of Cisive, a global provider of compliance-driven human capital management and risk management solutions, and a Founding Member of the Velocity Network. See why Jim is so passionate about working with the Velocity Network. The post Interview with Jim Owens, President and CEO of Cisive appeared first on Velocity.

Me2B Alliance

Rebuilding Respectful Relationships in the Digital Realm

DOWNLOAD PDF

Rebuilding Respectful Relationships in the Digital Realm

by Elizabeth Renieris

This article was commissioned by the Me2B Alliance, originally authored in 2020.

Abstract

With our lives under lockdown as COVID-19 rages on, our reliance on digital technologies and communications tools has perhaps never been greater, leading many to speculate that the pandemic has brought the digital future forward. At the same time, the shortcomings of digital life are now more apparent than ever, giving many a newfound appreciation for the value of human connection and relational states of being. In this context, the Me2B Alliance’s efforts to recenter relationships in our digital lives takes on new meaning and urgency.

According to the Me2B Alliance, we have relationships with each of the product and service providers in our lives, in both the digital and physical spheres. In the digital sphere, our experience of these primary relationships is often through a digital product or service, such as a website, app, or connected device. Each of these digital relationships has at least three core dimensions—commercial, technical, and legal. They are primarily business and legal relationships mediated by a variety of hardware and software tools.

The technical dimension of digital relationships introduces a variety of intermediaries into our primary relationships and creates a parallel dimension of reality consisting of the data generated by transactions and interactions in the ordinary course of those relationships—a kind of “parallel dataverse.” A commercial logic of extraction further complicates matters by introducing myriad parasitic entities who feed on and extract value from this parallel dataverse, undermining and distorting our primary relationships in the process.

Our prevailing legal paradigm for digital interactions stems from an overly simplistic and antiquated view of the digital universe, accounting only for primary relationships, without considering the impact of an increasingly complex digital realm and growing parallel dataverse. By only accounting for one dimension of our digital lives, this legal paradigm and its associated legal ceremonies leaves us exposed and vulnerable with insufficient safeguards and protections.

An alternative path forward must recalibrate our relationships and interactions in light of this increasingly complex and multidimensional view of the digital ecosystem. While digital will always be different, requiring intermediaries who enable our primary relationships, the more we can translate norms and expectations from the physical world into the digital realm, the closer we get to establishing effective standards and rules for our digital interactions.

Our legal paradigms must also evolve to capture this new reality by introducing base-level protections through prohibitions on certain activities and practices, mandating a risk-based approach to digital products and services, reestablishing context for our digital interactions, limiting default data collection and processing to what is necessary for primary business purposes, and imposing higher standards and obligations on parties who seek to go beyond what is necessary in the context of a bonafide commercial relationship.

Through this new paradigm, we can more easily define rules and norms for digital interactions that map to our expectations, according to the nature of our relationship to a given product or service provider. At the same time, we can also leverage and harness technology itself in the service of, rather than for purposes of extracting value from, these primary relationships. With new legal and technological foundations in place, the hope is to rebuild our digital relationships based on an ethos of mutual respect, in line with the Alliance’s mission.

DOWNLOAD PDF Table of Contents Foundations of the Me2B Relationship Cracks in the Foundation: On “Notice and Choice” Rebuilding Respectful Relationships Me2B Relationships in the New Paradigm Conclusions Introduction

The Me2B Alliance (the “Alliance”) is an innovative standards development organization whose mission is to grow the availability of trustworthy technology choices in part through a certification mark (like the “Organic” food label) that helps people understand how a connected product or service is treating them and their personal information. The work of the Alliance is premised on the existence of a relationship between an individual (a “Me”) and a business providing that individual with a product or service (a “B”), known as the “Me2B Relationship.” Additionally, the Alliance has developed a series of principles (“Me2B Principles”) and ethical rules of engagement (“Me2B Rules of Engagement”) that apply in and out of Me2B Relationships (see Appendix A – Me2B Materials).

The Alliance is now exploring alternatives to the prevailing “notice and choice” or “notice and consent” model for Web-based user interactions, based on whether or not an individual is in a Me2B Relationship with a given service provider. This paper is the result of a series of interviews and conversations with key stakeholders in the Me2B community, including Me2B leadership, participation in a series of Policy and Legal Working Group meetings, an analysis of pre-existing Me2B materials, and relevant research and scholarship. The Alliance is encouraged to view this whitepaper as a starting point for a long-term conversation about overhauling the context for, and nature of, our Web-based interactions in a way that more closely aligns with the Me2B Principles and Me2B Rules of Engagement.

This paper proceeds in five parts. Part I begins by examining the Me2B Relationship in context, including in the macro-context of a phenomenon known as surveillance capitalism, which distorts and undermines the very ethos of the Me2B Relationship. Part II outlines the failures of the prevailing “notice and choice” paradigm for digital interactions, including its legal and practical defects, as well as how such defects result from a failure to account for the effects of surveillance capitalism. Part III seeks to provide an alternative path forward by mapping the expectations we have in the physical world onto the digital world, including through new legal foundations and innovative uses of technology to realign expectations and reality. Part IV examines what digital interactions might look like in this new paradigm, according to the relevant Me2B Relationship state. Finally, Part V draws some conclusions and recommends next steps for research and exploration by the Alliance.

1.       Foundations of the Me2B Relationship

This section examines the Me2B Relationship in context by first examining the nature of digital interactions and the role of intermediaries. It also explains how the prevailing logic of surveillance capitalism creates a kind of “parallel dataverse” that distorts the nature of Me2B Relationships and undermines the interests of the individual, i.e. the “Me.”

1.1       A Multidimensional Relationship

According to the Alliance, we have two-sided or 1:1 “relationships” with each of the product and service providers in our lives, in both the physical and digital spheres. In the physical realm, these relationships have at least two core dimensions: (1) a commercial dimension, typically in the form of exchanges of mutually agreed upon value, and (2) a legal dimension, typically in the form of a contract, such as a sales receipt, membership agreement, or loyalty subscription. Additionally, where a physical or in-person interaction has a digital component, such as a digital payment method, there is a third technical dimension.

In the digital realm, each of our interactions and relationships has all three dimensions—commercial, technical, and legal. Commercially, there are actual and potential transactions or exchanges of value in return for products and services. Technically, these commercial transactions or exchanges are achieved via an array of hardware and software products and services. And legally, there are formalities that establish certain legal relationships between the various parties to a given digital interaction or transaction. Due to a phenomenon known as surveillance capitalism (as further outlined below), there is also a fourth hidden dimension.

1.1.1       Commercial

Commercially, our relationships are created through interactions and sharing over time. In general, these relationships tend to evolve according to a lifecycle consisting of five key stages: (1) acquaintance, (2) buildup, (3) continuation, (4) deterioration, and (5) termination, per Figure 1 below. A Me2B Relationship begins with a specific ceremony, such as signing up for an account, joining a loyalty program, agreeing to a website’s terms of service, or any other process by which individual credentials are created establishing a business relationship between a “Me” and a “B.”

Figure 1 – Me2B Relationship Model. Source: Me2B Alliance.

According to the Alliance, a Me2B Relationship is characterized by the individual having agency throughout the entire relationship lifecycle, including when to start and end the relationship, as well as what data to share or keep private, among other considerations. Before a Me2B Relationship is formed, and before a business relationship requires sharing personal information or exchanging value, the individual should have a reasonable expectation of anonymity. As she approaches the start of a Me2B Relationship and gets closer to establishing that business relationship, she gradually loses anonymity, becoming more pseudonymous or identifiable to a given service provider over time.

Once in a Me2B Relationship with a given service provider, the individual becomes personally identifiable. Nevertheless, she should still have the choice to remain unknown or anonymous in respect of specific transactions or interactions with that provider. Upon termination of the Me2B Relationship, she should be forgotten by and return to a state of anonymity in relation to that entity. In this way, a Me2B Relationship can also be described as a state of being “recognized, remembered, and responded to” by a given entity.

In order to exercise this kind of agency, individuals must be able to accurately identify the counterparties to a given interaction or transaction, which entities they are in relationship with, and where they are in the relationship lifecycle in relation to each entity, and be able to adjust their expectations accordingly. Undergirding the Me2B Relationship is a “Me2B ethos” or a core belief that a respectful relationship between an individual and the technology they are using, whether a website, connected device, app, or otherwise, benefits the individual and the service provider. Unfortunately, the complexity of the digital ecosystem as it exists today undermines both individual agency and the Me2B ethos.

1.1.2       Technical

While offline, in-person interactions require the physical presence or proximity of the parties, digital interactions do not. Rather, individuals (Me-s) and product or service providers (B-s) are connected by some combination of technical tools and architecture, typically provided by commercially owned and operated entities known as “technical intermediaries.” In the prevailing centralized, client-server model of the Web, these technical intermediaries include hardware and software providers that “serve” an end user or “client” with access to certain digital resources from a “B,” as requested by the end user. In this way, the digital version of a Me2B Relationship can be recharacterized as a kind of “Me—T—B” relationship.

Figure 2 – Technical intermediaries & the “Me—T—B” relationship

These technical intermediaries may include Web browsers (such as Google Chrome or Apple’s Safari), app stores (such as Google Play and the App Store), identity services (such as “login with Facebook” or “login with Google”), cloud services providers (such as Amazon Web Services or Microsoft’s Azure), and device manufacturers (such as Apple and Google), among others. From the perspective of a “Me” trying to do business with a “B,” we often overlook the importance of these technical intermediaries and their impact on our relationships. When interacting or transacting with a “B” through a device by digital means, we tend to view our commercial relationship with the “B” as primary and our relationships with T-s as secondary.

1.1.3       Legal

Though they may feel secondary, we are in primary legal relationships with technical intermediaries who facilitate our digital Me2B Relationships. Thus, we can also classify these technical intermediaries in terms of their legal status in relation to the “Me” in a given interaction. Those in privity of contract, i.e. in a direct contractual relationship, with the “Me” are “first parties” who sit in between the primary parties to a commercial transaction or interaction, with obligations to both sides. In the current paradigm of Me2B Relationships, a “Me” has a direct contractual relationship with the “B” and a parallel contractual relationship with each first-party technical intermediary who facilitates it.

Additionally, there are a variety of intermediaries who are not in privity, i.e. not in a direct contractual relationship with, the “Me” in a given transaction or interaction but are in a direct contractual relationship with the “B” or a “T” involved. From the perspective of “Me,” these are “third parties” or “third-party intermediaries” and may include payment processors, data processors, and other vendors and participants in a supply chain who are acting on behalf of a “B” or a “T” in the course of their ordinary business operations. Such third parties are necessary to provide technical or commercial functionalities in support of the primary business relationships between a “B” and its customers.

Figure 3 – First- and third-party intermediaries

Oddly, there are also a number of entities who are not commercially or technically necessary for a transaction or interaction between a “Me” and a “B” but who are lurking in the ambient digital environment around their relationship. Because they exist to extract value from Me2B Relationships but lack a direct or indirect relationship to the “Me” in a given relationship, they are akin to “parasites.” That digital interactions require an array of technical and commercial intermediaries does not by itself explain the presence of these parasites. Rather, their pernicious nature is the product of a particular phenomenon known as surveillance capitalism and its resulting distortions of the digital ecosystem.

1.2 On Surveillance Capitalism

Through their devices, browsers, authentication protocols, communications tools, and other infrastructure, it is almost impossible to interact or transact by digital means without the involvement of companies like Apple, Google, Facebook, Amazon, and Microsoft, among others. The reality is that large corporate intermediaries who provide the connective tissues of our digital relationships penetrate even the most intimate aspects of digital life.Unfortunately, many of these entities also participate in a new economic order known as “surveillance capitalism,” which “claims human experience as free raw material for hidden commercial practices of extraction.” This extractive logic results from, and results in, vast asymmetries of power along at least four dimensions.

1.2.1       Scale

With two and three billion users worldwide, Google and Facebook, respectively, have more users than the population of the largest countries on earth, reaching more people than governments, traditional media outlets, publishers, and any other platform in history. Scale is also concentrated in the market for mobile devices and applications. Together, Apple and Google control 99% of global market share and act as gatekeepers for all apps designed for iPhone and Android devices; in effect, all devices. Similarly, Amazon, Microsoft, and Google control more than 60% of the market for cloud services. As a result, many service providers or B-s have little choice but to accept the terms set by the surveillance capitalists, often compromising their relationships with Me-s in the process by sharing their data.

1.2.2       Information

Given their size and scale, and aided by exponentially increasing computational power, the surveillance capitalists have unmatched tools to collect and harness vast hordes of data and, in turn, to derive behavioral, psychological, and other insights about people, groups, and societies at large. They track and analyze our thoughts, preferences, and behaviors, leading many to conclude that privacy is dead. Meanwhile, the inverse is true of these intermediaries. Due to opaque algorithms (the so-called “black box” phenomenon), robust intellectual property rights and trade secrets, and limited technical competence on the part of law and policymakers trying to hold them to account, we know almost nothing about how their technology operates or how our data and any insights derived therefrom are used. As a result of the steep information asymmetries, we have fully transparent people and fully opaque platforms.

1.2.3       Resources

Asymmetrical scale and knowledge are further fueled by vastly asymmetrical resources as between individuals, service providers, surveillance capitalists, and their parasites. Through legal and accounting loopholes and aggressive lobbying, surveillance capitalists largely evade regulation and taxation. Failing to account for their externalities, they undermine and rent-seek from traditional businesses, such as traditional news media and journalistic outlets, free ride on public infrastructure, and take advantage of taxpayer funded subsidies, despite being among the richest companies of all time. Worse yet, they divert limited resources that could support the development of alternative technologies to promote the interests of Me-s online, perpetuating toxic, extractive practices to maximize shareholder value instead.

1.2.3       Capacity for control

With multidimensional asymmetrical power, the surveillance capitalists have an unprecedented capacity to exert equally unprecedented behavioral control and experimentation on people, without legal limits. Through recommendation engines, hyper-personalization, psychometric profiling, behavioral advertising, micro-targeting, and other tools, they have the ability to influence and alter our preferences, our expression, and ultimately our behavior. If mutual respect is a two-way street that recognizes both parties in a relationship as equally valuable in terms of their contributions and individual agency, a relationship built on the parasitic logic of extraction and control is a fundamentally one-sided relationship in which one party is more valuable to the other for purposes of extracting value.

1.3       The Hidden Dimension

Taken together, these asymmetries distort the power dynamics between Me-s and B-s and undermine the foundation of the Me2B Relationship, an ethos of mutual respect, by introducing a fourth hidden dimension into the relationship.

1.3.1       The “parallel dataverse”

While data is relevant to and exchanged in all interactions, non-digital information gleaned from an offline interaction tends to be ephemeral, difficult to store, transfer, and otherwise process, and of limited market or industrial value as a result. In contrast, digital data generated in online or digital interactions is often permanent, cheap and easy to store, transfer, and process, and, as a result of surveillance capitalism, fed into a highly lucrative data economy. The perverse power dynamics of surveillance capitalism distort Me2B Relationships, hosting an infinite number of parasites extracting value from them. Such parasites may include general and financial data brokers, commercial databases, fraud detection providers, ad networks and ad tech companies, credit reporting agencies, and myriad other entities motivated by their own commercial interests. Surveillance capitalism coopts digital intermediaries in service of these parasites, subverting and exploiting Me2B Relationships in the process.

Figure 4 – Parasites and the Me-T-n-B-n relationship

While the parties to an offline, in-person interaction typically share a similar perspective and ability to assess the mechanics of that interaction, as well as the information and value exchanged, the same is not true of digital interactions. If relationships form the perceptible matter in the material universe around us, data forms the imperceptible anti-matter consisting of black box algorithms, dark patterns, and other hidden processes that feed these parasites. As a result, our digital lives exist in two parallel dimensions: (1) the realm of digital relationships, including Me2B Relationships; and (2) ambient data swirling in a kind of “parallel dataverse.” We see, perceive, and participate in the former, while we tend not to see or perceive the latter, though it distorts our experience of digital relationships. Unwittingly and under the pretense and familiarity of relationships, the opaque parallel dataverse expands.

1.3.2 Time and space in the parallel dataverse

While time and space are highly correlated in physical interactions, the same is not true for digital ones. The relationship between digital time and space is distorted by the parallel dataverse. A short-lived physical interaction, such as a one-off purchase, requires showing up to a place once. A longer-lived series of physical interactions, as in the case of a regular customer, requires showing up repeatedly over time. In the digital realm, we can be in different places at the same time and persist in space over time through our data long after we stop showing up.

More concretely, take the example of a simple “Me2B Deal” or an exchange of mutually agreed upon value, such as going to a restaurant and paying $20 for a meal. The deal is a quid pro quo agreement that defines and bounds the scope of sharing, i.e. you give the restaurant $20 in cash and get a meal in return. The same in-person interaction with a form of digital payment may look and feel the same but significantly complicates things. For example, if you pay with a credit card instead of cash, your credit card provider now has the restaurant or merchant information, details of your order, and potentially your location data. Pay with something like Apple Pay and now your credit card provider, telecommunications operator, and smart phone vendor may all have this information too.

If you did this every week at the same restaurant, and became recognized, remembered, and responded to, you may expect to end up in a Me2B Relationship with the restaurant owner. However, you may not expect parasites in the parallel dataverse to compile and resell behavioral data about when you visit the restaurant, the details of your order, and where you were before and after each visit, among other insights about you. As a result of surveillance capitalism, even light-touch, short-lived interactions can form expansive and persistent data trails that extend through time and space across the parallel dataverse, the dimensions of which can be hard for individuals to grasp. This sharing is both and theoretically unbounded, violating the Me2B ethos.

2.       Cracks in the Foundation: On “Notice and Choice”

The logic of extraction based on asymmetrical power is also antithetical to the notions of “choice” and “consent” that theoretically undergird the legal foundations of our digital relationships. The prevailing paradigm for digital interactions is “notice and choice,” also called “notice and consent.” Originating from the Fair Information Practices of the 1970s, it is predicated on the idea that users of an online service can make informed decisions about whether and how to transact or interact with a given entity or service provider on the basis of transparent disclosures about its information and privacy practices. It still forms the foundation of the Federal Trade Commission’s enforcement authority over “unfair and deceptive” trade practices, the primary enforcement tool over online activity in the U.S. This section outlines the failures of “notice and choice,” including its many legal and practical defects.

2.1       Legal Defects

As U.S. companies like Apple, Google, Facebook, and others continue to dominate the global market for digital technologies, this framework has been exported to and imposed on individuals around the world, even influencing the application and interpretation of other legal frameworks. Due to the ubiquity of “notice and consent,” the two primary ceremonies we encounter in the digital realm are notices, typically in the form of a privacy policy or privacy notice, and contracts, in the form of terms and conditions or terms of service seeking our consent. We are also frequently presented with a variety of licenses. Our perception of these tools does not align with how they operate in practice.

2.1.1       Notices

A “notice” is a legal notification or warning delivered in a written format or as a formal announcement.Online, notices typically take the form of a website or app’s privacy notice, sometimes called a privacy policy. A notice is meant to be a transparency tool that provides clear but comprehensive disclosures on how a website or online service collects, uses, discloses, retains, and otherwise handles the information of its users. On the basis of this notice, individuals are presumed to make informed choices about whether and how to share data or otherwise engage with the service. This is the “notice” prong of the “notice and choice” model.

Although “notice and choice” is touted as promoting individual autonomy, and consumers tend to perceive notices as making binding promises, courts have typically regarded online privacy notices as general statements of information policy rather than as legally enforceable contracts. This is largely due to their passive presentment, often located on a separate webpage, without requiring a user to accept or even read them to proceed or use a website or service. It has also been industry practice to draft privacy policies in ways that do not constitute legally enforceable agreements.

It is also due to the unilateral nature of notices, which bind all users of a website or service regardless of their relationship to the site owner or service provider. In practice and at law, privacy policies or notices actually act more like property notices that proffer one-way terms and attach in rem to a service provider’s digital property, rather than in personam to an individual user. In other words, such notices act more like signage in a shopping mall.

2.1.2       “Contracts”

When we think of contracts online, we tend to think of terms and conditions or terms of service, and ceremonies like ticking a box or consenting to terms by clicking “I accept.” These actions form the “choice” prong of “notice and choice.” While property law is one-sided to favor the property owner, contract law seeks to equally protect both sides of a bargain. As such, a contractual basis for digital interactions should “facilitate certainty, predictability, and care in entering productive relationships,” providing a better foundation for Me2B Relationships built on mutual respect. But the digital ceremonies we perceive as contracts often do not hold up in theory or in practice.

A contract is an agreement between private parties creating mutual obligations or legally enforceable promises. The basic elements required for contract formation are mutual assent, expressed by a valid offer and acceptance, adequate consideration, capacity, and legality. Acceptance requires a “meeting of the minds” such that both parties to the contract understand what is being offered, i.e. that acceptance is identical to the offer. In determining whether an electronic contract has been validly formed, there must be “reasonable notice” of terms and a “manifestation of assent” by the consumer. In this way, valid contract formation in the digital realm follows the “notice and consent” approach.

Unfortunately, courts also tend to interpret electronic contracts as acting more like property notices that need only be reasonably displayed and can be assented to by a user through mere use of a website or service, even where they are not seen or read by the user. In this way, digital “contracts” operate more like property instruments that protect digital property owners, undermining the rationale for relying on “notice and choice.” As one scholar puts it, “the inutility of contract law for enforcing privacy policy promises calls into question the effectiveness and legitimacy of the Notice and Choice model for privacy protection.”

Finally, the unilateral ability of a service provider to modify the terms of an electronic contract at will, in a way that is more typical of notices, also means “the bargain itself is a moving target,” making it hard to establish a meeting of the minds at a given point in time in the relationship lifecycle. The decoupling of time and space that allows us to persist in the parallel dataverse through our data long after a transaction, interaction, or relationship ends, means that what we agree to in the moment of contract presentment and execution does not capture future uses of that data or activities with consequences on our lives. Moreover, the asymmetries of power and information that characterize our digital interactions in the surveillance capitalist paradigm further undermine any “meeting of the minds.”

2.1.3       Licenses

Finally, we may encounter end-user license agreements (EULAs) and other licenses when we access a copy of software or download an app. A license is a grant of permission to do something otherwise prohibited by law. Its nature is ill-defined as a license can be contractual or non-contractual. Under intellectual property law, as in the case of a EULA, a license is a contract granting written permission to exploit an invention, creative work, or trademark, and must satisfy the rules for contract formation, including valid offer and acceptance. Under real property law, a license is a unilateral commitment to grant certain restricted rights to property even where a grantee is unaware of those restrictions. A contractual license requires an act by the licensee that constitutes assent to its terms, while the licensee of a non-contractual license accepts its terms through performance, such as by entering a physical place or continuing to use a website. Contractual licenses have the same legal defects as digital contracts, as outlined above.

2.2       Practical Defects

As a light-touch, self-regulatory mechanism, the “notice and choice” model is theorized to promote individual autonomy by centering the individual’s informed consent and decisionmaking. However sound the theoretical foundations of “notice and choice,” the model has not panned out in practice.

2.2.1       Quantitative Challenges

As more of the population comes online, the volume of digital interactions increases exponentially. We send more than one hundred and fifty million emails and sixteen million text messages each minute, while Google processes nearly four billion searches per day. The frequency with which we have to accept or consent to a variety of legal terms and conditions via our digital interactions is already unmanageable. According to one study, it would take an average of seventy-six days to read the privacy policies of every website an individual encounters in one year. The more people and devices that come online and connect as we approach a world with the “Internet in everything,”the more unmanageable this will become.

The ubiquity of “notice and choice” has resulted in rather unpleasant user experience and user interface (UX/UI) features, including a variety of cookie pop-ups, banners, and tick boxes, among other nuisances, compounding the cognitive overload challenges. Efforts to require meaningful informed consent in Web-based interactions have actually worsened the problem. For example, UX/UI has been a key challenge in implementing Europe’s ePrivacy Directive, which outlawed passive or implied consent to cookies via banners or pre-ticked boxes and required affirmative, opt-in consent to all cookies not strictly necessary for a website’s technical operation. Where complied with, it has resulted in a proliferation of popups and notifications.

“Notice and choice” also does not translate well to mobile devices with smaller interfaces or to emerging and future technologies. As we move beyond the graphical user interface (GUI) to new interfaces, including voice, gesture, and gait, as well as neural or brain-machine interfaces, implementing “notice and choice” will get even trickier. Add the proliferation of smart devices, the Internet of Things, and sensor technologies, and a corresponding growth in ambient data collection, and the idea of having written terms and conditions and privacy policies to accept on a regular basis in real-time through clicks and scrolls becomes wholly untenable. The lack of future proofing also demonstrates the unsustainability of the notice and choice paradigm.

2.2.2       Qualitative challenges

These quantitative challenges also result in qualitative challenges in practice. While commercial entities continue to benefit from exponential improvements in computational capacity and power, the cognitive limits of the human mind have remained relatively static or fixed. As a result, the cognitive strain of the “notice and choice” paradigm further increases the asymmetry of knowledge and capacity as between individuals and the entities seeking consent. It is difficult, if not impossible, to establish meaningful, informed consent under these circumstances, as it simply exceeds our capacity for good decisionmaking.

“Notice and choice” is also applied uniformly to our relationships with product and service providers, whether B-s or T-s, despite our limited choice and the toxic business models of many T-s. These large commercial entities, so pervasive that they can be nearly impossible to avoid, intermediate most of our digital interactions. As a result, “consent” for entering into “contractual” relationships with them is not freely rendered but results from limited choice, anti-competitive tactics, and impediments to interoperability and data portability. Where we cannot interact with a B without accepting the terms of surveillance capitalist T-s, consent to B’s terms is also undermined. Without voluntariness, this is “defective consent” and cannot form the basis of meaningful “choice.”

Finally, there are mounting qualitative challenges to the nature of “notice” itself in respect of digital technologies. Consumer-facing notices are difficult to read and understand from the perspective of legal rights and obligations, and increasingly unable to communicate the true implications of data collection or technology use. New and emerging technologies such as artificial intelligence, machine learning, and neural or deep neural networks feature opaque processes and lack explainability. In such cases, technologists themselves may be unable to explain how certain decisions are made or outputs are derived, let alone communicate these ideas to the general public. Where explainability impedes notice, consent sought on the basis of that notice is also undermined.

2.2.3       Context collapse

The law is filled with ceremonial activities that have traditionally involved physical acts, such as placing one’s hand on a Bible while taking an oath of office or affixing one’s signature in ink to enter into a contract. We tend to scale the level of effort required by a ceremony to the gravity of the obligation undertaken or status conferred. For example, signing a marriage license requires the physical presence of the parties, at least two witnesses, and a state-sanctioned officiant, while executing corporate documents may require simple notarization, and accepting a delivery only a simple signature. The more cumbersome the ceremony, the more likely we are to perceive a decision as having serious consequences. As one scholar puts it, “The heft of a document tends to correspond to the onerousness of the obligations agreed to by the consumer.”

The digital realm collapses all of our actions and behaviors into a series of one-dimensional clicks and scrolls. As a result, it can be difficult to assess the relative heft or gravity of a decision to interact or transact with a given service provider, share or consent to certain personal uses of data, or make any variety of other decisions. While legal ceremonies are meant to help us assess the heft of a decision, the ubiquity of “notice and choice” makes nearly all digital interactions feel the same. Just as digital activities are designed to remove as much friction as possible,companies “intentionally minimize the disruptiveness of contract presentment in order to facilitate transactions and to create a smooth website experience for the consumer,” thereby reducing the signaling effect of online contracts.

2.2.4       The hidden dimension

Even if the legal and practical defects with the “notice and choice” paradigm were corrected, it would still fail to provide an effective foundation for Me2B Relationships based on an ethos of mutual respect. We have seen how a Me2B Relationship in the digital realm is rarely a two-sided, or 1:1 relationship. Rather, it is situated in the context of a complex web of relationships between individuals (Me-s), service providers (B-s), technical intermediaries (T-s), and a potentially infinite array of parasites (n-s).

The “notice and choice” construct is based on an overly simplistic and acontextual view of relationships that fails to account for the complex and multidimensional nature of the modern digital sphere. By only capturing direct contractual relationships, such as Me2B Relationships, the “notice and choice” paradigm misses an entire dimension of the digital realm—the toxic, extractive practices of parasites and surveillance capitalists in the parallel dataverse. Any legal foundation or ceremony that ignores this context will always be deficient to protect and promote the rights and interests of individuals in Me2B Relationships.

3.       Rebuilding Respectful Relationships

One reason that the “notice and choice” model persists despite the mounting evidence of its deficiencies is the failure to put forward a workable alternative or to imagine an entirely new paradigm. This section seeks to provide an alternative path forward by attempting to map the expectations we have in the physical world onto the digital world through new legal foundations and innovative uses of technology to support respectful digital relationships.

3.1       Realigning Expectations vs. Reality

Any viable path forward must recalibrate our relationships and interactions in light of the increasingly complex and multidimensional nature of the digital ecosystem. While digital will always be different, requiring intermediaries who enable our primary relationships, the more we can realign our expectations in the physical world with our experiences in the digital realm, the closer we can get to establishing effective norms and rules for digital interactions. As a starting point, we can map our expectations in the physical realm to the digital realm, taking the analogy of a shopping mall.

3.1.1       The physical shopping mall

When we walk through a physical shopping mall, we inhabit a space that constitutes a series of overlapping relationships and legal statuses with respect to different parties, both known and unknown to us. We can window shop and weave in and out of individual shops at will, without signing any contracts or affirmatively accepting any terms. In fact, there are few legal ceremonies in a trip to the mall, apart from the occasional receipt that needs signing. That is not to say the mall is a lawless place.

The mall’s entrances may display a host of written notices about a prohibition on smoking, penalties for unlawful trespassing, maximum occupancy limits, or the use of security or surveillance cameras, among other conditions of entry. By law, such notices must be clear and easily legible and they must be posted conspicuously, such as near the main entrance and exit or access doorways in a given room or space. The terms of these notices are not negotiable and we are not asked to sign a consent form; we likely do not even know the identity of the property owner who is providing such notice. Rather, by entering the mall, we are presumed to understand and accept the conditions notified.

While inside the mall, we are generally anonymous apart from individuals personally known to us or while in shops or spaces we regularly visit; even then, we might be recognized but not identified by name or personal credentials. Typically, we can travel through the mall as one of many faces in the crowd, in a 1:N relationship to the mall and shop owners. While we may be on notice of security staff or the use of surveillance cameras in the mall’s common areas or individual shops, we still have a reasonable expectation of privacy in fitting rooms, restrooms, medical clinics or consultation rooms, and other areas.

Finally, property owners have basic obligations to maintain the safety and security of their premises and are typically liable for any harm or injury suffered as a result of their negligence. Individual store owners are typically responsible for keeping their premises clean and safe for customers, while mall owners are responsible for common areas like parking lots, walkways, elevators and escalators, and ensuring the safety of visitors in these areas. Moreover, shopping malls are quasi-public spaces where individuals retain certain fundamental rights. Compare this to the experience of browsing the Web as it exists today.

3.1.2       The virtual shopping mall

Typically, we enter into the online or digital space through a browser such as Google Chrome or Apple’s Safari. If we download a new browser, we may be asked to click a box to accept a license agreement, terms of service, and/or privacy policy. Where a browser is preinstalled or the default browser on a device, consent may be bundled into an operating system’s blanket terms or license agreement. Even if we are unaware of a browser’s terms or privacy policy, its use is deemed to be implied “consent” or acceptance of them.

Once “online” via the browser, we can enter and exit various web properties such as individual websites and webpages owned and operated by different product and service providers. As in the physical realm, these property owners may stipulate conditions that apply to “being on their premises,” i.e. using their website or app, via written notices. But unlike in the physical realm, the terms are presented as contracts. In fact, we are “practically unable to engage in any online activity without being forced to accept the terms of an electronic contract,” notwithstanding their deficiencies. This includes the digital equivalents of window shopping, weaving in and out of shops without making a purchase, and an array of other activities that do not require contracts in the physical world.

Where we expect to be an anonymous face in the crowd to a mall or shop owner, we are typically identified, known, and tracked by digital equivalents, including the browser and website operator, with no reasonable expectation of privacy, even when we are not “logged in.” We are equally exposed whether in a perceived public forum like a social media newsfeed or a presumed private setting such as talking to a therapist through a mental health app. Even when using Google’s Chrome in Incognito mode, our activity may still be visible to third parties. Our activity is tracked across sites and properties, and shared with or sold to an infinite number of other entities for their unlimited purposes.

Unlike in the physical realm where we have some legal precedent to protect our fundamental rights, the digital realm is largely devoid of such protections, at least in the U.S., where we lack a comprehensive federal privacy law or equivalent legal safeguards. Moreover, unlike physical property owners, app developers, website operators, and other digital service providers have virtually no obligations to undertake routine maintenance or to ensure minimum safety and security protections for their users as visitors or invitees on their properties. The deep divergence between our physical and digital realities is not a feature of technology but results from the economic logic of surveillance capitalism and defective legal foundations for the digital realm.

3.2       A New Legal Foundation

In order to realign our norms and expectations in the physical and digital realms, we need better legal frameworks that move away from the hyper-individualistic or atomistic approach of “notice and choice.” Each of the components listed below provides an alternative to notice and choice. Together, they could create a more robust foundation for protecting the rights and interests of individuals in the context of digital interactions, whether in a Me2B Relationship or not.

3.2.1       Prohibitions on processing

First, we must end digital exceptionalism, i.e. what is illegal offline should also be illegal online. Just as there are capacity limitations, building and fire codes, and other restrictions imposed on physical property owners, digital services providers should be subject to specific prohibitions on certain data processing activities or uses of technology, particularly where an individual cannot opt out of a generalized practice. For example, a number of cities have recently banned the use of general facial recognition technologies to collect and process the biometrics of constituents.Other proposals would impose bans or prohibitions on the use of personal data to discriminate in decisions related to housing, employment, credit, insurance, and public accommodations. In such instances, individual preferences are overridden by a collective interest in prohibiting these activities. Reestablishing meaningful Me2B Relationships in the face of pervasive surveillance capitalism may require similar prohibitions, such as outright bans on the business of data brokers, the commercial sale of personal data and behavioral insights, and cross-site tracking outside of a relationship.

3.2.2       Risk-based frameworks

Second, just as physical shop owners owe a duty of care and must undertake regular maintenance to promote the safety and security of their customers, digital product and service providers should owe a similar duty and be subject to risk-based measures to ensure the safety and security of their customers. At present, technical intermediaries, including browsers and apps, have virtually no legal obligation to protect the rights and interests of their users. As a result, they tend to privilege the commercial interests of customers, advertisers, and other parties, over those of individuals. In some cases, their competitive interests may result in better protections. For example, Apple undertakes a minimal vetting process, and mandates certain base level privacy and security requirements, before making an app available to consumers in its App Store. While this helps shift the burden of assessing risk away from the individual and onto the app provider, who is better positioned to assess it, corporate goodwill is not a sufficient basis for a new legal paradigm.

This burden-shifting must be mandated by law through the imposition of risk-based frameworks. Rather than outright prohibitions, this may entail prohibiting the use of a technology or data processing activity by an entity before it has undertaken a variety of ex-ante impact assessments. In addition to traditional privacy and data protection impact assessments, these may include social, ethical, economic, civil rights, and human rights-based impact assessments. More radical proposals would require entities to demonstrate safety and efficacy, as well as freedom from bias, before going to market. The aim of such proposals is to shift the burden of identifying, assessing, and mitigating risk away from individuals and onto the asymmetrically more powerful entities creating the risk, thereby reducing the cognitive load on individuals when deciding how to interact and transact digitally.

3.2.3       Contextual integrity

In addition to prohibitions and risk-based frameworks, it is critical to reestablish context in the digital realm. One method of doing so may be by adapting the theory of privacy as contextual integrity to digital life. Contextual integrity “ties adequate protection for privacy to norms of specific contexts, demanding that information gathering and dissemination be appropriate to that context and obey the governing norms of distribution within it.” For example, a norm of appropriateness makes it acceptable for a doctor to inquire about a patient’s weight, but unacceptable for an employer to do so. Similarly, a norm of distribution makes it appropriate for a doctor to share a patient’s prescription with a pharmacist (under the condition it remains confidential), but inappropriate for the same doctor to share that information with the patient’s employer (at least not without the patient’s informed consent).

While we can easily identify context in the physical realm, we tend to treat the online or digital realm as a single monolithic context, tolerating behaviors and practices we would find objectionable offline. For example, we allow Google to read our email and Facebook to read our messages even though we would likely object to a neighbor reading our snail mail or a spouse reading our texts. Moreover, we use the same legal ceremonies and the same deficient “notice and choice” paradigm in wildly different contexts, whether a medical chat bot or Facebook’s newsfeed. With the reduced signaling effect of legal ceremonies in the digital realm, context is ever harder to establish. In the face of this context collapse, establishing norms of appropriateness and distribution requires reestablishing context in digital interactions, including by determining relationship states relative to specific entities.

3.2.4       “Necessity” and minimization

With contextual integrity restored in the digital realm, we could limit data collection and processing to what is necessary in a given context. Rather than requiring individuals to “consent” to each individual instance of data collection or use, limiting data collection and processing to what is necessary for a given transaction or interaction by default would help reduce cognitive strain and realign expectations with reality. It could also limit the distortions caused by an unbounded parallel dataverse and behavioral “surplus” that feeds parasitic actors in the surveillance capitalist paradigm. Much of this surplus results from the widespread reliance on “notice and choice” and consent-based frameworks that fail to account for data processing outside of primary commercial relationships.

Necessity is not new. European data protection law, which requires data minimization, allows for processing personal data where necessary for the “performance of a contract” or prior to entering into a contract and for “legitimate interests” pursued by a controller or third party. In the U.S., the draft Data Accountability and Transparency Act of 2020 would go further to prohibit an entity from collecting, using, sharing, or otherwise processing any personal data unless it can demonstrate it is “strictly necessary to carry out a permissible purpose.” Permissible purposes include providing a good, service, or specific feature requested by an individual in an intentional interaction, and non-targeted advertising. As with contextual integrity, limiting collection by default may require overhauling technical infrastructure and the difficult task of establishing norms about what is “permissible” or “necessary.”

3.2.5       Fiduciary duties

Finally, where it may be desirable to share personal data beyond what is strictly necessary for a given transaction or interaction, such as to save payment information or remember personal preferences, or for any other purposes that would serve the individual’s interests while respecting her preferences, an obligation must attach to that sharing. The Alliance describes this principle as “no data about me without an obligation.” Such obligation may take the form of legally mandated fiduciary duties imposed on parties seeking to collect or use personal data. For example, a leading proposal would treat existing online providers as “information fiduciaries” legally bound by general fiduciary duties.

The most common fiduciary obligation is the duty of care, often expressed in data security terms, requiring enterprises to take reasonable or prudent care in securing personal data and to avoid deliberately causing harm. A higher duty of loyalty may require entities to avoid conflicting duties (the “thin” version) or to act in an individual user’s best interests (the “thick” version). For example, the duty of loyalty may require preventing uses of data that would harm or offend a reasonable user. Finally, a duty of confidentiality would require enterprises to bind data processors and sub-processors to the same duty of confidentiality as binds them in performing their obligations for that enterprise.

Fiduciary-style obligations and duties are typically grounded in asymmetrical personal relationships such as between doctors and patients or attorneys and clients. Applying them to the digital realm requires identifying appropriate relationships to which they might attach. Moreover, as such obligations only make sense in the context of primary relationships, they could not, standing alone, provide a sufficient legal foundation to remedy the nefarious effects of the parallel dataverse and logic of surveillance capitalism on Me2B Relationships. Rather, they must be layered on top of these other foundational building blocks as laid out above.

3.3       Technical Scaffolding

Without a new legal paradigm, technology can do little to restore respectful digital relationships in the face of powerful commercial incentives. Even with such a foundation in place, there will still be too many interactions and touchpoints to effectively scale our cognitive capacity and human agency in the digital realm. Without scaling, we cannot address the steep power asymmetries at play as between individuals and entities in the digital sphere. By helping scale the individual’s ability to express and promote her interests and preferences in the digital realm, technology can act as a kind of scaffolding to support and uphold the new rules in practice, thereby restoring mutuality to Me2B Relationships.

3.3.1       The browser as “digital proxy”

Until we can physically inhabit a digital space, we will require some kind of technical infrastructure to act as our “digital proxy.” Right now, we show up through a combination of technical intermediaries who have competing interests, none of which uniquely represents our own. In other words, we lack an effective digital proxy. As such, many proposals for fixing the Web call for new intermediaries, such as digital avatars, personal artificial intelligence, and virtual assistants. The idea is that these tools could help individuals scale their knowledge, capacity, and resources to lessen the asymmetrical power dynamics that exist in the digital realm and approximate the dynamics of offline, in-person interactions. But why not begin by leveraging existing intermediaries in service of the new paradigm?

The browser is in a unique position to support this paradigm by helping to realign our experiences in the digital realm with our expectations in the physical one. In order to act as our digital proxy, we must be known to the browser by establishing credentials and setting out our preferences. This means, we must enter into a genuine Me2B Relationship with the browser by executing a valid legal contract and providing meaningful, informed consent to its terms of service and privacy policies. Under this validly formed contract, the browser could not make any material changes to the contract unilaterally and any violations would be enforceable at law, unlike under the current paradigm.

To act as our digital proxy, the browser must be bound by a thick duty of loyalty mandated by law, not commercial preference. This duty would require it to promote and privilege our individual interests above the interests of all other parties or stakeholders in a given interaction or transaction. The browser would also have heightened obligations to store, communicate, and manage our individual preferences vis-à-vis other web properties, including preferences such as “do-not-track” or “do-not-sell-my-data” requests under laws like the California Consumer Privacy Act (CCPA). Finally, the browser must be held to a duty of confidentiality with respect to our browsing activity and search history.

The browser could also help streamline legal ceremonies in the digital realm. Acting as our digital proxy to enforce our preferences, the browser could scan and read the many property-style notices we encounter. Rather than forcing us into defective contracts with each product or service or digital property we explore, it could undertake an initial screening process to eliminate any providers whose terms do not align with our values or meet our preferences. After this initial gating, we could decide whether to enter into a Me2B Relationship with a relevant service provider for purposes of completing a transaction or interaction through a validly formed contract. Reducing the number of contracts should also reduce the cognitive strain and help restore the signaling effect of digital legal ceremonies.

Going back to the shopping mall analogy, the browser would enter digital space as we would physical space, carrying our own preferences and inclinations forward into the digital realm. Through the browser as our digital proxy, we could visit websites, webpages, and other digital properties anonymously. This would require a technical means by which to obscure our identity vis-à-vis our digital proxy. We could then explore or weave in and out of these properties, as we can in the physical world, without establishing a commercial relationship or entering into a defective contract. Finally, the browser could help further reestablish context by locating us in digital time and in space, to give us a fuller picture of the various stakeholders involved in a given interaction or transaction as well as its potential data footprint.

4.       Me2B Relationships in the New Paradigm

Having outlined a vision for a new legal foundation, supplemented by new applications of technology, this section examines what digital interactions might look like in this new paradigm, according to relationship state.

4.1       Respectful Defaults

With general prohibitions in place to outlaw toxic and pernicious behaviors that are impossible to opt out of at an individual level and the imposition of mandatory risk-based frameworks to assess the safety and security of digital products and services before they hit the market, our digital interactions would be inherently more protective of our interests. As a matter of principle, ending digital exceptionalism by prohibiting online what is illegal offline offers a good starting point. Working to articulate the acceptable bounds of our digital interactions, achieving consensus on specific behaviors and practices that should be outlawed, and determining the necessary risk-based assessments that must be undertaken by a product or service provider, are also key steps. Once in place, all digital interactions would benefit from more respectful defaults and baseline protections, whether in the context of a Me2B Relationship or not.

4.2       Relationship States 4.2.1       The no Me2B relationship state

The “No Me2B Relationship State” can exist: (1) before an individual has entered into a Me2B Relationship and established unique credentials with a given product or service provider; (2) after the individual’s credentials have been destroyed upon termination of a Me2B Relationship with a given product or service provider; or (3) when an individual has an existing Me2B Relationship and unique credentials with a given product or service provider but chooses to participate in a specific transaction or interaction anonymously without presenting those credentials, rather than through the relationship. For example, a retail customer of Target.com who has a customer account with Target may nevertheless decide to checkout in “guest mode.” In the new paradigm, the browser acting as our digital proxy could “know” our relationship state in relation to each digital product or service provider we encounter online.

In the No Me2B Relationship State, having no unique business relationship with an entity, an individual has no need to establish unique credentials with it. Rather, the individual will be able to interact with that entity’s digital properties as an anonymous face in the crowd, in a 1:N property-based relationship, just as she would in relation to shops in a physical mall. The browser would provide a technical means by which to obscure our identity vis-à-vis the service provider. Unlike in the current “notice and choice” paradigm, defective contractual instruments in the form of terms and conditions or terms of service would be unnecessary in the No Me2B Relationship State under the new paradigm. Instead, the default legal ceremony would be a property-style notice not requiring any affirmative act from the individual. In the new paradigm, contracts become the exception rather than the norm, helping restore their signaling effect.

Before entering into the Me2B Relationship State with a given entity, the browser as our digital proxy would have scanned and pre-screened that entity’s terms and conditions, privacy policies, and any other relevant notices for compliance with our indicated values, preferences, and requirements. We could then enter the service provider’s digital space with awareness and acceptance of these conditions. Should the browser detect any unreasonable notices that violate our values or preferences, it could provide a notification or alert recommending “exit” or “caution.”  Even while in a digital space in a No Me2B Relationship State, the service provider would still owe us a duty of care, having to take reasonable or prudent steps to secure any data or insights gleaned, ensure minimum safety standards, and avoid deliberately causing us harm.

4.2.2       The Me2B relationship state

Should we want to establish a business relationship with an entity to be “recognized, remembered, and responded to,” we would enter into a Me2B Relationship by creating an account, signing up for a membership or loyalty scheme, or by otherwise establishing unique credentials with the entity, with the help of the browser as our digital proxy. This would be achieved through a validly formed electronic contract requiring an affirmative act on our part, and may also be supplemented by means of “whitelisting” or other technical mechanisms implemented by the browser. Once in this Me2B Relationship, the service provider could not unilaterally change the terms of such contract without jeopardizing the relationship or risking legal liability. We could now participate in specific transactions or interactions in a “Me2B Relationship State.”

While in a Me2B Relationship State, we would remain identified, share personal information, and participate in exchanges of mutually agreed upon value through our browser as our digital proxy. The website owner or operator would owe us more than a mere duty of care as in the No Me2B Relationship State. Rather, when transacting or interacting with an entity in this Me2B Relationship State, the entity would also be legally bound by duties of loyalty and confidentiality. Even with these heightened duties owed, the browser could help provide additional context for specific interactions or transactions by giving us a fuller picture of the various stakeholders involved and even its potential footprint in the parallel dataverse. We could then elect to participate in either relationship state.

The browser could provide this ability to transition between relationship states, affording us the same agency in digital spaces as we have in physical ones, carrying our own preferences and inclinations forward into the digital realm. In this way, the browser would no longer be a mere technical intermediary or T. Rather, it would be transformed into an approximation of the “Me” in a Me2B Relationship. With the browser acting as “Me’s” genuine digital proxy and obligated to promote Me’s interests in all digital interactions, what were previously Me—T—B style relationships become much more like direct Me2B Relationships again. In this way, the new paradigm helps to restore the mutuality of Me2B Relationships to approximate relationships in the physical realm.

5.       Conclusions

Based on the above analysis, we can draw a number of preliminary conclusions. First, Me2B Relationships in the digital realm are multidimensional relationships with commercial, legal, and technical dimensions. Through this technical dimension, data generated in the ordinary course of our Me2B Relationships creates a fourth hidden dimension—a  kind of “parallel dataverse” that is largely invisible to us as individuals. This hidden dimension has significant consequences for Me2B Relationships despite exceeding our cognitive capacity to appreciate them.

Second, as a result of surveillance capitalism, myriad parasitic entities feed off of this parallel dataverse in ways that exploit and undermine our primary Me2B Relationships. Thus, a given Me2B Relationship cannot be assessed in isolation from the complex and overlapping relationships between various parties directly and indirectly involved in a given digital interaction or transaction, including individuals (Me-s), product and service providers (B-s), technical intermediaries (T-s), and parasites (n-s).

Third, our prevailing legal paradigm for digital interactions, in the form of “notice and choice,” stems from an overly simplistic and antiquated view of the digital universe formed in the 1970s. It is comprised of defective legal ceremonies and also suffers from a growing number of practical defects. Moreover, it only accounts for primary relationships, failing to consider the impact of an increasingly complex digital realm running on the logic of surveillance capitalism. By only accounting for one dimension of our digital lives, this legal paradigm and its associated legal ceremonies leaves us exposed and vulnerable with insufficient safeguards and protections.

Fourth, any viable path forward must acknowledge this complexity and provide a strong underlying foundational framework to situate Me2B Relationships in this broader context and help realign our expectations in the digital world with our experiences in the physical realm. This realignment can help guide the development of effective norms and rules for our digital interactions regardless of relationship state.

Fifth, a robust new legal foundation must prohibit certain activities and practices, mandate a risk-based approach to commercializing digital products and services, reestablish context for digital interactions, limit default data collection and processing to what is necessary for primary business purposes, and impose higher standards and obligations on parties who seek to go beyond what is necessary in the context of a bonafide commercial relationship.

Finally, existing and emerging technologies could help play an important role to support and help enforce this new legal paradigm in practice, starting with the browser as our “digital proxy.” Through legal mandates requiring technological tools like the browser to act in service of, rather than for purposes of extracting value from, our Me2B Relationships, we can help rebuild respectful relationships in the digital realm based on an ethos of mutual respect.

Appendix A – Me2B Materials

Figure 5 – Me2B Core Principles via Me2B Alliance

Figure 6 – Me2B Rules of Engagement via Me2B Alliance

Appendix B – Me2B Relationship Model

Elizabeth M. Renieris is a data protection and privacy lawyer (CIPP/E, CIPP/US), Founding Director of the Technology Ethics Lab at the University of Notre Dame, the Founder and CEO of HACKYLAWYER LLC, a Technology and Human Rights Fellow at the Carr Center for Human Rights Policy at the Harvard Kennedy School, and an Affiliate at the Berkman Klein Center for Internet & Society at Harvard University.

Friday, 14. May 2021

Me2B Alliance

The Policymaker’s Guide to Respectful Technology in Legislation

The concept of better privacy practices is not new – we’ve been talking about it since the birth of the internet. But what exactly does “better privacy” mean, and how do we get there? Policymakers have been working on legislation oriented around privacy for some time. While there have been some steps in the right direction, significant change won’t happen until we broaden the lens. What most peo

The Policymaker’s Guide to Respectful Technology in Legislation

The concept of better privacy practices is not new – we’ve been talking about it since the birth of the internet. But what exactly does “better privacy” mean, and how do we get there? Policymakers have been working on legislation oriented around privacy for some time. While there have been some steps in the right direction, significant change won’t happen until we broaden the lens. What most peo

The concept of better privacy practices is not new – we’ve been talking about it since the birth of the internet. But what exactly does “better privacy” mean, and how do we get there?

Policymakers have been working on legislation oriented around privacy for some time. While there have been some steps in the right direction, significant change won’t happen until we broaden the lens. What most people want but don’t have the terms to describe is respectful digital relationships. In the same way there is an unspoken code for respectful behavior in physical-realm relationships, this same type of behavior is just as essential when engaging with an online service or website.

Today, MIT Computational Law Report published a framework for policymakers to understand and advocate for more respectful digital relationships based on the Me2B Alliance vision.

The article, “Rebuilding Respectful Relationships in the Digital Realm,” penned by Elizabeth Renieris, an internationally recognized expert in law, policy and digital privacy, describes the Me2B Alliance’s approach to digital engagement with a focus on the legal and technological foundations necessary to rebuild digital relationships based on an ethos of mutual respect.

Renieris’ paper proceeds in five parts:

1. Digital relationships today and surveillance capitalism. Examines the Me2B Relationship in context, including in the macro-context of a phenomenon known as surveillance capitalism, which distorts and undermines the very ethos of the Me2B Relationship.

2. Today’s failed opt-out paradigm. Outlines the failures of the prevailing “notice and choice” paradigm for digital interactions, including its legal and practical defects, as well as how such defects result from a failure to account for the effects of surveillance capitalism.

3. An alternative path forward. Maps the expectations we have in the physical world onto the digital world, including through new legal foundations and innovative uses of technology to realign expectations and reality.

4. Digital interactions in this new paradigm. Defines interactions according to the relevant Me2B Relationship state.

5. Conclusions and recommends. Identifies next steps for research and exploration by the Alliance.

Policymakers take note: this is where privacy legislation needs to go in order to turn these small steps into leaps in the right direction. The vocabulary and concepts defined in this paper will help to define what is much more complex than “privacy” alone. We urge policymakers to internalize these concepts and start infusing respect into privacy-related legislation.

Read the full article, “Rebuilding Respectful Relationships in the Digital Realm.”

Elizabeth M. Renieris is a data protection and privacy lawyer (CIPP/E, CIPP/US), the Founder & CEO of HACKYLAWYER LLC, a Technology & Human Rights Fellow at the Carr Center for Human Rights Policy at the Harvard Kennedy School, a Fellow at Stanford’s Digital Civil Society Lab, and an Affiliate at the Berkman Klein Center for Internet & Society at Harvard University. Her paper was commissioned by the Me2B Alliance and originally published in the MIT Computational Law Report on May 14, 2021.


eSSIF-Lab

2 eSSIF-Lab calls: 1 webinar

Are you applying to ongoing eSSIF-Lab Open Calls? Let us help you: tune in to our webinar to get all the information and the tips for crafting an effective proposal.

When:
On Thrusday, 27th of May 2021 at 14:00 (Brussels Local Time), technical coordinator (TNO) and open call manager (FBA) will be answering all your questions about the application process, the programme and the value of the eSSIF-Lab’s Open Calls, live on air.

Where? 

The webinar is online, free and open to all interested people.

REGISTER NOW!

More info on the Open Calls:

Infrastructure-Oriented Open Call

This call targets open source technical enhancements and extensions for eSSIF-Lab Framework which fall within the SSI concept (i.e. technologies which allow individuals to control their electronic identities and guard their privacy).

Deadline: 7th of July 2021 at 17:00 (Brussels Local Time)
Funding: up to 155,000 €

2. Second Business-oriented Open Call

Solutions proposed for this open call should be business solutions that make it easy for organizations to deploy and/or use SSI and must fall within the SSI concept (i.e., technologies which allow individuals to control their electronic identities and guard their privacy).

Deadline: 7th of July 2021 at 17:00 (Brussels Local Time)
Funding: up to 106,000 € (for those best in class).

 

Join the webinar and find out all you need!


2nd Business-oriented Call ongoing

Over the past years, the question of how we can protect our identity in the world of online has been getting more heated. The Self-Sovereign Identity paradigm stepped in with the idea itself, that everyone should be in charge of their own digital personal information, and that it is the data owner who should decide on how this data is being used and by whom.

Self-Sovereign Identity (SSI) promises to empower European citizens with new means to manage privacy, to eliminate logins, and to enjoy much faster and safer electronic transactions via the internet as well as in real life.

Strengthening internet trustworthiness with electronic identities is also the aim of eSSIF-Lab, which has just launched its Second Business-oriented Open Call on 7 May 2021.

2nd Business-oriented Open Call

This call is open for proposals to develop and demonstrate SSI working solutions for a real-world, domain-oriented problem or opportunity, in prioritized eSSIF-Lab areas (Health Tech, e-Government and Education), or in the Open Disruptive Innovation track (which is covering innovative bottom-up projects out of these verticals).

Proposed solutions must be commercial, competitive and sector-specific SSI applications for products and services. They are expected to leverage on the added value that previously developed functionalities within the eSSIF-Lab, to include the issuing, exchange and consumption of SSI credentials as a core element and to have high technology and investment readiness levels.

The proposals selected in the Second Business-oriented Call will be invited to join an 8-month acceleration programme, including business and technical support to integrate eSSIF-Lab and other SSI technology with market propositions. 

.

Who can apply?

This call targets SMEs (including startups), not-for-profit entities (such as foundations or associations), or collaborative initiatives (as micro-consortia of these entities), registered in a Member State of the EU or in a H2020 associated country.

Deadline: 7th of July 2021, at 17:00 (Brussels Local Time).

Funding: up to 106,000 € per project (for those best in class).

APPLY NOW! Infrastructure-oriented Open Call

Remember that also the Infrastructure-oriented Open Call of eSSIF-Lab is still ongoing and that the deadline to submit applications has been extended. This call looks for open source technical enhancements and extensions for eSSIF-Lab Framework which fall within the SSI concept (i.e. technologies which allow individuals to control their electronic identities and guard their privacy).

Open source SSI components developed as a result of this open call will be applied by other participants in eSSIF-Lab and, hence, applicants shall be willing and able to work in an agile way with lots of communication and interaction with other participants in the eSSIF-Lab ecosystem.

Who can apply?

Innovators in the SSI domain (such as outstanding academic research groups, hi-tech startups, SMEs, etc.), legally established/resident in a Member State of the EU or in a H2020 associated country.

Deadline: 7th of July 2021 at 17:00 (Brussels Local Time)

Funding: up to 155,000 € per project.

APPLY NOW!

Velocity Network

From pipe dream to reality: what Blockchainmania can mean for the world of HR and recruiting

Totalent explores what blockchainmania can mean for the world of HR and recruiting, recognizing Cornerstone as the first to officially integrate its Applicant Tracking Software (ATS) under the Velocity Network. The post From pipe dream to reality: what Blockchainmania can mean for the world of HR and recruiting appeared first on Velocity.

Own Your Data Weekly Digest

MyData Weekly Digest for May 14th, 2021

Read in this week's digest about: 8 posts, 2 Tools
Read in this week's digest about: 8 posts, 2 Tools

Thursday, 13. May 2021

Digital Identity NZ

NZ’s Digital Identity Trust Framework – Announcement

Check out Digital Identity New Zealand's news update here The post NZ’s Digital Identity Trust Framework – Announcement appeared first on Digital Identity New Zealand.

This month I’d like to focus on an important announcement regarding New Zealand’s Digital Identity Trust Framework that the Minister David Clark, who is both the Minister for Commerce and Consumer Affairs as well as Digital Economy and Communications, made at the last DINZ event held in Wellington. 

Firstly, Minister Clark, who also chairs the the new Digital Ministers’ Group, talked to us about the Digital Strategy for Aotearoa and it’s three pillars:Mahi tika (trust)Mahi tahi (inclusion)Mahi ake (growth).Mahi Tika is viewed as being critical for government and businesses as we build confidence in new processes and technology. With Mahi Tahi there is a need to make sure we bring everyone along on this digital journey. And Mahi Ake is about ensuring that New Zealand is well positioned to reap the rewards of being a digital nation and securing a bigger piece of the global pie.

Minister Clark  went on to talk about the Government’s work on digital identity and he articulated how it is a crucial enabler to these three strategic pillars. He then announced that the Government has approved proposals to establish a Digital Identity Trust Framework in law.

He stated that the Government is committed to enhancing trust and confidence in how organisations handle personal and business identity information, that the legislation will ensure that everyone is clear on their rights and obligations and that the framework will give the tech sector a solid reference for how they can innovate and grow.

He also made it clear that there is a commitment to ensuring that the digital identity system reflects Māori perspectives, and that officials are engaging extensively with iwi to deliver this framework in a way that supports tikanga Māori.

He concluded by stating that a trusted modern digital identity system will help grow our digital economy, transform government services and ensure all New Zealanders can take part in the digital world. Here’s some press coverage on Minister Clark’s announcement.

The announcement was followed by a lively Q&A session during which Ann-Marie Cavanagh who has dual hats as Deputy Chief Executive Digital Public Service, and Deputy Government Chief Digital Officer, and Alan Bell, the Executive Director, Digital Identity took a range of questions from the floor.

For me there were a few key takeaways: The government seems to be taking development of the digital sector seriously as a key element in making New Zealand a more secure and prosperous place. There is an emerging strategy to assist and hopefully accelerate that developmentDigital identity is a central component of both the government’s digital strategy and in the development of our digital sector overall. DINZ and its members can play a pivotal role in achieving these goalsThere’s a shed load of work to do to get there!We had hoped to repeat the event on 5th of May in Auckland, but for a number of reasons that is now happening on 3rd June. Whilst there is quite a gap between the two events, both Ann-Marie Cavanagh and Alan Bell will be at the Auckland event and this presents an awesome opportunity for those working in the digital identity space to spend some time with a couple of people who will be central to the role government plays in this space. We look forward to seeing many of you there, ensure you register to secure your place. 

Ngā Mihi,

Michael Murphy
Executive Director

The post NZ’s Digital Identity Trust Framework – Announcement appeared first on Digital Identity New Zealand.


Kantara Initiative

1Kosmos BlockID Receives NIST Certification

1Kosmos’s BlockID platform has completed a third-party testing process and received NIST SP 800-63 certification. The test was carried out by the Kantara Initiative, which evaluates identity solutions to determine whether or not they meet NIST and ISO standards, and whether they conform to Kantara’s own Identity Assurance scheme and Trust Framework Program.1Kosmos BlockID Receives NIST Certificati

1Kosmos’s BlockID platform has completed a third-party testing process and received NIST SP 800-63 certification. The test was carried out by the Kantara Initiative, which evaluates identity solutions to determine whether or not they meet NIST and ISO standards, and whether they conform to Kantara’s own Identity Assurance scheme and Trust Framework Program.1Kosmos BlockID Receives NIST Certification

The post 1Kosmos BlockID Receives NIST Certification appeared first on Kantara Initiative.


Ceramic Network

Ceramic and IDX now available on Avalanche

Ceramic brings streaming data and cross-chain identity protocols to Avalanche developers.

Ceramic, the decentralized network for data stream processing, and IDX, Web3's first cross-chain identity model, are now integrated with Avalanche. Starting today, developers and users have a new, powerful way to manage identities and dynamic off-chain data in their applications.

Ceramic provides developers with database-like functionality for storing all kinds of dynamic, mutable content. This finally gives developers a Web3 native way to add critical features like rich identities (profiles, reputation, social graphs), user-generated content (posts, interactions), dynamic application-data, and much more.

Developers building applications on Avalanche can easily add support for Ceramic and IDX in their application with a seamless user experience. Avalanche key pairs have been added as a supported signing and authentication method for Ceramic's data streams, so users can now perform transactions on Ceramic with their existing Avalanche wallets.

Blockchain, Data & Identity: a full stack for Web3 developers

Avalanche offers developers the most scalable infrastructure for building decentralized apps and services. It is the first decentralized smart contracts platform built for the scale of global finance, with near-instant transaction finality. Ethereum developers can quickly build on Avalanche as Solidity works out-of-the-box.

Great Web3 and DeFi apps require more than a smart contract platform, however. They also need sophisticated, scalable and dependable data management infrastructure.

Ceramic provides advanced database-like features such as mutability, version control, access control, and programmable logic. Now that Avalanche and Ceramic can easily be used together, developers can:

Build data-rich user experiences and social features on fully decentralized tech Give users cloud-like backup, sync and recovery without running a centralized server Publish content on the open web without the need to anchor IPFS hashes on-chain Leverage interoperable profiles, social graphs and reputations across the Web3 ecosystem

Ceramic's unique stream-based architecture is designed for web-scale volume and latency and to handle any type of data model. Built on top of open standards including IPFS, libp2p, and DIDs and compatible with any raw storage protocol like Filecoin or Arweave, all information stored on Ceramic exists within a permissionless cross-chain network that lets developers tap into an ever growing library of identities and data while using their preferred stack.

IDX: Cross-chain identity and user-centric data

Identity is the first use case enabled by Ceramic's building blocks for open source information. IDX (identity index) is a cross-chain identity protocol that inherits Ceramic's properties to provide developers with a user-centric replacement for server-siloed user tables. By making it easy to structure and associate data to user's personal index, IDX lets applications save, discover and route to users' data.

The IDX SDK makes it simple to manage users and deliver great data-driven experiences using the same keys and wallets as developers and users are already relying on. Users can also link multiple keys, from any wallet and multiple blockchains, to the same identity. This is essential to developers who want to serve users over time, as it enables key rotation, data interoperability across accounts, and rich cross-chain profiles, reputations and experiences (including 50,000+ profiles on Ethereum today).

Getting started with Ceramic on Avalanche To install Avalanche, follow this quickstart guide for running an avalanche node To add IDX to your project, follow this installation guide To use Ceramic for streams without IDX, follow this installation guide Regardless of which option you choose, you should also select 3ID Connect as your DID wallet during the authentication process which handles the integration with Avalanche wallets For questions or support, join the Ceramic Discord and the Avalanche discord About Avalanche

Avalanche is an open-source platform for launching decentralized applications and enterprise blockchain deployments in one interoperable, highly scalable ecosystem. Avalanche is able to process 4,500+ transactions/second and instantly confirm transactions. Ethereum developers can quickly build on Avalanche as Solidity works out-of-the-box.

Website | Whitepapers | Twitter | Discord | GitHub | Documentation | Forum | Avalanche-X | Telegram | Facebook | LinkedIn | Reddit | YouTube

About Ceramic

Ceramic is a public, permissionless, open source protocol that provides computation, state transformations, and consensus for all types of data structures stored on the decentralized web. Ceramic's stream processing enables developers to build secure, trustless, censorship-resistant applications on top of dynamic information without trusted database servers.

Website | Twitter | Discord | GitHub | Documentation | Blog | IDX Identity


Blockchain Commons

Everything You Wanted to Know About Blockchain Commons (But Were Afraid to Ask)

In the last year, Blockchain Commons has produced a large collection of specifications, reference libraries, architectures, and reference utilities meant to improve blockchain infrastructure by enabling interoperability among Bitcoin wallets — and in the future, other cryptocurrency applications, such as Ethereum wallets, and other cryptography programs, such as chat systems, key management program

In the last year, Blockchain Commons has produced a large collection of specifications, reference libraries, architectures, and reference utilities meant to improve blockchain infrastructure by enabling interoperability among Bitcoin wallets — and in the future, other cryptocurrency applications, such as Ethereum wallets, and other cryptography programs, such as chat systems, key management programs, and more.

So, what do Blockchain Commons’ technologies do? We’ve just released a Technology Overview video that discuses the concepts and foundations underlying our work and also highlights many of our most important technological releases.

Read More

As the video notes, our work is built on a considerable volume of existing literature. We work with entropy, seeds, and keys and use airgaps, multisigs, and secure storage to ensure robust key creation, safe key usage, and responsible key management. We also build on crucial technological foundations such as CBOR, CRC-32, Fountain Codes, QRs, SHA-256, and Shamir’s Secret Sharing.

This results in a number of core Blockchain Commons technologies:

Bytewords are a text-encoding method for binary data. Uniform Resources support self-describing data that can be used interoperably. LifeHash allows for graphical recognition of seeds, keys, and other data. SSKR provides new libraries and methodologies for sharding secrets. The Torgap architecture creates security by partitioning blockchain services.

The Technology Overview video discusses all of this and more.

We are also continuing to produce documents of use for the entire blockchain community, with our newest tutorials offering more depth on how to use the technologies highlighted in this video. That begins with some just-published developer-focused documents that expand on the overview of Uniform Resources (URs) found in the video. Uniform Resources: An Overview explains how URs are put together, and then A Guide to Using URs for Key Material looks at ur:crypto-seed, ur:crypto-bip39, and ur:crypto-hdkey as three different ways to transmit key material in a standardized, typed format. (We have more UR docs planned on SSKRs, PSBTs, and our new request and response system.)

The specifications, architectures, references, and documents that we’re creating at Blockchain Commons are all meant to improve interoperability among many different vendors, to support the creation of wallets (and future cryptography applications) that enable independence, security, and resilience for their users. We’ve been working with an Airgapped Wallet Community to create these various technologies. If you’re designing blockchain applications of your own, we hope you’ll view the video to see how some of our technologies can help you.

You can also support the continued development of technologies like these, meant to support the entire community by becoming a sponsor at GitHub or by making a one-time donation at our BTCPay.

Wednesday, 12. May 2021

Good ID

FIDO Alliance Supports Biden Administration EO on Cybersecurity

Federal agencies should choose FIDO as they seek to comply with the new Executive Order that requires the implementation of multi-factor authentication within the next 180 days. By: Andrew Shikiar, […] The post FIDO Alliance Supports Biden Administration EO on Cybersecurity appeared first on FIDO Alliance.

Federal agencies should choose FIDO as they seek to comply with the new Executive Order that requires the implementation of multi-factor authentication within the next 180 days.

By: Andrew Shikiar, Executive Director and Chief Marketing Officer, FIDO Alliance

In the face of recent attacks that have exposed areas of weakness in critical U.S. infrastructure assets, President Biden signed a new Executive Order Wednesday to help bolster the nation’s cybersecurity.

There have been a number of high profile attacks against critical American infrastructure in recent months, including the Solarwinds supply chain attack that exposed much of the government to potential risk. Top of mind in recent days is the ransomware attack against Colonial Pipeline, which significantly impacted the flow of refined oil across America. These attacks expose the vulnerability of critical infrastructure in the United States, and the Biden Administration is issuing federal directives that will minimize or eliminate risk.

A key part of the Executive Order is a requirement that agencies adopt multi-factor authentication (MFA) and encryption for data at rest and in transit to the maximum extent possible. Federal Civilian Branch Agencies will have 180 days to comply with the Executive Order and will need to report on progress every 60 days until adoption is complete. If for some reason agencies cannot fully adopt MFA and encryption within 180 days, they must report to Secretary of Homeland Security through the Director of CISA, the Director of OMB, and the APNSA with a rationale for not meeting the deadline.

At the FIDO Alliance, we welcome today’s directive from the Biden Administration and applaud its focus on the importance of multi-factor authentication. What’s notable about this Executive Order is that the White House is prioritizing MFA everywhere, rather than limiting MFA to the PIV/PKI platform that agencies have depended on for more than 15 years. Today’s Executive Order marks an important step forward, in that it makes clear the priority is protecting every account with MFA — without mandating any specific technology. This is a notable shift, because we know that the weakest forms of MFA can still stop some attacks where passwords are the attack vector. We also know that FIDO Authentication is the only standards-based alternative to PIV for those applications that need protection against phishing attacks. This Executive Order opens the door for agencies to deploy FIDO Authentication — something we’ve heard they’ve wanted to do but have held back as use of any non-PIV authentication has not been permitted.  

This isn’t the first time the U.S Government has advocated for the use of MFA and strong encryption. In an advisory issued by CISA in September 2020 on election security, the government agency noted that the majority of cyber-espionage incidents are enabled by phishing, and FIDO security keys are the only form of MFA that offer protection from phishing attacks 100% of the time.

In fact, the U.S. Government hasn’t just been advocating for the use of strong authentication with FIDO, it has actually already been implementing it since at least 2018 on the login.gov portal. With login.gov the U.S. Government is already offering a secure approach to help citizens and agencies to securely access Federal resources. In June 2019, the FIDO Alliance hosted a webinar detailing the deployment case study for login.gov, which is now even more timely with the need for agencies to adopt strong authentication in the next 180 days.

Since its inception, the FIDO Alliance has been bringing industry partners together, including every major operating system vendor as well as technology and consumer service providers across all industry verticals including financial services, ecommerce and government. All those diverse groups have been working together in common purpose to standardize strong authentication. Billions of devices around the world today can support FIDO Authentication and are ready to play their part in ensuring a strong authentication future. The fact that most major cloud providers, device manufacturers and browser vendors all ship with support for FIDO means that agencies can easily leverage MFA that is built in, rather than other products that need to be “bolted on.”  

If there is one thing that the recent spate of attacks has served to once again remind us, it’s that the private sector and public sector need strong security measures to protect critical infrastructure — and the FIDO Alliance believes this begins with authentication.

We urge government agencies to adopt only the strongest forms of MFA when complying with this directive. The FIDO Alliance and its members stand ready to serve and help agencies with the education, resources and tools to implement strong authentication to help reduce risk and improve the cybersecurity posture of the U.S. Government.

The post FIDO Alliance Supports Biden Administration EO on Cybersecurity appeared first on FIDO Alliance.

Tuesday, 11. May 2021

Kantara Initiative

1Kosmos BlockID Digital Identity Solution Approved as NIST 800-63-3 Conformant & FIDO2 Certified Powered by Advanced Biometrics & Private Blockchain

1Kosmos announced its BlockID platform has been approved by Kantara Initiative as a Full Service, conformant with NIST SP 800-63 rev.3 Class of Approval at IAL2 and AAL2. The industry leadership of 1Kosmos connects a broader vision to the Kantara Identity Assurance scheme in its Trust Framework Program.1Kosmos BlockID Digital Identity Solution Approved as NIST 800-63-3 Conformant & FIDO2 Certi

1Kosmos announced its BlockID platform has been approved by Kantara Initiative as a Full Service, conformant with NIST SP 800-63 rev.3 Class of Approval at IAL2 and AAL2. The industry leadership of 1Kosmos connects a broader vision to the Kantara Identity Assurance scheme in its Trust Framework Program.1Kosmos BlockID Digital Identity Solution Approved as NIST 800-63-3 Conformant & FIDO2 Certified Powered by Advanced Biometrics & Private Blockchain

The post 1Kosmos BlockID Digital Identity Solution Approved as NIST 800-63-3 Conformant & FIDO2 Certified Powered by Advanced Biometrics & Private Blockchain appeared first on Kantara Initiative.


1Kosmos BlockID Digital Identity Solution Approved as NIST 800-63-3 Conformant & FIDO2 Certified Powered by Advanced Biometrics & Private Blockchain

Certification highlights platform’s strong identity and authentication abilities  SOMERSET, N.J. and WAKEFIELD, MA, May 11, 2021 – 1Kosmos, the only standards-based platform that uses advanced biometrics and a private blockchain to create an indisputable, reusable digital identity for strong and continuous authentication, today announced its BlockID platform has been approved by Kantara Initi

Certification highlights platform’s strong identity and authentication abilities  SOMERSET, N.J. and WAKEFIELD, MA, May 11, 2021 – 1Kosmos, the only standards-based platform that uses advanced biometrics and a private blockchain to create an indisputable, reusable digital identity for strong and continuous authentication, today announced its BlockID platform has been approved by Kantara Initiative as a Full Service, conformant with NIST SP 800-63 rev.3 Class of Approval at IAL2 and AAL2. The industry leadership of 1Kosmos connects a broader vision to the Kantara Identity Assurance scheme in its Trust Framework Program. 1Kosmos BlockID is a distributed digital identity platform that performs…

The post 1Kosmos BlockID Digital Identity Solution Approved as NIST 800-63-3 Conformant & FIDO2 Certified Powered by Advanced Biometrics & Private Blockchain appeared first on Kantara Initiative.


Schema

Announcing Schema Markup Validator: validator.schema.org (beta)

Announcing preview availability of validator.schema.org for review and feedback. As agreed last year, Schema.org is the new home for the structured data validator previously known as the Structured Data Testing Tool (SDTT). It is now simpler to use, and available for testing. Schema.org will integrate feedback into its draft documentation and add it more explicitly to the Schema.org website f
Announcing preview availability of validator.schema.org for review and feedback.

As agreed last year, Schema.org is the new home for the structured data validator previously known as the Structured Data Testing Tool (SDTT). It is now simpler to use, and available for testing. Schema.org will integrate feedback into its draft documentation and add it more explicitly to the Schema.org website for the next official release.
SDTT is a tool from Google which began life as the Rich Snippets Testing Tool back in 2010. Last year Google announced plans to migrate from SDTT to successor tooling, the Rich Results Test, alongside plans to "deprecate the Structured Data Testing Tool". The newer Google tooling is focused on helping publishers who are targeting specific schema.org-powered search features offered by Google, and for these purposes is a huge improvement as it contextualizes many warnings and errors to a specific target application.
However, many publishers had also appreciated SDTT as a powerful and general purpose structured data validator. Headlines such as "Google Structured Data Testing Tool Going Away; SEOs Are Not Happy" captured something of the mood.
Schema.org started out written only in Microdata, before embracing RDFa 1.1 Lite and JSON-LD 1.0. There are now huge amounts of Schema.org data in all of these formats and more (see webdatacommons report). Schema.org endorsed these multiple encodings, because they can each meet different needs and constraints experienced by publishers. The new validator will check all of these formats.
Amongst all this complexity, it is important to remind ourselves of the importance of simplicity and usability of Schema.org markup for its founding purpose: machine-readable summaries of ordinary web page content. Markup that - when well-formed - helps real people find jobs, educational opportunities, images they can re-use, learn from fact checkers or find a recipe to cook for dinner.
This is the focus of the new Schema Markup Validator (SMV). It is simpler than its predecessor SDTT because it is dedicated to checking that you're using JSON-LD, RDFa and Microdata in widely understood ways, and to warning you if you are using Schema.org types and properties in unusual combinations. It does not try to check your content against the information needs of specific services, tools or products (a topic deserving its own blog post). But it will help you understand whether or not your data expresses what you hope it expresses, and to reflect the essence of your structured data back in an intuitive way that reflects its underlying meaning.
The validator.schema.org service is powered by Google's general infrastructure for working with structured data, and is provided to the Schema.org project as a Google-hosted tool. We are also happy to note that many other schema.org-oriented validators are available, both commercial (e.g. Yandex's) and opensource. For example, the Structured Data Linter, JSON-LD Playground, SDO-Check and Schemarama tools. We hope that the new Schema Markup Validator will stimulate collaboration among tool makers to improve consistency and developer experience for all those working on systems that consume Schema.org data. 
Please share any feedback with the Schema.org community via Github, Twitter (#schemasmv), or the Schema.org W3C community group.

Monday, 10. May 2021

Trust over IP

Trust over IP and Sovrin sign agreement to strengthen collaboration

The Sovrin Foundation (“Sovrin”) Board of Trustees and Trust over IP Foundation (“ToIP”) Steering Committee are pleased to announce that they have signed a Letter Agreement (dated March 18, 2021).... The post Trust over IP and Sovrin sign agreement to strengthen collaboration appeared first on Trust Over IP.

The Sovrin Foundation (“Sovrin”) Board of Trustees and Trust over IP Foundation (“ToIP”) Steering Committee are pleased to announce that they have signed a Letter Agreement (dated March 18, 2021). This agreement signifies the commitment of both organizations to mutual cooperation and recognition for each other’s mandates. Sovrin and ToIP intend to work together toward advancing the infrastructure and governance required for digital trust and digital identity ecosystems. 

“By signing this Letter Agreement, Sovrin and ToIP are excited to take a step further to support the need and importance of our separate but interrelated mandates to benefit people and organizations across all social and economic sectors through secure digital identity ecosystems based on verifiable credentials and SSI,” said Chris Raczkowski, Chairman of Board of Trustees, Sovrin Foundation. 

Under the agreement, each organization will assign one member to act as a liaison to coordinate and maintain lines of communication, attend plenary sessions, and provide periodic updates to the Sovrin Board of Trustees and ToIP Steering Committee. They will also seek opportunities proactively to exchange information, participate in discussions of shared interest, promote the value of each other’s work through joint announcements and media products, as well as collaborate to achieve their respective mandates.

Sovrin and ToIP both operate in a manner that respects open licensing, open source code and open standards. The organizations agree that their open, public materials will be available for reference (with attribution) by the other.

“ToIP and Sovrin each offer something unique to the market. Our members already collaborate together informally on many topics. Signing this agreement makes our work together more visible and open. It will create new opportunities to collaborate on challenges that affect every layer of our trust model,”  said John Jordan, Executive Director of Trust over IP Foundation. “By working together, we want to help solve interoperability problems more quickly and support the adoption of digital trust ecosystems more widely.”” 

If you have any questions or suggestions, please contact info@sovrin.com or operations@trustoverip.org  

To view the text of the agreement, please find it here.

About Sovrin Foundation

The Sovrin Foundation is a non-profit social enterprise which acts as the administrator and governance authority for public available SSI infrastructure, as well as supporting interoperability digital identity ecosystems that adhere to the Principles of SSI. Sovrin’s activities aim to serve the common good of providing secure, privacy-respecting digital identity for all, including individuals, organizations and things.      

About Trust over IP Foundation

Launched in 2020, the Trust over IP Foundation is an independent project hosted by the Linux Foundation. Its members include over 200 leading companies, organizations and individual contributors sharing expertise and collaborating to define standard specifications to advance a secure trust layer for the digital world. Through this collaborative effort, the Trust over IP Foundation aims to define a complete architecture for Internet-scale digital trust that combines cryptographic trust at the machine layer with human trust at the business, legal, and social layers. For more information, please visit us at trustoverip.org

The post Trust over IP and Sovrin sign agreement to strengthen collaboration appeared first on Trust Over IP.


MyData

The State of MyData 2021

– A snapshot of the path to human-centric approach to personal data In less than 10 years, the concept of MyData, a human-centric approach to personal data, has gone from a research project and non-profit’s side project into a cornerstone of data strategies policies in Europe and globally. It has become an essential building block... Read More The post The State of MyData 2021 appeared firs

– A snapshot of the path to human-centric approach to personal data In less than 10 years, the concept of MyData, a human-centric approach to personal data, has gone from a research project and non-profit’s side project into a cornerstone of data strategies policies in Europe and globally. It has become an essential building block...

Read More

The post The State of MyData 2021 appeared first on MyData.org.

Friday, 07. May 2021

Elastos Foundation

Elastos Bi-Weekly Update – 07 May 2021

...

Elastos Tokenomic and DPoS Modifications Set for Implementation

...

Own Your Data Weekly Digest

MyData Weekly Digest for May 7th, 2021

Read in this week's digest about: 4 posts, 1 question, 1 Tool
Read in this week's digest about: 4 posts, 1 question, 1 Tool

Thursday, 06. May 2021

Digital ID for Canadians

Spotlight on BlueShore Financial

What is the mission and vision of BlueShore Financial? BlueShore Financial’s mission: “Passionately improving our clients’ financial well-being in an interconnected, digital world.” 2. Why…
What is the mission and vision of BlueShore Financial?

BlueShore Financial’s mission: “Passionately improving our clients’ financial well-being in an interconnected, digital world.”

2. Why is trustworthy digital identity critical for existing and emerging markets?

Trustworthy digital identity is critical to enable the continued development of a robust digital economy in Canada, and the potential direct and indirect benefits that come with it for all Canadians. Furthermore, lack of  a common trusted digital identity approach could result in a patchwork of various digital ID schemes, which would not only cause confusion for Canadians (and thus much slower adoption), but also create easy targets for cyber criminals.

From a financial industry perspective, a trustworthy digital ID is a critical component to successfully implement Open Banking, one of the globally accepted key trends in banking.

3. How will digital identity transform the Canadian and global economy? How does your organization address challenges associated with this transformation?

Two of the most populous countries in the world have established digital IDs: India with its government issued Unique ID (UID) number—or Aadhaar—identity program, and China with its digital identify provided by Ant Financial. These two countries are most populous with emerging economies. To remain a global player, Canada has to be able to compete with the likes of India and China when it comes to technology-savviness

Several other countries now have national digital identify programs and while these programs may not be perfect, they are evolving – Canada needs to do the same. Canada needs to start with a digital identity program, and then use an agile and iterative approach to evolve and keep up with new technologies as well as consumer needs and demands. Since Canada is somewhat late to the game, Canada can learn from the experience of other countries in both technology implementations and consumer rollout, which I know DIACC and its members from across the spectrum of government, finance, healthcare, telco, retail, auditors, etc., are discussing and working through DIACC Pan-Canadian Trusted Framework approach.

BlueShore addresses the challenges in two ways:

I. Internally we see digital identity as a core component of our digital transformation journey.

II. Broadly, digital identity is part of our conversations from Open Banking, to Payments Modernization to Data Privacy. We also work closely and in a “spirit of partnership” with our core technology partners.

4. What role does Canada have to play as a leader in this space?

Canada has a role to play as a G7 member to show digital leadership with respect to developing and launching a national digital identity program. Not only would this provide opportunities for Canadian businesses, but it would also demonstrate a model of how government and industries are able to work together to provide a key digital tool for Canadian consumers.

5. Why did your organization join the DIACC?

BlueShore saw the work DIACC and its members were doing defining, creating and building a national digital identity framework. It was this framework approach that attracted our attention to bolster our digital transformation work.

6. What else should we know about your organization?

BlueShore Financial is a boutique financial institution providing a full range of personal and business banking, wealth management, insurance and commercial lending solutions. With a branch network located across the Vancouver Lower Mainland and Sea-to-Sky Corridor, BlueShore Financial helps clients achieve financial wellness® through personalized solutions and expert advice, delivered in a unique Financial Spa® branch environment. BlueShore Financial manages over $6.5 billion in Assets Under Administration and is consistently ranked among the top 20 financial planning firms in Metro Vancouver.

BlueShore Financial is an Imagine Canada Caring Company, contributing at least 1% of pre-tax profits annually to charities and not-for-profit organizations within the communities it serves. BlueShore Financial is the operating name of BlueShore Financial Credit Union.


Velocity Network

Interview with Zach Daigle

We sat down with Zach Daigle, President of PreCheck to learn about PreCheck's reason to be involved in the Velocity Network. The post Interview with Zach Daigle appeared first on Velocity.

The post Interview with Zach Daigle appeared first on Velocity.


Digital ID for Canadians

Spotlight on Yubico

What is the mission and vision of Yubico? Yubico was founded in Sweden with the mission to protect all internet citizens, making secure login easy…
What is the mission and vision of Yubico?

Yubico was founded in Sweden with the mission to protect all internet citizens, making secure login easy and available to everyone.

2. Why is trustworthy digital identity critical for existing and emerging markets?

Stolen credentials are a top online security risk for individuals and companies. Breaches cause severe financial, brand, and personal impact. It’s critical that people, and organizations, have access to solutions for all their different requirements.

3. How will digital identity transform the Canadian and global economy? How does your organization address challenges associated with this transformation?

Digital identity is critical for citizens, governments, and the private sector. As our lives move more and more online, our ability to identify ourselves in a secure, easy way will be key in order to access government systems, banking, and interact with goods and services providers.

4. What role does Canada have to play as a leader in this space?

Canada has the opportunity to be a world leader in the digital identity space. Our emergence as a highly desirable destination for up-and-coming tech companies, along with the coinciding tech talent, places Canada in a unique position. In order to capitalize on Canada’s emergence, it will require a strong partnership between the private and public sectors to help enable citizens, clients, and employees to have a safe online experience. Organizations like the DIACC are paramount in bringing together the key stakeholders to help achieve this shared goal that will truly benefit every Canadian.

5. Why did Yubico join the DIACC?

Yubico has been a leader and innovator in the authentication space for over a decade. In 2020 Yubico decided to put its first sales and technical resources in Canada due to the growing demand for our products. DIACC has a reputation for bringing together like-minded organizations and people that share a vision of improved digital identity.

6. What else should we know about your organization?

Yubico pioneered the design of the first one-time password authenticator to work with a simple touch and with no client software, and we made it compatible with the open authentication standard OATH. We then further secured and simplified the PIV smart card standard by adding touch-to-sign and built-in attestation. Yubico collaborated with Google and Microsoft to co-create the FIDO Universal 2nd Factor (U2F) and FIDO2 open authentication standards. Our work has contributed to open identity standards organizations W3C, IETF, FIDO Alliance and OpenID.


Sovrin (Medium)

Sovrin and Trust over IP Signed Mutual Agreement to Strengthen Their SSI Collaboration

The Sovrin Foundation (“Sovrin”) Board of Trustees and Trust over IP Foundation (“ToIP”) Steering Committee are pleased to announce that they have signed a Letter Agreement (dated March 18, 2021). This agreement signifies the commitment of both organizations to mutual cooperation and recognition for each other’s mandates. Sovrin and ToIP intend to work together toward advancing the infrastructure

The Sovrin Foundation (“Sovrin”) Board of Trustees and Trust over IP Foundation (“ToIP”) Steering Committee are pleased to announce that they have signed a Letter Agreement (dated March 18, 2021). This agreement signifies the commitment of both organizations to mutual cooperation and recognition for each other’s mandates. Sovrin and ToIP intend to work together toward advancing the infrastructure and governance required for digital trust and digital identity ecosystems.

“By signing this Letter Agreement, Sovrin and ToIP are excited to take a step further to support the need and importance of our separate but interrelated mandates to benefit people and organizations across all social and economic sectors through secure digital identity ecosystems based on verifiable credentials and SSI,” said Chris Raczkowski, Chairman of Board of Trustees, Sovrin Foundation.

Under the agreement, each organization will assign one member to act as a liaison to coordinate and maintain lines of communication, attend plenary sessions, and provide periodic updates to the Sovrin Board of Trustees and ToIP Steering Committee. They will also seek opportunities proactively to exchange information, participate in discussions of shared interest, promote the value of each other’s work through joint announcements and media products, as well as collaborate to achieve their respective mandates.

Sovrin and ToIP both operate in a manner that respects open licensing, open source code and open standards. The organizations agree that their open, public materials will be available for reference (with attribution) by the other.

“ToIP and Sovrin each offer something unique to the market. Our members already collaborate together informally on many topics. Signing this agreement makes our work together more visible and open. It will create new opportunities to collaborate on challenges that affect every layer of our trust model,” said John Jordon, Executive Director of Trust over IP Foundation. “By working together, we want to help solve interoperability problems more quickly and support the adoption of digital trust ecosystems more widely.”

If you have any questions or suggestions, please contact info@sovrin.org or operations@trustoverip.org .

About Sovrin Foundation

The Sovrin Foundation is a non-profit social enterprise which acts as the administrator and governance authority for public available SSI infrastructure, as well as supporting interoperability digital identity ecosystems that adhere to the Principles of SSI. Sovrin’s activities aim to serve the common good of providing secure, privacy-respecting digital identity for all, including individuals, organizations and things.

About Trust over IP Foundation

Launched in 2020, the Trust over IP Foundation is an independent project hosted by the Linux Foundation. Its members include over 200 leading companies, organizations and individual contributors sharing expertise and collaborating to define standard specifications to advance a secure trust layer for the digital world. Through this collaborative effort, the Trust over IP Foundation aims to define a complete architecture for Internet-scale digital trust that combines cryptographic trust at the machine layer with human trust at the business, legal, and social layers. For more information, please visit us at trustoverip.org.

Originally published at https://sovrin.org on May 5, 2021.

Sovrin and Trust over IP Signed Mutual Agreement to Strengthen Their SSI Collaboration was originally published in Sovrin Foundation Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 05. May 2021

ID2020

Okta Joins the ID2020 Alliance

The ID2020 Alliance could not be happier to welcome Okta to our rapidly growing community of public and private sector organizations that share our commitment to realizing the benefits – and mitigating the risks – of digital ID at scale. Okta provides a secure, trusted platform for managing the identity of customers and employees. Founded in 2009, Okta currently provides technology to more t

The ID2020 Alliance could not be happier to welcome Okta to our rapidly growing community of public and private sector organizations that share our commitment to realizing the benefits – and mitigating the risks – of digital ID at scale.

Okta provides a secure, trusted platform for managing the identity of customers and employees. Founded in 2009, Okta currently provides technology to more than 9,400 organizations. Their commitment to the “good ID” agenda and prominent position in the identity and access management sector will make them an invaluable partner for the ID2020 Alliance.

At Okta’s core is the belief that social impact is foundational to its business and long-term success. Okta for Good, the company’s social impact arm, works to strengthen the links between people, technology, and community. By providing technical solutions for nonprofits, expanding economic opportunities and access to the tech sector, and empowering employees as changemakers, Okta for Good works to ensure that the company lives up to its long-term commitment to maximize benefits to society, the environment, and all of its stakeholders.

“We are delighted to welcome Okta to the ID2020 Alliance,” said executive director, Dakota Gruener. “If properly designed and ethically implemented, digital ID can be the key that unlocks previously inaccessible rights and opportunities for hundreds of millions of people globally. ID2020 and Okta share a common vision; to ensure that those keys are available to everyone.”
“According to USAID, ‘There may be no single factor that affects a person’s ability to share in the gains of global development as much as having an official identity. That’s why Okta is proud to have recently joined the ID2020 Alliance, a cross-sector effort of global organizations committed to an ethical approach to digital ID,” said Adam Rosenzweig, Senior Manager, Product Impact, “ID2020 plays a critical role in the evolving digital ID ecosystem by convening a diverse set of stakeholders to develop standards for the design and evaluation of digital identity implementations.”

The ID2020 Alliance continues to grow, welcoming organizations from the public and private sectors that share our commitment to user-managed privacy-protecting, and portable digital ID. As an Alliance, we are only as strong as our members and we are excited to add Okta to the partnership as we move — together — towards providing good ID for all.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and ethical implementation of user-managed, privacy-protecting, and portable digital identity solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing programs, and advocating for the ethical implantation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights and reap the benefits of economic empowerment and to protecting user privacy and ensuring that data is not commoditized.


Berkman Klein Center

​​Russia’s Broken Web of Internet Laws

A Deep Dive into Five Laws Photo by: Mike Licht. CC BY 2.0 In March 2021 Russia used the latest in a series of newly passed Internet laws for the first time. The ‘sovereign’ 2019 law was used to throttle Twitter’s speed by 50% on desktops and by 100% on mobile phones. This move was triggered by Twitter’s non-action in deleting content considered illegal by the Roskomnadzor (RKN), Russia’
A Deep Dive into Five Laws Photo by: Mike Licht. CC BY 2.0

In March 2021 Russia used the latest in a series of newly passed Internet laws for the first time. The ‘sovereign’ 2019 law was used to throttle Twitter’s speed by 50% on desktops and by 100% on mobile phones. This move was triggered by Twitter’s non-action in deleting content considered illegal by the Roskomnadzor (RKN), Russia’s federal authority overseeing online and media content. This illegal content included the Twitter accounts of several government critics, such as Mihkail Khodorkovsky. This government action was legitimized through the Sovereign Internet law of 2019, which empowers the RKN to respond through appropriate measures to “security threats to the Internet’s functioning inside Russia” such as “changing the configuration/routes of communications/telecommunications.”

Over the past few years, the Russian Parliament has passed over fifty pieces of legislation in an attempt to further control and hegemonize the Russian Internet infrastructure, both internally and externally. While the official justification for these laws is to create a more ‘reliable’ internet, in actuality, some of these laws have provided nearly unfettered freedom to the government to preemptively block and filter content and independently — without relying on Internet intermediaries, or on securing prior judicial sanctions.

This article hopes to shed light on the top five most important of these laws or combination of laws and their consequential effect in crippling Russian democracy, freedom of speech, and privacy rights.

Number 1: Laws mandating identification and de-anonymization

A 2017 law and the following government regulation in 2018, have effectively eliminated any means for Russian citizens to raise their concerns with the government anonymously without the fear of facing backlash. The law has mandated that every user of an online application which can be used for “receiving, transferring, delivering or processing users’ electronic messages on the internet” has to link their account with a registered mobile number so that they can be identified and tracked if need be. Non-compliance by platforms leads to an imposition of a fine amounting to USD 82 for individuals, USD 800 for officials, and USD 16,500 for companies. Per the law, non-compliance may also lead to the blocking of the platform in Russian territory. It is a small respite that at the moment, these laws are only applicable to online messaging platforms, relieving other OSPs from the compulsory linking of accounts for the time being.

Further, the 2018 regulation, which is yet to be implemented, requires such online messaging applications have to partner with mobile operators to ensure that the latter are willing to confirm the identity of any of its users within twenty minutes of such information being sought. As with most other laws discussed in this article, the penalty for non-compliance is the blocking of the online service.

This law hits at the heart of an important way in which online communication can foster open dialogue — the ability to stay anonymous, especially when showing dissent. It would also have a major impact on citizens’ ability to express their religion, faith, and sexuality, which have long been penalized by the Russian government.

Number 2: The double-edged sword of content moderation laws

In 2013, the Logovoy Law was passed, which empowered government officials to block content ‘calling for unsanctioned public events that disturb public order’ within 24 hours and without a court order. In 2019, another draft law, yet to be passed, would give Russian authorities the ability to block websites that censor Russian state media content. Ironically, the reason that the bill provides for this is that such websites violate Russian citizens’ right to access information.

In 2019, four sets of laws were passed that have had the cumulative effect of prohibiting the dissemination of “fake news” and news that is deemed “disrespectful” to the state and government officials. The RKN has the authority to delete such information with immediate effect. The stipulated fine for non-removal amounts to USD 6,400 for individuals and up to USD 24,000 for companies. Repeat offenders “disrespecting” the state could also be imprisoned for up to fifteen days. As a brief aside, the term “disrespectful” being used as a measure for potential jail time brings to mind a 2014 judgment of the Indian Supreme Court that held the word “annoyance”, in the same context and for similar penalties, as vague and overbroad.

In 2020, the Federal law N482-FZ was passed, which was a sophisticated version of the 2019 draft law discussed above. It essentially penalized OSPs such as YouTube, Facebook, and Twitter for censoring Russian state media content. For context, there has been substantial research to show that Russian state media spreads disinformation among its citizens and globally. For instance, this paper highlights how RT (formerly, Russia Today) is an “opportunistic channel that is used as an instrument of state defense policy to meddle in the politics of other states”. However, if any of the tech giants censor content like RT’s, they can now be fined or potentially blocked.

Finally, in January 2021, the Russian parliament has started working on a draft law to fine social media for “illegally blocking users”. This move seems to be a consequence of the ban on USA former President Donald Trump’s Twitter account.

Number 3: Surveillance through laws on forced Data Retention and Data Localisation

The 2016 “Yarovaya amendments”, which have been named after their primary author and member of the State Duma (Russian Parliament’s legislative wing), Irina Yarovaya, provides for compulsory retention of all communications for six months. This includes text messages, voice messages, images, and videos. In addition, it also provides that the metadata that marks the location, timestamp, sender, and receiver of the messages, be retained for three years. The amendments also mandate that this data be stored on Russian territory and that the government be given unfettered access to this data without any prior judicial sanction. Since 2016, LinkedIn, Twitter, and Facebook have been penalized for non-compliance. While Twitter and Facebook were fined approximately USD 50,000 each, the government blocked LinkedIn from the Russian territory entirely. Further, in 2019, the fines for non-compliance with data storage requirements have been increased to USD 78,000.

Additionally, the amendments make way for ‘back door’ access to all such data by requiring companies to provide the government with ‘any information necessary’ to decode electronic messages. This drastically weakens the security of such information and weakens encryption measures.

The Yarovaya amendments requirement to provide a direct and unrestricted back door to access data, coupled with the compulsion to not only localize data but also to retain it for long periods of time effectively means that every conversation/post/discussion can potentially be served on a platter to the Russian government. This is a sticky situation for all involved, but especially for human rights activists, political rights activists, and journalists, such as Alexei Navalny, who will be acutely aware that their conversations and metadata, oftentimes confidential, are exposed to the domestic intelligence agencies. This hampers their ability to work and engage in very important and democratic dialogue freely.

The full implications of such a law were on display in April last year, when the RKN blocked Telegram, a messaging app with over 10 million Russian users, for refusing to provide encryption keys to the government. RKN also ordered the blocking of over 18 million IP addresses, used by Telegram to operate in Russia. This led to chaos and affected many legitimate online services including maps, airline booking, and online shopping, among others.

Number 4: Laws Banning IP addresses and regulating VPNs and Proxys

The various pieces of legislation discussed in this article have been further bolstered by a 2017 law that imposes fines on Virtual Private Networks (VPNs) for allowing users access to content banned by Russian authorities or for providing guidance to access such content. In a bill introduced in 2018, a fine of USD 9,000 was stipulated for non-compliance. This 2018 bill was a result of the above-mentioned ‘Telegram blocking’ incident, after which many Russians turned to VPNs to be able to continue business

Further, a 2019 regulation now requires that VPNs and search engine platforms stay updated with a list of blocked websites maintained by the federal government and on the basis of this list, block access to those websites on their platform.

Number 5: Law creating an independent Russian Internet Infrastructure

The crown for the most restrictive law proposed by the Russian parliament arguably goes to the Sovereign Internet Law of 2019. It seems that the Russian government fully understands and fears the extent to which online foreign threats are able to impact domestic outcomes (wonder why!). Under the garb of ensuring cybersecurity and preventing the Russian territory from such threats, the Sovereign Internet Law has the effect of putting the entire Russian internet infrastructure in a bubble of sorts. The law legitimizes the ‘splinternet’ within Russian territory — it provides that at any time that the Russian government sees the need to cut off Russia from the rest of the world, it can take control of this bubble and isolate it from the rest of the world wide web and the global Internet infrastructure.

While on paper, such a national Internet infrastructure is a reasonable backup plan for “emergencies” to combat any foreign threats, it is left entirely up to the officials to decide what would qualify as such a threat. Hence, the effect of this law will be a complete transfer of control to the Russian government over all aspects of the internet, both content and infrastructure, including, of course, the power to trigger internet shutdowns and removing any content that is deemed undesirable, without any prior judicial authorization.

This is the first global attempt of its kind. Even China has a firewall that filters parts of the Internet but does not create a separate infrastructure of a ‘national’ Internet. Moreover, China’s introduction to the Internet from the very beginning had been controlled, unlike Russia, which has freely provided Internet access to its citizens over the past few decades. This is an additional reason why the ‘internet bubble’ that the Russian government seeks to create may be a problematic endeavor.

Even though the law imposes compulsory installation of certain technical equipment and procedures for all OSPs, including deep packet inspections, to enable the “Russian Bubble” infrastructure, technologists also argue that this may be technically impossible, somewhat like a situation where one expects the first floor of a building to be filled up with water without the ground floor receiving any water influx at all.

Taking stock of this cautionary tale

Russia has some of the most disproportionate laws for Internet regulation in the world and maybe that helps explain why it continues to remain ‘not free’ as per Freedom House’s World Freedom Index 2021. In the same vein, in June 2020, the European Court of Human Rights found in four separate cases brought against Russia by local media outlets and OSPs that blocking entire websites violates the owners’ right to impart information and the public’s right to receive it. Despite this, Russia has, yet again, threatened to ban Twitter in March 2021.

For Russian citizens, Russia’s web of Internet laws is broken and continues to be one of the most disproportionately restrictive in the world. Moving forward, it is imperative that laws restricting a citizens’ right to freedom of speech and/or their right to privacy be weighed against the important and age-old principles carved under human rights instruments such as the European Convention on Human Rights and the International Covenant on Civil and Political Rights. It is not hard to guess what would become of the five-set of laws discussed above if this measure was truly upheld in each of them — they would, without a doubt, either cease to exist or become a lot less restrictive.

Finally, a fact and a thought — Of the three national broadcasting channels in Russia, the government holds over 51% share in one and directly runs the parent companies of the other two. It has also recently introduced a law reducing the permissible percentage of foreign ownership in print media from 50% to 20%. This makes the state’s objective very clear — complete control over public narrative along with unfettered surveillance abilities.

It is worth thinking if this could be a cautionary tale that is potentially paving a misguided path for other countries and for other world leaders, whose objective is abject control over the narrative in their country, both online and offline.

_____________________________

Shreya is an Employee Fellow at the Berkman Klein Center, where she works on the Lumen Project. She is a passionate digital rights activist and uses her research and writing to raise awareness about how digital rights are human rights.

​​Russia’s Broken Web of Internet Laws was originally published in Berkman Klein Center Collection on Medium, where people are continuing the conversation by highlighting and responding to this story.


Sexism in Facial Recognition Technology​

Until AI has completely eliminated human biases, can its results be considered any more trustworthy than a human’s? Photo by Electronic_Frontier_Foundation: CC BY 2.0 Facial recognition technology is becoming more powerful and more ubiquitous seemingly every day. In January 2021, a study found that a facial recognition algorithm could be better at deducing a person’s political orientatio
Until AI has completely eliminated human biases, can its results be considered any more trustworthy than a human’s? Photo by Electronic_Frontier_Foundation: CC BY 2.0

Facial recognition technology is becoming more powerful and more ubiquitous seemingly every day. In January 2021, a study found that a facial recognition algorithm could be better at deducing a person’s political orientation than a human judgment or a personality test. Similarly, earlier this week, the Dubai airport rolled out technology through which an iris-scanner would verify one’s identity and eliminate the need for any human interaction when entering or exiting the country.

The use of facial recognition by law enforcement agencies has become common practice, despite increasing reports of false arrests and jail time. While there are various downsides to facial recognition technology being used at all, including fears of mass surveillance and invasion of privacy, there are flaws within facial recognition technologies themselves that lead to inaccurate results. One such major challenge for this still-burgeoning technology is gender-based inaccuracies.

Research has indicated that women are 18% more likely to be misidentified through facial recognition than men. One line of research found that while Amazon’s Rekognition software’s ability to recognize white women’s faces was down to 92.9%, a darker-skinned woman’s recognition would only be 68.9% accurate. Similarly, a study conducted at the University of Washington revealed that a facial recognition tool was 68% more likely to predict that an image of a person cooking in the kitchen is that of a woman. These are clear patterns exhibiting sexism in AI and the use of such technologies for law enforcement is likely to disproportionately affect marginalized groups of people, including genders other than male and female.

It is true that once a leap in technology has been made, hoping to be able to wipe it off the face of the earth may be a little like trying to put a genie back in a bottle. A more probable step in the right direction could be to first, feed representative and better data sets to AIs, and second, deploy the technology only with substantial democratic oversight.

Data scientists at the MIT Media Lab have noted that in the instances where they have trained AI with more diverse data, the accuracy of the results has been less discriminatory and accurate. Hence, presenting AI with a diverse representation of datasets for it to learn from would be a great start in reversing the prevalent biases. Additionally, these technologies would also benefit if the providers of the facial recognition software are transparent about its underlying workings.

This transparency, if accompanied with democratic oversight regarding the application, could potentially aim at striking a better balance as to when, where, how and to what end facial recognition may be used. For example, such oversight could be in the form of regulations that set an industry standard that an AI must meet before its commercial application. However, regardless of how many leaps facial recognition takes in the coming years, a serious, deliberate discussion is necessary for determining whether facial recognition should be used by law enforcement at all. This is because the consequences of error are so grave. The European Commission will release its first legislative proposal later this year and it will be interesting to see how the proposal will attempt to regulate AI application.

Former UN Special Rapporteur David Kaye’s warning that AI will enforce bias is more pertinent now than ever before. However, until the day that AI has completely eliminated human biases, can its results be considered any more trustworthy than a human’s?

About the author: Shreya is an Employee Fellow at the Berkman Klein Center, where she works on the Lumen Project. She is a passionate digital rights activist and uses her research and writing to raise awareness about how digital rights are human rights.

Sexism in Facial Recognition Technology​ was originally published in Berkman Klein Center Collection on Medium, where people are continuing the conversation by highlighting and responding to this story.


DIF Blog

🚀DIF Monthly #18 (May, 2021)

📯  The last month has seen a lot of activity on interoperability (test suites getting mature and documented, with profiles on the horizon) and #IIW32 had a distinctly heads-down, "let's buidl this" vibe to match. Spring is the season for groundwork, planting, and nurturing, after

📯  The last month has seen a lot of activity on interoperability (test suites getting mature and documented, with profiles on the horizon) and #IIW32 had a distinctly heads-down, "let's buidl this" vibe to match. Spring is the season for groundwork, planting, and nurturing, after all.

Table of contents Group Updates Member Updates Funding DIF Media Jobs Metrics Join DIF 🚀 Foundation News Steering Committee Elections - nominate now

We made a quick explainer on our blog to clear up the procedure in anticipation of next month's elections.
In short, if you are a DIF member and have someone in mind who should help DIF's governing board send their name and email to nominations@identity.foundation

DIF Grants

The DIF has officially launched a lightweight mini-grant program so that members (or the Steering Committee itself) can directly and transparently incentivize community contributions like editorship of a spec or implementations of specs. For more information, see our new blog.

Killer Whale Jello Bowl Death Match Redux: The Reckoning

At #IIW32, a mammoth and consequential conversation spanned 4 intense, jam-packed sessions and set new highs for IIW session-name silliness culminating in a massive interoperability watershed and widespread buy-in from many communities! The details of what gets built are being worked out in a new work item of the Claims & Credentials WG, building on the recent donation to DIF of the Bloom WACI extension to Presentation Exchange. The goal is both a minimum viable implementable spec for cross-stack credential exchange ("v0.1 scope"), and a longer-term commitment to a more fully-featured iteration of the same spec ("v1 scope"). Stay tuned!

IIW32 - A wave of DIF donations and debuts

The notes are now available for all the sessions. Mixed in among the usual avalanche of updates and report-outs from established subcommunities like KERI (and its new offshoot, ADPL), DIDComm, Sidetree, and SDS (see below!) were a few smaller items that our readers would overlook at their own peril: Animo (NL) gave a tour of their AcaPy extension project that bridges the divide between Aries and CCG/LD and Bloom debuted their WACI spec mentioned above, which facilitates Presentation-Exchange based exchanges and is in the process of being donated at time of press. A couple new projects, consortia and startups were

Wallet Security WG is starting.

Stay tuned and register for the mailing list

2nd Round of eSSIF-lab grants for European startups

The second rounds of both the infrastructure call and the business call will soon be open and accepting applications and inquiries!

🛠️ Group Updates ☂️ InterOp WG (cross-community) Nick Mothershaw (OIX) from Open Identity Exchange spoke about the guide to define, enforce and compare trust frameworks (with explicit attention to and feedback on the equivalency of and upgrade path for decentralized identity), with Pamela Dingle (Microsoft) as respondent VC status review and discussion crowd-editing session hacking away at v1 of DIF's new public-facing, entry-level FAQ for basic SSI topics IIW panel and workshop scope review 💡 Identifiers & Discovery Updates to Universal Resolver/Registrar configuration, and work on [Helm charts](https://github.com/decentralized-identity/charts. [Philip Feairheller, Sam Smith] KERI-based DID methods, and use of DID Resolution metadata IOP Chooser Universal Resolver Driver Policy Discussion DID resolution over DIDComm to a Universal Resolver Review .well-known and did:web Breaking changes in DID Core JSON-LD context Strictly speaking, all UR DID method implementations are now broken. Discussion around changing JSON-LD contexts, caching, versioning, hashlinks UR could implement a "fixing layer" for a transitional period, and simultaneously try to motivate implementers to fix their drivers. Universal Resolver policy questions about driver submission and maintenance UR currently supports several DID methods that are not in the DID spec registries. Probably DIF should have stricter policies going forward (e.g. only accept drivers for DID methods in the W3C method registry) group will generate a proposal 🛡️ Claims & Credentials MetaMask Credentials- Upgrading EIP712 (Spruce+Consensys Mesh) WACI PE-X meetings (during IIW) and first meeting to settle basics meeting notes from 26th April, pre-work item meeting goal to have a spec in 1-2 months, ready to use by the Health Pass project See WACI draft spec for context (Bloom) VC Marketplace focuses on wrap up / writedown. focusing more on use-cases Credential Manifest is considering multi credential issuance map descriptors are worked on by Bloom Review UVI (Essiflab) 🔓 DID Auth DIF-OIDF joint meetings - follow along on the bitbucket issues if the timing doesn't work for you! On 29th April SIOP/DIF represented by Kristina at the OIDF workshop. OIDF Special call: Support request and VC in user endpoint (through OIDC) review “medi connect” options the call time has been modified to incorporate more timezones 📻 DID Comm IIW32 Sessions with consequences/interest for DIDCommers: Jello Bowl Death Match (Didcomm-PeX/WACI work item starting up in CC WG) ECDH-1PU vs everything else (chat related discussion) ECDH-ES Authenticated Encryption Andrew's Idea: https://hackmd.io/gC4ItH4IQKS_at8P8RyQOQ?view KID/SKID Related Topics ESKID Encrypted Sender PRs 183 - OOB Accept 185 - kid and skid headers 180 - Align service Type with Aries 179 - Issue with commentary 172 - Fix inconsistencies with to/next attributes in a forward message. 177 - Profiles Negotiation Topics Complexity vs re-encryption bloat 182 - Discussion Issue 161 - Attachments WIP actual pr: 174 - Encrypted Attachments 173 - accept property in service block Discussion Topics DIDComm RecipientKeys: Signing vs Encryption KERI Event Logs 📦 Secure Data Storage calls are alternating weekly between the two specifications: Identity Hubs and EDVs SDS EDV call The need in the new EDV repo to be cleansed of hubs related work, and the same applies to Identity Hub repo Add batch operation service Batch operations are required (Derek) by citing the issues with HTTP signing performance when using a remote KMS. The architecture of batch APIs and how these influence implementation complexities. Add option to get full documents from queries Proposed: new features to be merged into the spec, if no objection, but marked with "at risk" until at least 2 implementations are confirmed 🔧 KERI Agreement ADPL and KEL: restore anchor to inception (required for NFT, essential to TrustFrame). Use more generic term in spec documentation for external support infrastructure, 'endorser' instead of original 'witness'. This does not require changing abbreviated labels in existing code/prefix tables. Should we genericise label? compact labels already consumed e, s (for endorser, supporter) synomym backer, b is not consumed. Otherwise leave as w. Restore External Content Anchoring to Inception Event #140 Revised KSN key state notification message #130 Roadmap: Witness support code in KERIpy. ready to test build demo. Added repo for keri-dht-py Conrad Rosenbrock contributor. did:keri method spec draft did:peer is an intermediate step until KERI direct mode is live ⚙️ Product Managers Workday education wallet demo history of changes that lead to current key management profile Q&A on roadmap, VC issuance, formats etc. 🪙 Finance & Banking SIG Alex David, Global Business Development Manager @ Raon Adrian Doerk @ Main Incubator Relevant projects list Wiki 🏥 Healthcare SIG Still hibernating-- contact the interim chair to get involved if you would like to wake the sleeping giant from its slumber! 🦄 Member Updates

DIF Associate members are encouraged to share tech-related news in this section. For more info, get in touch with operations.

Affinidi Free webinar on the topic of Verifiable Credentials, presented by Affinidi and KILT Protocol, organized by BerChain.

eSSIF LAB (EU) - Infrastructure-Oriented call

Infrastructure-Oriented Open Call, with grants of up to 155 000 € (9 months projects). The call is open to European innovators and focuses on the development and interop testing of open-source SSI components. Some examples of SSI components include Wallets, server proxies, revocation, cryptographic enforcer policies, integration, interoperability, compatibility, just to name a few. Please note the final-round deadline: 7th July 2021, 13:00 CET (Brussels local time).

Apply here

eSSIF LAB (EU) - First Business-oriented Call

Infrastructure-Oriented Open Call, with grants of up to 106 000 € . The call is open to European innovators and focuses on extending of the eSSIF-Lab basic infrastructure/architecture with business solutions that makes it easy for organizations to deploy and/or use SSI, reduce business risks, facilitate alignment of business information, etc. Please note the final round opens 7th July 2021, 13:00 CET (Brussels local time).

Apply here

Other NGI Open Calls (EU)

Funding is allocated to projects using short research cycles targeting the most promising ideas. Each of the selected projects pursues its own objectives, while the NGI RIAs provide the program logic and vision, technical support, coaching and mentoring, to ensure that projects contribute towards a significant advancement of research and innovation in the NGI initiative. The focus is on advanced concepts and technologies that link to relevant use cases, and that can have an impact on the market and society overall. Applications and services that innovate without a research component are not covered by this model. Varying amounts of funding.

Learn more here.

🖋️ DIF Media

Setting Interoperability Targets

Our short-term roadmaps need testable, provable alignment goals that we can all agree on for our little communities and networks of technological thinking to converge gradually. In the newest DIF blog post, the Interop WG Chairs overview today's rapidly-maturing landscape of test suites, proto-trustmarks, and alignment roadmaps and the like.

Introducing DIF Grants

DIF is kicking off a program to administer narrowly-scoped financial support for community initiatives, ranging in format from grants to more competitive implementation bounties, hackathon-style open collaborations, and security reviews. Keep reading

Steering Committee Elections are just around the corner!

We made a quick explainer on our blog to clear up the procedure in anticipation of next month's elections. Nominations are still open so take some time to consider getting more involved in the decentralized work of steering this ship of {'foo':"bar"}s!

DIF FAQ is online and accepting issues/PRs

In the spirit of complementarity with CCG's educational & onboarding efforts, DIF staff and volunteers from the Interoperability WG have been working for months on setting up a Frequently Asked Questions page built using DIF's in-house specification authoring tool, Spec-Up. If you would like to donate a question (and/or an answer!) please create an issue on the github repo for the faq.

🎈 Events

Identiverse 2021
June 21 - 23, 2021: Hybrid Experience
June 23 - July 2, 2021: Continued Experience

Check out the Agenda of Identiverse 2021! 💼 Jobs

Members of the Decentralized Identity Foundation are looking for:

Software engineer (remote) SDK developer (Berlin, DE)

Check out the available positions here.

🔢 Metrics

Newsletter: 4.5k subscribers | 32% opening rate
Twitter: 4.456 followers | 7.99k impressions | 2.323 profile visits
Website: 22.836 unique visitors

In the last 30 days.

🆔 Join DIF!

If you would like to get involved with DIF's work, please join us and start contributing.

Can't get enough DIF?
follow us on Twitter
join us on GitHub
subscribe on YouTube
read us on our blog
or read the newsletter archives

Got any feedback regarding the newsletter?
Please let us know - we are eager to improve.

Monday, 03. May 2021

Digital ID for Canadians

Directory of Products That Assess Identification Documents and Verify Identity Version 2.0

As a follow up to our very well received first launch of the Directory that was released in the Spring of 2020, DIACC is pleased…

As a follow up to our very well received first launch of the Directory that was released in the Spring of 2020, DIACC is pleased to publish updated responses from vendors who were included in the previous release along with new vendor submissions as well.

This Directory is designed to provide an overview of providers’ solutions which use government issued photo identification cards, combined with biometric facial scans, to establish Digital Identity.

Contact the DIACC to learn more how your product or service can be included in the Directory below.

DISCLAIMER

The information contained in the Directory is for general information purposes only. While DIACC endeavours to keep the information up to date and correct, DIACC makes no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, certification or compliance status, suitability or availability with respect to the Directory or the information, products, services, or related graphics contained on the Directory for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

In no event will DIACC, and its members, be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of the Directory.

Vendor Vendor Description Directory Submission At 1Kosmos, our mission is to establish BlockID as the preeminent identity platform globally - to provide “individuals” with secure digital identity controls, and “service providers” with powerful tools to defend against identity fraud while simplifying the user experience. Contact 1kosmos.Read More Acuant’s Trusted Identity Platform provides AI-powered identity verification, regulatory compliance (AML/KYC) and digital identity solutions that deliver unparalleled accuracy and efficiency. Contact Acuant.Read More Applied RecognitionApplied Recognition is a software company that is leveraging facial biometrics technology to enable digital transactions and secure access. As a pioneer in the facial biometrics industry, we have industry recognized solutions for identity verification and authentication. Our customers embed our technology into their existing solutions to enable digital and security transformations in their organizations or their end customers. Contact Applied Recognition.Read More Authentic ID's disruptive and cutting-edge, AI-driven solution quickly, accurately, and securely reproduces real-world identity verification so that companies can be assured of who they are conducting business with, strengthen underwriting, reduce the losses associated with fraud, and streamline onerous customer onboarding procedures, leading to higher conversion rates. Contact AuthenticID.Read More Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, accessing e-government services or logging into corporate networks. Entrust offers an unmatched breadth of digital security and credential issuance solutions at the very heart of all these interactions. Contact Entrust.Read More Facetec's patented, industry-leading 3D Face Authentication software anchors digital identity with 3D FaceMaps. By creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams, trusted remote identity verification is finally possible. Contact Facetec.Read More The Folio platform has been designed to fix the digital identity problem by providing a modular identity issuance and verification service that work for all parties - governments, businesses and consumers. Public and private services can digitally issue identities to anyone with a smartphone who are then able to use this identity, or any other validated form of ID, to verify themselves whenever and wherever they are, all through the Folio platform. Contact Folio.Read More Gambit ID is a growing Canadian company, specializing in providing frictionless Identity Services and excellent customer service. Contact Gambit ID.Read More icomply investor servicesiComply is the leading global compliance platform for digital finance. We provide our clients with turnkey compliance automation by simplifying multi-jurisdictional requirements for non-face-to-face transactions to liberate capital, ideas, and opportunities. Contact iComply.Read More IDology is a pioneer of innovative, multi-layered, end-to-end identity verification and fraud prevention solutions used by many of the largest technology and financial services companies across the globe. Our solution empowers businesses with the data control, granularity, and transparency needed to facilitate customer trust and detect fraud in today’s fast moving digital world. Contact IDology.Read More iProov creates digital trust with biometric authentication. We ensure that online users are genuinely present in uncontrolled environments, combining face biometrics and anti-spoofing. Our unique approach to spoof prevention (covered by 12 granted patents), world-class deep learning technologies and focus on sustainable security have given us an unrivalled global reputation. Contact iProov.Read More Jumio’s mission is to make the internet a safer place by protecting the ecosystems of businesses through a unified, end-to-end identity verification and eKYC platform. The Jumio KYX Platform offers a range of identity proofing and AML services to accurately establish, maintain and reassert trust from account opening to ongoing transaction monitoring. Contact Jumio.Read More Keesing Technologies was founded in 1923 and leads the way in digital ID document and banknote authentication solutions. Our objective is to help organisations prevent counterfeiting and combat fraud by providing the world’s best authentication solutions. To this end, we market a range of printed and digital solutions that allow users – from document professionals to untrained staff – to assess the authenticity of nearly all ID documents and banknotes currently in circulation. Contact Keesing Technologies.Read More LexisNexis® Risk Solutions leverages its industry-leading Big Data computing platform, vast data assets, and proprietary technology to enable businesses of all sizes to better analyze and understand data at scale, improving time-to-results and decisions. Our Fraud and Identity portfolio combines physical, digital, and behavioral identity insights for a 360-degree view of your customers. This suite of solutions lets you apply the appropriate level of security-related friction for every interaction across the customer lifecycle to prevent fraud before it happens.. Contact LexisNexis Risk Solutions.Read More Oaro is a Cyber Security technology solution provider based in Halifax, Canada and Madrid, Spain. The company works with multinational corporate clients in the insurance, banking, healthcare, sports and aviation industries. Contact Oaro.Read More Onfido is the new identity standard for the internet. Our AI-based technology assesses whether a user’s government-issued ID is genuine or fraudulent, and then compares it against their facial biometrics. That’s how we give companies the assurance they need to onboard customers remotely and securely. Our mission is to create a more open world, where identity is the key to access. Contact Onfido.Read More PXL Vision is the Swiss market leader for highly secure and fully automated AI-based identity verification solutions. PXL Vision’s uniquely flexible technology supports any customer requirement and business process worldwide. Contact PXL Vision.Read More Sedicii is the world’s most integrated identity platform with privacy at its core. We provide identity and security solutions to prevent financial crime and enable commerce. Our Digital Identity division delivers streamlined onboarding for both businesses (KYB) and individuals (KYC) with coverage of over 150 countries. Contact Sedicii.Read More Shufti Pro is an AI-powered digital identity verification solutions provider offering KYC, KYB, and AML services in 200+ countries and territories. It aims to create a secure and safe online marketplace devoid of identity theft and other fraudulent activities. Contact Shufti Pro.Read More Simeio Solutions provides the industry’s most complete Identity and Access Management solution delivered as a service and protects over 150 million identities globally for enterprises, institutions, and government entities of all sizes. Simeio Identity Proofing enables a complete end-to-end identity proofing and wallet solution that provides users the ability to achieve a higher level of identity assurance in alignment with the PanCanadian Trust framework (PCTF). Simeio Identity Proofing can be deployed as a web interface and/or a native mobile application to provide a service that is ubiquitous and easy to use that can be branded (white labeled) for our customers. Contact Simeio Solutions.Read More Trulioo offers the most robust and comprehensive global identity verification solution in the market. Through one single portal/API, Trulioo can assist you with all your AML/KYC identity verification requirements by providing secure access to over 5 billion identities worldwide. Contact Trulioo.Read More Vaultie is a digital identification company that provides one of the world’s safest digital signature by integrating a person’s digital identity into the signature. Customers can sign documents that can be verified by anyone, anywhere in the world measuring up to the highest compliance standard. Contact Vaultie.Read More WorldReach Software, an Entrust Company, helps ensure traveller safety and security worldwide through its systems for immigration, border management, passport issuance and consular organizations. WorldReach supplies secure eID/Travel Document issuance, remote identity verification services and consular software, including best practices and the Know Your Traveller™ (KYT) innovative platform/processes. Contact WorldReach Software.Read More Yoti introduced the free consumer app that puts your ID on your phone. Today, we have over nine million app downloads around the world and we've expanded our offering to a suite of business solutions. These span identity verification, age verification and estimation, e-signing and AI anti-spoofing technologies. Contact Yoti.Read More

Friday, 30. April 2021

omidiyar Network

Reimagining Capitalism Series: Building an Anti-Racist and Inclusive Economy

This post expands on the second key pillar for building a new economic paradigm as outlined in Our Call to Reimagine Capitalism. Read the first post in this series, “An Introduction to Ideas, Rules, and Power and How They Shape Our Democracy and Economy” here. By Audrey Stienon, Analyst, Reimagining Capitalism The current context Last summer, the protests and demonstrations that erupt

This post expands on the second key pillar for building a new economic paradigm as outlined in Our Call to Reimagine Capitalism. Read the first post in this series, “An Introduction to Ideas, Rules, and Power and How They Shape Our Democracy and Economy” here.

By Audrey Stienon, Analyst, Reimagining Capitalism

The current context

Last summer, the protests and demonstrations that erupted across the country in response to the murders of George Floyd, Breonna Taylor, and too many others prompted many funders, including Omidyar Network, to think more critically about our role within a system that perpetuates racial injustice. We wanted to determine ways in which we could use our power and privilege to contribute to dismantling white supremacy (you can read more about our commitments here and here).

While criminal justice and policing reform is not one of our focus areas at Omidyar Network, there is a close link between economic injustice and racial violence, which is why we called out the need to build an explicitly anti-racist and inclusive economy as the second pillar upholding our reimagined vision for capitalism. It is impossible to build a more just and equitable economy without directly addressing the ways in which our existing economy was intentionally designed to uphold white supremacy by excluding people from opportunities to participate fully in markets based on their race — not to mention gender, class, nationality, disability, and other forms of human diversity.

Our conviction in the necessity of this pillar has only been compounded by the evidence of the past year.

In the six weeks that it has taken to write and edit this piece, there have been two mass shootings in Atlanta and Indianapolis that targeted Asian Americans. Police officers killed 20-year-old Daunte Wright in Minnesota, 13-year-old Adam Toledo in Chicago, and 16-year-old Ma’Khia Bryant in Ohio. A ceaseless drumbeat of violence and trauma continue unabated, with only a glimmer of accountability in the trial and conviction of Derek Chauvin for the murder of George Floyd.

Meanwhile, the pandemic has exposed the extent to which the prejudices of the past remain embedded in the institutions and systems that we rely on today — to disastrous effect.

During the initial wave of the pandemic, many spoke of COVID as a great equalizer — a universal threat indifferent to our race, nationality, or class. Yet it quickly became clear that, although the virus itself cannot discriminate, our healthcare and economic structures certainly can and do. Every aspect of the pandemic and our healthcare response was impacted by race. The virus itself spread more quickly in communities of color, and took a greater toll on welfare and lives. Meanwhile, COVID tests and lifesaving PPE were more readily available in white neighborhoods at the beginning of the pandemic — and many of these inequities persist.

The effects of the economic recession are similarly shaped by race. As new data from our recent Great Jobs survey with Gallup confirms, Black, Latinx, and Asian-American and Pacific Islander workers are over-represented in essential, frontline industries such as health care, transportation, and retail, causing them to face greater risk of COVID exposure. Even as our economy has inched toward recovery, Black and Latinx workers, and especially women, are regaining their jobs much more slowly than their white counterparts. Meanwhile, women, and especially women of color, were both more likely to lose their job or find it necessary to dedicate their time exclusively to unpaid care work, erasing decades of gains in women’s labor force participation and wages.

These inequalities were not inevitable. Rather, this uneven toll stands as a physical manifestation of our history, etched into our society with every job, home, and life lost. An enduring lesson from this pandemic must be that, even when we face a threat like a virus that cannot intentionally discriminate between us, the institutional and cultural legacies that we have inherited from past efforts to purposefully divide us will ensure that our experiences are unequal and unjust.

A long legacy of exclusion

This persistence of social disparities should surprise no one, since intentional exclusion has long been the norm in the United States. For centuries, the power to shape our laws, government, markets, culture, and biases has been restricted by race, gender, and class. Varied forms of exclusion — from slavery and disenfranchisement to imprisonment, institutionalization, and deportation — have been justified by those in power (predominantly white men) in order to concentrate the benefits of American prosperity into their own hands. Acts — and threats — of physical violence against people of color have played a central role in upholding this dynamic, echoes of which we have seen play out in the violent snapshots of police brutality across the country today.

America’s history of racial exclusion has been integral to shaping our economy, denying people of color the opportunity to profit and accumulate wealth from their own contributions to our economy. The earliest form of American capitalism was one that enriched white Americans who stole land from Native Americans and labor from enslaved Black people. Later iterations of our economy not only permitted racial discrimination, but also exempted employers in sectors with a majority Black or Latinx labor force (namely agriculture, hospitality, and domestic services) from legal requirements to provide a minimum wage, workplace protections, and benefits. Meanwhile, developers, city planners, and the real estate industry redlined Black families into homes and communities with limited job opportunities, few financial service providers, and failing infrastructure. All of these systems were created with the intent of perpetuating white economic supremacy, and, in many cases, remain the foundation of the economy we experience today.

These patterns of economic marginalization and exploitation are crucial to maintaining power imbalances. Robbing people of the ability to accumulate wealth is tantamount to robbing them of the ability to accumulate power. After all, people without savings find it more difficult to change jobs, to choose where or with whom to live, or to contribute time and money to politics. And those robbed of their wealth have less to pass on to their children, thereby perpetuating this theft of opportunity across generations.

In recent decades, efforts to intentionally exclude people of color, and especially Black Americans, from participating in the markets and accumulating wealth and power may have been less overt, but not less effective. For the past fifty years, we have relied on markets to solve our social problems, even though markets are mechanisms in which people with existing wealth and assets use investments to gain even more wealth and assets. Superimposed over an unequal society, free markets can only exacerbate those inequalities. Meanwhile, many of those in power have worked to weaken the very institutions — government, labor unions, our social safety net — that could mitigate these market imbalances.

Supporting organizations working to build an anti-racist economy

Omidyar Network is committed to building an economy that is explicitly anti-racist and inclusive. An economy which simultaneously rejects the justifications for racism and consciously works to remove the structures of our society that perpetuate racial injustice. We are working toward a society where everyone has the power and ability to live the life of their choosing — free to choose their job, choose where they will live, choose how to invest their time and resources, and choose who represents them in government.

A first step toward achieving this vision is to correct the power imbalances that prevent people of color from have a voice in how the economy impacts them. That’s why we support Action Center on Race and the Economy (ACRE), an organization that provides support to groups on the ground campaigning for structural change of, and increased accountability from, the financial sector. ACRE helps grassroots organizations identify the ways in which the financial sector contributes to such challenges as healthcare, housing, the environment, and policing and incarceration. During the pandemic, ACRE was part of a coalition that supported the We Strike Together campaign, using rent and mortgage strikes to secure relief for renters during the crisis.

Similarly, Community Change, represents networks of local organizations building power with people of color so they have a say in policies that impact their lives. Its strategy includes efforts to strengthen organizing infrastructure in communities of color, and to increase their influence and develop new models of sustainable, volunteer-led community organizations.

A second task is to address the ways that existing economic rules perpetuate exclusion, either by changing policies or finding innovative ways to work around an unjust system. One of our partners, National Domestic Workers Alliance(NDWA), advocates on behalf of the 2.5 million nannies, house cleaners, and care workers across the country, most of whom are women, especially Black, Latinx, Native, and Asian American Pacific Island women. During the pandemic, NDWA distributed $400 in emergency support to more than 40,000 domestic workers who had lost their jobs during the lockdowns, and helped successfully advocate for the American Jobs Plan to include a $400 billion dollar investment in care jobs.

Finally, we must weed out and uproot all remaining vestiges of the ideas used to justify exclusion and division, and help new ideas take root. That’s why we support the work of academics, researchers, and other movement and thought leaders who study the stratifications of our economy and propose pathways forward. Most notably, we have worked closely with Professor Darrick Hamilton of The New School, a leading economist whose work explores the ways that existing systems perpetuate racial inequality and offers proposals — such as baby bonds or a federal job guarantee — to make the future economy more equitable. We also support the work of Demos, a think tank for race-forward progressive policy ideas and an advocacy network that aims to increase the power that communities of color have over economic decisions. It has, for example, designed a platform of policies for equitably addressing the climate crisis and expanding the availability of debt-free college. Demos is also releasing a number of policy proposals to ensure that our pandemic recovery brings us closer to a more democratic and inclusive economy. We believe it is imperative that these ideas are not cordoned off in think tanks or academic institutions, but rather shaped in partnership with those communities that are most impacted — building a ladder from the grassroots all the way up the ivory tower.

Far from being a time of solidarity and common endurance, this past year exposed a whole host of enduring racial injustices. Our institutions, built on foundations of intentional exclusion, deepened and perpetuated divisions built on old biases and hatreds, that have been nourished for centuries. However, even as the country witnessed the devastation of the pandemic — layered over the continued translation of hate into outright violence against people of color — many responded by joining the movement for racial justice.

The incredible work of our Reimagining Capitalism grantees is setting a course to build power with communities of color, rewrite the rules that have privileged white and wealthy people for so long, and reshape our ideas of racial justice and equity.

As America rebuilds, it is the mutual responsibility of funders to be anti-racist in rectifying the consequences of centuries of systemic racism that have robbed communities of color of their wealth, power, and rights, and to ensure that the economic system that is rebuilt supports an inclusive society in which everyone can live with dignity and thrive.

Reimagining Capitalism Series: Building an Anti-Racist and Inclusive Economy was originally published in Omidyar Network on Medium, where people are continuing the conversation by highlighting and responding to this story.


DIF Blog

Setting Interoperability Targets

Our short-term roadmaps need testable, provable alignment goals that we can all agree on for our little communities and networks of technological thinking to converge gradually. Simply put, we need a few checkpoints and short-term goals, towards which we can all work together.

Part 1: Conformance Testing for Measurable Goals

[Written in consultation with the Interoperability Working Group chairs]

A recurring topic in the Interoperability Working Group is that of defining short-, medium- and long-term goals or “targets” for interoperability. The topic comes up again every few months, and each time it does, the chairs try to tackle it head-on for a full meeting or two, some emails, and various off-line discussions, but doing so never seems to arrive at a satisfactory or definitive answer. Each time, what feels a Herculean outlay of effort only gets us a tentative resolution, as if we’d deflected a debt collector with a minimum payment. Dear reader, we would like to refinance, or at least restructure, this debt to our community!

In this two-part overview of our goals for 2021, we would like to survey the landscape of “provable,” testable interoperability targets and give some guidance on what we would like to see happen next in the testable interop world. Then, in a companion article, we will lay out clear proposal for parallel, distributed work on multiple fronts, such that progress can be distributed across various subcommunities and hubs of open cooperation, each reasonably confident that they are helping the big picture by “zooming in” on one set of problems.  

Photo by Christopher Paul High A seemingly uncontroversial target state

Interoperation is a deceptively transparent etymology: any two things that perform a function are inter-operating if they can perform their operation together and mutually. Two fax machines interoperate if one sends a fax and the other receives it, which is a far more impressive feat if the two machines in question were designed and built by different companies on different continents, fifteen years apart. This is the kind of target state people usually have in mind when they imagine interoperability for an emerging technology.

This everyday example glosses over a lot of complexity and history, however. Standards bodies had already specified exact definitions of how the “handshake” is established between two unfamiliar fax machines before either model of fax machine was a twinkle in a design team’s eye. In addition to all the plodding, iterative standardization, there has also been a lot of economic trial and error and dead-ends we never heard about.  Even acceptable margins of error and variance from the standards have been prototyped, refined, socialized, and normalized, such that generations of fax machines have taken them to heart, while entire factories have been set up to produce standard components like white-label fax chips and fax boards that can be used by many competing brands. On a software level, both design teams probably recycled some of the same libraries and low-level code, whether open-source or licensed.

Decomposing this example into its requirements at various levels shows how many interdependent and complex subsystems have to achieve internal maturity and sustainable relationships. A time-honored strategy is to treat each of these subsystems in a distinct, parallel maturation process and combine them gradually over time. The goal, after all, is not a working whole, but a working ecosystem.  Architectural alternatives, for example, have to be debated carefully, particularly for disruptive and emerging technologies that redistribute power within business processes or ecosystems. Sharing (or better yet, responsibly open-sourcing and governing) common software libraries and low-level hardware specifications is often a “stitch in time” that saves nine later stitches, since it gives coordinators a stable baseline to work from, sooner.

Naturally, from even fifty or a hundred organizations committed to this target state, a thousand different (mostly sensible) strategies can arise. “How to proceed?” becomes a far-from-trivial question, even when all parties share many common goals and incentives. For instance, almost everyone:

Wants to grow the pie of adoption and market interest Holds privacy and decentralization as paramount commitments Strives to avoid repeating the mistakes and assumptions of previous generations of internet technology

And yet, all the same… both strategic and tactical differences arise, threatening to entrench themselves into camps or even schools of thought. How to achieve the same functional consensus on strategy as we have on principles? Our thesis here is that our short-term roadmaps need testable, provable alignment goals that we can all agree on for our little communities and networks of technological thinking to converge gradually. Simply put, we need a few checkpoints and short-term goals, towards which we can all work together.

Today’s test suites and interoperability profiles

Perhaps the biggest differences turn out not to be about target state or principles, but about what exactly “conformance” means relative to what has already been specified and standardized. Namely, the core specifications for DIDs and VCs are both data models written in the Worldwide Web Consortium (W3C), which put protocols out of scope. This stems partly from the decisions of the groups convened in the W3C, and partly from a classic division of labor in the internet standards world between W3C, which traditionally governs the data models of web browser and servers,  and a distinct group, the Internet Engineering Task Force (IETF).

VCs were specified first, with a preference (but not a requirement) for DIDs, with exact parameters for DIDs and DID systems deferred to a separate data model.  Then, to accommodate entrenched and seemingly irreconcilable ideas about how DIDs could best be expressed, the DID data model was made less representationally-explicit and turned into an abstract data model. This shift to a representation-agnostic definition of DIDs, combined with the still-tentative and somewhat representation-specific communication and signing protocols defined to date, makes truly agnostic and cross-community data model conformance somewhat difficult to test. This holds back interoperability (and objective claims to conformance)!

W3C: Testing the core specifications

The only test suite associated with the core W3C specifications is the VC-HTTP-API test suite for VC data model conformance and the fledgling DID-core test suite, both worked on in the W3C-CCG. The former tests implementations of VC-handling systems against some pre-established sample data and test scripts through a deliberately generalized API interface that strives to be minimally opinionated with respect to context- and implementation-specific questions like API authentication. The latter is still taking shape, given that the DID spec has been very unstable in the home stretch of its editorial process arriving at CR this last week.

The VC-HTTP-API interface, specified collectively by the first SVIP funding cycle cohort for use in real-world VC systems, has been used in some contexts as a de facto general-purpose architecture profile, even if it is very open-ended on many architectural details traditionally specified in government or compliance profiles.  Its authors and editors did not intend it to be the general-purpose profile for the VC data model generally, but in the absence of comparable alternatives, it is sometimes taken as one; it has perhaps taken on more of a definitive role than originally intended.

Following the second iteration of the SVIP program and the expansion of the cohort, the API and its test suite are poised to accrue features and coverage to make it more useful outside of its original context. Core participants have established a weekly public call at the CCG and a lively re-scoping/documentation process is currently underway to match the documentation and rationale documents to the diversity of contexts deploying the API.

Aries: End-to-end conformance testing

Other profiles, like the Aries interoperability profile, serve an important role, but it would be misleading to call it a VC data model test suite-- it is more like an end-to-end test harness for showing successful implementation of the Aries protocols and architecture. Here “interoperability” means interoperability with other Aries systems, and conformance with the shared Aries interpretation of the standard VC data model and the protocols this community has defined on the basis of that interpretation.

Many matters specified by the W3C data model are abstracted out or addressed by shared libraries in Ursa, so its scope is not exactly coterminous with the W3C data model. Instead, the Aries interoperability profile has its own infrastructural focus, which focuses on scaling the privacy guarantees of blockchain-based ZKP systems. In many ways, this focus complements rather than supplants that of the W3C test suites.

Many of the trickiest questions on which SSI systems differ are rooted in what the Aries and Trust-over-IP communities conceptualize as “layer 2,” the connective infrastructural building-blocks connecting end-users to VCs and DIDs. As more and more features get added to be testable across language implementations, and as feature-parity is achieved with other systems (such as support for LD VCs), the case for productive complementarity and deep interoperability gets easier and easier to make.

The first wave of local profiles and guidelines

Other specifications for decentralized-identity APIs and wallets, modelled on that W3C CCG and/or extending the work of Aries-based infrastructures, are starting to crop up around the world.  So far these have all arisen out of ambitious government-funded programs to build infrastructure, often with an eye to local governance or healthy competition. Canada and the European Commission are the most high-profile ones to date, building on earlier work in Spain, the UK, and elsewhere; Germany and other countries funding next-generation trust frameworks may soon follow suit.

It is important, however, to avoid framing these tentative, sometimes cautious attempts at bridging status quo and new models as universal standards. If anything, these frameworks tend to come with major caveats and maturity disclaimers, on top of having carefully narrowed scopes.  After all, they are generally the work of experienced regulators, inheriting decades of work exploring identity and infrastructural technologies through a patchwork of requirements and local profiles that tend to align over time. If they are designed with enough circumspection and dialogue, conformance with one should never make conformance with another impossible. (The authors would here like to extend heartfelt sympathy to all DIF members currently trying to conform to multiple of these at once!)

These profiles test concrete and specific interpretations of a shared data model that provide a testing benchmark for regulatory “green lighting” of specific implementations and perhaps even whole frameworks. Particularly when they specify best practices or requirements for security and API design, they create testable standardization by making explicit their opinions and assumptions about:

approved cryptography, auditing capabilities, privacy requirements, and API access/authentication

These will probably always differ and make a universal abstraction impossible; and that’s not a bad thing! These requirements are always going to be specific to each regulatory context, and without them, innovation (and large-scale investment) are endangered by regulatory uncertainty. Navigating these multiple profiles is going to be a challenge in the coming years, as more of them come online and their differences come into relief as a stumbling block for widely-interoperable protocols with potentially global reach.

The Interoperability working group will be tracking them and providing guidance and documentation where possible. Importantly, though, there is a new DIF Working Group coming soon, the Wallet Security WG, which will dive deeper into these profiles and requirements, benefiting from a narrow scope and IPR protection, allowing them to speak more bluntly about the above-mentioned details.


Energy Web

Acting our way into new thinking…

A progress update on implementing decentralized SLAs and the EWT Escrow Model At the end of February our CEO Walter Kok laid out the concept of a decentralized SLA and how it will form the basis of a new type of service-level agreement (SLA) for enterprises and vendors alike. Unlike a traditional, bilateral SLA, a DSLA approach is inherently distributed and establishes multilateral trust tha
A progress update on implementing decentralized SLAs and the EWT Escrow Model

At the end of February our CEO Walter Kok laid out the concept of a decentralized SLA and how it will form the basis of a new type of service-level agreement (SLA) for enterprises and vendors alike. Unlike a traditional, bilateral SLA, a DSLA approach is inherently distributed and establishes multilateral trust that the services will be delivered according to the agreement. This new type of business and technical architecture will enable very transparent reporting on the actual, real-world service quality.

We see the DSLA as an important aspect of the Utility Layer of the Energy Web tech stack. The Utility Layer comprises a variety of ‘digital machinery’ (i.e., services) that power the dApps running on the Energy Web Chain. That’s why we unveiled the EWT Escrow Model, as a way to unlock the full potential of the Energy Web tech stack to achieve the delivery of a decentralized service operation and its objectives. The EWT Escrow Model allows for both Providers (i.e., vendors providing Utility Layer services) and Patrons (e.g., community members who may stake some amount of EWT in support).

The entire process leverages EW Switchboard to manage DIDs and roles for Customers, Providers, and Patrons.

Our goal is to launch the first Utility Layer services, complete with escrow and subscriptions, in production by Q3 2021. Between then and now, we’re aiming for a several key milestones, including: a) an alpha release on our testnet, Volta (this is when Patrons will be able to test an early version of the Escrow Model); b) a beta release on the Energy Web Chain; and c) scaling the Utility Layer service network, onboarding additional Providers and Patrons from the wider Energy Web community, adding new Utility Layer services, and integrating the escrow and subscription models with exchanges and other external systems to make it even easier to participate.

If you’ve watched our pipeline of major announcements and initiatives in recent weeks and months, you know that the Energy Web team and the broader ecosystem have been incredibly busy. But we’ve also been making progress on the EWT Escrow Model, and are excited to share this update with you.

SPOILER ALERT: DEAR PATRONS AND PROVIDERS, STAKING IS STILL COMING AND Q3 IS STILL A REALISTIC TARGET.

We finalized the architecture, designed the UI, and got the resources (almost) in place…

The picture below lays out the architecture of the decentralized service operations. It breaks down into four important blocks: 1) Customer Tasks (consuming the service, in green), 2) Provider Tasks (delivering the service, in yellow), 3) The Watchtower (monitoring and reporting on the service operations, in red), and 4) Governance Tasks (smart contracts executing the DSLAs, in blue).

And yes, there at the top are the Patrons, who can stake together with their service provider of choice. Let’s get into a little bit more detail.

THE SERVICE PROVIDER AND THE PATRON

Service Providers (“Providers”) are organizations that operate Utility Layer service nodes. In order to become a qualified Provider, an organization must pass a basic KYC check and deposit a minimum balance of EWT into an escrow smart contract for a multi-year period. Once qualified, Providers can launch service nodes by depositing an incremental amount of EWT in escrow and claim they are ready to deliver the service. The Watchtower will validate the claim (more on the Watchtower below). The following animation shows the User Interface we have developed so far to onboard Service Providers and Patrons:

To meet the minimum escrow balance requirement, Providers can either acquire the necessary EWT themselves or accept EWT from external Patrons in the wider community. As long as Providers deliver services in accordance with the prescribed rules, they will earn a stable income on their deposited EWT.

THE CUSTOMER

Customers follow an onboarding process similar to that of Providers. We want the system to be trustless, so the Providers (and Patrons) need to be assured that the Customer will pay for the service once it has been delivered. So basically, they put their pre-payments into escrow, too. Once the Customer claims that they are ready to consume services, the Watchtower will also validate this claim. The following animation shows the user interface we have developed so far to onboard customers and how they can choose the services and SLAs they want to consume:

THE WATCHTOWER AND GOVERNANCE TASKS

The Watchtower will be a similar decentralized architecture as the one we deploy for the validators of the Energy Web Chain. Watchtower nodes will also follow the Proof-of-Authority consensus algorithm. They are trusted entities, similar to our validators (we expect a subset of our validators to also run a Watchtower node).

Each Watchtower will validate the claim of readiness from both Provider and Customer and individually report on it. The smart contract (part of the governance tasks) will move both to the operational status when there is consensus amongst the Watchtowers. The services are now ready to be delivered and consumed and all the Watchtowers will start to monitor the actual performance. When it is their turn, they will measure and publish their results individually. Again, the consensus algorithm will ensure a decision of the actual performance for the interval, taking all scores into account.

We expect that these intervals will aggregate to a daily / weekly Service Level Score. Then depending on the Service Level Agreement, the payment / slashing logic will kick in. The necessary evidence will be stored on the Energy Web Chain so that at any time it can be accessed (taking into account privacy preserving requirements, etc.).

So what can you expect next..

Looking ahead at the coming months, we’re forging ahead with the schedule we laid out in the original EWT Escrow Model article:

In May 2021, we will conduct an alpha release of escrow and subscription tools on our testnet Volta. This is when our Patrons will be able to early test the staking feature. In June and July 2021, we will conduct a beta release of escrow and service components on the Energy Web Chain (EWC), with an initial cohort of Service Providers from the EWC validator community. Throughout the remainder of the year, we will focus on scaling the Utility Layer service network, onboarding additional Providers and Patrons from the wider Energy Web community, adding new Utility Layer services, and integrating the escrow and subscription models with exchanges and other external systems to make it even easier to participate.

Expect to continue to hear from Energy Web over the coming months. If you have questions or ideas, drop us a note in the comments below! To stay up to date with the latest information, follow us on Twitter or join our Telegram community.

The EWT Escrow Model is closer than ever to becoming a reality — including the 10–20% return on deposited EWT we mentioned when we first announced the Escrow Model. We are now seeing a convergence of positive developments: major projects deploying on the Energy Web tech stack in partnership with our members, a robust community around EWT, and a stronger-than-ever appetite for digital solutions that address the urgent climate challenge. We continue to act our way into new thinking indeed.

Acting our way into new thinking… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


Own Your Data Weekly Digest

MyData Weekly Digest for April 30th, 2021

Read in this week's digest about: 7 posts, 1 Tool
Read in this week's digest about: 7 posts, 1 Tool

Thursday, 29. April 2021

Energy Web

Share&Charge Becomes a Part of Energy Web

Zug, Switzerland—29 April 2021 — Today Energy Web announced that the Share&Charge Foundation has become a part of the global nonprofit. In March 2020, Share&Charge launched its Open Charging Network (OCN) on the Energy Web Chain. Share&Charge’s OCN is a decentralized e-roaming solution for seamless electric vehicle (EV) charging across different charge point networks. Today’s announcem

Zug, Switzerland—29 April 2021 — Today Energy Web announced that the Share&Charge Foundation has become a part of the global nonprofit. In March 2020, Share&Charge launched its Open Charging Network (OCN) on the Energy Web Chain. Share&Charge’s OCN is a decentralized e-roaming solution for seamless electric vehicle (EV) charging across different charge point networks. Today’s announcement makes the Share&Charge team an extension of Energy Web’s core team, while the OCN becomes more tightly integrated with the EW tech stack.

“In the global energy transition, EVs are one of the fastest-growing segments, with customers investing trillions in all-electric cars and trucks, while automakers, charge point operators, and utilities are investing heavily in charging infrastructure,” explained Jesse Morris, chief commercial officer of Energy Web. “EVs sit at the intersection of several major use cases for open-source digital technology like the Energy Web tech stack. Giving EVs self-sovereign identities enables them to easily and efficiently register in energy markets to provide services to grid operators. They’re a major new source of demand for renewable energy. And it will become increasingly important to track their batteries throughout their lifecycle, in alignment with regulations around the world. Bringing Share&Charge into the Energy Web family better prepares us to support the coming e-mobility future.”

Share&Charge will continue to operate as an independent brand, although it will now do so in closer alignment with the Energy Web team and strategy. “This is an exciting transition for Share&Charge and we are happy to be joining forces with EW,” said Dietrich Sümmermann, chair of the Share&Charge Foundation board. “As more and more companies join Energy Web and its global ecosystem, we stand ready to support seamless e-roaming as EVs become the dominant form of mobility in the decades ahead.”

Energy Web is working together with the OCN community through already-established channels — both supporting the current OCN and the development of a DID-based OCN 2.0. Stay tuned for more on this front.

About Energy Web
Energy Web is a global, member-driven nonprofit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. We enable any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors our tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Share&Charge Becomes a Part of Energy Web was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


DIF Blog

Introducing DIF Grants

DIF is kicking off a program to administer narrowly-scoped financial support for community initiatives, ranging in format from grants to more competitive implementation bounties, hackathon-style open collaborations, and security reviews.

Lightweight micro-grants to further the DIF mission

DIF is kicking off a program to administer narrowly-scoped financial support for community initiatives, ranging in format from grants to more competitive implementation bounties, hackathon-style open collaborations, and security reviews. Although the complexity and number of stakeholders involved will naturally vary, all of these bounties will all be structured around public “challenges” that directly reward efforts helpful to the community as a whole.

Each of these challenges will culminate in a library-, repository-, or narrow specification-sized donation that closes interoperability gaps, generates usable documentation, or solving other tooling and data problems that move the decentralized identity needle. These could be signature suites, libraries, toolkits, or even detailed tutorials and implementation guides.

Prompts for whitepapers or non-normative implementation guides are harder to define in testable terms, but still welcome; one way of defining them is by listing a significant, finite set of input documents (such as specifications and regulatory profiles) and defining success as simple, useful documentation incorporates all their prescriptions and limitations.

Photo by Julien Chatelain

To make the awarding of these grants as objective and non-controversial as possible, we will be administering them in the form of technically-specified “challenges” that break down into specific, testable criteria. Submissions will be defined as donations to DIF that meet some or all of the criteria of a given challenge; the Technical Steering Committee will administer the adjudication of testing submissions against challenges.

Grant money can be offered directly from DIF’s budget by decision of the DIF’s governing board (the Steering Committee) and/or offered by a member company and approved by the SC. The donator of the grant funds can choose a specific WG or combination of WGs to specify and fine-tune the challenge. These WGs work with the Technical Steering Committee to ratify successful completion and authorize release of funds once a conforming donation has been received.

FAQ for DIF Grants: Who can offer a Grant?
Any DIF member and/or the DIF Steering Committee can offer a grant (or matching funds) as long as the scope of the challenge benefits the entire DIF community. DIF SC will review grant requests before the challenge is prepared and published. Who writes the challenge?
Grants challenges are written by the chairs and/or the members of the WG chosen by the donors to administer the grant. The WG is responsible for writing a challenge acceptable to the SC and the grantor. WG chairs should submit the challenge at least one week before the deadline for Grantor approval (aka “go/no go decision”), to allow for fine-tuning or negotiation of terms. What makes a good challenge?
A good challenge is testable to make the decision about its success objective rather than subjective, and it should include its own testable definition of success and, where appropriate, usable test fixtures.

A good challenge also serves the broader community equally (for instance, not just JWT-, LD-, or Aries-based systems). A challenge should not favor any given commercial product (or infrastructure such as specific blockchains) substantially over others, and care should be taken to think through what the “equivalences” or counterparties are if a challenge comes from a specific community, credential format, etc.

Who can submit and who reviews it?
Participation is open for the broad community (no prior DIF membership is required), but submissions will only be considered upon donation to the challenge-owning DIF WG. The donation should be “clean IP,” i.e. comprised entirely of IP generated by the donator(s), and the challenge owner may also impose some limitations on external dependencies. Is there a minimum and maximum donation size that DIF will administer as a grant?
For now, DIF has decided not to use this structure for grants under 1000U$. DIF cannot manage grants of over 50,000K U$ at this time. How is/are winner(s) selected?
Each challenge can specify the relationship between testable criteria and winner(s). The template for challenge authors specifies a few common patterns, i.e., pre-approved grantee(s), bounty-style competition, and sponsored lead/editor for an open work item.

Payment is handled through a contract signed with JDF. Checklist for defining a good challenge: Define the solution to the challenge as simply as possible, ideally in one noun phrase, i.e. “A lossless, general-purpose translator between DID Document representations”, “A sample implementation that reimplements DIDComm access via Bluetooth in a second major language,” or “A specification for how EDVs could be accessed over NFT written by someone with broad NFT and security experience” Consider redundancy of effort - Do people apply with an idea and get approved to execute (i.e., “grant”), working in reasonable confidence of post-success payment if they meet the deadline? Or do they compete with unknown number of other teams, only applying to get paid after completion? It is recommended that challenge owners decide early between these three modes of operation: “mini-grant” mode: applicants get pre-approved before beginning work and work privately until donating “Work item” mode: applicants get pre-approved to lead a public work item at DIF, which may accept volunteer contributions from other DIF members. Work should be donated even if the challenge is not completed or is completed sooner by another party. “Open participation” mode, aka implementation bounty: anyone can work privately and successful donation(s) get(s) the award. A good challenge should not be met merely by addressing known bugs, repackaging prior art, superficial/minor bugs, etc. Where in the interoperability WG’s map of implementer decisions does the challenge “live” and which sections does it directly affect? Answering this question may help argue for direct or indirect benefits to the whole community. How familiar are the authors of the challenge with that specific problem space, in and outside of decentralized identity? Have experts been consulted from outside the WG, or better yet, outside of the decentralized identity community? How evenly distributed would the benefits be? Please consider (and write out) how various subcommunities (i.e., Aries-based solutions, JWT-/JSON-based solutions, and LD-based solutions) would benefit from this solution. If the benefits would be unevenly distributed, consider adding an additional challenge criterion (perhaps even awardable separately) for extending extra benefits to the least-served community, such as an implementation guide, @Context file, vocabulary to aid translation, etc. Define criteria for success, ideally testable ones to minimize the subjective judgments to be made by the TSC. If possible, include dummy data and other test vectors. Securing formal review by an outsider with specified qualities or experience can be written in as a success criteria or payment trigger. Vaguely-worded requirements of “originality” are hard to assess, but negative requirements like “MUST/SHOULD not re-implement existing solutions linked from the reference section of this spec” can help make sure requirements clear to all involved.

Wednesday, 28. April 2021

GLEIF

The Seven Step Process to Becoming a Validation Agent

In 2020, GLEIF launched a transformative new role into the Global LEI System: the Validation Agent. Having listened to the challenges that financial institutions (FIs) were facing when it came to onboarding new clients, we introduced this new operational model to help FIs overcome delays and save time by removing duplicative processes across onboarding and LEI issuance. The Validation Agent

In 2020, GLEIF launched a transformative new role into the Global LEI System: the Validation Agent.

Having listened to the challenges that financial institutions (FIs) were facing when it came to onboarding new clients, we introduced this new operational model to help FIs overcome delays and save time by removing duplicative processes across onboarding and LEI issuance.

The Validation Agent Framework empowers FIs to leverage their know your customer (KYC), anti-money laundering (AML) and other regulated business as usual onboarding processes, to obtain an LEI for their customers when verifying a client’s identity during initial onboarding or during a standard client refresh update. As a result, FIs acting as Validation Agents save time and cost while enhancing their client onboarding experience by removing the duplication of data validation processes.

By becoming Validation Agents financial institutions can also streamline, accelerate and diversify their use of the LEI, and ensure their autonomy as they look to digitize their business processes.

GLEIF signed JP Morgan as its first Validation Agent at the end of 2020 and is continuing to invite FIs to participate in the Framework’s trial phase and establish first-mover status in the market.

GLEIF is working to standardize the trial engagement process, but also acknowledges that every FI employs its own processes and departmental functions differently. This is why GLEIF is committed to working with each triallist individually to explore and define the Validation Agent role ‘in context’, and to ensure the Global LEI System continues to meet the sector’s needs.

The trial process is comprised of seven steps, as illustrated in the graphic below.

To provide more detail around what this process entails, our latest eBook details what FIs can expect at each stage of this trial, the benefits they can look to enjoy working as part of the Framework and answers some frequently asked questions.

Interested in finding out more? You can download the full eBook by clicking here, and if that doesn’t answer all your questions, our first eBook on the role of the Validation Agent might, which can be found here.


OpenID

Welcoming Gail Hodges as Our New Executive Director

The OpenID Foundation is thrilled to welcome Gail Hodges as the new Executive Director of the OpenID Foundation. Those of you who already know Gail know that she’s passionate about enabling digital identity to serve the public good. She has extensive experience both in the digital identity space – for instance, having founded the Future […] The post Welcoming Gail Hodges as Our New Executive Dire

The OpenID Foundation is thrilled to welcome Gail Hodges as the new Executive Director of the OpenID Foundation. Those of you who already know Gail know that she’s passionate about enabling digital identity to serve the public good. She has extensive experience both in the digital identity space – for instance, having founded the Future Identity Council, and in the payments space – among other accomplishments, having headed Apple Pay in Latin America and having been the global head of digital payments at HSBC.

The Foundation’s former Executive Director and now Non-Executive Member of the Board of Directors, Don Thibeau, said, “I’m looking forward to working with Gail as a new leader for a new era for the Foundation. She brings international operational experience, a fresh perspective, and new energy to the community.”

In her own words, Gail affirmed “I’m honored to be joining the OpenID Foundation at this critical juncture, when robust Identity infrastructure is ever more important to people and society. I look forward to working with the OIDF Board and members, as well as the wider community, to help solve the Identity problems of our time.”

We look forward to the fresh views that Gail will bring to the OpenID Foundation. We see her joining as a unique opportunity to both review the programs and strengths of the OpenID Foundation as it exists today and to refine our vision and strategic plans.

Welcome Gail!

— The OpenID Foundation Board of Directors

The post Welcoming Gail Hodges as Our New Executive Director first appeared on OpenID.

Digital Scotland

The Power of Facebook Ads and Video to Drive Leads and Sales

Chris Torres of the Tourism Marketing Agency shared insights on how to leverage Facebook ads to stand out from the crowd. The post The Power of Facebook Ads and Video to Drive Leads and Sales appeared first on Digital Scotland.

On a Digital Scotland webinar Chris Torres of the Tourism Marketing Agency shared insights on how to leverage Facebook ads to stand out from the crowd. What are the Facebook Ads?

Facebook ads are paid messages from businesses that are written in their voice and help reach the people who matter most to them. Advertisers create campaigns that have specific goals, which we call advertising objectives and they create ads within those campaigns to help them reach those objectives.

Facebook Advertising is now one of the most effective tools out there to grow your business, create loyal customers, and generate leads and sales. It helps marketers increase visibility for their ads, build brand awareness.

Video Summary

In this video Chris will give insights into how a person can make his/her brand stand out from the crowd why a person should change their perspective away from running a tourism business.

Firstly, he starts with customer journey. The three main parts of the journey is usually the dreaming the planning and the booking. The dreaming phase helps with the planning and the purchase and booking. The funnel works through different stages such as –

Brand Awareness Ad Free Value Ad Trust Ad Sales Ad

The purpose of brand awareness ad is to drive targeted traffic to the website and raise brand awareness. The purpose of free value ad is to target people who landed on that landing page and in this instance, they want them to download a free cookbook that this company has created. Another purpose is to offer value in exchange for their email address.

It targets visitors to the website. The purpose of trust ad is to continue value to the customer and build trust in the brand with small videos. It mainly targets the visitors who have downloaded the guide from the website.

The purpose of sale ad is to continue value to the customer and build trust in your brand with a 30 sec video from a guide or carousel image. It targets the visitors who downloaded the guide and past visitors. The overall daily budget for per day is 20-25 pounds.

One of the quick tips to attract audience is to use square images or videos. This helps the ads stand out more. An Irish Tourism company used various technics to attract the American audience to visit a particular spot in Ireland, where a portion of the shooting of Star Wars occurred.

Cool Travel Iceland a tour agency used a video which cost almost $60 to attract the audience. They were pretty successful in this. In the whole campaign it was over a month or two the whole campaigns have produced over 300 leads close to 400 and all from our 30 pounds ads and that’s how an effective video can be made. For Facebook campaign a video can be made without breaking a bank.

The videos are important because it builds the brand reputation, lasting relationships and users actually love to watch them. The 79% of the travellers search for Youtube videos before planning the tour. Consumers process information with videos 60,000 times faster than written form. The videos can be made within budget by using Iphone or GoPro with Karma Grip.

There are many free tools to edit or improve the videos. Creating professional videos for promotion or for attracting audience is very easy in a modern day. To have a successful campaign all the above-mentioned requirements should be fulfilled.

Video Timeline

0:00 Intro
6:49 Customer Journey
8:55 The Funnel
15:52 The Funnel: Real life examples
26:49 Why video is important?
29:15 Filming with budget
34:45 Touriosity Facebook Video
38:00 Outro

The post The Power of Facebook Ads and Video to Drive Leads and Sales appeared first on Digital Scotland.

Monday, 26. April 2021

Digital Scotland

The Story of Napster – Part One

The history of the ultimate digital disruptor - Napster. The post The Story of Napster – Part One appeared first on Digital Scotland.

In the ’90s, it was a great time to be in the music business. Things were booming. And as a result, there were expensive parties, big launches. That was part of the culture.

This was the era of NSYNC and the Backstreet Boys. This was the era where a single hit could sell 10 million albums plus. Artists were just printing money. Artists had the great sales of CDs over that period dwarfing whatever had happened in the industry before. The profits coming in were massive. It was a hell of a lot of fun.

Birth of the MP3

We really didn’t foresee the change in the technology. We’ll be telling you tonight about a method of compressing audio data called MP3. And that was the end of everything we know. The birth of the MP3 was a seminal moment for all of media and entertainment. It would completely change the music industry. It opened up people’s minds to what the future would be.

The music industry is not viable. Movies, books, television, nothing creative had any value then. The music industry simply did not embrace the magnitude of the change and it failed. You can’t fight progress. You can’t fight technology. The MP3 totally changed people’s relationship to the internet, to culture, to how society works. It’s a fact that was so much bigger than just the music industry.

The story of the MP3 really begins in West Germany back then in the early ’80s and even late ’70s. People started trying to compress music. Dieter Seitzer was a visionary who came up with the MP3. He was seeing the original digitization of music with a compact disc and thinking, instead of manufacturing millions upon millions of plastic discs, why don’t we store all the data in one centralized computer and then stream it to people in their homes. So, he applied for a patent to use the phone system to transmit music. In 1982, that’s when they had this idea. But they had a huge problem.

The compact disc took about a million bytes of information to store one second of audio. And the pipe they were trying to send it through, the telephone, could only do about 128,000 bytes. For this to work, they somehow had to magically shrink the size of the compact disc by 90% or more. The patent examiner looked at it and said, “No, it’s not possible.” Essentially, almost everyone thought this was impossible.

There’s no way to do this. But around 1987 or 1988, Dieter Seitzer’s brilliant graduate student, Brandenburg, made a breakthrough by taking advantage of this sort of obscure academic discipline – Psychoacoustics (the study of how the ear perceives sound).

The Era of Peer to Peer

By 1998, the pirates found out that music can be listened free of cost in computer. Dan Tsurif was the early mp3 pirate. He was the founder of mp3 piracy group known as ‘Audiopunks’. This group specialized in everything from punk rock, to ska, to hardcore and heavy metal. They had downloaders from Indonesia, Japan, or Russia and many more countries. People were downloading from his group. This wasn’t called piracy in that time but rather it was file sharing

The latest advance, called MP3, comes via the internet. It was the future of music and audio. There were millions of people out there who not only understand what digital downloading technology is about, but who use it daily to great personal advantage. There wasn’t any panic in the industry in the early days.

Some people took this thread as an opportunity. People used to call it the celestial jukebox. Celestial jukebox was a theoretical construct at the time. Every song ever made was going to be in the cloud ,and would be instantaneously available to anyone on the planet simply by pressing a button on your gizmo. But the industry really did not embrace that opportunity.

But there was an awareness that the digital revolution was coming and anybody who was in a senior position had to say how do we make this work for us? They began trying to find a way to legitimately sell music on the internet. ‘What systems do we develop? How do we deal with how we sell it? How do you price it?’ these questions were in the mind of music company owner. Sony Music said they will the first major recording company to sell new releases through the internet. These virtual singles will be released at the same time as CDs go into the stores.

When the Peer-to-Peer (P2P) came, it changed everything. In 1999, observing the file sharing system as good, Shawn Fanning and Sean Parker created Napster.

Now at the time, there were all these MP3 files being created, but there was no sort of central index where people could go download them easily. Shawn Fanning thought of creating a technology that could connect peer to peer server and could download music. Parker’s role was essentially the face of the organization. Fanning wrote the code. Fanning kind of did all the technical and computer side stuff. He wrote all the codes.

If you typed any artist’s song in the Napster, you will get the song instantly. It was by far the fastest way to download music from the internet. It allows anyone to copy thousands of musical selections for free. And it’s spread so quickly that it’s clogging computer networks on hundreds of campuses. So, this became hugely popular overnight basically. It was really one of the first viral apps.

Video Timeline

0:38 – Craze of CDs
1:32 – Sudden rise of MP3
2:49 – How the MP3 changed the music
3:18 – The birthplace of MP3
4:20 – Science behind MP3
8:11 – Piracy in MP3
12:12 – How MP3 affected the music industry
14:14 – The creation of Napster

The post The Story of Napster – Part One appeared first on Digital Scotland.


Hacking the Metaverse – Building the Next Version of the Internet

How the Internet will evolve to become an entirely immersive virtual world. The post Hacking the Metaverse – Building the Next Version of the Internet appeared first on Digital Scotland.

One of the most profound visions for our technology future is ‘the Metaverse‘.

This is explained by Marko Balabanovic in his article Who Will Own the Metaverse:

“a collective virtual shared space, created by the convergence of virtually enhanced physical reality and physically persistent virtual space, including the sum of all virtual worlds, augmented reality, and the internet”.

Marko explores the background, industry applications and technology stack that makes up this exciting evolution.

It’s also called the ‘AR Cloud‘, “a persistent 3D digital copy of the real world to enable sharing of AR experiences across multiple users and devices” that will ‘infuse meaning into every object in the real world’. VentureBeat offers this primer, describing it as the next version of the Internet, with massive implications for every industry such as movies.

Human Co-Experience – Building the Metaverse

Another vision of the Metaverse is shared by David Baszucki, Founder and CEO and Roblox, a popular game creation site where users design and upload their own games as well as play other games in a multiplayer environment.

Speaking at the 2020 Roblox Developers Conference David gave this presentation. From 16m:20s David shares the ultimate vision of Roblox, to realize the concept of the Metaverse fantasized about for years by the sci-fi community and more recently by the tech industry.

The Roblox team envisage very fun, large-scale participation scenarios, like a medieval battle with 50,000 players attacking a destructible castle. They’re starting to pioneer the first building blocks of this through hosting their town hall meetings virtually on Roblox.

Key technology innovations to simulate the real world include great avatars and the ability to simulate how the real world sounds. For example being able to whisper to the person next to you while you can still hear the loud speaker announcements, what they call ‘spatial audio’.

Another example demonstrating the concept is their One World virtual concert, and given the global pandemic it’s likely to prove a hugely popular trend, another great opportunity for their developers.

Somnium Space

Another venture pioneering the concept is Somnium Space, an open-source social VR world powered by blockchain and shaped entirely by its users, allowing them to buy digital land where they can build VR homes and buildings.

As VR Scout reported in Feb 2020 the platform announced the launch of Somnium 2.0, a new update that promises to move us closer to a true Ready Player One virtual experience.

“Imagine standing on the top of the highest mountain inside of a virtual mountain looking down to see thousands of users exploring the world beneath in real-time; unlike a majority of multiplayer VR games where players are divided into sub servers and mirrored instanced rooms, Somnium 2.0 actually hosts all its players in a single massive world.”

 

The post Hacking the Metaverse – Building the Next Version of the Internet appeared first on Digital Scotland.


Harnessing Augmented Reality for Scottish Digital Tourism

Destinations can use technologies like Virtual and Augmented Reality to create immersive tourism experiences. The post Harnessing Augmented Reality for Scottish Digital Tourism appeared first on Digital Scotland.

Futuristic technologies like Augmented Reality can be applied in a practical way to boost success for Scottish businesses. Tourism is a great example. Enhancing the experience with these types of exciting innovations will draw in even greater visitor numbers and continue the massive economic success of this industry.

This Conversation article comments on the details of this economic success and the critical role immersive experiences can play in facilitating this boost.

Simple examples include AR tourism guides, such as this one for Inverness Castle, and for Loch Lomond they inserted ‘Zapcodes’ into the local guide magazine, to trigger AR links that enhance the printed word with a virtual experience. You can discover Fife and discover the Highlands via AR.

Smartify

Another great example is described in this recent news, about Blair Castle adopting the Smartify app. Via easy-to-use interfaces and well designed technology available as a native and web app, the Smartify guide allows visitors to follow their own interests and curated tours, with additional features such as e-commerce, targeted push notifications and donations.

Other Scottish venues adopting Smartify include the National Galleries of Scotland. The Smartify case study explains how the venue employed the app for their Ray Harryhausen exhibition, to offer visitors a fun (and COVID-safe) experience on site, as well as access from home.

With Smartify already used by the museum across the permanent collection, staff were keen to use the platform to deliver an audio tour safely to visitors’ own smartphones without the need for rented devices or touch screens. They also wanted to provide teaser content and came up with the idea of re-animating one of Harryhausen’s famous skeletons from Clash of the Titans in Augmented Reality.

They worked with Scottish animation agency Playdead to develop an AR animation of the famous skeletons from Clash of the Titans. Visitors on site could scan the original skeleton model and watch it come to life again, while audiences at home could also play with the AR animation.

Virtual Treasure Hunts

For more advanced and engaging experience the technology can be combined with features like ‘Gamification’, to enable super fun activities like Virtual Treasure Hunts. As the Conversation article highlights:

“It’s the sort of immersive experience that many tourist attractions want to have these days. At the Burns Birthplace Museum in Ayrshire, dedicated to Robert Burns, visitors can download an app aimed at children called the Mighty Mission Trail. It sends them on a virtual treasure hunt throughout the site and surroundings.”

This highlights the other types of technologies that can be called into play. For example Google Maps Gaming provides a capability for making more use of location data in mobile games, the Pokemon Go type, that can ‘can unlock augmented reality and social gameplay, can increase engagement and retention, and can help bring new life to games that were originally designed without a location component.’

This is complimented by their general capabilities for improving navigation, such as AR Navigation and harnessing AI for Global Navigation, helping you to better navigate cities.

These various innovations provide the building blocks for creating any type of highly immersive, highly engaging experience, that better enables visitors to explore and enjoy attractions, with the ability to ‘gamify’ the experience of particular value for those looking to attract children and young families.

In general this barely scratches the surface of the staggering scale of opportunity this technology trend offers Scotland. From Oil & Gas through Telemedicine and Digital Tourism, Augmented Reality can enable a myriad of transformative industry solutions, each with valuable local application and also huge global export potential.

The post Harnessing Augmented Reality for Scottish Digital Tourism appeared first on Digital Scotland.

Friday, 23. April 2021

Elastos Foundation

Elastos Bi-Weekly Update – 23 April 2021

...

Digital ID for Canadians

DIACC Women in Identity: Azadeh Dindayal

DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights…

DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights will be regularly socialized through DIACC’s LinkedIn and Twitter channels as well as our monthly member newsletters.

If you’re a DIACC member and would like us to feature your spotlight, contact us today to learn more!

DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights will be regularly socialized through DIACC’s LinkedIn and Twitter channels as well as our monthly member newsletters.

If you’re a DIACC member and would like us to feature your spotlight, contact us today to learn more!

What has your career journey looked like?

I’ve had an incredible journey working and meeting individuals who are passionate about transformation, digital experiences and pushing the boundaries of what has been possible.

When you were 20 years old, what was your dream job and why?

I don’t think I ever wanted to confine myself to one dream job. It was about what I could learn and the people I would interact with that mattered most.


As a female leader, what has been the most significant barrier in your career?

Overworking. I worked hard, very long hours, and many late nights. It caused me to burn out and not focus on the things that mattered. I now make a continuous effort to keep a balance.

How do you balance work and life responsibilities?

Taking time out for my health and stress relief on a regular basis is key to how I manage and balance my life and work now.

How can more women be encouraged to pursue careers in the digital ID/tech space?

I think meeting other women in the industry is a good start. A mentorship program would be even better. I wish I had that when I was starting out my career.

What are some strategies you have learned to help women achieve a more prominent role in their organizations?

Internal sponsorship of women by other leaders is very important. We need to learn to humbly ask for that sponsorship and genuinely put in the time and effort to achieve the goals we set for ourselves.

What will be the biggest challenge for the generation of women behind you?

There’s many. But I believe the greatest challenge will continue to be managing family and work for some time until this issue is systematically addressed by our public & private sector. Childcare is not considered a right in Ontario. Stop the stigma of motherhood. Companies need to offer men and women both a fair and balanced chance. Being a parent is not a disability.

What advice would you give to young women entering the field?

Don’t set limits for yourself. Don’t be shy to ask why. Make friends everywhere.

Azadeh Dindayal is the Vice President of Marketing at Identos.

Follow Azadeh on Twitter and LinkedIn



Elastos Foundation

Gelaxy Team: What’s Ahead in 2021

...
...

Own Your Data Weekly Digest

MyData Weekly Digest for April 23rd, 2021

Read in this week's digest about: 6 posts, 1 question
Read in this week's digest about: 6 posts, 1 question

Thursday, 22. April 2021

WomenInIdentity

Member interview with Azadeh Dindayal

What do you do and what is it about your job that gets you out of bed in the morning? There are so many things about my job that gets… The post Member interview with Azadeh Dindayal appeared first on Women in Identity.
What do you do and what is it about your job that gets you out of bed in the morning?

There are so many things about my job that gets me out of bed in th morning. First, I love that I have the opportunity to solve for a trustworthy, informed and transparent way to control our personal information. We need a simple digital identity in so many facets of our digital lives and it’s sorely lacking. Second, I love knowing that I’m contributing to a safer digital future for my children and the next generation. Finally, and most importantly, I love the people I get to share the experience with – the team at IDENTOS, our customers and the identity community continues to humble me.

How did you get to where you are today?

Hmm. Hard to say. Where am I today? I am a daughter, a sister, a mom, a tech professional and very grateful for it all. I don’t know how I got here since most of this was likely already planned before my time… but for the moments I had the opportunity to make a choice, I would say that I’ve arrived here thanks to having trust in myself and others who wanted the best for me.

What is the most important lesson you have learned along the way?

The most important lesson is to really take stock of the people we interact with, especially the people who share in the same vision and are doing their best to create a better future. The more human and connected we are, the better our solutions will be.

What’s your pitch to CEOs in the identity space? What do you suggest they START / STOP / CONTINUE doing and why?

Keeping this focused on identity, I’d say:

START joining other innovators in your community and offer to work on complementary identity projects STOP asking for input from the same groups or people. Surround yourself with different voices and perspectives. CONTINUE bringing your best in identity solutions to build a privacy-respecting, sustainable digital future for citizens, patients, students, parents, children, et al. In one sentence, why does diversity matter to you?

Solutions will fall flat unless we can recognize our blind spots.

What book/film/piece of art would you recommend to your fellow members? Why?

In a field that is dreaming up the future, it probably comes as no surprise that I like to spend a lot of time with movies that have done the same. Aside from diversity, Sci-fi movies also have the power to offer different perspectives. Flicks like Gattaca, Ai, Hunger Games, Battlestar Galactica, West World all have an identity component in the plot that’s interesting to observe. I love the impact it has on the characters’ quality of life, not to mention the freedoms and liberties of some.

What advice would you give to the teenage ‘you’?

As a teenager, I was full of big dreams and wanted to fulfill them all. Personally, this caused a lot of stress, and after a while it also didn’t leave a lot of room for connecting with the people and things I cared most for. If I had the opportunity, I’d tell my teenage self:  “Continue to dream big and have a compass, but don’t be so hard on yourself. Instead, do your best with what you have while giving yourself space to do the things you find most fulfilling.”

Connect with Azadeh on Twitter: @amahinpou and LinkedIn: https://www.linkedin.com/in/azadehd/

The post Member interview with Azadeh Dindayal appeared first on Women in Identity.


Sovrin (Medium)

A Deeper Understanding of Implementing Guardianship

Sovrin releases two new Guardianship Credentials papers at Internet Identity Workshop #32 In December 2019 the Sovrin Guardianship Task Force released a whitepaper titled “On Guardianship in Self-Sovereign Identity.” This groundbreaking paper explored guardianship in the context of SSI, and provided two use cases: one for a refugee, Mya, and one for an elderly living with dementia, Jamie. (W
Sovrin releases two new Guardianship Credentials papers at Internet Identity Workshop #32

In December 2019 the Sovrin Guardianship Task Force released a whitepaper titled “On Guardianship in Self-Sovereign Identity.” This groundbreaking paper explored guardianship in the context of SSI, and provided two use cases: one for a refugee, Mya, and one for an elderly living with dementia, Jamie. (Watch the video illustration of these two use cases at the end of this article.)

Recognising the need to develop the work beyond the whitepaper, the Sovrin Foundation chartered a Sovrin Guardianship Working Group (SGWG) in December 2019. Two key documents were identified as outputs for the working group: a Technical Requirements for Guardianship and Implementation Guidelines. After more than a year of hard work, the two papers were completed and will be publicly presented and released at the Sovrin’s breakout session at the Internet Identity Workshop (IIW) #32 during April 20–22, 2021.

“When we started the work on defining technical requirements for guardianship in early 2020, we viewed the task as relatively simple. ‘All’ we had to do was extract the guardianship requirements from the use cases in the previous whitepaper… It turned out that this view was optimistic,” said John Phillips, one of the authors and Chairs of SGWG in Asia Pacific. “We found that the gap between the two use cases in the whitepaper and technical requirements was too broad. So we realised we needed to revisit our thinking. We needed a conceptual bridge, a ‘mental model’ to understand Guardianship broadly so we could write appropriately narrow technical requirements. The lesson we have (re)learnt in our journey is that, before you can describe something in simple terms, you need to make sure you have a broad and deep enough understanding of the topic.”

The first paper is called the Guardianship Credentials Implementation Guidelines and its purpose is to provide readers with the background they need to implement IT systems that support various kinds of guardianship. In particular, it focuses on what they need to know when using Verifiable Credentials and Decentralised Identifiers, the building blocks of a SSI framework within the frameworks of Sovrin Governance and Trust Over IP (ToIP).

This paper is intended for all people interested in the design, build and operation of a Guardianship implementation using an SSI framework. It outlines the conceptual framework for Guardianship and provides implementation guidelines. The document introduces and uses a mental model to help understand the interplay and relationships of the key entities and actors involved in the establishment, running and ending of a Guardianship Arrangement.

While this document provides background explanations of the thinking that led to the technical requirements guidelines, it does not mandate or warrant specific rules for the implementation of Guardianship as these should be Jurisdiction specific, which is defined by the mental model in the document.

The second paper is called Guardianship Credentials Technical Requirements which was developed by the technical requirements working group within the SGWG. The purpose of this document is twofold: i) provide principles under which guardianship scenario designs and requirements are considered and defined; and ii) provide technical requirements for SSI solutions that offer the capability of guardianship.

The intended audience for this document includes: i) individuals looking to understand how guardianship should be implemented for their use case; ii) SSI solution designers that require guardianship to support the use of VCs in their specific use case; iii) readers who want to understand how Guardianship can work in an SSI context.

The requirements described in this paper, together with other SSI standardization, describe when an SSI solution offers the capability of guardianship. In this case, the requirements are mainly for the technical building blocks that live in the bottom three layers of the Technical “Stack” of the Sovrin/ToIP framework. The mental model, however, is also relevant for the top layer (ecosystem), as guardianship is intricately linked to what we will be defining as Jurisdictions, and this enables human governance to be applied to the first three layers.

This document should be read in conjunction with the Sovrin Guardianship Credentials Implementation Guidelines mentioned above. In particular, readers who are looking to understand the thinking behind these requirements are encouraged to refer to the Implementation Guidelines.

These two papers are the first public release of implementation guidelines and technical requirements for guardianship in the context of SSI. There are sections at the end of the documents that propose areas of future work, and it is expected that these two documents will be updated as technology evolves and open discussion and decision areas are resolved.

Download the two papers here.

Sovrin Guardianship Use Case #1— Mya (a refugee girl)

Sovrin Guardianship Use Case #2 — Jamie (an elderly living with dementia)

Video credit: John Phillips

Originally published at https://sovrin.org on April 22, 2021.

This all-volunteer Sovrin Guardianship Working Group is open to anyone with a genuine interest in and willingness to contribute to digital guardianship. For more information, please see its webpage for details.

A Deeper Understanding of Implementing Guardianship was originally published in Sovrin Foundation Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.


Energy Web

Top 5 Ways Energy Web is Accelerating the Clean Energy Transition

The first Earth Day — held April 22, 1970 — is considered the birth of the modern environmental movement. More than half a century later, it has taken on renewed focus amidst the climate crisis. Here at Energy Web, we are developing open-source digital infrastructure to accelerate the low-carbon energy transition and expand access to clean energy markets for all. Here are five specific ways we — t

The first Earth Day — held April 22, 1970 — is considered the birth of the modern environmental movement. More than half a century later, it has taken on renewed focus amidst the climate crisis. Here at Energy Web, we are developing open-source digital infrastructure to accelerate the low-carbon energy transition and expand access to clean energy markets for all. Here are five specific ways we — the Energy Web team, Energy Web members, and the broader Energy Web ecosystem — are working together to speed global decarbonization.

1. Supporting flexibility markets, making it possible for DERs to help balance renewable grids

Distributed energy resources (DERs) — from batteries and electric vehicles to “behind the meter’ devices like smart thermostats — are fast becoming crucial components of increasingly decentralized and dynamic power grids that are running on growing amounts of renewable energy. Such DERs can play a valuable role providing grid services, such as helping to balance supply and demand in flexibility markets. Thus we believe it is essential to make it easy for DERs to enroll, participate, and get compensation for delivered grid services. This is why we built and keep advancing Energy Web Flex as a software development toolkit that grid operators like Austrian Power Grid can use to tap into the full potential of DERs at the lowest administrative cost possible.

2. Digitizing renewable energy markets, making it faster and easier to source renewables

We are building open-source tools to help buyers more easily achieve their proof-of-impact needs and companies around the globe launch user-friendly, digitized renewable energy market platforms. For example, Energy Web Origin is a software development toolkit we built and continue advancing that digitizes the entire energy attribute certificate lifecycle — from certificate issuance to trading and cancellations/claims — for any clean energy market. We are also working directly with various companies around the world to help them use EW Origin to launch their own digitized renewable energy marketplace platforms across Asia, Europe, and the Americas. In addition, Energy Web is developing Energy Web Zero, a renewable energy search-and-match engine that helps buyers discover all available renewable energy products and make direct purchases from platforms (like those built with EW Origin). Think Skyscanner or Kayak.com meets renewable energy markets.

3. Enabling lifecycle asset tracking, such as batteries, as part of a circular green economy

We know that it is important to understand and track the environmental impacts of all energy devices — from batteries to solar panels and wind turbines — from cradle to grave. This lifecycle tracking is also part of major legislation such as the European Green Deal, not to mention major movements such as the circular economy. Energy Web is leveraging our tech stack and developing tools that companies are using to bring solutions to the market, such as our work with BeBat and Fluvius in Belgium to support EasyBat. EasyBat makes it possible to holistically manage customer-owned batteries (both private & professional use) participating in Belgian electricity markets, including legal takeback obligations and/or extended producers responsibility (EPR) of battery manufacturers.

4. Advancing the Crypto Climate Accord to decarbonize an entire sector

We spearheaded the Crypto Climate Accord (CCA) earlier this month in partnership with RMI and the Alliance for Innovative Regulation (AIR) to decarbonize the global crypto and blockchain industry. We are excited to drive it forward with a fast-growing community of now 40 CCA Supporters. More importantly, we have already started identifying, defining, and developing a fast-emerging suite of open-source solutions to help decarbonize crypto. If your company can help us advance solutions in this area, we encourage you to become a CCA Supporter. For more frequent updates on progress related to the CCA, check out the new CCA Medium.

5. Fostering interoperability of digital twins across tech and markets

Historically, power grids and electricity markets — and the technologies used to run them — were heavily fragmented and siloed. Important was locked away in proprietary systems. Customer enrollment in various utility programs, such as selling surplus solar energy to a grid operator or participating in a demand response program, was cumbersome and duplicative. Even worse, customer devices in some cases were prohibited from providing services in certain electricity markets, even if they technologically were able to do so. But those metaphorical walls are coming down, with new regulations such as FERC Order 2222 in the United States and a focus on customer-centric market design in the EU. The key to unlocking this new potential is with digital twins and ‘passports’ anchored to the Energy Web Chain.

This is just a snapshot of all the leading-edge work happening at Energy Web and among our global member community. Stay tuned for more updates and news in the weeks and months ahead!

Top 5 Ways Energy Web is Accelerating the Clean Energy Transition was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 21. April 2021

GLEIF

\#2 in the LEI Lightbulb Blog Series - Spotlight on China: A Nation Advancing LEI Usage Through Policy and Innovation

Significant advances are taking place right now in China relative to LEI adoption. Regulatory authorities within the region are proactively driving LEI usage and have set ambitious plans for substantial near-term increases in LEI volume. For those who missed it, the People’s Bank of China (PBOC) published an LEI implementation roadmap at the end of 2020, which looks ahead to 2022. This roadmap

Significant advances are taking place right now in China relative to LEI adoption. Regulatory authorities within the region are proactively driving LEI usage and have set ambitious plans for substantial near-term increases in LEI volume.

For those who missed it, the People’s Bank of China (PBOC) published an LEI implementation roadmap at the end of 2020, which looks ahead to 2022. This roadmap is part of the ‘One Belt One Road’ initiative, which is described in the following way on Wikipedia: ‘[…] incorporated into the Constitution of China in 2017. The Chinese government calls the initiative "a bid to enhance regional connectivity and embrace a brighter future."’ The roadmap unveils national plans to increase LEI issuance by a minimum of 170% between the end of 2020 (there were 37,000 active LEIs) and the end of 2022 (the target is a minimum LEI volume of 100,000).

In a separate but complementary development, just this month GLEIF has welcomed the news that the Chinese Financial Certification Authority (CFCA) has launched the first commercial demo of LEIs embedded within digital certificates. CFCA has simultaneously become the first Certification Authority to assume a Validation Agent role within the Global LEI System. This innovation from CFCA shows a further commitment from the Chinese market, this time to facilitating and promoting LEI issuance in digital certificates. It is hoped that CFCA’s early mover status on this front will act as a catalyst for other similar demos to emerge.

The combined sum of these two initiatives is significant. It shows an advanced level of proactivity from regulatory authorities within the region, which is driving LEI issuance to support financial services and banking ecosystems, simplify international trade and enhance digital identity across the region.

Understandably, GLEIF advocates these steps being taken to advance LEI adoption across China and applauds the foresight and proactivity of regulators. A commitment to boosting LEI issuance across such a vast region, will not only deliver benefits to Chinese market participants, but has the potential to motivate regulators across other countries and regions to follow suit. GLEIF certainly hopes that this is the case.

A more detailed summary of each initiative is given below.

China’s LEI Implementation Roadmap: 2020-2022

In Q4 2020, four financial regulators in China released a report detailing a roadmap for LEI implementation. The four organizations involved were: PBOC, the China Banking and Insurance Regulatory Commission (CBIRC), the China Securities Regulatory Commission (CSRC) and the State Administration of Foreign Exchange (SAFE).

The report, which is published in Chinese on the PBOC website, outlines the general objective of the roadmap and details key LEI implementation milestones over the next two years.

As stated in a Regulation Asia article, the intention of wide LEI implementation in China is to help the country connect with the international market, support China’s bid to open up its financial sector, and facilitate cross-border trade and financial transactions.

In line with a translation from the report on the PBOC website, GLEIF understands that the general objective of the roadmap is to establish a comprehensive LEI usage policy system across China’s financial system in line with international standards by the end of 2022. It envisions that the LEI will become an assisting tool for financial management authorities to maintain financial stability and implement financial supervision. It will become an important means for financial infrastructure, financial industry associations and financial institutions to carry out customer identification of legal persons involved in cross-border transactions. It will also become a corporate passport.

This is in line with the PBOC’s role as a member of the Regulatory Oversight Committee (ROC). The ROC aims to promote the broad public interests to improve the quality of data used in financial data reporting, improving the ability to monitor financial risk, and lowering regulatory reporting costs through the harmonization of these standards across jurisdictions.

A number of phase objectives are then outlined for Chinese authorities:

By end of 2020: total LEI volume in China mainland to reach 30,000, covering all financial institutions, member institutions of financial infrastructure and industry associations, and listed companies in China. Proposed LEI application rules in scenarios such as RMB cross-border payments, digital RMB cross-border business, qualified foreign institutional investor (QFII) and RMB qualified foreign institutional investor (RQFII) access, derivatives trading, securities trading, and listed company supervision. Establish a mechanism for mapping and updating LEI with the codes of financial institutions, unified social credit codes, and codes of information systems related to major financial infrastructure. By end of 2021: total LEI volume in China mainland reaches 50,000, with a focus on improving coverage among importers and exporters, trading enterprises, and non-financial enterprises involved in cross-border transactions. Proposed LEI application rules in areas such as the financial market transaction reporting system, credit rating, and application of special institutional codes by overseas institutions. Launch and operate the cross-border legal person information service and digital authentication platform to provide value-added LEI-based data services to financial management departments, financial infrastructure, financial industry associations and financial institutions. By end of 2022: total LEI volume in China mainland reaches 100,000. Continued improvements in coverage among non-financial enterprises involved in cross-border transactions. Use LEI in scenarios such as digital identification of cross-border legal persons. Establish a mechanism for commercially sustainable operation of LEI.


CFCA Paves the Way for Increased LEI Usage in Mass Market Digital Identity Products

CFCA has launched the first commercial demonstration of LEIs embedded within digital certificates. It has also become the first Certification Authority to act as a Validation Agent in the Global LEI System, streamlining LEI issuance with digital ID product and service provision.

These developments by CFCA follow the recent launch of the GLEIF CA Stakeholder Group, created as a platform for GLEIF to collaborate with CAs and Trust Service Providers (TSPs) on the coordination and promotion of a global approach to LEI usage across digital identity products. CFCA’s advances are significant because they are the earliest reported successes aligned to the direction of this industry initiative, which is aimed at achieving a critical mass of LEIs embedded within digital certificates.

Stephan Wolf, CEO of GLEIF comments: “This progress by CFCA on both fronts is very welcome as it moves us one step closer to broad LEI usage in digital certificates globally. Realizing the goal of universal LEI usage in digital identity products will be an important step in enhancing trust and creating innovation opportunities across private sector digital identity management applications. Digital certificates linked by an LEI to verified, regularly updated and freely available entity reference data held within the Global LEI System are easier to manage, aggregate and maintain. The result will be significant efficiencies and far less complexity for certificate owners and the provision of greater transparency for all users of the internet and participants within digital exchanges.”

For more details, please read the corresponding press release here.

The ‘LEI Lightbulb Blog Series’ from GLEIF aims to shine a light on the breadth of acceptance and advocacy for the LEI across the public and private sectors, geographies and use cases by highlighting which industry leaders, authorities and organizations are supportive of the LEI and for what purpose. By demonstrating how success derived from strong regulatory roots is giving rise to a ground swell of champions for further LEI regulation and voluntary LEI adoption across new and emerging applications, GLEIF hopes to educate on both the current and future potential value that ‘one global identity’ can deliver for businesses, regardless of sector, world-wide.


omidiyar Network

Statement from Omidyar Network on Derek Chauvin Verdict: The First Step to Justice

Eleven months after Derek Chauvin stole George Floyd’s final breaths, jurors took less than 11 hours to find Chauvin guilty on all three counts. The jury’s verdict shows that sometimes — but too rarely — justice can prevail, and it is very welcome, given the long history of acquittals that come before it. It does not, however, bring George Floyd back to life, nor the dozens of other unarmed

Eleven months after Derek Chauvin stole George Floyd’s final breaths, jurors took less than 11 hours to find Chauvin guilty on all three counts. The jury’s verdict shows that sometimes — but too rarely — justice can prevail, and it is very welcome, given the long history of acquittals that come before it.

It does not, however, bring George Floyd back to life, nor the dozens of other unarmed Black and Brown people who have been killed by the police since May 25, 2020. Since the trial began, police have killed at least 64 people, more than half of whom were Black or Latinx. Just 10 miles from the courthouse, Daunte Wright was shot dead, and across the Great Lakes in Chicago, police took the life of 13-year-old Adam Toledo in Chicago.

So, while we can briefly exhale today, we know there is so much work that remains to be done to build toward a more just system overall, so that outcomes like today’s are less exceptional.

Listening to the testimony during the trial reopened painful wounds that have been inflicted relentlessly since our country was founded and reflects the continued need for deep systemic change in our society. We know it won’t happen overnight, nor clearly in just one year, but it must happen. As George Floyd’s girlfriend, Courteney Ross, said, “Floyd was one man. George Floyd is a movement.”

And at Omidyar Network, while criminal justice reform is not one of our focus areas, there is a close link between economic injustice and racial violence. And between those two areas and true democracy. We know we will not bring about the kind of world we aspire to unless and until Black people are no longer trapped by systems that were intentionally created to lock them into poverty and strip them of voice and opportunity.

Last summer, we once again began a national racial justice reckoning, we looked deeply at our own systems and policies. We committed to become an anti-racist organization, and while we know we still have quite a long journey, we have taken the first of many steps. We gave more than $1 million to organizations fighting to protect and advance Black lives and another $4 million to organizations looking to reimagine our economy through a racial justice lens. Again, these are the first of many steps we are taking to live up to our commitment and we know there is so much more we can and must do until Black Lives Matter.

As Ibram X. Kendi wrote in How to Be Anti-Racist, “After taking this grueling journey to the dirt road of anti-racism, humanity can come upon the clearing of a potential future: an antiracist world in all its imperfect beauty. It can become real if we focus on power instead of people, if we focus on changing policy instead of groups of people. It’s possible if we overcome our cynicism about the permanence of racism.”

Statement from Omidyar Network on Derek Chauvin Verdict: The First Step to Justice was originally published in Omidyar Network on Medium, where people are continuing the conversation by highlighting and responding to this story.


Hyperledger Ursa

Why Distributed Ledger Technology (DLT) for Identity?

As we continue our pandemic journey that is 2021, more and more people are getting vaccinated against COVID-19. Once vaccinated, people are (finally!) able to do more “in the real... The post Why Distributed Ledger Technology (DLT) for Identity? appeared first on Hyperledger.

As we continue our pandemic journey that is 2021, more and more people are getting vaccinated against COVID-19. Once vaccinated, people are (finally!) able to do more “in the real world.” However, in some cases such as international travel, there is a need to prove that you have been vaccinated before you can participate. In the past, that proof has been accomplished in the form of the paper World Health Organization Carte Jaune/Yellow Card. But in our 21st century pandemic, a handwritten paper document is not particularly trusted. It’s just too easy to buy or make your own. The sudden, urgent need to be able to prove health information in a safe, privacy-preserving and secure way has brought the spotlight on the concept of verifiable credentials and, for Hyperledger, on the three identity-focused projects in the community, Indy (a distributed ledger for identity), Aries (data exchange protocols and implementations of agents for people, organizations and things), and Ursa (a cryptographic library underlying Indy and Aries).

While people understand that paper credentials are insufficient and that a trusted digital solution is needed, they don’t understand why verifiable credentials, or more generally, identity, works extremely well with distributed ledger technology (DLT)—a distributed database spread across multiple nodes, of which blockchain is an example. To be clear from the start, it is not to put the credentials on a public ledger so everyone can see them! We’ll reiterate that a lot in this post. No private data ever goes on the blockchain!!!

To understand why DLT is useful for identity, we need to go back to the basics—paper credentials, how that model has worked for 1000s of years, and how the use of DLTs with verifiable credentials allows us to transition the great parts—security and privacy—of that model to the digital age.


Since as far back as 450BC, people have used paper credentials to enable trusted identity. Legend has it that King Artixerxes of the Persian Empire signed and gave Nehemiah a paper “safe transit” authorization that he used in travels across the empire. People have been using such documents ever since. In technical terms, a credential is an attestation of qualification, competence, or authority issued to an entity (e.g., an individual or organization) by a third party with a relevant or de facto authority or assumed competence to do so. Examples of credentials issued to people include a driver’s license, a passport, an academic degree, proof-of-vaccination and so on. Credentials are also issued to companies, such as business registrations, building permits, and even health inspection certifications.

Examples of Paper Credentials
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0

A typical paper credential, say a driver’s license, is issued by a government authority (an issuer) after you prove to them who you are (usually in person using your passport or birth certificate) and that you are qualified to drive. You then hold this credential (usually in your wallet) and can use it elsewhere whenever you want—for example, to rent a car, to open a bank account or in a bar to show that you are old enough to drink. When you do that, you’re proving (or presenting) the credential to the verifier. The verifier inspects the physical document to decide if it is valid for the business purpose at hand. Note that in verifying the paper credential, the verifier does not call the issuer of the document. The transaction is only between the holder and the verifier. Further, it is the holder’s choice whether they want to share the piece of paper. If they want, they can keep it to themselves.

 

The Paper Credential Model
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0

Verification in the paper credential model (ideally) proves:

Who issued the credential.  That the credential was issued to the entity presenting it. That the claims have not been altered.

The caveat “ideally” is included because of the real possibility of forgery in the use of paper credentials. Back to our “proof-of-vaccination” problem.

Let’s see how the good parts of the paper credential model are retained in the verifiable credentials model. With verifiable credentials:

An authority decides you are eligible to receive a credential and issues you one. You hold your credential in your (digital) wallet—it does not go on the distributed ledger! At some point, a verifier asks you to prove the claims from one or more credentials. If you decide to share your data with the verifier, you provide a verifiable presentation to the verifier, proving the same three things as with the paper credentials. Plus: You may be able to prove one more thing—that the issued credentials have not been revoked.

As we’ll see, verifiable credentials and presentations are not simple documents that anyone can create. They are cryptographically constructed so that a presentation of the claims within a credential proves four attributes:

Who issued the credential–their identifier is part of the credential and they signed the credential. 

Who holds the credential–there is a cryptographic binding to the prover. The claims have not been altered–they were signed at the time of issuance. The credential has not been revoked.

Unlike a paper credential, those four attributes are evaluated not based on the judgment and expertise of the person looking at the credential, but rather by machine using cryptographic algorithms that are extremely difficult to forge. Like the paper credential, the verifier does not go back to the issuer to ask about the credential being presented. Only the prover and verifier, the participants in the interaction, need to know about the presentation. So where do the prover and verifier get the information they need for their transaction? We’re just getting to that…


The Verifiable Credentials Model
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0 

Compared to the paper credentials model, verifiable credentials are far more secure. When the cryptographic verification succeeds, the verifier can be certain of the validity of the data—those four attributes stemming from verifying the presentation. They are left only with the same question that paper credentials have—do I trust the issuer enough

So where does the DLT fit in?

Three of the four things that the verifier has to prove (listed above) involves published data from the issuer that has to be available in some trusted, public distributed place, a place that is not controlled by a central authority (hmm…sounds like a DLT!). In Indy and Aries, data published to a DLT is used to verify the credential without having to check with the issuer. In particular:

The verifier has to know who issued the credential based on an identifier and cryptographic signature. From the presentation, it gets an identifier for the issuer, looks it up on a DLT to get a public key associated with the issuer to verify the signature in the presentation. Thus, the identity of the issuer is known. The verifier has to verify that the claims data has not been altered by verifying a cryptographic signature across the data. Based on an identifier for the type of credential, the verifier gets from a DLT a set of public keys and verifies the signatures. Thus, the verifier knows no one has tampered with the claims data. The issuer periodically updates a revocation registry on a DLT indicating the credentials that have been revoked. If the holder’s credential is revoked, they are unable to create a proof of non-revocation (yes, that’s a double negative…). If the holder can generate that proof, the verifier can check it. Thus, the verifier knows the credential has not been revoked.

The fourth attribute (the binding of the credential to the holder) in Indy is done using some privacy-preserving cryptographic magic (called a Zero Knowledge Proof) that prevents having a unique identifier for the holder or credential being given to the verifier. Thus, no PII is needed for sharing trusted data.

So why DLT? First, we can get the good parts of paper credentials—private transactions between holders and verifiers and no callback to the issuer. Second, the issuer gets a trusted, open and transparent way to publish the cryptographic material needed for those private holder-verifier transactions. Third, there is no need to have a “Trusted Third Party” participating in the interactions.

And did I mention, no private data goes on the DLT!!! 

Hyperledger Indy, Aries and Ursa are enabling this approach to “self-sovereign identity” in a big way,  bringing about a new layer of trust on the Internet that will let us preserve our privacy and give us control over our identity and data—where it belongs. There is a lot to learn. If you’re curious, a great place to start is this Linux Foundation edX course.

Cover image by Nick Youngson CC BY-SA 3.0 Alpha Stock Images

The post Why Distributed Ledger Technology (DLT) for Identity? appeared first on Hyperledger.


Digital Identity NZ

April newsletter: Words from new ED

This is my first newsletter as the new Executive Director for DINZ and the very first thing I’d like to do is thank Andrew Weaver, our outgoing ED, for his tremendous leadership throughout our establishment phase and to wish him all the very, very best on the next stage of his journey. Andrew has worked … Continue reading "April newsletter: Words from new ED" The post April newsletter: Words fro

This is my first newsletter as the new Executive Director for DINZ and the very first thing I’d like to do is thank Andrew Weaver, our outgoing ED, for his tremendous leadership throughout our establishment phase and to wish him all the very, very best on the next stage of his journey. Andrew has worked tirelessly over the last two and a half years to ensure we are working towards a world where people can safely express their identity to fully participate in the digital economy and society overall. 
 
Good luck Andrew and all the best. E te rangatira, tēnā rawa atu koe. Kia pai te haere
 
I’d also like to reflect a little on why I feel so privileged to have been offered the opportunity to take up this role.
 
Clearly, we are living in an age of unprecedented advances across a broad range of technologies, not just in digital but in biotech, in engineering, in pharmaceuticals, in energy, in advanced materials, in 3-D printing, in nanotech, in robotics; the list is a very long one!
 
If you are familiar with work from the likes of Peter Diamandis (co-founder of Singularity University and X-Prize), Jeremy Rifkin (of the zero marginal cost society fame) and Salim Ismail (author of Exponential Organisations) you will be aware that they evangelise a coming age of abundance, driven by the mass adoption of these advancing technologies.
 
However, anyone who’s read or listened to Erik Brynjolfsson and Andrew McAfee around what they call The Great Decoupling, will be aware that access to this abundance has not been equitable to date, and that the technology-driven rise in labour productivity seen in the last few years has not been matched by an equivalent rise in prosperity for the majority of people.
 
To me it is very clear that equitable access to technology is the key driver in ensuring that the benefits of a tech-driven age of abundance can be provided to all people, not just the lucky few. It is also very clear to me that digital identity is at the very heart of ensuring that equitable access.

Ngā Mihi,

Michael Murphy
Executive Director
Digital Identity New Zealand

To receive our full newsletter including additional industry updates and information, subscribe now

The post April newsletter: Words from new ED appeared first on Digital Identity New Zealand.

Tuesday, 20. April 2021

DIF Medium

Sidetree Protocol reaches V1

The DIF Steering Committee has approved the first major release of the Sidetree Protocol specification, “v1” so to speak. Here is a snapshot of the four companies and four implementations that stretched and built the specification. Scalable, Flexible Infrastructure for Decentralized Identity This week, the DIF Steering Committee officially approved the first major release of the Sidetree Protoco

The DIF Steering Committee has approved the first major release of the Sidetree Protocol specification, “v1” so to speak. Here is a snapshot of the four companies and four implementations that stretched and built the specification.

Scalable, Flexible Infrastructure for Decentralized Identity

This week, the DIF Steering Committee officially approved the first major release of the Sidetree Protocol specification, “v1” so to speak. This protocol has already been implemented, and four of its implementers have been collaborating intensively for over a year on expanding and extending this specification together.

What exactly is a “Sidetree”?

Sidetree is a protocol that extends “decentralized identifiers” (DIDs), one of the core building blocks of decentralized identity. Decentralized identifiers (DIDs) enable a person or entity to securely and directly “anchor” their data-sharing activities to a shared ledger, secured by cryptography. The first generation of DID systems accomplished this with a 1-to-1 relationship between “blockchain addresses” (cryptographic identities) and the more flexible, powerful addresses called DIDs. These latter functioned as privacy-preserving extensions of the blockchain addresses to which they were closely coupled. In this way, each DID effortlessly inherited the formidable security guarantees of those blockchains — but in many cases, they also inherited scalability problems and economic models that were a bad fit for many DID use-cases.

Sidetree is a systematic, carefully-engineered protocol that loosens that coupling between anchor-points on a distributed data system (usually a blockchain) and the DID networks anchored to them. Crucially, it replaces the 1-to-1 relationship with a 1-to-many relationship, pooling resources and security guarantees. Depending on the use-case and implementation strategies chosen, the protocol can optimize for scalable performance, for developer-friendly ergonomics and SDKs, for the portability of DIDs and networks of DIDs across multiple anchoring systems, and even fo