W3C home > Mailing lists > Public > public-credentials@w3.org > June 2017

Re: First pass at CG naming goals and restrictions google doc

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Fri, 02 Jun 2017 03:07:04 +0000
Message-ID: <CAM1Sok0z5QwQJb-MqhcL7EWxeMX_VfU1iBFov2UPr7QKBXritQ@mail.gmail.com>
To: Natalie Smolenski <nsmolenski@learningmachine.com>, Kim Hamilton Duffy <kim@learningmachine.com>
Cc: Christopher Allen <ChristopherA@blockstream.com>, Adrian Gropper <agropper@healthurl.com>, Credentials CG <public-credentials@w3.org>, Kim Hamilton <kimdhamilton@gmail.com>, Philip Sheldrake <philip@eulerpartners.com>
Hi Natelie,

welcome.

I'm still sifting through christopher allan's email and links; in addition
to broader considerations.

On Fri, 2 Jun 2017 at 06:37 Natalie Smolenski <
nsmolenski@learningmachine.com> wrote:

> Hello CG team!
>
> It is very good to meet you. My colleague Kim mentioned to me that the
> term "self-sovereign identity" is under debate at the W3C and invited me to
> share a few thoughts, which are informed by my own social
> scientific/historical perspective. They may or may not be helpful to
> you--in any case, I'm sending for your consideration.
>
> In my view, we are in the midst of a broad cultural shift from "rights
> discourse" to "sovereignty discourse." This has to do with the collapse and
> transformation of the post-WW2 global order, which was characterized by
> international institutions using the language of "human rights" to, through
> cooperation, enshrine progressive policies in law and prevent a repeat of
> the atrocities of the Second World War.
>

Yes.  The most significant of the documents produced and announced by
Eleanor Roosevelt[1] was the Universal Declaration of Human Rights [2],
noting that at the time the concept of 'personhood'[3] provided lesser
consideration for people of different race, colour or gender; and whilst
variations exist in different 'sovereign jurisdictions', as continues to be
the case today; the document, the UDHR, notates in several areas the
concept of 'dignity' of which is further explained in latter articles of
the same document to include various considerations inclusive to that of
the utility of the 'privacy' considerations in particular forms or
circumstance.

In ~1978, works around privacy developed further and the works by the OECD
are amongst the most notable considerations therein[4]

[1] http://www.unmultimedia.org/avlibrary/asset/C100/C1007/
[2] http://www.un.org/en/universal-declaration-human-rights/
[3]  https://www.youtube.com/watch?v=0HJRkwBOkdw
[4]
https://www.oecd.org/sti/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm


For various historical reasons which I won't go into here, but which
> include the lack of agreement upon what exactly a "right" is or what
> specific rights are, how rights are socially constituted and enforced, and
> the questionable human rights records of countries functioning publicly as
> proponents of human rights, rights language began to lose momentum in favor
> of alternative discourses of emancipation and empowerment.
>

The formation of UN Resolutions does not necessarily mean every region
becomes a signatory to those charters.  A notable example is the convention
of the rights of the child[5][6]

[5] http://www.ohchr.org/EN/ProfessionalInterest/Pages/CRC.aspx
[6]
https://treaties.un.org/Pages/ViewDetails.aspx?src=TREATY&mtdsg_no=IV-11&chapter=4&lang=e
n

However; even where conventions / treaties have been agreed to; the means
in which enforcement of that instrument is made available to citizens
varies. Of particular importance is the need for an individual to have the
means in which to support the burden of evidence[7] and in-turn, be
provided or have means to take said evidence to a court-of-law that
pertains to the person/citizen, for consideration.

This is often becoming more difficult as computerised systems accumulate
data for the benefit of the operator of the website (generally a
corporation of some form, often with a contract notating the 'choice of
law' for use of that website) and not of its 'consumers'.

[7] http://legal-dictionary.thefreedictionary.com/Burden+of+evidence


> As part of this shift, the language of sovereignty was resurrected. It is
> an old term, considered by political theologians for millennia. Yet in the
> contemporary context it carries new connotations derived from the
> Westphalian nation-state system: nations are presumed to be sovereign, and
> "national sovereignty" is a phrase with which many people are familiar. The
> debate about the Iraq War, for example, revolved preeminently around the
> question of whether violating national sovereignty is permissible under
> international law if the rights of that nation's citizens are being
> trampled (which was one of the justifications for war given by its
> supporters).
>

Human Rights doctrine as developed through the United Nations have
different means of enforcement in different regions, the variation between
locations such as Europe, the UK[8] and the United States being a notable
example even though people of all regions have participated in promoting
these declarations.

I also believe some variations exist with respect to the rights of citizens
when a country is operating in a status of war.  I think the US may still
be at war, in the 'war against terror'.  From memory, some of the rights of
citizens change when a region is at war.  However i'm not sure of the
details...

[8] https://www.youtube.com/watch?v=pRGhrYmUjU4
[9] https://www.youtube.com/watch?v=aiFIu_z4dM8


>
> While nations are presumed to be sovereign, the individual is not. This
> has serious implications for how privacy is considered. In the US context,
> the strongest constitutional protection of privacy, the fourth amendment
> protection against unreasonable search and seizure, used to be protected by
> the requirement that searches be conducted only upon the issuance of a
> warrant, and that could only occur with probable cause. Today, post war on
> terror, probable cause is found in the diffuse, ambient threats to
> "national security" which are presumed to be omnipresent and everpresent.
> In other words, "threat" has become a theological structure, a type of
> anti-god, which can be matched only by equally pervasive surveillance
> technology which is so sophisticated that surveillance is now simply the
> default state everywhere. This is the new political theology, an Ahura
> Mazda battling Ahriman in the contemporary age.
>
> In such a context, the assertion of *individual* self-sovereignty does
> work that no other terminology does.
>

I think the assertion that the terminology seeks to provide work / auspice;
but that it does not necessarily do so, is a better epidemiological
construct.


> It immediately forces a comparison between the rights of individuals and
> the rights of a nation in a way that produces generative ideological
> friction for those who had never considered sovereignty as anything but the
> prerogative of the state. Moreover, it also forces a confrontation with the
> new digital "personalities of a higher order"--the Googles, ISP's,
> Facebooks, and other massive platform providers--whose sovereignties run
> orthogonally to, and often undergird, that of nation-states.
>

Humanity has never required the engineering of a sophistocated,
electronically networkable construct of human identity, incorporating
machine-readable (and networkable) identifiers, content, relationship
constructs and other faceted informatics as to provide the means for
interactions about enumerate facets pertaining to existence, as notated (in
an often asymmetrical fashion) for the purpose of governance in the setting
of 'persona ficta' as agent.

Whether it be for commercial, civil works (ie: law-enforcement, political
purpose, etc.) or malfeasance; these first ~30 years of a networked society
have brought with them the invention of an identity construct that has a
particular series of characteristics, commonly applied to almost every
(RDBMS based) online solution; and i think it is almost universally
agreed...

as may be colloquially stated, it would be nice to store the data that's
being produced by my "fit bit". (assuming the articles/contract of sale
actually transfer ownership of that IoT device to the purchaser?)


>
> In short, restoring a measure of individual autonomy and invisibility in
> light of such power structures needs a language stronger than that of
> rights. Rights, after all, have long been ideologically appropriated for
> corporate persons, particularly in the US context.
>

Yes.  But if rather than 'privacy preserving'  the concept of 'dignity
preserving' were better utilised, then perhaps the nature of the debate may
be more 'honest' in nature...  understanding, the leaders of that debate
have intentionally and purposefully, in exchange of financial renumeration,
produced a particular series of outcomes that are of concern to many.
 (unfortunately still, not enough for most to do much about it).



> On the other hand, using the language of sovereignty affords an
> opportunity to be taken seriously across the political spectrum, and it
> spurs thinking because people encounter it without believing they already
> understand what it means. The meaning of the term sovereignty is, of
> course, not self-evident, and will be contested. However, the digital arena
> offers a "leading edge" of experimentation and refactoring of traditional
> understandings of political subjectivity. How they get worked out and
> implemented digitally will have potentially salutary--or deeply
> hindering--effects for analog political structures.
>

I commend the purpose; but question the idea that the term 'sovereignty'
can be 'acquired' from the minds of our political leaders as to force upon
them as engineers a new definition.  Most don't say 'smart phone' they say
'iPhone'.  They say 'the world wide web', more than a decade after it's
been produced.

politicians like to get elected.  They're advised about 'national security
threats' in secret, and the works of the public service - well, i think
often the people who work in the public service can be amongst the most
threatened by the idea of accountability.

To get what i think we're all looking to get done; this isn't simple stuff
and the enumerate number of attack vectors is daunting.  W3C is purely a
web-standards authority designed to facilitate works via the CG as a way to
'incubate ideas' that may be later taken-up by its membership (which are
all companies, the individual membership work attempted
https://www.w3.org/wiki/Webizen  effectively failed) who in-turn empower
those works by way of awarding agreed technical outcomes free use of 'their
intellectual property' or 'patents'.

The role of W3C is very important; but the work cannot be solely
facilitated within this community, particularly in circumstance where the
organisation is yet unable to obtain a series of endorsed statements by its
membership groups (who have far more human resource gusto than we do) to
forge a signatory base similar to that produced for AI[10] of parties who
declare their commitment to the development of technological means that
provide identity, that provide data about human experience, persona,
existence, qualities, attributions; et.al.  that the companies who have
cookies embedded in our alphabet suggest[11]; the problem is known, and
indeed - something that can be solved.  Indeed if the data stored by google
drive were provided a different terms of service to the applications
provided by google; that would be a step forward.

If different choices were made about the 'privacy settings' for facebook;
that could also be a step forward, but those decisions are not being made.
It's not that the people working in these companies are not intelligent
enough to know these sorts of things are problems; indeed, if success if
found in these sorts of initiatives - they'll be on stage as the new-found
leaders of this new and exciting era.

A great test / usecase = death.

Imagine you know you're going to die.  You have all your data online, your
photos, the interactions with others; your emails, your documents. the
things that make-up part of who you are, the things that make-up the works
you have been doing, the way, as an actor, you've been making decisions
about the way in which to share things; whom to, etc. etc.

Now your mission is; to collect all those things, like you're leaving a
well-organised series of papers left in a filing cabinet or desk; like
you're leaving your photos from the albums; but now, they're all online.

Collect all your things and without the need for a credit-card, figure out
how to get, publish and leave in a manner that will be available for 1
year, 2 years, 5 years, 10 years...  how about 100 years so future
generations can look back at this wealth of data that denotes the
technological revolution of our time...

or more-over; realise that you likely don't know how to easily give someone
all your passwords, that its kinda impossible to figure out how you can,
even if you wanted to, figure out how to leave all these works to be shared
for future generations in a manner that you can define yourself.  For the
most part, services pertaining your viewing history about the films, music
and other media you enjoyed; if those services require a credit card?
 it'll be online for maybe a month, maybe a year..

the only history that will be told is that which has been approved by
institutions, as the data created about the experiences of man, as
communicated via our web; well, it's not actually owned by the people.  we
are its resources.

Tim.H.

[10] https://futureoflife.org/ai-open-letter/
[11] https://abc.xyz/


>
> Best regards,
>
>
> --
> Natalie Smolenski
> Learning Machine
> *www.learningmachine.com <http://www.learningmachine.com/>*
> (469) 930-4189
>
>
> On Thu, Jun 1, 2017 at 2:44 PM, Kim Hamilton Duffy <
> kim@learningmachine.com> wrote:
>
>> Adding Natalie Smolenski (mentioned below) to the thread.
>>
>>
>> On Wed, May 31, 2017 at 11:06 PM Timothy Holborn <
>> timothy.holborn@gmail.com> wrote:
>>
>>> I will review the above (with thanks) and get back to you asap.
>>>
>>> FYI also: http://standards.ieee.org/news/2017/digital_inclusion.html
>>>
>>> Tim.h.
>>>
>>>
>>> On Thu., 1 Jun. 2017, 3:58 pm Christopher Allen, <
>>> ChristopherA@blockstream.com> wrote:
>>>
>>>> I worked very hard reviewing various terminology alternatives before
>>>> deciding to use the term “self-sovereign identity” for our technology — I
>>>> wrote about the decision process as well about 10 initial principles of
>>>> self-sovereign identity at
>>>> http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html
>>>> which was also republished by Coindesk.
>>>>
>>>> A key point about the choice of the word “sovereign” is that in the
>>>> legal history of the term, sovereign always has edges — a nation is
>>>> sovereign to its borders, but not further. For individuals, “the right to
>>>> swing your arm ends just where the other man’s nose begins” is also a very
>>>> old concept. (That, and some other choice quotes is at
>>>> https://www.slideshare.net/ChristopherA/collection-of-economic-freedom-quotes-curated-by-christopher-allen
>>>> ) Natalie Smolenski wrote about this a bit in
>>>> https://medium.com/learning-machine-blog/identity-and-digital-self-sovereignty-1f3faab7d9e3
>>>> where she talks about sovereignty on the high seas. I personally believe we
>>>> currently are in a major historical age of renegotiation of what
>>>> sovereignty means — in the past this has been from war leaders to barons,
>>>> barons to feudalism, cities to nations, multi-nationals, toward today where
>>>> everything is being re-thought (EU -> Brexit -> Scottish Independence ->
>>>> Gloucester’s worries about Edinburgh is a great example).
>>>>
>>>> The biggest objection to the term was that there are some conservative
>>>> protesters and kooks that object to the sovereignty of nation states
>>>> entirely, which is called the “sovereign citizen movement” ( see
>>>> https://en.wikipedia.org/wiki/Sovereign_citizen_movement ) — the
>>>> arguments against that particular corruption of the word were compelling,
>>>> however, in the end I decided, partly on the basis of the suggestion in a
>>>> podcast by a professional comic that said lean into the emotions of words,
>>>> to use “self-sovereign identity”. This proved to work quite well, starting
>>>> at the ID2020 conference at the United Nations, where they were quite
>>>> compelled by the name because in the UN’s POV, identity is a human right,
>>>> not a nation-state process. Today google reports that are over 11,000
>>>> references to the phrase “self-sovereign identity”.
>>>>
>>>> Some of the better links:
>>>>
>>>>
>>>> http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html
>>>>
>>>> https://bitsonblocks.net/2017/05/17/a-gentle-introduction-to-self-sovereign-identity/
>>>> http://www.windley.com/archives/2016/08/an_internet_for_identity.shtml
>>>>
>>>> https://medium.com/learning-machine-blog/identity-and-digital-self-sovereignty-1f3faab7d9e3
>>>> http://www.windley.com/archives/2016/10/on_sovereignty.shtml
>>>>
>>>> https://github.com/jandrieu/rebooting-the-web-of-trust-fall2016/raw/master/topics-and-advance-readings/a-technology-free-definition-of-self-sovereign-identity.pdf
>>>>
>>>> http://www.windley.com/archives/2016/05/why_companies_need_self-sovereign_identity.shtml
>>>>
>>>> http://www.linuxjournal.com/content/doing-user-space-what-we-did-kernel-space
>>>>
>>>> https://www.sovrin.org/The%20Inevitable%20Rise%20of%20Self-Sovereign%20Identity.pdf
>>>> http://essay.utwente.nl/71274/1/Baars_MA_BMS.pdf
>>>>
>>>> http://www.ibtimes.co.uk/self-sovereign-identity-cornerstone-blockchain-internet-1609550
>>>>
>>>> https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/Schutte-on-SSI.md
>>>>
>>>> There are many other terms in the past (see my original article) but my
>>>> hope is that self-sovereign is less corruptible than terms like
>>>> “user-centric identity” were in the past.
>>>>
>>>> — Christopher Allen
>>>>
>>>> --
>> Kim Hamilton Duffy
>> Principal Engineer | Learning Machine + MIT Media Lab
>> 400 Main Street Building E19-732, Cambridge, MA 02139
>> 12001 N. Central Expy, Suite 1025, Dallas, TX 75243
>>
>> kim@learningmachine.com | kimhd@mit.edu
>> 425-652-0150 <(425)%20652-0150> | LearningMachine.com
>>
>
>
Received on Friday, 2 June 2017 03:07:53 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:38 UTC