Re: Proposal for UNHCR demo

On Tue, 14 Mar 2017 at 11:20 Joe Andrieu <joe@joeandrieu.com> wrote:

> What gave you the idea that Joram's life is unimportant?
>

I don't know Joram, but i've cared for people with diabetes ensuring they
get sugar as soon as humanly possible so the fluid in their eyes isn't
affected by a 'low' and they're able to see for the rest of the day.  I can
go into other diabetes related use-cases, but overall i was concerned about
the clinical accuracy of the statements made with regard to his medical
circumstance (and with family who was involved with fostering pathology
service ubiquity, was affected by it.).


>
> More to the point, what language in the model do you feel trivializes the
> refugee experience at any step?
>

see:
https://digital.library.adelaide.edu.au/dspace/bitstream/2440/44200/1/hdl_44200.pdf
http://unhcr.org.au/wp-content/uploads/2015/05/11June2013_ManusMonitoringVisit.pdf
http://www.abc.net.au/lateline/content/2015/s4403464.htm

As noted; clinical clarification on the implications of diabetes if treated
in the manner outlined by your document (upon the time i reviewed it) would
assist in better responding to your question.


> The whole point of the medical emergency is that, in fact, Joram's life
> depends on adequate care and these needs must not be trivialized.
>
> If it feels real, then we are succeeding. If it feels like trivialization,
> I'd like to address it.
>

I am not a medical professional and as such i think it would be wrong for
me to outline the clinical implications of the process outlined using the
concept of diabetes as a influencing factor to the production and later
sale of credentialing related products (and indeed identity ecosystems).


>
> That said, removing the real-world life threatening aspects of the
> engagement model isn't an option. The point is to be clear that lives
> literally hang in the balance as we design these systems.
>

I have not suggested at all that you remove the 'life threatening' aspects:
https://lists.w3.org/Archives/Public/public-credentials/2017Mar/0011.html


>
> We'd love to have conversations with individuals actually working with
> refugees in these situations and we have reached out to several for input.
> If you know people who could provide feedback, I'd appreciate an
> introduction.
>

yes i do.  and i have some experts speaking (ie:
https://en.wikipedia.org/wiki/Andrew_MacLeod ) in addition to Pia Waugh
(currently working with AusTrac
https://en.wikipedia.org/wiki/Australian_Transaction_Reports_and_Analysis_Centre
) and nigel phair (http://www.canberra.edu.au/cis/aboutcis/people/ ) at the
event i flagged with the group some months ago now,
http://www.trustfactory.org/ (please feel welcomed to come along - it's
being delivered as part of the broader event surrounding www2017 in Perth )
also have expertise in related areas.

I think more importantly than the 'stage time' is the opportunity to have a
good chat about important issues as a result of having brought these people
together on a basis of shared values.

Others (who cannot make it) such as
https://en.wikipedia.org/wiki/Julian_Burnside i will ask to provide some
feedback ASAP (likely after the event).


>
> Also, to clarify, the Joram 1.0.0 paper is an output of the Rebooting Web
> of Trust III design workshop, which I suggested as a potential input to the
> Verifiable Claims use case document. It is, in effect, what I think you
> mean be a complex user story.
>
> I'm sure the group would entertain any contributions you might have.
>

so long as i'm entertaining ;)


>
> -j
>
> Tim.H.

>
> Sent on my Samsung Galaxy S7 edge.
>
> -------- Original message --------
> From: Timothy Holborn <timothy.holborn@gmail.com>
> Date: 3/13/17 4:52 PM (GMT-08:00)
> To: Joe Andrieu <joe@joeandrieu.com>, Credentials Community Group <
> public-credentials@w3.org>
> Subject: Re: Proposal for UNHCR demo
>
> IMHO - put in big red writing somewhere that the diabetes thing needs to
> be scrapped.  The story looked like it may be based on a true story, and
> therein (with what medical information i know about) i was questioning
> myself - which takes away from the purpose of the doc.
>
> I like the underlying intent; yet, i would not want to trivialise the
> issues experienced by those with a serious medical condition by suggesting
> an understanding of their lives is not important.
>
> How about we start by defining a few complex user-stories?
>
> I'll see if i can find some help around the issues experienced in
> accelerating / improving the circumstances of refugees quickly and
> effectively.
>
> Therefore; ideas,
>
> - Refugee processing
> - Human Trafficking
> - Modern Slavery (inc. those involving sex services)
> - Police Records Systems (asymmetric institutional systems may have
> erroneous information causing public harm to both law-enforcement operators
> and citizens)
> - Fake News (classification of news, ability to identify one line of text
> that is a false-fact in an otherwise good piece of journalism, et.al.)
>
> Another i've started looking at is 'web side worlds' which pertains to
> Augmented Reality and related new device / application type markets
>
> We could therein flesh-out the semantic nature of multi-faceted use-cases
> pertaining to the design-implications of these systems (and are likely to
> also better clarify the nature of the underlying identity problems that to
> some-degree, i think, are out of scope).
>
> We could look to establish stakeholder engagement on each of the complex
> areas and identify groups in civil society who are willing to work with us
> to address complex societal issues through a narrative that helps convene
> more stakeholders in addressing societal needs and implicit ecosystems
> therein.
>
> On Tue, 14 Mar 2017 at 10:34 Joe Andrieu <joe@joeandrieu.com> wrote:
>
> It is fictional, but we agree. We initially had an infection that needed
> penicillin, but switched to diabetes because we wanted a longer period of
> ongoing medical support in a life or death situation. We're open to
> suggestions for making that more realistic.
>
>
> On Mon, Mar 13, 2017, at 04:31 PM, Timothy Holborn wrote:
>
> Is this based on a true story?   My experience of people with diabetes
> (certainly type 1) is that insulin dependence is not an optional, they'd
> simply feel better type of situation. life of death from my experience, and
> if the patient becomes insulin dependent in type 2 - i'd imagine it's very
> much the same...
>
> On Tue, 14 Mar 2017 at 04:22 Joe Andrieu <joe@joeandrieu.com> wrote:
>
>
> Manu,
>
> Here are my thoughts after our call last week about the RWoT demo.
>
> The Joram 1.0.0 Engagement Model
> https://docs.google.com/document/d/1GLejHAyOGcFZMDH23VpBK5as_474gt1tdYZIWkHm7c0/edit?usp=sharing,
> currently in draft, is an attempt to describe the human interactions when a
> Syrian refugee works his way through Greece, with an eye to descripting
> requirements for a self-sovereign identity system. It is an early step to
> formally understand how to support UN SDG 16.9. For simplicity, I'll refer
> to this as the UNHCR use case.
>
> Perhaps the key challenge in this use case is the lack of technology owned
> or controlled by the typical refugee. In the engagement model, we assume
> that the stewards--not the refugee--have access to a physical device
> connected to the Internet, which is capable of properly accessing a
> yet-to-be-defined Distributed Data Store. Conceptually, this is just a
> smart phone.
>
> The big question for us: can this engagement model be realized with
> verifiable claims? What would VC need to support it?
>
> The immediate question is: can we modify or configure Digital Bazaar's
> digital wallet to provide a UNHCR experiential demo at Rebooting Web of
> Trust IV in Paris?
>
> To demonstrate Joram in a credible way, I think there are two keys we'd
> need to demonstrate:
>
> 1. The use of a QR coded bracelet and pin as the refugee's identification
> and authentication mechanism, enabling the refugee to selectively share
> specific proofs/attributes with stewards.
>
> 2. The storing of the digital trail of non-repudiable observations,
> accessible via the authentication and selection mechanism in #2.
>
> And specifically, for the wallet you showed us in our call, I think we'll
> need:
>
> 3. A change in the mental model of the wallet-device relationship. The
> current wallet software assumes the controller of the device is the
> controller of the wallet. In the UNHCR case, the device is controlled by
> the steward, so linking to a wallet--which is controlled by the
> refugee--should not form a long term permission for control over the
> wallet, but rather provide a mechanism for the transfer of specific
> attributes to the steward's system.
>
> The strawman we've been working with includes a few core assumptions:
> 1. Steward software adheres to a recognized standard authentication
> ceremony. This ceremony includes having the subject (1) unlock the dataset
> with a pin, (2) manage selective disclosure of the dataset, and (3) record
> the access in the data store with a photo of the refugee. In other words,
> we are trusting the software to act to a standard and for stewards to use
> non-compromised devices.
>
> 2. We're ok with access to the underlying datastore being
> provisioned/permissioned based on UN criteria, and are comfortable with the
> UN managing consensus and permissioning of steward organizations. We don't
> need to resolve the question of how to implement the engagement model in an
> open public ledger, because we see significant benefit in the UN's role
> establishing rules of governance and monitoring participants for bad
> behavior.
>
> 3. Our mental model for the datastore is not cards in the sense of
> Information Cards or loyalty cards, but rather an accumulated context of
> non-repudiable observations, which can be selectively presented by the
> subject. The key to us is that any participant can write an observation
> about a subject, and the subject controls which attributes are shared with
> which recipients.
>
> While we are pushing towards a user-driven or self-sovereign approach, our
> particular scenario is fine with the role the UN--as a collective
> collaborative governing body--establishing who can read/write to the data
> store and how bad actors are policed and the resulting dataset is
> granularly composable by distinct sharing ceremonies.
>
> Proposal for the demo:
> 1. Issue participants a bracelet with a unique QR code
> 2. Associate a photo with that QR code
> 3. Associate a user-selected PIN with that QR code
> 4. Create several interactions where the bracelet + PIN + a photo check
> (performed by the steward) authenticate the participant for access to
> services. Ideas for interactions:
>     a. entrance to the event
>     b. getting food
>     c. giving a talk
>     d. drink tickets
> 5. As a bit of theater:
>      a. an intake scenario of Joram at the beach, taken to UN intake
> officer, linking the participants experience to Joram
>      b. at the end, "accuse" a participant of a transgression, for which
> the history of interactions provides evidence refuting their guilt.
>
> I'm not sure how much of that is feasible given the timeframe, but if we
> can make a good pass at something like this, it would provide a catalyst
> for discussion of best practices when the subject and/or controller of a
> claim lacks the technology to manage their own keys, but does have the
> moral and legal authority to manage consent and disclosure.
>
> -j
>
> --
> Joe Andrieu, PMP
> joe@joeandrieu.com
> +1(805)705-8651 <+1%20805-705-8651>
> http://blog.joeandrieu.com
>
>
> --
> Joe Andrieu, PMP
> joe@joeandrieu.com
> +1(805)705-8651 <+1%20805-705-8651>
> http://blog.joeandrieu.com
>
>