W3C home > Mailing lists > Public > public-credentials@w3.org > May 2017

Re: First pass at CG naming goals and restrictions google doc

From: Philip Sheldrake <philip@eulerpartners.com>
Date: Wed, 31 May 2017 14:07:19 +0100
Message-ID: <CAD0eYd5zJy3q6QR26cJ=sCKdk4ocqx7_LjCbWa_pS52FBHFmiA@mail.gmail.com>
To: Adrian Gropper <agropper@healthurl.com>, Kim Hamilton <kimdhamilton@gmail.com>, Timothy Holborn <timothy.holborn@gmail.com>, Credentials CG <public-credentials@w3.org>
Thanks for cc’ing Adrian.

I don’t have any feedback on the possible names, but I’d like to see if I
can help scope what such labels might need to encompass. Forgive me if I’m
repeating anything that’s gone before.

My main thrust is the expansion of the social and legal definition of the
individual. I can get there via a look at our understanding of privacy.

Solove (2008) describes privacy as a concept in disarray. Floridi (2005)
identifies two popular theoretical approaches: the reductionist
interpretation, whereby the goal is minimisation of the costs of privacy
breaches; and the ownership interpretation, whereby informational privacy
is elevated under the aegis of one’s rights to bodily security and property
(i.e. the right to exclusive use). The first is criticised for its failure
to grapple qualitatively with the societal costs of privacy (by corollary,
the value of privacy ‘breach’). The latter has proved more durable, both in
terms of legal property and the right to exclusive use, but also falls
short:

   - informational contamination, such as junkmail and loud and intrusive
   chatter
   - public contexts (socially, physically and informationally) in which
   privacy norms still exist without any concept of ownership; e.g. the right
   not to have the contents of your packed lunch logged even though you eat it
   in plain sight
   - lossless acquisition (or usage) – the fact that information can be
   reproduced without the individual losing it.


And so ... “Informational privacy requires [a] radical re-interpretation,
one that takes into account the essentially informational nature of human
beings and of their operations as informational social agents. *Such
re-interpretation is achieved by considering each person as constituted by
his or her information, and hence by understanding a breach of one’s
informational privacy as a form of aggression towards one’s personal
identity*” (Floridi 2005).

Floridi posits “you are your information”, with “no difference between
one’s informational sphere and one’s personal identity,” thereby avoiding
the first challenge to the ownership-based interpretation (informational
contamination) under existing norms – “anything done to your information is
done to you, not to your belongings.” What was previously a trespass of
space becomes a kidnapping or unauthorised cloning, thereby circumventing
the second challenge (public contexts) in which a trespass could not be
claimed. The third and final challenge is rendered redundant when what was
formerly my is now me, “a sense of constitutive belonging, not of external
ownership.”

If this sounds a little odd Floridi points out the common term for the
unauthorised and malicious acquisition of substantial personal information;
identity theft. It is also supported by Heersmink’s cognitive theory
research (2016). He concludes that *personal identity must be seen as an
environmentally-distributed and relational construct rather than merely a
psychological or biological phenomenon*. Heersmink quotes Clark (2007):
“our best tools and technologies literally become us: the human self
emerges as a ‘soft self’, a constantly negotiable collection of resources
easily able to straddle and criss-cross the boundaries between biology and
artifact.” And yet Clark also cautions that with such new modalities come
new possibilities for coercion and subjugation. The sooner then that we
redefine the individual the sooner we can re-project existing norms, law,
politics, and morality.

Wiener anticipated this informational, cyber extension of ourselves (1950):
“… where a man’s word goes, and where his power of perception goes, to that
point his control and in a sense his physical existence is extended. To see
and to give commands to the whole world is almost the same as being
everywhere.”

Two thirds of a century later it seems almost timid then *to define the
individual here as an agencement (assembling) being of the biological,
psychological, informational, and interfacial*. I recognise that *who I am*
is in constant flux. And by *being* I incorporate the affordances of
self-sovereign identity.

I call this assembling *skin*.

When we have the facility to understand, feel, and integrate the extension,
presence, transience, and permeability of one’s *skin*, when we’re all
sensitised to it, the legal definition of a person is reshaped and our
norms revitalised accordingly. This marks the true manifestation of the
sociotechnical agent. Data doubles (formed by third parties) of me are
replaced by my digital doppelgänger, spawned and continually maintained by
me, which in turn disappears, my informational space becoming me as much as
my arms and legs and cognitive facilities. User interfaces disappear, the
interfacial becoming me, prostheticizing me with the facility to understand
and navigate the affordances of the world around me and those affordances
denied.

...

Well that's the thesis. Don't ask me for the corresponding architectural
schema!


*__*

Philip Sheldrake, CEng MIET
www.diglife.com

M. +44 (0)7715 488 759
Blog www.philipsheldrake.com
Skype psheldrake
Twitter @sheldrake


On 31 May 2017 at 13:29, Adrian Gropper <agropper@healthurl.com> wrote:

> Tim,
>
> I'm a big fan of either self-sovereign technology (SST) or self-sovereign
> support technology and I agree with Kim's pros and cons on adopting the
> term. The longer version is more accurate (according to a discussion on the
> VRM list about a year ago...) but the short version may be best.
>
> That SST might put off the corporations is pretty clear because it's tech
> that nobody owns but you. It's tech without a privacy policy because
> there's no counter party to have a policy or other contract with. It's open
> source by definition. It's like most of Bitcoin and Ethereum or an open
> source home router. That said, I think it's time we raised the issue with
> the corporations about "the web we want"- the tag line for
> https://diglife.com/
>
> Our implants (I'm an MD, medical device developer), our cyborgs, our
> personal agents online, will be SST soon enough. They will protect our
> policies the way our hardware secure elements protect our private keys
> today. My SST will be enhanced with machine intelligence in order to learn
> my preferences and act autonomously on my behalf.
>
> There's really no way around having the discussion of how two individual
> humans connect through their SST in a completely private way. Start with a
> simple smart contract.
>
> The place where our institutions intersect with SST is what we call the
> "identity container" in RWoT. In the stack that I work on (HIE of One), the
> identity container includes an UMA Authorization Server that issues
> standard tokens to third party entities (individuals and institutions)
> mostly automatically but with an occasional fallback to live interaction
> with the human owner in cases where the protected policies are ambiguous.
>
> Looked at from this perspective, blockchain IDs are an essential
> foundation for SST because they are a web of trust to link together our
> SSTs for trusted interaction with each other as people.
>
> The SST identity container as authorization server becomes the place where
> requesting parties (individuals and institutional) present their claims.
> The identity container can act on our behalf to sign-in to institutions. As
> the police cars say: "To protect and serve."
>
> Adrian
>
>
>
>
>
> On Wed, May 31, 2017 at 3:37 AM, Timothy Holborn <
> timothy.holborn@gmail.com> wrote:
>
>> my apologies for the blunt expression of concerns...
>>
>> webizen would likely be my vote. Has some heritage;
>> http://webizen.org/
>> https://www.w3.org/wiki/Webizen
>>
>> The concept of 'individual membership' (not simply to the W3C but more
>> broadly to the web) is poorly supported.
>>
>> A solution enables the means for the (somewhat quantum in nature)
>> identity of persons in cyberia - to be provided the necessary qualities to
>> support the dignity of the homo sapien for which the web of identifiers,
>> data structures, query infrastructure, presentations, representations,
>> persona attributes, personalisation, dignity frameworks embodying elements
>> of privacy considerations in combination with the needs of accountability
>> measures; support for frameworks such as 'rule of law', human rights,
>> provenance, version control, interactions with things, instruments, claims,
>> enterprise infrastructure in a manner where terms of agreement can be
>> bilaterally defined (rather than unilaterally applied), etc.   Where if
>> sensitive and personal data about you can be used to help...  cure
>> cancer... or solve a violent crime, or some other very specified purpose by
>> way of some amazing website with some crazy intelligent science built into
>> it; that you can safely share that data without unintended consequences
>> that you're unable to do anything about...
>>
>> A solution were people can store their data, but not trade everything
>> they have stored about them for a discount at the petrol station, even if
>> they are old and don't know what they are doing with these contraptions
>> they need to have, as a means to function in society.
>>
>> a human centric web.
>>
>> the web works so well today, that even if half the population of the
>> world protested the way the web was working; people would still be forced
>> to use it to share the photos (on Facebook, for example)...
>>
>> so yeah.  'choice of law', data rights, the means for a citizen of some
>> place in the world to use data that exists about an experience they have
>> had - somewhere else in the world; to protect their civil rights?  seems so
>> very unimportant, i'm very depressed about it as a circumstance.
>>
>> Webizen is the best possible name for a movement that aims to provide
>> what i believe is the underlying purpose of this 'self sovereign' concept.
>>
>> Describes a 'citizen of the Web'.
>> A Webizen is a person
>> <http://www.urbandictionary.com/define.php?term=person> who is adept in
>> Web <http://www.urbandictionary.com/define.php?term=Web> techniques and
>> who essentially lives
>> <http://www.urbandictionary.com/define.php?term=lives> on the Web.
>> Source: http://www.urbandictionary.com/define.php?term=Webizen
>>
>> Tim.H.
>>
>> On Wed, 31 May 2017 at 16:57 Timothy Holborn <timothy.holborn@gmail.com>
>> wrote:
>>
>>> Kim,
>>>
>>> I read the doc.  Nice.
>>>
>>> Reputation systems flagged my interest. Most of that capability is done
>>> now, I'm not even sure what ontology work needs to occur.  Perhaps
>>> HTTP-SIGNATURES is still lacking? I thought it was deemed to be
>>> unnecessary?
>>>
>>> I didn't really understand what you hoped to work on.
>>>
>>> At WWW2017 (which only a few attended) I went to town on calling out the
>>> issue of ID.  Indeed, I sent an email to Vint, TimBL and many others
>>> essentially saying "fuck you", why in 25 years did you consider ID to be so
>>> unimportant.  My purpose was to say, that I wanted to see the problem
>>> solved in their lifetime.
>>>
>>> But i think they really did not appriciate the mail.
>>>
>>> The tactical process said, was to build the elements.
>>>
>>> Another statement said that as philosophers, concerns were had; which
>>> indeed I understand, given the rather commercial sway any ID project seems
>>> find so difficult to successfully navigate as the reality is, most projects
>>> that look hopeful, get captured.
>>>
>>> I have never understood "self soverign" I understand citizen and I
>>> understand choice of law and I understand a multitude of things that seek
>>> to be deemed "acceptable".
>>>
>>> In my view identity, I consider to be a "theta layer" to the web, but
>>> given I'm not really a "contributor" as the work has progressed..
>>>
>>> I just read this "self soverign" concept confused.
>>>
>>> When I started working on these things the reason why was because a
>>> government department put upon me some decisions that changed my life, and
>>> whilst those decisions were illegal, the fact was that the government
>>> employees did it in a manner, knowingly, that ensured very little evidence
>>> was available for me to remedy the harm they'd done as part of what they
>>> considered to be their job.
>>>
>>> I don't see how these years of work have done much to make the case for
>>> vulnerable people any better.  Indeed I fear it's made the situation
>>> worse.  I don't understand how these works provide the means for a person
>>> who has been engaged, or forced into a transaction that is illegal or
>>> wrong, to have the data to prove it when the entity who sought to yeild
>>> power, through their database powered employment agreements, is involved in
>>> a system that engineers products and services to protect them from
>>> accountability. From.responsibility, beyond the mental health impacts those
>>> people have from damaging the lives of others, for money to feed their
>>> kids.
>>>
>>> People say I'm not very commerical.  I think they need to wake the fuck
>>> up.
>>>
>>> Tim.h.
>>>
>>> On Wed., 31 May 2017, 4:37 pm Timothy Holborn, <
>>> timothy.holborn@gmail.com> wrote:
>>>
>>>> What does a self soverign human look like?
>>>>
>>>> Or...   How can it be said.  What are the benefits to a smart phone,
>>>> what does it do...  Or...
>>>>
>>>> What is a credential what does it do...  Or...
>>>>
>>>> What is a self soverign identifier..  what does it do?
>>>>
>>>> I have never understood the idea of "self soverign".  Is it like 2nd
>>>> life or Minecraft, some space that's "self soverign", or perhaps moreover
>>>> its soverign to the human? Who's self in the context to the sovereign?
>>>>
>>>> Thought I'd ask...
>>>>
>>>> Tim.h.
>>>>
>>>> On Wed., 31 May 2017, 2:14 pm Kim Hamilton, <kimdhamilton@gmail.com>
>>>> wrote:
>>>>
>>>>> I took a first stab at enumerating the CG naming goals, proposed
>>>>> names, pros and cons, etc so we know the constraints when picking a name
>>>>>
>>>>> https://docs.google.com/document/d/1H5tO0IRawIHzVnRP2sTbdBA-
>>>>> PUkWgSdcydx2ru2fPHg/edit?usp=sharing
>>>>>
>>>>> I noticed that "Self-Sovereign Technology Community Group" had the
>>>>> most positive reception with the fewest downsides. We could stop
>>>>> there....otherwise, please edit/provide feedback and I'll continue to shape
>>>>> this into something more actionable.
>>>>>
>>>>> - Kim HD
>>>>>
>>>>
>
>
> --
>
> Adrian Gropper MD
>
> PROTECT YOUR FUTURE - RESTORE Health Privacy!
> HELP us fight for the right to control personal health data.
>
Received on Wednesday, 31 May 2017 13:07:55 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:37 UTC