- From: Lisa LeVasseur <lisa.levasseur@me2ba.org>
- Date: Wed, 16 Dec 2020 17:03:42 +0000
- To: rhiaro <amy@rhiaro.co.uk>, "public-credentials@w3.org" <public-credentials@w3.org>
- Message-ID: <DM6PR12MB33075D36E80D526FCCA1BBB1D2C50@DM6PR12MB3307.namprd12.prod.outlook.com>
Thanks Amy! It was a pleasure sharing our thinking with you, and I'm so glad you found it useful. Attaching the PDF of the slides here. Lisa -----Original Message----- From: rhiaro <amy@rhiaro.co.uk> Sent: Wednesday, December 16, 2020 1:37 AM To: public-credentials@w3.org Subject: Re: [MINUTES] W3C Credentials CG Call - 2020-12-15 12pm ET I thought this presentation was brilliant, the work is refreshingly well thought-out, and hit all the right notes. Thanks so much Lisa! Does anyone have a link to the slides? Cheers, Amy On 15.12.2020. 20:29, W3C CCG Chairs wrote: > Thanks to Manu Sporny and Amy Guy for scribing this week! The minutes > for this week's Credentials CG telecon are now available: > > https://w3c-ccg.github.io/meetings/2020-12-15 > > Full text of the discussion follows for W3C archival purposes. > Audio from the meeting is available as well (link provided below). > > ---------------------------------------------------------------- > Credentials CG Telecon Minutes for 2020-12-15 > > Agenda: > > https://lists.w3.org/Archives/Public/public-credentials/2020Dec/0080.h > tml > Topics: > 1. Introductions / Reintroductions > 2. Announcements and Reminders > 3. Me2B Alliance > Organizer: > Kim Hamilton Duffy and Wayne Chang and Heather Vescent > Scribe: > Manu Sporny and Amy Guy > Present: > Charles E. Lehner, Wayne Chang, Heather Vescent, Manu Sporny, Kim > Hamilton Duffy, Ted Thibodeau, James Chartrand, Ryan Grant, Amy > Guy, Adrian Gropper, Dmitri Zagidulin, Erica Connell, Lisa > LeVasseur > Audio: > https://w3c-ccg.github.io/meetings/2020-12-15/audio.ogg > > Kim Hamilton Duffy: https://www.w3.org/community/credentials/join > Kim Hamilton Duffy: https://www.w3.org/accounts/request > Kim Hamilton Duffy: > https://www.w3.org/community/about/agreements/cla/ > Kim Hamilton Duffy: https://w3c-ccg.github.io/meetings/ > <rgrant> preset+ > Manu Sporny is scribing. > > Topic: Introductions / Reintroductions > > Kim Hamilton Duffy: Anyone new to the call that would like to > introduce themselves? > No takers. > Kim Hamilton Duffy: Reintroductions, then. > Kim Hamilton Duffy: Dmitri, do you mind reintroducing yourself? > Dmitri Zagidulin: Hi everyone, Dmitri software Engineer w/ > Digital Bazaar -- active in VC/DID/Confidential storage -- > contributing to related Javascript libraries. > > Topic: Announcements and Reminders > > Kim Hamilton Duffy: https://w3c-ccg.github.io/announcements/ > Kim Hamilton Duffy: This is the last meeting of the year Kim Hamilton > Duffy: Every Tuesday we have this weekly call... we > have VC EDU task force -- meeting every Monday 8am PT -- Kim > Hamilton Duffy: DID Resolution also on Monday weekly 1pm PT Kim > Hamilton Duffy: Confidential Storage, with DIF, Thursday > 1-2pm PT > Wayne Chang: First is call for objections to infrastructure Task > force -- work items dependent on group existing, npm package > management, reduce burden on chairs, object/support on Github > issue below. > Wayne Chang: Starting in January 5th -- first meeting of new > year -- have a conflict -- decision is to see if there is > interest in separate meeting time -- availability in general, few > suggested slots, move it a day, etc. > Wayne Chang: Feedback, respond to thread. > <heathervescent> I can go over the chair job description if > interested > Kim Hamilton Duffy: We do have an upcoming Chair election... if > you are interested, reach out to current chairs -- Heather has > been working on Chair job description which gives you some idea > on how the sausage making happens. > Kim Hamilton Duffy: Items that Heather and Wayne may want to go > through... next. > Kim Hamilton Duffy: VC PRs under maintenance Charter... talked > about this last week. > Kim Hamilton Duffy: It's not clear where this issue needs to > live now. > Amy Guy is scribing. > Manu Sporny: It still needs to live in the ccg, there's no > better place for it > ... we need to have a call > ... I don't feel like we're making good progress on the issue, > there are too many unknown details > ... after tholidays we should convene a meeting between the > leadership and communities and nail the process down so w3c staff > is happy > Manu Sporny: We need to have a meeting between Chairs, Editors > of all of these communities to make progress. [scribe assist by > Manu Sporny] > Heather Vescent: Update - productive call w/ wayne last week - > discussing issues -- main concern w/ scope - did a high level > audit of all systems... based on audit -- current activities and > desired for potential future things (VC PR maintenance stuff), > next step is to wayne to identify items in audit to be in scope > of infrastructure task force. [scribe assist by Manu Sporny] Heather > Vescent: Wayne and I are going to talk later this week > about getting specific about scope of infrastructure TF and what > that will cover to address concerns I raised. Part of > conversation includes where this goes... 170 -- infrastructure or > elsewhere. [scribe assist by Manu Sporny] Kim Hamilton Duffy: What > about #3 -- outstanding objection for > proposal? [scribe assist by Manu Sporny] Heather Vescent: W3C > infrastructure has a strong objection > model, which I think is a masculine bias in W3C infra, won't > fight that in this group... will discuss in diversity and > inclusion group at W3C... moving to positive work environment > group... [scribe assist by Manu Sporny] Heather Vescent: I will > address the note on #3 - I'll update > that. We need to make sure that anything in this issue is > accounted for. [scribe assist by Manu Sporny] Note that the > inclusion and diversity group is not closing, the > pwe is combining with it because there is a lot of joint > membership, and both groups will be chartered into one Heather > Vescent: I'm not 100% behind on infrastructure task > force still, working w/ Wayne to address all my concerns. [scribe > assist by Manu Sporny] > Heather Vescent: I am not full speed ahead on Infrastructure > Task Force, I'm full speed ahead on addressing the concerns. > [scribe assist by Manu Sporny] > Kim Hamilton Duffy: This one is in proposed status for a while > -- after you do that, we have one week for objections -- if you > can do that as soon as possible, then we could move forward with > it. [scribe assist by Manu Sporny] > Kim Hamilton Duffy: Npm repository ... is it a part of > Infrastrcuture Task Force? [scribe assist by Manu Sporny] Wayne > Chang: If Infrastructure Task Force is created, it will > deal w/ npm governance. [scribe assist by Manu Sporny] Kim Hamilton > Duffy: We need to clarify whether or not this is in > scope. Calling out expectations might be something we need to > do... task force might take that on. [scribe assist by Manu > Sporny] > Wayne Chang: Test suites, reference data, those are initial low > risk, low stakes that we'd like to see there, instead of stuff > that's in a production build chain. [scribe assist by Manu > Sporny] > Kim Hamilton Duffy: Happy for this, moving things forward. > [scribe assist by Manu Sporny] > Kim Hamilton Duffy: Moving on to the highlight. [scribe assist > by Manu Sporny] > > Topic: Me2B Alliance > > Kim Hamilton Duffy: Over to Lisa... [scribe assist by Manu > Sporny] > Lisa LeVasseur: Thank you for listening in today -- want to > focus on Me2B alliance and the work that this group is doing. > [scribe assist by Manu Sporny] > Lisa LeVasseur: Key thing we've learned, we don't have right > vocabulary to talk about relationships in digital world... > sharing about proposed language and terminology that we've come > up with. [scribe assist by Manu Sporny] Lisa LeVasseur: One of the > things I wanted to do is information > share with this group... slide 2 - note to self, mission of group > is important [scribe assist by Manu Sporny] Lisa LeVasseur: Agenda > slide - Who are we, what do we do -- > lifecycle, credentials, deals. [scribe assist by Manu Sporny] Lisa > LeVasseur: Wrap up with Me2B and credentials and a couple > of questions -- things that you might be able to clarify for me. > [scribe assist by Manu Sporny] > Lisa LeVasseur: Our Ethos slide - respectful technologies are > better for both Me-s and B-s. We are more Me focused because of > the current power dynamics in industry. [scribe assist by Manu > Sporny] > Lisa LeVasseur: Our Mission slide - Current working version of > mission. [scribe assist by Manu Sporny] Lisa LeVasseur: Background > in mobile telecom standards - > sometimes markets are created through standards... what if we > created a different kind of standard that's not technical, but > has ethical/behavioral considerations... create standard, create > certification, drive demand, create market choices... that is > idealized. [scribe assist by Manu Sporny] Lisa LeVasseur: It's not > easy [scribe assist by Manu Sporny] Lisa LeVasseur: That is the > founding vision -- we used to > describe ourselves as good housekeeping... that's not what we're > about.. . more like independent crash testing institute... > instead of testing cars, we're looking for potential harms and > risks. [scribe assist by Manu Sporny] Lisa LeVasseur: Digital Harms > dictionary - continuing to build > it out... modify over time... focus on harms. [scribe assist by > Manu Sporny] > <manu> Independent crash testing institute slide <manu> Ethical north > star slide Lisa LeVasseur: We spent a good time contemplating what > our > ethical north star -- come up with universal ethic, perhaps a > fools errand... but do we want to mirror behaviros of healthy > human relationships? [scribe assist by Manu Sporny] Lisa LeVasseur: > We've taken aspects of healthy human > relationships and adapted them... [scribe assist by Manu Sporny] > <manu> Me2B Rules of Engagement slide Lisa LeVasseur: These are tests > in our testing rubric... not > going to read through them, but do want to call out a couple of > things... haven't said data or privacy yet, deliberate... those > words are too narrow. [scribe assist by Manu Sporny] Lisa LeVasseur: > What you'll see here are respective > boundaries... privacy is one such boundary -- respectful defaults > [scribe assist by Manu Sporny] > Lisa LeVasseur: Precursor to relationship state... [scribe > assist by Manu Sporny] > Lisa LeVasseur: Really crucial for technology -- this rule, is > in absence of stated preferences, default to certain behavior. > [scribe assist by Manu Sporny] > Lisa LeVasseur: This comes out of social norms... when we meet > someone for first time, we withhold things. [scribe assist by > Manu Sporny] > Lisa LeVasseur: Apply these rules to products/services -- > products/services are not obeying rule of respectful defaults. > [scribe assist by Manu Sporny] > <manu> Me-Manifesto slide > Lisa LeVasseur: There is the Me-Manifesto... still wordsmithing > it -- pretty good... We assert our rights, I'm in charge, We play > nice. [scribe assist by Manu Sporny] Lisa LeVasseur: We're doing > early certification -- took a long > time to build out testing rubric -- table stakes testing > criteria... doing early certification with friendlies since > mid-year. [scribe assist by Manu Sporny] Lisa LeVasseur: Has been > hugely illuminating... proper > commercial launch next year. [scribe assist by Manu Sporny] Lisa > LeVasseur: 3 Key principles... assert rights, in charge, > play nice. [scribe assist by Manu Sporny] Adrian Gropper: Here are > two links (in my tweet) relevant to > governance of controller-processor interoperability > https://twitter.com/agropper/status/1338832808463233025 > <manu> It's Really "We" slide > Lisa LeVasseur: Ethos is not individualistic, recognizes > interdependence, healthy societies need respectful > relationships... don't expect we'll do sustainability testing on > tech, but others will... important to consider for well being. > [scribe assist by Manu Sporny] > <manu> Me2B Relationship in digital world slide Lisa LeVasseur: > Deliberate relationships - multiple > touchpoints... interaction w/ business (legal)... and then > connected products and services. [scribe assist by Manu Sporny] Lisa > LeVasseur: Connected products and services, brand > ambassadors -- connected, available, smart -- humanesque part to > connected products and services... building up valance of > love/hate/whatever -- coloring our idea about brand and business > itself... squirrel-y today [scribe assist by Manu Sporny] Kim > Hamilton Duffy: Rhiaro found this me2b url: > https://me2ba.org/ (the other one wasn't loading) <manu> Me2B > Relationship Layers slide Lisa LeVasseur: Unbox iPhone... create > Legal relationship w/ > Apple. [scribe assist by Manu Sporny] Lisa LeVasseur: Then > experiential Relationship w/ iPhone... > (this is all experimental language, still working through it) > [scribe assist by Manu Sporny] > Lisa LeVasseur: At this point, there is a valance... feeling > about the product. [scribe assist by Manu Sporny] Lisa LeVasseur: > But what's also happening... Hidden > Affiliates... 3rd party integrations... these entities are > unknown [scribe assist by Manu Sporny] Lisa LeVasseur: Let's say > she downloads Chrome browser... then > legal relationship created w/ Google. [scribe assist by Manu > Sporny] > Lisa LeVasseur: Starts to use browser... experiential > relationship w/ Chrome browser... phone is Me2T - technology > enabler [scribe assist by Manu Sporny] Adrian Gropper: Here's the > new Apple Privacy App Store privacy > labeling: > https://developer.apple.com/app-store/app-privacy-details/ > Lisa LeVasseur: Interacting w/ brand ambassador - Google... > hidden affiliates grow... even more now - Googles and Apples > [scribe assist by Manu Sporny] > Lisa LeVasseur: Using browser, navigate to Instagram. [scribe > assist by Manu Sporny] > Lisa LeVasseur: Creates legal relationship with... who? Who's > the business... [scribe assist by Manu Sporny] <manu> Instagram > login site slide Lisa LeVasseur: Who's the business? It's not > Instagram... it's > Facebook... lines are blurry on these relationships, it's > confusing... acknowledge that it's a bit of a contrived example. > Once again, subjected to hidden affiliates stack... native device > monitoring, chrome browser monitoring, keeps stacking up... > relationships... test clarify scope of testing, we needed some > language to describe landscape of this. [scribe assist by Manu > Sporny] > Lisa LeVasseur: Saying Me2B covers ALL of layered relationships > and touchpoints, because all touchpoints need to be respectful. > [scribe assist by Manu Sporny] > Lisa LeVasseur: Moving on into relationship lifecycle... Me2B > Relationship lifecycle model... [scribe assist by Manu Sporny] > Adrian Gropper: Apple adopted the first 3 of my (PPR) label > suggestion to them in 2018. https://ssrn.com/abstract=3439701 > They did not adopt the last two :-) > Lisa LeVasseur: Taken from human relationship model, adapting it > for use for Me2B [scribe assist by Manu Sporny] <manu> Me2B > Relationship Lifecycle Model slide Lisa LeVasseur: Skipping over > physical world, focusing more on > digital world -- all can understand processes and understandings > of these stages... how we get into state of being very committed > ... use service on regular basis. [scribe assist by Manu Sporny] > Lisa LeVasseur: No relationship is ever clean, no model is every > perfect... we realize that... apply social norms to digital > commitments. [scribe assist by Manu Sporny] Lisa LeVasseur: What > this really looks like is an EKG, not a > mountain... tool for understanding how we can get more specific > in our testing/scoping... test behavior of technology... within > digital Me2B Commitments, what are those? [scribe assist by Manu > Sporny] > <manu> Spectrum of Me2B Commitments > Lisa LeVasseur: There are a spectrum of specific transactions > and agreements that we make in the digital world... this can be > understood as states... not perfectly states [scribe assist by > Manu Sporny] > Lisa LeVasseur: When we do our testing, for example... > expectations of individuals... very first open of app/website, > we're measuring that behavior to see what's going on... nothing > sneaky going on - no commitment commitment. [scribe assist by > Manu Sporny] > Lisa LeVasseur: This is the starting point [scribe assist by > Manu Sporny] > Lisa LeVasseur: Then cookie consent... location consent... that > might appear in different way [scribe assist by Manu Sporny] Lisa > LeVasseur: Promotional communication commitment... loyalty > program commitment... [scribe assist by Manu Sporny] Lisa LeVasseur: > One-off Transaction... do one thing, then go on > our way. [scribe assist by Manu Sporny] Lisa LeVasseur: Me2B > "Marriage" -- a lot of people don't like > this phrase, working phrase, effective as a metaphor... we'll see > if it stands up. [scribe assist by Manu Sporny] Lisa LeVasseur: We > are testing data minimization in these > things... individual has agency to enroll/unenroll of all these > commitments, no strings attached in commitments. Digital Me2B > marriage, when individual establishes an account. [scribe assist > by Manu Sporny] > Lisa LeVasseur: "I like it, so I create an account" [scribe > assist by Manu Sporny] > Lisa LeVasseur: That is the marriage... account creation. > [scribe assist by Manu Sporny] > Lisa LeVasseur: The hallmark of this is signaling to the > business that you want to be remembered, recognized, responded to > (from functional identity) [scribe assist by Manu Sporny] Lisa > LeVasseur: At end of it, I delete my account... divorce -- > I am forgotten... account deletion. [scribe assist by Manu > Sporny] > Lisa LeVasseur: Idealized mapping of two main states of being in > a marriage and not being in a marriage. [scribe assist by Manu > Sporny] > Lisa LeVasseur: When I'm logged in, I'm in the marriage... when > I'm not logged in, there is no Me2B marriage... have reasonable > expectation to be anonymous... from human perspective... how your > life is when you window shop in real world. [scribe assist by > Manu Sporny] > Lisa LeVasseur: If you walk into store for first time and > someone called you by name, that would be creepy... would violate > the expectation of anonymity. [scribe assist by Manu Sporny] Lisa > LeVasseur: When you are not logged in, there is an > expectation of anonymity. [scribe assist by Manu Sporny] Lisa > LeVasseur: Other commitments that we make... mapped on arc, > sign up for promotional communication... the accepting cookies, > describing a browser or website... we are testing websites and > apps... when you're navigating through websites, this accepting > cookies comes early, that is a commitment. [scribe assist by Manu > Sporny] > <manu> "But it's complicated" slide. > Lisa LeVasseur: There is this consented pseudonymous state... > you are temporarily remembered, recognized, responded to... but > you're not "identified" [scribe assist by Manu Sporny] Lisa > LeVasseur: You actually /are/ identified, want to talk more > about that... at end... but there is a huge data channel here... > didn't know this existed until recently... langauage of the data > layer, this noxious data flow that's happening under radar of > individual. [scribe assist by Manu Sporny] Lisa LeVasseur: Our > idealized version of this doesn't point out > that today this happens overtly... the invisible layer. [scribe > assist by Manu Sporny] > <manu> Me2B Deal slide > Lisa LeVasseur: For every one of these commitments, site wants > to use location, these are the cookies, will you let us... for > each of those commitments, there is a deal... what am I going to > give, what am I going to get? [scribe assist by Manu Sporny] Lisa > LeVasseur: There is inherent fair value given for fair > value taken... looking for flagrant information collection... to > determine if it's a fair exchange... there is a personal quid pro > quo calculus. [scribe assist by Manu Sporny] Lisa LeVasseur: Am I > comfortable exchanging this information, is > it a fair exchange? [scribe assist by Manu Sporny] <manu> > Credentials and Me2B Lisa LeVasseur: Going back to mission of > credentials... > synergies -- has to do w/ idea of "I'm in charge". [scribe assist > by Manu Sporny] > Mostly the answer is no it isn't a fair exchange but I have no > other options here D: > Lisa LeVasseur: There is a design fiction ... I'm in charge -- > relationship lifecycle model slide. [scribe assist by Manu > Sporny] > Lisa LeVasseur: Also, we care about bringing your own privacy > terms, permissions... working on IEEE personal privacy terms. > [scribe assist by Manu Sporny] > Lisa LeVasseur: This is where most synergy lives. [scribe assist > by Manu Sporny] > <manu> Questions slide > Lisa LeVasseur: Interested in credentials in Me2B marriage... > Credentials vs. Identifiers -- first and 3rd parties, throughout > relationship... pseudonymous cookie consent state. [scribe assist > by Manu Sporny] > Lisa LeVasseur: Internal identifiers are used on ongoing data > collection/correlation/collection... service needs to be able to > construct those personal responses... 3rd party, universal > cross-platform IDs, real problem, testing is exposing these > things... fundamentals to adtech and martech. [scribe assist by > Manu Sporny] > Lisa LeVasseur: Wonder how much you've thought about this stuff > -- not up to date on these discussions... wanted to leave w/ this > question about this stuff... how does it fit into user controlled > credentials. That's what I had. [scribe assist by Manu Sporny] Kim > Hamilton Duffy: Great, thank you -- questions? [scribe > assist by Manu Sporny] > Adrian Gropper: Spend half of my time in standards and other > half in advocacy/governance -- in context of this group -- > separation of concerns, have power to specify in term of interop, > teaches us that controllers should be separate from processors, > and regulators should be separate from certifiers. [scribe assist > by Manu Sporny] > Adrian Gropper: One of the ways to think about this -- > controller in GDPR sense of delegate [scribe assist by Manu > Sporny] > Adrian Gropper: Service provider only gets authorizations... > that's something that regulators/certifiers can build on. [scribe > assist by Manu Sporny] > Manu Sporny: Thanks Lisa, this is all really fantastic stuff, > very much aligned with the kind of tings that this group is > concerned with and thinking deeply about > ... this is mostly an urge for you to engage more with the > community > ... you ask some really great questions and we can't answer > them in this time > ... but we are grappling with those questions > ... a lot of the slide deck is very aligned with current > thinking in the group > ... but there's no-one that is really focussed on it > ... we tend to focus too much on the tech side and not enough > on the certification, testing, understanding what these > relationships are and creating languages to express it in the > market > ... the question you're asking about identity and identifiers > vs credentials, there are a lot of different angles on that > ... what we have tried to do as adrian mentioned is separate > these things to the biggest degree possible so we can understand > each one > ... at greater depth and then compose them together in > appropriate ways > ... ripping the thing apart into its atomic components and > building new molecules that are fit for purpose > ... the language that you are using and have generated can > really help this community > ... I wouldn't want to see you present and then go off > somewhere else. A plea to figure out some way to get the work you > presented more directly integrated with the work we ar edoing, it > can do a lot of good in this group > Lisa LeVasseur: Great, thank you, will engage -- we are open for > business, membership is open... in a soft launch, platform has > some bugs, but are working through those... if you'd like to > join, please join and follow along certification WG. [scribe > assist by Manu Sporny] > Lisa LeVasseur: Know some people that are in call... would love > to figure out ways to keep this connection fresh and alive. > [scribe assist by Manu Sporny] > Kim Hamilton Duffy: Thank you, agreed - there are increasing > opportunities as well -- DHS wallet design challenge, more > product focused... user interaction flow, testing and > certification, both process and specifics would be interested in > exploring in context of wallets. [scribe assist by Manu Sporny] Kim > Hamilton Duffy: Thank you again Lisa for the great > discussion and topics that it brings up, looking forward to > continuing to collaborate. [scribe assist by Manu Sporny] Lisa > LeVasseur: Thank you looking forward to collaborating > further. [scribe assist by Manu Sporny] > >
Attachments
- application/pdf attachment: Me2B 101 for W3C - Toward a Vocabulary.pdf
Received on Thursday, 17 December 2020 03:35:00 UTC