Re: C2PA Specifications - First Public Draft from Adrian Gropper on 2021-09-03 (public-credentials@w3.org from September 2021)

From: Adrian Gropper <agropper@healthurl.com>
Date: Fri, 3 Sep 2021 14:25:03 -0400
To: Leonard Rosenthol <lrosenth@adobe.com>
Cc: Steven Rowat <steven_rowat@sunshine.net>, "public-credentials (public-credentials@w3.org)" <public-credentials@w3.org>
Message-ID: <CANYRo8itv2aF_GSrG47LVQ86QPwj6rMyRFJHM42OwL_f6u-Z6g@mail.gmail.com>
Leonard,

It still sounds like C2PA has decided the scope to support the desired
outcome or impact of C2PA as a standard. I’m skeptical because we’re
starting to understand that digital advances related to surveillance of
human behavior and machine learning based on that surveillance have broad
societal impact.

C2PA is designed as the substrate for increased surveillance of human
activity.

Why do we need this?

- Adrian

On Thu, Sep 2, 2021 at 11:20 PM Leonard Rosenthol <lrosenth@adobe.com>
wrote:

> > No mention of specifics
>
> >
>
> True, because this is the first public draft of our work and as the first
> paragraph of that section says:
>
> The harms, misuse, and abuse assessment is an ongoing process. The
> information presented below should not be considered the end result of a
> comprehensive evaluation, but a basis for broader, ongoing, and more
> profound discussions, centering on impacted communities, that could lead
> towards the mitigation of potential abuse and misuse and the protection of
> human rights.
>
> We have a dedicated Task Force focused on this area which has produced
> some significant material which we are looking to release as soon as it is
> stable. The Task Force is led by professional human rights personnel from
> https://www.witness.org/, a member of the C2PA.  As mentioned in that
> section, we are using well established frameworks that cover not only
> individual but groups, businesses, residents, society, etc.
>
>
>
> > If you want to improve the document, start by giving a dozen examples of
> risks to human rights and potential mitigations, related to the spec
>
> >
>
> We are building a completely separate document that does this and more.
> This is called out very clearly in the first paragraph of 16.2.5 including
> a link to where the document will live;
>
> The C2PA standard is still in the design stage, and reflects a system
> specification not a specific product, so the potential harms identified
> thus far reflect system-level considerations that may not be relevant for
> all products built using these specifications. A more detailed harms,
> misuse and abuse assessment will be continuously updated and be available
> for review through this link.
>
> One of the reason that we are keeping this document separate – but linked
> – is as noted in that sentence – we expect the work of our Threats and
> Harms Task Force to be ONGOING (beyond specification 1.0) and for that
> document to be updated based on real world deployments and usage.
>
>
>
> Leonard
>
>
>
> *From: *Adrian Gropper <agropper@healthurl.com>
> *Date: *Thursday, September 2, 2021 at 7:30 PM
> *To: *Leonard Rosenthol <lrosenth@adobe.com>
> *Cc: *Steven Rowat <steven_rowat@sunshine.net>, public-credentials (
> public-credentials@w3.org) <public-credentials@w3.org>
> *Subject: *Re: C2PA Specifications - First Public Draft
>
> Hi Leonard,
>
>
>
> I looked at Section 16.2 and did not find any challenge to what the group
> is doing. No mention of specifics. No examples of harm from history. No
> people actually raising issues in a human rights context. This is not
> surprising. As a volunteer (i'm not compensated so it's hard to imply
> professional) privacy advocate, I see this pattern everywhere. In
> healthcare, for example, it appears as Institutional Review Boards where
> every member has the incentive to have the research and its funding be
> approved. The result is boilerplate like your 16.2 that offers a
> laundry-list of risks in a context where few if any research subjects are
> likely to act. Another example is scandals involving research use of
> patient clinical data is https://pubmed.ncbi.nlm.nih.gov/29308344/
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpubmed.ncbi.nlm.nih.gov%2F29308344%2F&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499759913%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=d6CpEXgVUjEZbmbqkawizwD7v0srHpix8Xx4PeDtrIw%3D&reserved=0>
> where, again, you see careful avoidance of oversight from entities that do
> not stand to gain from the "deal".
>
>
>
> I can make a couple of more specific comments / suggestions:
>
>
>
> - The harms to society tend to be much more significant that the harms to
> individuals. Most of the analyses are designed to look at relatively minor
> economic impacts such as identity theft while ignoring the huge costs of
> inferences that then drive the behavior of entire populations in the
> direction of unwarranted "progress".
>
>
>
> - Data brokerage for profit, particularly in the US where there is no
> federal privacy law like GDPR, is essentially unregulated. The benefits of
> data brokerage hardly ever accrue to the individual or to society at large.
> Read Zuboff on Surveillance Capitalism for a clear perspective. At this
> point in time there is absolutely no limit to the number and scope of data
> brokers, most of them hidden from both individual and political scrutiny.
> The sheer efficiency of standardized digital credentials is frightening in
> this environment. Who is out there to lobby for reigning in hidden data
> brokerage?
>
>
>
> - If you want to improve the document, start by giving a dozen examples of
> risks to human rights and potential mitigations, related to the spec. That
> way, readers can judge for themselves whether your group missed the
> elephant in the room. Show specifically where things were added or removed
> from the spec in order to mitigate a particular risk.
>
>
>
> Hope this helps,
>
> - Adrian
>
>
>
> On Thu, Sep 2, 2021 at 2:56 PM Leonard Rosenthol <lrosenth@adobe.com>
> wrote:
>
> Let’s (hopefully) agree that at the core of either of the issues you raise
> is TRUST.
>
>
>
> Either you trust the person/organization/government that signed the asset
> or you don’t.  If I discover an asset that claims that you, Adrian Gropper,
> authored it **but** it is signed by an entity that I know you have no
> relationship with – then I am not going to trust it.  However, if you
> signed the asset yourself (using a known certificate of yours that I trust)
> **or** you had another trusted party sign on your behalf, then I will
> trust it.
>
>
>
> Concerning opportunities for the C2PA technology to be used in ways that
> can harm individuals,. I will point you to Section 16.2 of our spec (
> https://c2pa.org/public-draft/#_harms_misuse_and_abuse
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fc2pa.org%2Fpublic-draft%2F%23_harms_misuse_and_abuse&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499769867%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7QO3YPanQlHsOjek0wQ4ATu9PfNK4t%2FOPkawCTFKwSI%3D&reserved=0>)
> clearly identifying how we are assessing our technology in this arena.  If
> you have ideas about approaches that we could take to reduce such
> situations, we would welcome your input.
>
>
>
> Leonard
>
>
>
> *From: *Adrian Gropper <agropper@healthurl.com>
> *Date: *Thursday, September 2, 2021 at 1:27 PM
> *To: *Leonard Rosenthol <lrosenth@adobe.com>
> *Cc: *Steven Rowat <steven_rowat@sunshine.net>, public-credentials (
> public-credentials@w3.org) <public-credentials@w3.org>
> *Subject: *Re: C2PA Specifications - First Public Draft
>
> Leonard,
>
>
>
> I don't think it's as simple as you imply. The decision to post a photo
> anonymously or pseudonymously is almost never mine alone. There are
> platform constraints, self-censorship, and the inability to predict future
> concerns as current (lack) of privacy regulations together with near-zero
> network, storage, and processing costs encourage an unlimited and growing
> number of data brokers and aggregators.
>
>
>
> Bottom line, any digital content scheme that makes surveillance more
> efficient will be abused by the powerful under the current or foreseeable
> conditions. See: https://en.wikipedia.org/wiki/Pre-crime
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FPre-crime&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499769867%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=rqbx5agc9IzgsHbnZjlElCl0NeTrRJH1gI8EphDBPxw%3D&reserved=0>
>
>
>
> - Adrian
>
>
>
> On Thu, Sep 2, 2021 at 12:49 PM Leonard Rosenthol <lrosenth@adobe.com>
> wrote:
>
> Adrian – great question!
>
>
>
> If you take a photo that you wish to share with friends on Facebook, then
> you are making a statement that you want that image associated with you
> including being known as the author/photographer of that image…so as other
> reshare it, the fact that you took the photo is not lost.  Of course, you
> could just as reasonably choose to not put any information about yourself
> in the image and post it anonymously to some other network – and that would
> be fine too.  The choice is always yours about how much (or how little) of
> your information you choose to share!
>
>
>
> Leonard
>
>
>
> *From: *Adrian Gropper <agropper@healthurl.com>
> *Date: *Thursday, September 2, 2021 at 12:35 PM
> *To: *Steven Rowat <steven_rowat@sunshine.net>
> *Cc: *Leonard Rosenthol <lrosenth@adobe.com>, public-credentials (
> public-credentials@w3.org) <public-credentials@w3.org>
> *Subject: *Re: C2PA Specifications - First Public Draft
>
> DIDs and VCs are burdened by their "self-sovereign" aspirations. "Content"
> may be able to avoid many privacy concerns to the extent it's not linked to
> people. It would be interesting to understand the principal use-cases and
> how C2PA avoids indirect linkage of Content to people.
>
>
>
> - Adrian
>
>
>
> On Thu, Sep 2, 2021 at 12:15 PM Steven Rowat <steven_rowat@sunshine.net>
> wrote:
>
> On 2021-09-01 6:08 am, Leonard Rosenthol wrote:
>
> I’ve been mentioning the work of the Coalition for Content Provenance and Authenticity (C2PA) for a while now, including our usage of W3C Verifiable Credentials.  I am excited to announce that the first public draft of our specification is available for review and comment.  I would welcome the input from this community on how we have chosen to integrate VC’s into our system.
>
> [snip]...
>
> The draft specification can be accessed through the C2PA website<https://c2pa.org/public-draft/> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fc2pa.org%2Fpublic-draft%2F&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499779824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Zxa30O9Bo3bChsJY5QqUIubDEgSIrI2OFsGtjEGl2cE%3D&reserved=0>, and comments will be accepted through a web submission form<https://docs.google.com/forms/d/e/1FAIpQLSevOsvZKHIc_4Dljk7IkoW37mcuItUEV3I6hoUZhR2suxRVPg/viewform> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fforms%2Fd%2Fe%2F1FAIpQLSevOsvZKHIc_4Dljk7IkoW37mcuItUEV3I6hoUZhR2suxRVPg%2Fviewform&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499779824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=SvdzG7qv0U8oq0Eq4VuDBy5cxQty%2BAfadJ8nuVW7EfM%3D&reserved=0> and GitHub<https://github.com/c2pa-org/public-draft> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fc2pa-org%2Fpublic-draft&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499779824%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Hdr9FeOF4Tyo5YWIbAdcgA48MWJqzyztZ1RT0Pe%2Bcfc%3D&reserved=0> until November 30, 2021.
>
> Leonard,
>
> C2PA seems like a very interesting and ambitious project. But after
> scanning through, my take is that it recreates something like DID
> Documents. In other words that it's a parallel project that performs the
> same function, not an extension into new function. Am I off base here, or
> is this true, in your opinion?
>
> I note that you only use DIDs a single time, in section 7.1, the
> Verifiable Credential example. And then right away you specifically note
> about this that DIDs are not necessary for VCs:
>
> "Although the example above and many examples in the W3C Verifiable
> Credentials data model specification use Decentralized Identifiers (DIDs)
> as the value of the id field, DIDs are not necessary for W3C Verifiable
> Credentials to be useful. Specifically, W3C Verifiable Credentials do not
> depend on DIDs and DIDs do not depend on W3C Verifiable Credentials.
> DID-based URLs are just one way to express identifiers associated with
> subjects, issuers, holders, credential status lists, cryptographic keys,
> and other machine-readable information associated with a W3C Verifiable
> Credential."
>
> And that's the only place in this whole, very large, specification, that
> DIDs appear. And VCs themselves, you indicate, are a tolerated add-on, but
> not necessary either for your system (as far as I can determine).
>
> So:
>
> On a continuum of possibility, I'll ask whether you think the C2PA project
> is *closer* to aiming for...
>
> 1. Integrating with DID based provenance systems, so that there can be
> interoperability with DID published data (and formal DID Documents).
>
> or
>
> 2. Creating a document provenance system that has no need for DIDs, so
> that DIDs will be unnecessary and die out, and the functions they're aiming
> for replaced by the C2PA system?
>
>
>
> Steven Rowat
>
>
>
>
>
>
>
>
>
>
>
> C2PA is accepting new members. To join, visit https://c2pa.org/membership/ <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fc2pa.org%2Fmembership%2F&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499789780%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=rLOGsYK4D4wL9DDXA3kWbfkRi8JA3MrSgL%2Bh%2BsLBT8E%3D&reserved=0>.
>
>
>
> About C2PA
>
> The Coalition for Content Provenance and Authenticity (C2PA) is an open, technical standards body addressing the prevalence of misleading information online through the development of technical standards for certifying the source and history (or provenance) of media content. C2PA is a Joint Development Foundation project, formed through an alliance between Adobe, Arm, BBC, Intel, Microsoft and Truepic. For more information, visit c2pa.org <https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fc2pa.org%2F&data=04%7C01%7Clrosenth%40adobe.com%7Ce1410960809548e75acd08d96e69b19f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637662222499789780%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=QzUjUoSJ6JupSvfrdtveNOcGZCTos2ZJCH1mjp29y8I%3D&reserved=0>.
>
>
>
> ###
>
>
>
>
>
>
Received on Friday, 3 September 2021 18:25:30 UTC