Today, I’m answering calls from reporters after the SCOTUS vs. Roe
decision. My comments highlight the lack of federal privacy laws as
described in this article.
Yesterday, at Identiverse, I organized a panel “*Human Rights Perspective
on W3C and IETF Protocol Interaction*”
https://identiverse.com/idv2022/session/841489/ that calls out the enhanced
surveillance efficiency from standardized digital credentials compounded by
the tendency to user strong digital credentials like mDL rather than deal
with the burden of clicking GDPR-like selective disclosure boxes.
Here is the protocols sequence that Eve Maler, Justin Richer and I
discussed as a potential mitigation:
A video with my slides and the full discussion will be posted.
Many of the talks and keynotes at Identiverse highlighted the inadequacy of
a simplistic Issuer - Holder - Verifier model. In this triad, the Issuer
and Verifier hold immense and, as the EFF blog post points out, almost
unchecked, power over the holder. For example, Eve Maler’s keynote, at the
start of Thursday Identiverse, discussed the need to add a separate
“service provider” party to the Issuer-Holder-Verifier model. In the
diagram above, this would be the Delegate Server as manager of the resource
owner’s policies.
Adrian
On Fri, Jun 24, 2022 at 2:38 PM Kerri Lemoie <kerri@openworksgrp.com> wrote:
> Thanks, Mike.
>
>
> On Jun 24, 2022, at 1:51 PM, Mike Prorock <mprorock@mesur.io> wrote:
>
> Good topic for CCG discussion and reading on the implications of a lot of
> the tech we are working on:
>
> https://www.eff.org/deeplinks/2022/05/what-companies-can-do-now-protect-digital-rights-post-roe-world
>
> Mike Prorock
> CTO, Founder
> https://mesur.io/
>
>
>
