- From: Dan Kioria <dan@reliableid.com>
- Date: Tue, 21 Mar 2023 12:16:27 +0300
- To: "Christopher Allen" <ChristopherA@lifewithalacrity.com>
- Cc: "Adrian Gropper" <agropper@healthurl.com>, "Joosten, H.J.M." <rieks.joosten@tno.nl>, "public-credentials" <public-credentials@w3.org>
- Message-Id: <18703749ef2.d77d2979294116.2730687854868615274@reliableid.com>
I'm learning about SSI and I read your ärticle "Principal Authority: A New Perspective on Self-Sovereign Identity" and was quite intrigued. It made me recall ä paper by the late Kim Cameron that I had read earlier titled "The Laws of Identity." I wrote a comparison of the two papers. https://dankioria.com/a-comparison-of-christopher-allens-principles-of-identity-and-kim-camerons-laws-of-identity/ In summary, "Principal Authority" and "The Laws of Identity" significantly differ in areas of focus. In “Principal Authority” Christopher Allen primarily focuses on legal and legislative frameworks behind self-sovereign identity. In “Laws of Identity” Kim Cameron focuses on setting the groundwork for ensuring internet users can interact with a sense of trust, privacy, and security. The recommended solutions are not exactly similar, but they are all geared toward achieving trustworthy, secure, and privacy-preserving digital identity systems. That being said, both papers share several concerns, recommendations, and principles. In hindsight, these are two writers tackling the same problem at different times and circumstances. The digital identity world has made significant leaps since 2005. The late Kim Cameron foresaw most of the challenges that Christopher Allen addresses in his paper. However, Cameron may not have seen the depth of the challenges the same way Christopher Allen saw them 15 years later. Both Principles of SSI and Laws of Identity are focused on protecting the person identified. I feel that most digital identity meta-systems have not adequately considered the needs of relying parties. Once the person identified is protected, who protects the relying parties? Don’t you want to be able to trust the claims and representations made by the other party just as much as you want privacy and anonymity for yourself? And aren’t we all relying parties? Dan Kioria ---- On Wed, 01 Mar 2023 05:19:46 +0300 Christopher Allen <ChristopherA@lifewithalacrity.com> wrote --- Guardianship is closely related to Agency Law, for which there is a start of a legal basis for under Wyoming law. I have an article on this topic that reframes my 10 Self-Sovereign Identity principles under Agency Law, and adds 5 duties & responsibilities: https://www.blockchaincommons.com/articles/Principal-Authority/ ABSTRACT: “For Self-Sovereign Identity (aka #SSI) to truly achieve international success, it needs to not just be embraced by the technological sector, but also to have a basis under law. Wyoming now offers the first definition of personal digital identity in the United States as “the intangible digital representation of, by and for a natural person, over which he has principal authority and through which he intentionally communicates or acts. By saying that a Principal has the ultimate authority to control their digital identity, then that Principal may then delegate their authority under existing fiduciary Laws of Agency and Custom. Wyoming’s digital identity law is the first example of legislation that focuses on using these laws in this way, rather than under Property Law. Principal Authority focuses not just on a single person’s authority to act digitally, but also on their ability to delegate to and require duties from other entities. In other words, these peer-to-peer relationships works within the context of a state who recognizes the concept of Principal Authority. Thus the use of Principal Authority to empower Self-Sovereign Identity provides a legal foothold for many of the original 10 #SSI principles. It also suggests five additional duties that are generally defined under the Laws of Agency to be due from agents to Principals. Wyoming’s definition of personal digital identity helps us to lay more foundation for self-sovereign identity, but it’s still just a starting point. There may be other legal elements that can support this new definition of personal digital identity. These possibilities need to be studied. The Digital Identity subcommittee in Wyoming will continue to work with the state legislature, and welcomes discussions with other states and nations.” KEY EXCERPT: The Duties of Self-Sovereign Agentshttps://www.blockchaincommons.com/articles/Principal-Authority/#the-duties-of-self-sovereign-agents The idea of Principal Authority itself suggests additional duties that were not included on the original list of principles of self-sovereign identity, but which are generally defined in the Laws of Agency to be due from agents to Principals. Specificity. An Agent will use Principal Authority to serve specific tasks as instructed by the Principal, or as required by Custom, and do nothing more with an identity. Responsibility. An agent will serve those tasks with reasonable care and skill, with due diligence, and without further delegation. Representation. An agent will act in the best interests of the Principal, without secret profit, and will not take on other responsibilities that might conflict with that. Fidelity. An agent will serve those tasks in good faith. Disclosure. An agent will maintain accounts and report their actions back to the Principal. Agent duties say that agents will be trustworthy in their use of your identity. These duties are more likely to implicitly be a part of any legislation that was built atop the Laws of Agency. -- Christopher Allen
Received on Tuesday, 21 March 2023 09:16:51 UTC