- From: Deventer, M.O. (Oskar) van <oskar.vandeventer@tno.nl>
- Date: Tue, 24 Oct 2023 08:31:10 +0000
- To: Sebastian Elfors <sebastian.elfors@idnow.io>
- CC: Adrian Gropper <agropper@healthurl.com>, Daniel Goldscheider <daniel@openwallet.foundation>, Credentials Community Group <public-credentials@w3.org>, "technical-discuss@lists.openwallet.foundation" <technical-discuss@lists.openwallet.foundation>, "Bachenheimer, Daniel" <daniel.bachenheimer@accenture.com>, "zeuthen@google.com" <zeuthen@google.com>, "andrewhughes@pingidentity.com" <andrewhughes@pingidentity.com>
- Message-ID: <38644bed40ea4dfda4093e203a35a346@tno.nl>
Sebastian, all, Thanks for that info. It is good to hear about improvement work on the European law. Still, I do not understand how the cited changes in (55) address the issue. As long as the European law does not include some strong negative statements (e.g. “it shall be made technically impossible to …”), the offending parts of the ARF and PID would remain compliant, and it would be left to national governments to remedy. <rant> It amazes me. We have federated identity for decades. We have FIDO2. We have 3GPP SUCI/SUPI. We all know how to technically prevent unwanted/illegal correlations, and how to combine cryptographically-enforced privacy protection with reliable identity matching. What incompetence causes that we continue to have these discussions with our own governments, in particular the European one that introduced GDPR itself? </rant> Anyway, reasons enough to join the OWF Safe Wallet SIG (https://tac.openwallet.foundation/SIGs/safe-wallet/, https://github.com/openwallet-foundation/tac/issues/57, https://github.com/openwallet-foundation/safe-wallet-sig/discussions/7). Best regards, Oskar From: Sebastian Elfors <sebastian.elfors@idnow.io> Sent: dinsdag 24 oktober 2023 09:55 To: Deventer, M.O. (Oskar) van <oskar.vandeventer@tno.nl>; Bachenheimer, Daniel <daniel.bachenheimer@accenture.com>; zeuthen@google.com; andrewhughes@pingidentity.com Cc: Adrian Gropper <agropper@healthurl.com>; Daniel Goldscheider <daniel@openwallet.foundation>; Credentials Community Group <public-credentials@w3.org>; technical-discuss@lists.openwallet.foundation Subject: RE: [technical-discuss] Civil Society Response to TSA mDL Rule Making Oskar, all, Yes, it is correct that the first eIDAS2 proposal that was drafted by the EU Commission in June 2021 included the following statement on ‘unique identification’: “(55) ‘unique identification’ means a process where person identification data or person identification means are matched with or linked to an existing account belonging to the same person.’;” This recital has been heavily critized by several privacy organizations in the EU and the unique identifier even violates the constitution in a number of EU Member States. So recital 55 has been modified as follows in the EU Council eIDAS2 proposal (December 2022): (55) ‘record matching’ means a process where person identification data or, person identification means, qualified electronic attestation of attributes or attestations of attributes issued by or on behalf of a public sector body responsible for an authentic source are matched with or linked to an existing account belonging to the same person.’ And it has been modified even further in the EU Parliament eIDAS2 proposal (February 2023): “(55) ‘identity matching’ means a process where person identification data or person identification means are matched with or linked to an existing account belonging to the same person.’” The exact formulation of recital 55 is currently being negotiated in the eIDAS2 trialogue between the EU Commission, EU Parliament, and EU Council. The final eIDAS2 regulation is expected to be issued in November 2023. Kind regards, Sebastian From: technical-discuss@lists.openwallet.foundation<mailto:technical-discuss@lists.openwallet.foundation> <technical-discuss@lists.openwallet.foundation<mailto:technical-discuss@lists.openwallet.foundation>> On Behalf Of Deventer, M.O. (Oskar) van via lists.openwallet.foundation Sent: Monday, 23 October 2023 11:47 To: Bachenheimer, Daniel <daniel.bachenheimer@accenture.com<mailto:daniel.bachenheimer@accenture.com>>; zeuthen@google.com<mailto:zeuthen@google.com>; andrewhughes@pingidentity.com<mailto:andrewhughes@pingidentity.com> Cc: Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>>; Daniel Goldscheider <daniel@openwallet.foundation<mailto:daniel@openwallet.foundation>>; Credentials Community Group <public-credentials@w3.org<mailto:public-credentials@w3.org>>; technical-discuss@lists.openwallet.foundation<mailto:technical-discuss@lists.openwallet.foundation> Subject: Re: [technical-discuss] Civil Society Response to TSA mDL Rule Making CAUTION: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. All, For your information, the European use of mDL and VC (EUDI wallet, ARF, PID) suffers from similar privacy/abuse/over-identification issues, see https://en.epicenter.works/document/4566. The worst offence is the assignment of a “unique identifier” to each European citizen, which enables colluding verifiers to easily correlate their users. Protection measures that Europe looks into, is “Identified Verifier” and “Authorized Verifier”. That is, after an identification transaction, the citizen has non-repudiable proof when, how and by whom they were identified. And possibly, the transaction fails for non-authorized verifiers. Still very unsure/unclear … Best regards, Oskar From: Bachenheimer, Daniel <daniel.bachenheimer@accenture.com<mailto:daniel.bachenheimer@accenture.com>> Sent: vrijdag 20 oktober 2023 19:11 To: zeuthen@google.com<mailto:zeuthen@google.com>; andrewhughes@pingidentity.com<mailto:andrewhughes@pingidentity.com> Cc: Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>>; Daniel Goldscheider <daniel@openwallet.foundation<mailto:daniel@openwallet.foundation>>; Credentials Community Group <public-credentials@w3.org<mailto:public-credentials@w3.org>>; technical-discuss@lists.openwallet.foundation<mailto:technical-discuss@lists.openwallet.foundation> Subject: RE: [External] Re: [technical-discuss] Civil Society Response to TSA mDL Rule Making The rule to me seems void of defining the underlying principles surrounding the use of this technology “for official purposes”. * How will the holder know that their mDL is being read for official purposes… ONLY because a TSA uniform is being worn by the in-person requester? Will there be any official audits of the transaction “for official purposes” that can be reviewed by the public if needed? How, electronically, will the mDL ecosystem determine, enforce, and penalize improper use of the personal data during the issuance and/or verification processes – including any intermediation (e.g., retention, sharing, breaches)? How will Data subjects be informed of same? We know, for example, that US Passports are easy targets for fraud due to their vulnerability to morph attacks and acceptance of poor quality photos which impacts the Authenticity, Accuracy, and Uniqueness of the identity represented * When mDLs are used “for official purposes”, how will the Issuer, Holder and Verifier be assured that the subject represented is: (1) unique within the target population (and how will that be measured? To what FNIR/FPIR?), (2) that the photo is actually authentic – not simply cryptographically signed by the issuance authority, and (3) of sufficient quality for automated facial recognition? If the mDL is to a proxy for Foundational Identity within the US, I feel we should be able to answer these questions – and many others – especially “for official use”. Thank You, Daniel Bachenheimer Digital Identity Innovations | Technology Lead Office: Arlington, VA | USA Direct: +1 703.947.1659 | Mobile: +1 202.251.7073 Email: daniel.bachenheimer@accenture.com<mailto:daniel.bachenheimer@accenture.com> [cid:image001.jpg@01DA0662.3C4C3580] From: technical-discuss@lists.openwallet.foundation<mailto:technical-discuss@lists.openwallet.foundation> <technical-discuss@lists.openwallet.foundation<mailto:technical-discuss@lists.openwallet.foundation>> On Behalf Of David Zeuthen via lists.openwallet.foundation Sent: Friday, October 20, 2023 12:00 PM To: andrewhughes@pingidentity.com<mailto:andrewhughes@pingidentity.com> Cc: Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>>; Daniel Goldscheider <daniel@openwallet.foundation<mailto:daniel@openwallet.foundation>>; Credentials Community Group <public-credentials@w3.org<mailto:public-credentials@w3.org>>; technical-discuss@lists.openwallet.foundation<mailto:technical-discuss@lists.openwallet.foundation> Subject: [External] Re: [technical-discuss] Civil Society Response to TSA mDL Rule Making CAUTION: External email. Be cautious with links and attachments. Hi, +1 to what Andrew said from someone who's also working on that particular set of ISO groups. And, yes, we could spend bandwidth discussing the merits of various SDOs but, really, that's been all done before, they all have their flaws, and at the end of the day the comparison table might not even help the claim that ISO is the one where it's the most difficult to have your voice heard, just saying :-). I'm here because I want to work with everyone else who wants to make Digital Identity better for people on this planet, not discuss which SDO is my favorite because at the end of the day reaching this goal for sure will require participation in more than just one SDO. This is not to say that we shouldn't encourage SDOs to do better but let's not alienate people in a place that decidedly is SDO-neutral territory. Thanks, David On Thu, Oct 19, 2023 at 7:30 PM Andrew Hughes via lists.openwallet.foundation <andrewhughes=pingidentity.com@lists.openwallet.foundation<mailto:andrewhughes=pingidentity.com@lists.openwallet.foundation>> wrote: Please stop calling ISO processes "closed" in ways that insinuate some nefarious intent. Use a different word. Just because the way that international standardization organization works is not to your liking does not mean that it is inherently "bad". The particular ISO committee you denigrate has gone out of its way to engage and accommodate other communities, within the rules of the organization. We can always do better for sure - but the language used in some of these communities does not inspire a desire to work together. Please don't pick on us just because we are trying to engage - there are other actually closed organizations that have far more influence over you but you don't seem to bother them. Andrew Hughes Director - Identity Standards andrewhughes@pingidentity.com<mailto:andrewhughes@pingidentity.com> Mobile/Signal: +1 250 888 9474<tel:(250)%20888-9474> On Thu, Oct 19, 2023 at 4:07 PM Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>> wrote: Here's my observation of shared goals independent of technical implementations: * We build on top of the VC standard rather than any closed data models and processes. That means we need to understand the goals behind ISO mDL and decide whether we want to influence their closed process or replace mDL with VC as data models? Which way will OWF consensus go? * We build on protocols that put human VCs ahead of any non-human applications. Human VC issue and verification protocols have to deal with biometrics either directly or indirectly. Supply chain and other use-cases do not have any benefit or liability from biometrics. Almost none of the CCG related protocol work has been based on this distinction and the perception that we're barcoding or chipping humans needs to be dealt with sooner or later. Adding privacy features and principles to standards that apply to both people and things may not be an optimal strategy. If OWF does not develop protocols, then where will the open human rights based standards come from? * We recognize that choosing among dozens of VCs, making selections for selective disclosure on some of them, and often using another credential for payment is a burden to the person. Given what we know about human propensity for convenience over privacy, how likely is it that platforms will evolve to "help" us with these decisions along with surveillance and lock-in? Does OWF have a consensus on how to prevent platform dominance by recognizing the freedom to choose our helpful agents and representatives as a Universal Human Right, not just an option? * We deal explicitly with the reality that DHS border guards, law enforcement, and maybe the TSA will reserve and routinely exercise their right to "call home" and to verify witnessed biometrics no matter what privacy principles we build into the open wallet protocols. The argument that allowing any uses of VCs that call home opens the door for this abuse outside of government use-cases is valid. Nonetheless, does OWF have consensus on how to ensure that calling home can be regulated or technically prevented by design vs. just hoping that non-government verifiers will do the right thing just because they can? These four specific categories of potential consensus are more or less independent. By cross-posting them with the CCG protocol and OWF demonstration discussion groups, I'm hoping to discover a forum for seeking the consensus. Adrian On Thu, Oct 19, 2023 at 4:03 PM Daniel Goldscheider <daniel@openwallet.foundation<mailto:daniel@openwallet.foundation>> wrote: Point well taken. In my mind, they should know that we value their perspective and want to speak with them. If they lack time or interest to talk to us that’s their prerogative of course. Technical standards and solutions come and go. I think it’s useful to agree on shared goals that are independent of technical implementations to have consensus on what we want to achieve before discussing how to get there. All the best, Daniel On 19 Oct 2023, at 12:53, Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>> wrote: Hi Daniel, These four groups are not staffed to participate directly in the kind of work being done in our digital ID communities. As a result, they are almost exclusively reactive, and negative. I myself, am not paid, have never been paid, for working on DIDs and VCs since the beginning. Even so, or maybe because I don't represent a commercial interest, my perspective has been mostly ignored or treated as an annoyance by CCG-related workgroups. I don't know if OWF will be different. Getting ahead of the adoption issue should be the highest priority of OWF and I still don't see an open discussion of who will do that work and how. Interoperability and privacy "principles" are not enough. Adrian On Thu, Oct 19, 2023 at 3:36 PM Daniel Goldscheider <daniel@openwallet.foundation<mailto:daniel@openwallet.foundation>> wrote: Hi Adrian, I had already reached out to EFF and ACLU before this came out and completely agree with you. We should do try to engage with all 4. Ideally I’d love to get to their support for open interoperable wallets and explore if we can agree on privacy principles as well. Would you be willing to talk to EPIC and suggest a conversation? All the best, Daniel On 19 Oct 2023, at 12:20, Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>> wrote: Thanks, Kaliya! The comment also mentions Open Wallet Foundation so I'm cross-posting. I have worked with all four of the signing organizations over the years and am on the EPIC Advisory Board. It would be useful, maybe essential, to consider their concerns and get ahead of the next round of mandates and adoption issues. Adrian On Thu, Oct 19, 2023 at 1:12 PM Kaliya Identity Woman <kaliya@identitywoman.net<mailto:kaliya@identitywoman.net>> wrote: Hi Folks, This was just shared with me and I wanted the list to see it. The ACLU, EFF, Center for Democracy and Technology, and EPIC (Electronic Privacy Information Center) collaborated on a response to the proposed rule-making by TSA re: mDL. https://www.eff.org/document/10-16-2023-aclu-eff-epic-comments-re-tsa-nprm-mdls<https://urldefense.com/v3/__https:/www.eff.org/document/10-16-2023-aclu-eff-epic-comments-re-tsa-nprm-mdls__;!!OrxsNty6D4my!9L5vw4BuWBoHTcbGfkzOefSaLaf7IoKL-UspS9Yak0dRWUh-k5vaS34vd2At8EQ_mexhLJ0pmy8ErafaTz76ramnXZ-Ozaoa9Ftk05aCAeS1IQIHxjLh$> They mention Verifiable Credentials several times and urge the TSA to slow down to ensure the best most privacy enhancing options can be chosen as things continue to mature rather then rush forward. It shows that engaging with and educating civil society groups who are interested and tracking technology developments is a good thing. - Kaliya CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. -- David Zeuthen | zeuthen@google.com<mailto:zeuthen@google.com> | Google | Android Hardware-Backed Security ________________________________ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security, AI-powered support capabilities, and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy. ______________________________________________________________________________________ www.accenture.com<http://www.accenture.com/> This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. TNO accepts no liability for the content of this e-mail, for the manner in which you use it and for damage of any kind resulting from the risks inherent to the electronic transmission of messages. _._,_._,_ ________________________________ Links: You receive all messages sent to this group. View/Reply Online (#206)<https://lists.openwallet.foundation/g/technical-discuss/message/206> | Reply To Sender<mailto:?subject=Private:%20Re:%20Re%3A%20%5Btechnical-discuss%5D%20Civil%20Society%20Response%20to%20TSA%20mDL%20Rule%20Making> | Reply To Group<mailto:technical-discuss@lists.openwallet.foundation?subject=Re:%20Re%3A%20%5Btechnical-discuss%5D%20Civil%20Society%20Response%20to%20TSA%20mDL%20Rule%20Making> | Mute This Topic<https://lists.openwallet.foundation/mt/102067342/7464479> | New Topic<https://lists.openwallet.foundation/g/technical-discuss/post> Your Subscription<https://lists.openwallet.foundation/g/technical-discuss/editsub/7464479> | Contact Group Owner<mailto:technical-discuss+owner@lists.openwallet.foundation> | Unsubscribe<https://lists.openwallet.foundation/g/technical-discuss/unsub> [sebastian.elfors@idnow.io] _._,_._,_
Attachments
- image/jpeg attachment: image001.jpg
Received on Tuesday, 24 October 2023 08:31:22 UTC