- From: Adrian Gropper <agropper@healthurl.com>
- Date: Thu, 14 Mar 2024 15:04:09 +0530
- To: Christopher Allen <ChristopherA@lifewithalacrity.com>
- Cc: Credentials Community Group <public-credentials@w3.org>, Shannon Appelcline <shannon.appelcline@gmail.com>, Wolf McNally <wolf@wolfmcnally.com>
- Message-ID: <CANYRo8i32kwcxMSWMy=QaTLhoEno5ST4LCmjN3PzH92O9S57+A@mail.gmail.com>
Christopher is clearly among the most sophisticated and respected experts on technology and human rights. However, elision and similar approaches to consent, although well-intentioned are not, in my opinion, the thing to focus on because they increase the burden on the individual without clearly presenting a path to easing the burden. People are already overwhelmed by choices they don’t fully understand and so they are abused by passive-aggressive cookie choices, inscrutable privacy policies and proprietary consent intermediaries like Facebook and data brokers. To reverse this anti-pattern, we need to deal with the asymmetry of power between individuals and technology providers as personal data resource servers. To deal with institutional power asymmetry people organize as cooperatives, unions, congregations, and professions. These communities are able to advise and to act as agents and fiduciaries to intentionally deal with powerful corporations and institutions. Standards for digital agency are essential to bringing the power of community through delegated authorization while avoiding yet another vendor lock-in opportunity. Elision, identity, and policy standards are also important but they need to be addressed in the context of delegated authorization if we’re to deal with asymmetric power. At IETF 119 there will be a very brief HotRFC to continue the process leading to chartering a Personal Digital Agent Protocol workgroup https://www.ietf.org/mailman/listinfo/pdap <pdap@ietf.org>. There is also a human rights thread for 119attendees https://mailarchive.ietf.org/arch/msg/119attendees/4CSf6Z7B18b9DbYXCg1GGGjZajk/ Adrian On Thu, Mar 14, 2024 at 07:15 Christopher Allen < ChristopherA@lifewithalacrity.com> wrote: > This Monday morning in Brisbane, Australia (8.30am on Monday 3/18 in > Brisbane, but 10.30pm on Sunday 3/17 in UTC), Blockchain Commons will be > speaking at IETF 119's ALLDISPATCH on some of the privacy and humans rights > consideration that went into the design of Gordian Envelope. > > The IETF has some interesting contradictions in old RFCs (6973 & 8280) > that they wrote on privacy and human rights considerations, but beyond that > their RFCs have become out-of-date and largely they haven't been used in > IETF standards as requirements since their release. > > We need better and more concrete standards to better support privacy and > human rights. Specific to support the data minimization goals of these > RFCs, we've been focusing on deterministic hashed data elision, which > allows any data holder to remove some of the content while still > maintaining full data integrity and authenticity. > > We think Gordian Envelope is a good implementation of deterministic hashed > data elision, and it's one that's neither too traditional nor too > revolutionary. It walks the middle path that's actually required to ensure > that privacy advancements happen. We think it's a better solution than the > salted list of SD-CWT or much newer and more complex technologies such as > BBS and other Zero-Knowledge Proofs. > > But our real goal is not specifically our working proof-of-concept — it is > to ensure that data minimization will be "required", and not just a > "consideration". And beyond that, that the other privacy and human rights > goals that RFCs 6973 & 8280 aspire to, are updated to have concrete > requirements and mandatory features for future standards to conform to. > > If you're attending IETF 119, please consider joining us at the > ALLDISPATCH meeting, 8.30-11.30am 3/18 Brisbane time (Sunday evening for > most of the rest of the world). We are in the sixth slot, which means that > we are most likely to start sometime between 9.45 and 10.15am , depending > on how things are running. > > We'd appreciate your support for privacy and for human rights. > > Some Links: > * Our I-D on the Problem: > https://datatracker.ietf.org/doc/draft-appelcline-hashed-elision/ > * Our ALLDISPATCH Presentation: > https://github.com/BlockchainCommons/Gordian-Developer-Community/tree/master/meetings/2024/03-18 > * Envelope Overview: https://developer.blockchaincommons.com/envelope/ > > Thanks! > > > -- Christopher Allen >
Received on Thursday, 14 March 2024 09:34:26 UTC