[MINUTES] CCG Atlantic Weekly 2025-11-18 from meetings@w3c-ccg.org on 2025-11-18 (public-credentials@w3.org from November 2025)

From: <meetings@w3c-ccg.org>
Date: Tue, 18 Nov 2025 17:12:16 -0600
To: public-credentials@w3.org
Message-ID: <CA+ChqYfbE5uwCxdWEeWEx4m8c=681VySgcfA2igimVkuy-UWjQ@mail.gmail.com>
Meeting Summary: CCG Atlantic Weekly - 2025/11/18 Topics Covered:

   - Introduction and Announcements
   - Digital Trust Interoperability Standards between Canada and the EU
   - Kenya's Digital Identity Project (Huma Nima)
   - Canadian Standards and Federal-Provincial Collaboration
   - The Digital Governance Council and Open Standards

Key Points:

   - *Announcements:* Upcoming did unconference Africa in Cape Town
   (February 22nd-24th).
   - *Digital Trust Interoperability:* Keith Jansa, CEO of the Digital
   Governance Council, presented on the progress of establishing
   interoperability between Canadian and EU digital credentials and trust
   services.
   - *Workshop Findings:* High degree of alignment between Canada and EU
   regarding digital credentials and trust services, with no insurmountable
   barriers to interoperability.
   - *Policy vs. Technical Interoperability:* Emphasis on the need for both
   technical and policy interoperability. The key question is under whose
   laws, values, and governance systems the interoperability will operate.
   - *Governance Models:* EU has a regulatory-centric approach, while
   Canada employs a decentralized, consensus-driven model with a focus on
   collaboration.
   - *Mutual Recognition and Functional Equivalence:* The concept of
   functional equivalence, where jurisdictions accept each other's rules, was
   presented as a viable approach.
   - *Use Cases:* Potential use cases for interoperability include B2B
   applications, workplace credentials, travel credentials, and education
   qualifications.
   - *Mutual Recognition Agreement:* A formal Canada-EU mutual recognition
   agreement grounded in the model law is fundamental to achieving
   interoperability.
   - *Assurance and Conformity Assessment:* The need for recognized
   third-party evaluators to provide independent assurance was discussed.
   - *Social Trust and Voluntary Participation:* It was emphasized that
   digital identity in Canada relies on voluntary participation and social
   trust, which differs from the approach in Europe.
   - *Lessons Learned from Kenya:* Failure in Kenya's digital identity
   project (Huma Nima) highlighted the importance of governance and social
   contract.
   - *Next Steps:* The creation of a joint EU-Canada working group for
   legal and technical alignment, and the potential addition of digital
   credentials and trust services to the CETA conformity assessment protocol
   were proposed.
   - *Digital Identity in Canada:* The meaning of digital identity can
   trigger negative perception in Canada, including surveillance concerns.

Text:
https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-atlantic-weekly-2025-11-18.md

Video:
https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-atlantic-weekly-2025-11-18.mp4
*CCG Atlantic Weekly - 2025/11/18 11:58 EST - Transcript* *Attendees*

Alex Higuera, Chris, devxlr8, Dmitri Zagidulin, Erica Connell, Geun-Hyung
Kim, Greg Bernstein, Gregory Natran, Harrison Tang, James Chartrand, Jennie
Meier, Kaliya Identity Woman, Keith Jansa, Mahmoud Alkhraishi, Otto Mora,
Rob Padula, Ted Thibodeau Jr, Tim Bloomfield, Vanessa Xu
*Transcript*

Harrison Tang: Hey, Mamu.

Mahmoud Alkhraishi: Hello. Hi, Harrison. You never Yeah,…

Harrison Tang: Hey, you ready to take over? I think you're hosting today.

Mahmoud Alkhraishi: I'm addicted. Absolutely.

Harrison Tang: No. Hey,…

Erica Connell: Hi everyone.

Erica Connell: Good morning.

Harrison Tang: No, Mamu. I know you got it.

Mahmoud Alkhraishi: Hi everyone. We're just starting in a couple of
00:05:00

Mahmoud Alkhraishi: All welcome everyone and thank you for joining us
today, Tuesday the 18th of November for our CCG call. I know the past month
has been a little bit crazy. we had IEATF. Last week we had TPAC. So, I'm
sure there's a lot of news. but before we get to the news, let's go quickly
through the disclaimer. So just as a reminder, please make sure that you
keep the code of ethics and professional conduct in mind for the CCG. As an
IP note, anyone can participate in the calls. If you're going to be
providing any substantive contributions to the CCG work items, please make
sure that you have signed the full IPR agreements and make sure that you
have signed the community contributor license agreement.

Mahmoud Alkhraishi: so starting out this week, does anyone have any
announcements they would like to make? Anything they want to bring up? Yeah.

Kaliya Identity Woman: Hi. we have the did unconference Africa coming up in
February I think it's the 22nd to the 24th in Cape Town. yeah, that's the
main thing. and…

Mahmoud Alkhraishi: Awesome.

Kaliya Identity Woman: I should also give a heads up that the dates we had
announced on a piece of paper leaving IIW for fall are going to change. But
I'm not going to tell you the real dates until we're 100% done and
announced. So anyways, whatever you read at IW is wrong if you're counting
on

Mahmoud Alkhraishi: Thank you for sharing, That was pretty funny. so our
guest today is Jensa. Keith, do you want to introduce yourself and walk us
through your digital trust interoperability standards at Canada?

Keith Jansa: Happy to so pleasure to see everyone and some familiar names
as well. So great seeing you as well. Keith Jensa here, the chief executive
officer of the digital governance council. what I wanted to share today was
work that we've been doing in relation to Canada and the European Union on
having inter technical interoperability as well as policy interoperability
between digital credentials that are issued in Canada to those that are
issued in Europe and to have them accepted within both jurisdictions.

Keith Jansa: so I'll share my slides here and go into the presentation. All
right. So everybody should be seeing my screen. so just to set the stage in
October of this year a workshop was held between Canadian and European
Union stakeholders. It was a collaboration between the EU delegation to
Canada alongside ourselves at the digital governance council.

Keith Jansa: the meeting was or the workshop was held actually within the
Senate chamber itself in Canada given the emphasis on including policy
makers and industry and experts from both jurisdictions. It was to explore
digital interoperability and mutual recognition between Canada and the EU
ultimately advancing digital cooperation. And if you had seen there was a
EU Canada summit in 2025 that very much spoke to the need to advance
digital cooperation and more specifically within the digital credentials
and digital trust services space.

Keith Jansa: through this workshop it was quite clear with stakeholders
both on the Canadian and EU side that there's a shared belief shared values
between both jurisdictions making it quite fit for deepening those
cooperative relationships specifically around digital credentials and trust
services. that workshop also shared was a study that I helped to author
with the European counterpart looking at digital identity trust services
interoperability between both jurisdictions. so the workshop was built on
sharing those finding and observations.
00:10:00

Keith Jansa: I'll share most with you here today. in relation to what the
study very much found was that there is a high degree of alignment between
the way in which Canada operates and governs credentials and trust services
in relation to the requirements within the model law and similarly within
the EU.

Keith Jansa: We'll get into more of the differences between both of the
jurisdictions, but when comparing both jurisdictions to the model law,
there is certainly common understanding, common compatibility with that
model law. And so, as a finding in the study, there was no insurmountable
legal, technical, or conceptual barriers to interoperability in making that
happen between Canada and the EU in this regard. So when we looked at in
when we looked at the workshop and the stakeholders expressing their
perspectives it was quite clear that interoperability is a strategic
imperative. and what was clear it's not only a technical matter.

Keith Jansa: as alluded to earlier, it's very much a policy one as well,
given that the rules that govern the approaches around the way in which we
are interoperable shapes sovereignty, economics, and the rights of peoples
within both of the jurisdictions. this is a quote shared during the
workshop on empires. Once built railways, today they built algorithms. And
so it's highlighting much of the geopolitical stakes involved in
relationships between jurisdictions and kind of current state and certainly
within Canada and the kind of trade tensions that we're facing with the US
and as are other parts of the world.

Keith Jansa: it was a key highlight the way in which we're operating in
physical kind of tangible versus the intangibles we're needing to very much
look at our sovereignty and our strategic approaches moving forward. The
key question was not whether systems can interoperate but under whose laws,
values and governance. Now when it comes to the Canadian and EU governance
models associated to digital credentials and trust services the EU very
much structured regulatory centric down approach where you have EIAS the
digital services act as examples of how these rules underpin the way in
which technologies and

Keith Jansa: and organizations operate. Whereas in Canada, when you look at
digital credentials and trust services and when I refer to trust services,
I'm referring to things like digital repositories, registries, digital
wallets, these kinds of applications. in Canada, it's a decentralized
consensus driven approach that's rooted in a federation and a
collaboration. So Canada having provinces and territories with their
respective jurisdictions and the federal as well with theirs and where
their powers rests. the approach in Canada is not as centralized in regard
to the rules that are governing the approaches to credentials and trust
services. It really depends on the application and for what purpose.

Keith Jansa: and highly focused on a collaborative consensus driven
approach through national standards that are underpinning those frameworks.
so unlike the EU with a law specific to digital identity, there is no
federal law in Canada in relation to that subject area. The workshop did
emphasize that there's a need for reprocity transparency and domestic
accountability. And what I mean by this is that it's one thing to be
interoperable by agreeing to another person's rules. It's quite another to
accept each other's rules for what they are. and the fact that the
objectives between rules in one jurisdiction versus rules in another are
achieving those same ends.
00:15:00

Keith Jansa: So the fact that the values between the EU and Canada are
quite similar whether it's around having privacy preserving technologies to
digital rights and freedoms that the approaches to achieve those ends can
be different and a need for reparity between jurisdictions to assert the
sovereign jurisdictions that they is necessary. given so that both
jurisdictions have the right to govern their appropriate approaches. What
we're articulating and articulated in the study is that having this
reperity where you're accepting the others as equivalent is a concept that
I'll get into a little bit more as we go through the presentation.

Keith Jansa: The study as well as the workshop very much discussed what are
those central use cases that could be derived advanced between the
jurisdictions to establish the interoperability or to demonstrate the
interoperability between the jurisdictions. there was very much a support
around endorsing pilots kind of having these living laboratories for
interoperability. And then from there there was a variety of use cases that
were shared during the workshop as to what potentially would be fit for
purpose between jurisdictions.

Keith Jansa: what became quite clear through those discussions is that B2B
businessto business kind of applications associated with credentials and
kind of workplace oriented applications of credentials and trust services
were seen as the least contentious and potentially the most impactful for
early pilots to demonstrate that interoperability. versus necessarily
looking at very citizen centric kind of applications more from a B2B. There
was certainly also an articulation that around travel credentials and
education professional qualifications as a potential area that very much
makes sense between the two jurisdictions. interestingly enough, from a
Canadian perspective, mobile driver's license was one that was shared as a
potential use case.

Keith Jansa: But when you look at the European model versus the Canadian
model, Canada and the various provincial jurisdictions recognize driver's
license as a piece of ID that can assert certain attributes about an
individual whether they're of the age of majority and things of that
nature. Whereas in the Europe it's quite clear that driver's license is
simply a privilege to drive a vehicle. it's not a form of identity. So it
became an area that was discussed while at the same time recognizing
asserting the driver's license as a form of identity in Canada can be used
but in Europe not so much.

Keith Jansa: So how do you create again for that policy interoperability
where you can recognize and accept a form like a driver's license in those
contexts was something that was certainly discussed. The conversation also
geared toward mutual recognition and kind of those legal pathways. So not
only looking at technical interoperability but that policy
interoperability. There was a call during the workshop and certainly
supported within the study that a formal Canada mutual recognition
agreement grounded in that use central model law is something that's
foundational and fundamental to achieving the ends and having that sort of
interoperability that would make for value back to the respective
organizations.

Keith Jansa: the aim ultimately to ensure the legal effect of identity
systems and trust services across jurisdictions. So the fact that the legal
effect in Europe or in Canada that those effectively being accepted and in
many ways recognized between jurisdictions creating that legal certainty
that's necessary for having a credential accepted from Canada into Europe
as well as electronic signatures so that's more of what and establishing
the leagu legality and the acceptance kind of framework around credentials
and trust services. How you get there and how you ultimately have that
trust to be able to accept was also a conversation and discussion and part
of the study and looking at conformity assessment and assurance mapping.
00:20:00

Keith Jansa: so a need was expressed that having recognized third-party
evaluators sometimes referred to as conformity assessment bodies or
certification bodies across both regions would be necessary to provide this
third party independent assurance associated with the technologies, the
controls. the organizations that potentially are issuing or verifying
holding the respective data credential data there's a need in relation to
achieving that interoperability around the assurance.

Keith Jansa: So the EIDAS levels of the levels of assurance articulated in
Canada's national standard as well as the public sector profile of the
panadian trust framework in Canada have different levels of assurance that
tying those together and where there's equivalency is a necessary need in
order to again establish the sort of interoper ability necessary to achieve
the acceptance of credentials across the jurisdictions and recognizing that
in this and having third party independent verification associated that it
can ensure transparency and regulatory confidence and public trust in
relation to those technologies and those controls.

Keith Jansa: the other concept within the study and discussed during the
workshop was around functional equivalence. So it's one thing to have
mutual recognition. I can accept the way in which you approach things. So
let's say Canada could mutually recognize the European approach to issuing
a credential. And likewise, Europe could do the same where it accepts what
Canada does in relation to the rules that are set out in both
jurisdictions. So in other words, mutual recognition could be that I'm
going to mutually recognize in Europe a Canadian credential that's issued
according to European law and requirements. So you're still following the
rules that are governing that specific jurisdiction for its application.

Keith Jansa: Whereas when we're talking about functional equivalents, we're
talking about having a jurisdiction accept the rules of the other
jurisdiction in relation to issuing that mutual recognition is again where
let's say Europe accepts a Canadian credential that was issued using the
legal requirements that are established in Europe. having functional
equivalence is where Europe would accept the credential in Canada based on
Canadian requirements. So this concept of mutual recognition doesn't
require identical systems having functional equivalence means that there's
equivalency between the insur the assurance and the reliability of the
result.

Keith Jansa: so this was seen very much as a practical pathway to continue
to have sovereign jurisdictions assert their approp associated rules and
approaches that have the trust of their respective citizens, residents and
stakeholders. and doesn't need harmonization between those frameworks.
given that as I mentioned earlier the top- down approach regulatorydriven
approach of the European model versus the decentralized federated approach
in Canada very very different to harmonize those two systems into one
system is a non-starter quite frankly.

Keith Jansa: So having mutual recognition but coupling that with functional
equivalence that you as a jurisdiction are achieving the same ends as I
would expect within my jurisdiction. and similarly vice versa. And so this
underpins essentially the feasibility associated to Canada EU mutual trust
arrangements to create for these ends. And so to go a little bit further
and to drill down a little bit more as we look to trust and sovereignty and
kind of the public mandate associated with technical trust and of itself is
insufficient I should say. it's really the social trust that's essential.
Certainly in Canada there are concerns in relation to misinformation and
narratives that are framing digital identity as a threat.
00:25:00

Keith Jansa: This is not an experience so much in the European context. the
words digital identity often used in Europe. It's a faux paw to use the
words digital identity in Canada. given the negative framing associated
there is a strong movement of individuals that see digital identity as less
privacy preserving as though it is chips in the back of your neck and state
surveillance over you as an individual.

Keith Jansa: so the understanding associated to this technology and these
approaches is something that not all have a common understanding of and
that certainly was a piece of the conversation that very much was part of
that workshop and again articulated within the study and hence why the
European approach in Canada would be insufficient to be able to establish
the social trust trust necessary to have a freedom to operate around the
issuance of digital credentials or trust services. likewise, I would
imagine the Canadian model in a European context would not work either. So
this need for functional equivalence comes true just in relation to the
framing of what is being achieved.

Keith Jansa: And unlike in places in Europe where it's becoming more
mandatory in relation to in Canada, the only way this will succeed in any
way is by voluntary participation. And there needs to be audibility and
there needs to be meaningful consent of individuals that actually want to
leverage this technology and these uses for achieving certain ends but by
no way being mandatory. So again a difference between the systems as well
as to the level of trust in the social contract that individuals are
placing in their respective governments andor public private institutions.

Keith Jansa: terms of lessons learned and what was discussed again in the
workshop is that some lessons and key takeaways with respect to Kenya's
approach were discussed and used as an example of how failed governance can
quash digital identity projects and approaches despite having the
technology and the ability to be interoperable. there was certainly an
emphasis around the room that's the necessity for public engagement is
necessary to again help with the disinformation campaigns underway.

Keith Jansa: there were Canadian senators in the room as well that were
sharing that not a week goes by without receiving emails in relation to
digital identity to them and the fact that there are a number of
individuals saying let's not go there. and then finally the Canada's
federated standardsbased model was seen as inclusive and resilient to be
able to achieve some of that. I'll stop here noting that I have a hand up.
So Harrison please

Harrison Tang: Yes, I'm actually by the way great talk so far. I'm actually
not familiar with the Kenya's Huma Nima collapse, right? do you mind this
is quite interesting, You said the technology is fine but the governance is
actually what caused it. do you mind kind of give us a summary of what
happened? That would be great.

Keith Jansa: You should abs I either way I'm as we go is fine.

Mahmoud Alkhraishi: And sorry Keith, do you want more questions now or
would you rather questions As we go. Okay.

Keith Jansa: What I can do is there is a paper that was done in relation to
that very question Harrison. So what I can do post call is a flip it too
and that can be shared across the community. It provides a great look into
how it wasn't the technology. and quite often in other scenarios the
technolog is there. the challenge at times is that the technology is so
leading that we don't necessarily have all our ducks in a row on ensuring
the appropriate social contracts and whatnot. so moving on and I don't have
too many other slides so certainly if you have further questions comments
would love to hear them. from a policy technical legal alignment.
00:30:00

Keith Jansa: So interoperability is I said earlier it's not simply about
the technology it's about the policies the legislation the standards the
engagement there needs to be a level of interoperability between all of
those in order to to achieve the end goals there was a proposed creation of
a joint EU Canada working group for the legal and technical alignment
associated with I talked about the levels of assurance as an example where
they are different systems.

Keith Jansa: So how are we comparing apples to apples that work needs to be
done in order to establish a level of trust and then there was a notion
around shared middleware layer which is really around that functional
equivalency the processes and assurance associated with given that these
systems of governance that are used in Europe versus in Canada they are
different but they are aiming to achieve similar ends and so if we accept
that as a premise we can certainly advance

Keith Jansa: around the technical interoperability and the policy
interoperability between the systems. now as much as this being proposed
kind of looking forward there was a proposal within the Canadian EU con
context to have digital credentials and trust services as part of the CEDA
conformity assessment protocol. So CEDA is the trade agreement between
Canada and the European Union. within it it has a protocol. That conformity
assessment protocol enables the jurisdictions to issue independent
certifications associated to whichever jurisdiction standards and have
those accepted within each other's jurisdictions.

Keith Jansa: Examples within the conformity assessment protocol are things
like toys and electrical products, these kinds of things. where there can
be a level of acceptance in relation to, Canada issuing a third party
certification associated to a European standard in Canada and having that
accepted into Europe and then vice versa. adding digital credentials and
trust services to that scope. in terms of the product areas that are
covered would create for that mutual recognition piece at least where with
respect to having European conformity assessment bodies test certify
against Canadian standards in order to have European products accepted into
Canada and then vice versa in terms of credentials and trust services.

Keith Jansa: this would ground around the digital trust framework
associated trade architectures. Canada and the EU are quite advanced with
this progressive agreement that it simply needs addition an additional
product coverage to have the kind of multilateral agreement in effect for
issuing of certificates and having those accepted. it effectively extends
the logic of product equivalence into the digital services domain. so
that's certainly a piece. In addition, when it comes to the technical
collaboration priorities, I talked about some of this in terms of mapping
the assurance levels between both jurisdictions. That's work that needs to
be done. continuously updating to reflect evolving technologies and risk
landscape.

Keith Jansa: So having an appropriate approach within the mechanism the
collaborative relationship between the jurisdictions that enables for this
and that with respect to the verification that's issued associated to the
way in which credentials are exchanged that there needs to be an
operational pathway to do that. certainly CEDA provides an enabler if
adding the product coverage to that. but in addition looking at things like
the ISO IEC 17029 methodology which is around validation and verification
versus 17065 which is common practice but more traditional in certification
and has its limitations. I'll leave it there.

Keith Jansa: for next steps and sort of the immediate opportunities as I
talked about earlier citizens, residents within Canada having reservations
with respect to digital identity and so having a shared communication
framework between both Europe and Canada as this work progresses is
necessary. having neutral language ensuring that any sort of work between
the jurisdictions remains a voluntary practice in relation to the
frameworks that are created to enable for credentials to be used and
accepted in each other's jurisdictions.
00:35:00

Keith Jansa: it was encouraged that the political dialogue through the
digital ministerial which is happening early December of this year in
Montreal in Canada would be an opportune time for EU and Canada to have an
arrangement agreed with respect to having additional cooperation and
potentially creating that joint task force to define the equivalency
criteria, the assurance mapping to identify or to articulate areas that are
ripe for pilots whether it's around professional certification,
verification, corporate digital credentials and so forth and recognizing
B2B workplace use cases as kind of the fastest value path to value with the
least contention. so this was discussed as kind of immediate next steps.

Keith Jansa: will, remains to be seen as to whether or not come the G7 and
the EU Canada digital partnership and its first inaugural council meeting
which again was proposed to occur at the same time in December. whether
these things will result but nonetheless the proposed next steps and those
immediate opportunities have been shared with both the European Commission
as well as within Canada's parliament and with members of parliament here
in Canada. And so with that, I will stop and pass things over to you fine
folks if there's any questions, comments, anything you want me to dig a
little deeper in.

Keith Jansa: And I do have that action item to send the Kenya governance
over technology scenario.

Mahmoud Alkhraishi: Thank you, That was wonderful. before I ask my 75
questions, did anybody else have anything they would like to

Keith Jansa: auto please.

Otto Mora: Yeah. No, thank you, Super instructional. I mean, it was great
to see I saw photos of the meeting taking place in the parliament, which I
think is that's great to see that collaboration. I know one of the key
things that the UDI has been criticized for is the privacy preserving
revocation aspects, And then you have the norm phone home and so on. I know
some of the authorities in the various EU countries, the data protection
authorities have been trying to look at privacy preserving forms of
revocation.

Otto Mora: I don't know if that is something that was discussed in this
kind of bilateral meeting if there was any thoughts from the Canadian side
on that.

Keith Jansa: So not specifically the primary aim of the meeting was one to
deepen the collaboration between industry and…

Keith Jansa: and policy makers between both jurisdictions but then to
identify what in fact are the use cases that would be of value to both
jurisdictions. So, it went that far and then how to kind of get there
versus okay, what are all those kind of things we're going to end up
potentially having, contentious areas addressed. The ones that came out in
the meeting, I think I was quite clear in the presentation were really
around the voluntary versus mandatory. That was certainly one that was very
much highlighted as it's just a no-go. And even within that, just the words
digital identity, it's that fundamental of if you want to make this
partnership work, your laws in Europe aren't going to work in Canada. it's
kind of like full stop.

Keith Jansa: However, we care about the same things. So, accepting each
other's approaches to achieve those same ends is an opportunity and one
that can crave for social prosperity between both nations.

Otto Mora: All right. Ready.

Keith Jansa: Who we got? Gregory

Gregory Natran: Hi, thanks.

Gregory Natran: Interesting presentation. I'm in Ottawa. So, I'm just
wanting to confirm when you say Canadian standards because the Canadian
landscape is so fractured between provinces and then an Ottawa and a
federal government that's kind of preoccupied with a pile of other stuff at
the moment.

Gregory Natran: Are you focusing primarily on the PCTF out of DIAK or
another standard coming out of C Canadian Standards which are they
primarily looking at?
00:40:00

Keith Jansa: So given that this is in the international context,…

Keith Jansa: so between Canada and the European Union, it was very much
looked from a federal perspective. so it's from a standardization point of
view it's the digital governance standards institute a standard around
digital trust and identity can DGSI 103-1 that is a reflection of the
public sector profile of the panadian trust framework that was used as part
of the basis in addition to that it was the digital governance standards
institute technical specification 115 around dig

Keith Jansa: digital trust services and digital credentials and that of
course being part of federal procurement at the moment with respect to
Canadian digital service etc.

Keith Jansa: In terms of the provinces and territories they did join
several of the ces as well as a territory joined the workshop.

Gregory Natran: I expect DC would have been there.

Gregory Natran: I expect

Keith Jansa: So they're certainly in the room and in discussion. what has
been shared in this context of what again is the best use cases from a
provinces and territories in terms of what was reflected in the meeting was
really around those professional qualifications pieces and the B2B aspect.

Gregory Natran: Jerry has another one. Okay.

Keith Jansa: So there was support in that relation. when you look at
interoperability when we talk about interoperability between Canada and the
EU I think there are certainly learnings and approaches within the study
that I shared the link to in the presentation that could very well bode
well for provinces and the feds here in Canada because again it's talking
about establishing functional equivalence it in relation to how
jurisdictions are governing their approaches. So in other words, if BC has
a particular way of doing things and the feds have another way of
potentially doing things, if we care about the same things, you can have
Amazing. Amazing. Muhammad, please. Or I'm always sorry. Yes.

Mahmoud Alkhraishi: Hi G, no worries. so first of all, I want to echo your
comments about the specific wording about digital identity, digital trust
and how that works in Canada and how people react to it. There's been a lot
of conversations at DAX specifically about how we word these things and how
we message it. And I know it sounds a little bit weird to other people from
other places, but this is definitely true and it's a real reaction that is
going on. And I want to echo that this is just a case of education, a case
of reaching out to people. So super agree with that statement. how was the
convers so my understanding is your organization is a private organization
not actually a government entity, right?

Mahmoud Alkhraishi: How can other private organizations join in this
conversation? And you mentioned that there's a working group being formed.
Is under what body is that formed? And how can we contribute?

Keith Jansa: A couple things to unpack there. so the digital governance
council is a not for-p profofit that has members that are both public and
private sector entities. So organizations like Canadian digital service
government of entario shared services Canada are members of the digital
governance council in addition to industry. in terms of its standards
committees and Otto you mentioned that TS115 is being updated as well. all
those standards committees by way of the investment from the members into
the council all of that standards work is open by default. So any
stakeholder can engage in that work and to inform the requirements that are
going into these respective standards.

Keith Jansa:

Keith Jansa: I also note that at the same time Chris you mentioned that
these standards groups difficult to entangle. So the digital governance
council and its standards institute are an accredited standard development
organization through standards council of Canada. What that effectively
means is that it's governed under the WTO provisions the world trade
organization provisions with respect to the preparation of standards. What
that does is when it comes to trade agreements around the world and these
applications and approaches, it creates those opportunities where
multilateral agreements through these trade agreements can accept these
standards that are issued in Canada.
00:45:00

Keith Jansa: So it's a fundamental difference when you look at a standards
body that I would say is uppercase S with respect to having the
accredititations versus other bodies industry groups that have lowercase
standards because under those groups they'll be required to create the
multilateral agreements on their own outside of the World Trade
Organization's governance. So it's one thing to be to recognize in relation
to standards that are issued as to what process and effectively under which
governance is are those standards created because under cabinet directives
under trade agreements it is international and national standards that are
recognized as the ones that can achieve the mutual recognition piece. So
you can issue a certificate here in Canada 1031 and have it accepted in
other parts of the world.

Keith Jansa: that's not similarly or true of other lowercase standards
andor frameworks that are in existence in Canada. Something to be mindful
of as you look to your exporting and of that with respect to the working
group in relation to what I described as a proposal that was shared during
the workshop that working group that would be looking at the levels of
assurance would be a working group that would be set within the
jurisdictions.

Keith Jansa: So it would be the federal government and the European
Commission that would effectively establish that working group and create
the appropriate mechanism for stakeholders to engage in that process. it
wouldn't be through the digital governance council. it's a policy makers
responsibility within the respective jurisdictions to establish that. The
recommendation has been shared in both jurisdictions that such a working
group needs to exist. and the hope is that, with the G7 and the Canada EU
digital partnership council meeting coming up, fingers crossed that it's on
their radar and that it's something that they put together and my hope
would be folks like you on this call would be invited to provide
perspective.

Keith Jansa: Harrison, please. so fundamentally it boils the understanding
of…

Harrison Tang: Yes, thank so I must have missed this important detail, but
can you clarify again what is the difference between Canadian and EU's
interpretation or definition of digital identity that caused the Canadian
framework hard to work in EU and vice versa?

Keith Jansa: what digital identity is for those experts within Europe to
Canada is a common understanding. It's the words themselves digital
identity together paired together in Canada have reservations within the
citiz within citizens and residents in Canada. And so it's kind of a
non-starter. So now when it comes to the approaches and the kind of
legislative approach in the EU rsus the consensusbased collaborative
approach in Canada through a federated model again the differences when you
compare them to the model law of Matrol there aren't many differences in
our barriers.

Keith Jansa: it's highly aligned. but when you're trying to compare the
laws in Europe to the consensus approaches in Canada, it's not an easy kind
of onetoone relationship. We had to use a model law to elevate that
conversation to be able to connect things together. because jurisdictions
in Canada it's decentralized across different provinces and…

Keith Jansa: territories and the federal government whereas in Europe so
that's where the fundamental differences come in.

Harrison Tang: Sorry. yeah,…

Harrison Tang: I live in United States, so I'm not familiar with Canadian
perspectives and laws. I'm just curious what does Canadian think of when
the word digital and identity combines? can you go into that detail a
little bit further? why are there reservations around this digital identity
concept? Yeah.

Keith Jansa: Yeah. Yeah. the thought is that it's not privacy preserving
and will result in state surveillance. Big brother would be watching over
me. getting chips in the back of your neck is a common phrase used as
though the government is controlling every movement and aware of everything
that you're doing which in turn results in you not getting value from that
relationship.
00:50:00

Keith Jansa: Of course, those that are experts in the field understand that
it actually gives you more privacy, gives you more value. you can provide
attributes associated to your identity versus showing your full driver's
license to get, liquor at the liquor store. but that common understanding
among lay persons in Canada, It's not there. and it's translated into a lot
of noise.

Keith Jansa: And of course, when there's a lot of noise, your politicians
tend to take a step back.

Gregory Natran: I thought Keith…

Gregory Natran: if I can just share a personal experience that might
illustrate this.

Keith Jansa: Please, please.

Gregory Natran: Canada Revenue Agency, which is the Federal Taxation
Agency, like a re IRS, had a system set up where you could instead of
having a sign-in credentials for the tax system, you could use your banking
credentials, your financial issue credentials and it uptake was low and we
started doing some investigation into why basically people didn't really
understand how it worked and they were assuming

Gregory Natran: ing that if they use bank credentials to log into the tax
system, the Canada Revenue Agency would have full and unfettered insight
into their banking information, which of course they didn't want. none of
that was true. but that's the kind of misinformation and unfamiliarity with
the technology that floats. So it's not unlike there's a segment in the
Canadian population that has the same kind of conspiracy theories as you
see in the United States.

Gregory Natran: that I think are less pronounced in the EU. And I see Keith
is nodding, so it sounds like he's familiar with the

Keith Jansa: Quite familiar. it's unfortunate because it's quite the
opposite that you're aiming to realize and as experts in the field it's
really unfortunate because it would provide greater value back to Canadians
but we got to get over that hump. I

Keith Jansa:

Mahmoud Alkhraishi: So my understanding is that identity is a provincial
level thing. It is not on the federal level. how do you expect the process
to work where federal level negotiates an agreement with the EU and you
expect it to be something that's going to be ratified by each province? Do
you expect it to be something? and I'm sorry I don't know exactly how this
works with my lawyer, but my understanding is every provincial government
is rolling out their own identity system,…

Mahmoud Alkhraishi: Do you expect these to be mandated to be interoperable
or how do you think this is going

Keith Jansa: Yes. …

Keith Jansa: just on the first point that you raised saying identity is a
provincial jurisdiction it is in relation to birth certificates. it is not
when it comes to immigration status cards. which fundamentally those are
the two foundational identity documents that Canadians have. Everything
else derives from those. so whether it is a driver's license, as much as we
use it as a form of identity, it's not a foundational identity piece. It
was derived from a foundational identity and it's that foundational
identity that is both a federal with respect to immigration and provincial
with respect to birth certificates.

Keith Jansa: So when we talk about the way in which we're deriving identity
from and attributes from and the various systems that are interplayed
between federal and provinces what I am suggesting would make most sense is
that each jurisdiction has its responsibilities and has its appropriate
governance associated. there should be a level of acceptance in relation to
achieving the same outcomes. And so it's no different than what I see with
Europe and Canada. and we've seen this in practice, for example, where the
federal government has accepted Alberta and British Columbia identity
systems in so far as those residents can use their provincial identities in
order to access federal services.

Keith Jansa: similarly I would like to see reproposity where it goes the
other way around. You can use your federal associated identity and
credentials in order to access provincial services. so it is happening in
pockets within the country. I think it's a question of having letters of
acceptance similar to what you would see between Canada and the EU with
respect to the way in which they would effectively govern. do I see
potentially opportunity for provinces to engage directly with let's say
Europe another jurisdiction outside of Canada to establish those
relationships and those arrangements.
00:55:00

Keith Jansa: I think it would be more efficient to leverage through a
federation for the federal government to facilitate. but I'm not of the
view that the federal government in facilitating is the one that's
ultimately controlling and deciding. I think that there are sovereign
jurisdictions in our country and approaches that make sense for their
respective residents and we need to preserve that understanding and those
approaches so long as we all care about the same things whether it's about
having privacy, security, interoperability.

Keith Jansa: So I think there's a way and my hope is that the study as much
as it was geared toward Canada and I said, many of the recommendations, you
could simply replace the European Union for On for British Columbia, and it
should still work and it shouldn't break down. No worries…

Mahmoud Alkhraishi: Thank you so much. Keith, do we have any other
questions for Keith?

Keith Jansa: if there's none. if you do want to get in touch with me, I'll
just put my email in the chat. happy to hear from you. Also if any of the
standards committees any of that work similarly if becoming a member of the
digital governance council is something of interest to engage in these
discussions happy happy to have the chat.

Mahmoud Alkhraishi: Thank you so much, eith. And thank you everyone for
joining us today.

Keith Jansa: Take care.
Meeting ended after 00:57:48 👋

*This editable transcript was computer generated and might contain errors.
People can also change the text after it was created.*
Received on Tuesday, 18 November 2025 23:12:25 UTC