[Privsec] a UN charter for digital identity …?

[Ralf Bendrath]

 From the blog of Jerry Fishenden, Microsoft's National Technology Officer 
for the UK: He is writing about an event in London last Sunday, which was 
co-organized by some of our members from APC and Privacy International. 
Very nice development with regards to our "people-centred privacy and 
identity" proposal for the IGF.
I will meet with Karen and Rikke (...and Gus? Are you coming?) in 
Copenhagen over the weekend, and we'll give you an update on where things 
are afterwards.

Best, Ralf

-------- Original Message --------
Subject: [governance] a UN charter for digital identity …?
Date: Tue, 04 Jul 2006 09:23:32 -0400
From: Robert Guerra <rguerra at lists.privaterra.org>
Reply-To: governance at lists.cpsr.org,	Robert Guerra 
<rguerra at lists.privaterra.org>
To: governance at lists.cpsr.org

i'm forwarding the following blog posting of interest to the list.

Comments expressed are that of the author, and not mine. Please contact
him directly with any comments you might have.

regards

Robert

--

http://ntouk.com/?view=plink&id=161

a UN charter for digital identity …?
4 July 2006

I suspect my Saturday afternoon was somewhat different to most people's
this last, football-crazed weekend. It was spent discussing various
Internet-related topics with the United Nations’ Markus Kummer and
others at the LSE’s Old Theatre. The event brought together an
interesting, diverse group of people from different perspectives and
backgrounds drawn from around the world – all focused on addressing
issues that prevent the Internet realising its true potential.

The LSE’s Old Theatre has a rich history. It has witnessed a wide range
of events, from recent appearances by the likes of Bill Clinton to
acting as the rehearsal venue in the second world war for the
entertainment gangs that went out to entertain our troops (remembered
with a small, typically modest plaque as you enter the theatre).

The event was held to help determine the events and sessions for
discussion at the UN’s Internet Governance Forum (IGF) in October, which
came out of the WSIS in Tunisia. I was invited to speak on a panel
talking about the importance of privacy and security issues. I spoke
about the need for them to be viewed as two aspects of the same problem
– echoing a theme I’ve been concentrating on for some time about finding
the right balance between public policy, technical design and citizen
benefit.

I ran briefly through the issues that continue to blight the Internet
due to the missing identity layer and how we have ensured that privacy
design is a pillar of equal status to security in Microsoft’s
trustworthy computing initiative. In the time available (highly focused
because of a certain international sports event later that afternoon ) I
could only touch upon the importance of the work being done by Kim
Cameron and many others around addressing these identity issues.

The session provoked a range of interesting questions and comments and I
was left wishing there had been more time to discuss the principles of
the work we’ve been doing across the industry around identity in more
detail. Maybe another time …

There was however a clear consensus on the need for some firm proposals
for the IGF to consider when it meets later this year in Athens. My
proposal was that the UN at the IGF should take for one of its workshop
streams the seven laws of identity and aim to work its way through these
to determine an optimal set of technology policies in this critical
area. Whilst this might not become a formal “UN charter for digital
identity”, it would at least formalise this important work and help
recognise its significance.

When we look at issues such as spam, phishing and pharming and all the
other problems that blight the Internet, it’s important that the UN’s
IGF looks at the issues that cause these problems. Many of them come
back to the missing identity layer: hence the importance of the work
that Kim and many others from the identity gang and beyond have been
doing. We’re already seeing industry right across the board get behind
the identity metasystem and InfoCard principles.

It would be great to see the UN and the IGF recognising the importance
and value of this work and reflecting the ideas behind the seven laws in
the proposals that eventually emerge from their deliberations. That
might of course start as an investigation into the problems of spam and
phishing. As Markus pointed out when I was discussing the issues raised
informally with him after the event, spam in countries with low
bandwidth is not just a nuisance, it’s a high economic cost too, chewing
up bandwidth that could be better used for productive purposes. I
mentioned to him the 3 billion plus spam emails that we block a day in
Hotmail and likewise what a phenomenal waste of resource this is that
could be doing something productive.

It's important that we work across the industry with policy makers and
society to tackle these issues: the UN's IGF could become a useful
crucible for debating and making progress.

I’m keen, as the meeting agreed, that the IGF engages too with the real
issues that underlie such problems: and which could block the Internet’s
true potential. Identity, and the issues it in turn raises around
privacy and security, seems to me as a good a focus as any we might hope
for.

I look forward to constructive, productive debates and outcomes at these
sessions in Athens in October.