Identity Trust Charter

Name
Identity Trust

(Note: charter and effort under development)

The purpose of this Charter has always been to focus attention on the need to increase access to the controls that manage an individuals own information. Both Consent and Notice are the primary tools online used to legally control and administer the flow and maintenance of information online. Legally informed consent is required in many jurisdictions for the capture and use of sensitive and personal information. On May 25 2011 changes to the EU Electronic Communications Framework come into effect. In addition, the NSTIC (National Strategy for Trusted Identities in Cyberspace) a US Whitehouse driven effort is under development. Now that formal efforts are underway internationally to develop trusted use of identity online a standard for the quality of consent will be needed to augment any future regulatory efforts.

Purpose
At this time people are not able to clearly understand what privacy and control they have over their own identity information especially online. This means that trust is obstructed in the use of digital identity services. While Regulators and Enterprise come to an understanding of what forms of regulation should be in place this charter is placed here to inspire technical mechanisms for people to track consent online and to manage consent after it is given. Inspiring ways for Enterprise to further open their policy notices with tools to manage consent and provide more meaningful choices.

Currently these are the common Enterprise Consent Models for Identity Management (which have had little development in the digital information age.)

* Implied Consent * Opt-IN * Opt-IN with conditions * Opt-Out * Opt Out with exceptions

These common Enterprise models have developed over time in accordance with regulation and consumer demand. These are applied in an ad-hoc manner and are limited in their ability to manage informed consent. Increase in consent management for Users greatly increases the friction in the user experience and increases session drop rates. This has led to minimizing of consent management in the user experience which greatly effects the quality of informed consent online. Addressing the need for greater quality consent online is a critical issued for developing trust and privacy online. An issue at the core of identity management.

Practices
The effort is intended to consist of posting points of interest to the list, discussing ideas and research pertaining to the advancement of notice and consent management. Anyone can participate.

identitytrust@googlegroups.com

At this time there are a lot of efforts in the space of identity management online. This charter calls for more focused discussion = on the core issues of consent and the use of notices in the control of information.

Related WG's:

ISWG - Information Sharing Work Group (Kantara Initiative and Identity Commons)

NSTIC-WG - National Strategy for Trusted Identities in Cyberspace (Identity Commons)

PFWG - Privacy Framework Sub-Work Group of the P3WG - Privacy and Public Policy Work Group (Kantara Initiative)

OIX WG - Open Identity Legal Analysis Work Group (Open Identity Exchange)

UMA - User Managed Access (Kantara Initiative)

Related Mailing Lists:

TBD

Requirements of Participation and How to Join
The discussion is open to people who would like to contribute to developing the management of consent and digital notices online.

Anyone may contribute and comment at any time.

[if you are interested in more information or a private chat send an email to [identitytrust@gmail.com]]

Licenses and/or Restrictions on Usage of Work Product
Conversations on the list are private to the list. Permission must be granted by the author to republish. The contents of the wiki are licensed under Creative Commons 3.0 Attribution license http://creativecommons.org/licenses/by-nc-sa/3.0/

Dependent on participation and volunteers/sponsorship, collaborative discussion and analysis will be summarised and disseminated for use in other projects.

The work product of this group is shared under Creative Commons License 3.0 this means.

You are free:

* to Share — to copy, distribute and transmit the work * to Remix — to adapt the work *

Under the following conditions:

Attribution — You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work).

Attribute this work: Information What does "Attribute this work" mean? The page you came from contained embedded licensing metadata, including how the creator wishes to be attributed for re-use. You can use the HTML here to cite the work. Doing so will also include metadata on your page so that others can find the original work as well. *

Noncommercial — You may not use this work for commercial purposes. *

Share Alike — If you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

With the understanding that:

* Waiver — Any of the above conditions can be waived if you get permission from the copyright holder. (Which is this working group Identity Trust) * Public Domain — Where the work or any of its elements is in the public domain under applicable law, that status is in no way affected by the license. * Other Rights — In no way are any of the following rights affected by the license: o Your fair dealing or fair use rights, or other applicable copyright exceptions and limitations; o The author's moral rights; o Rights other persons may have either in the work itself or in how the work is used, such as publicity or privacy rights. * Notice — For any reuse or distribution, you must make clear to others the license terms of this work. The best way to do this is with a link to this web page.

Current Meeting Schedule
There are no meetings scheduled as of yet.

Current Deliverable and Milestones
- Aggregate interest, material and ideas.

- Organize a workshop and a call for papers

Current Membership

 * Mark Lizar
 * Louis Monvoisin

Current Sponsorship
ISPI Clips  brought to this working group by Institute for the Study of Privacy Issues (ISPI)

Current Stewards Council Representative and Alternate
Primary: Mark Lizar Alternate:

This WG effort is also dedicated to the memory of Nick Givotovsky a co-founder.

Current References
W3C Workshops: - Do-Not-track

- [Research on the Relationship between Trust and Privacy in Network Environments] Feng Gao, Jingsha He, Shunan Ma International Journal of Digital Content Technology and its Applications. Volume 5, Number 1, January 2011

[EU Electronics Communication Revisions]

Cofta, Piotr (2007) Trust, Complexity and Control - Confidence in a Convergent World. John Wiley & Sons.

Morrone Adolfo, Tontoranelli, Noemi, and Ranuzzi Giulia (2009) How Good Is Trust? Measuring Trust And Its Role For The Progress Of Societies. Organisation for Economic Co-operation and Development: 38. 6963

History
This work group has been set up to develop a Master Controller Access to Consent Framework which back in 2007 was a long way to describe user centric consent management. This effort has been incubating for 4 years while research and understanding in the fields of Identity and Trust have grown greatly.