ID-Legal 07-01-08 Call

Attendees

 * Mary
 * Bob
 * Kaliya
 * Nick
 * Lucy

Agenda

 * Does this sound like what we said last week (reviewing section by section)
 * Do we still believe it
 * What are our goals
 * ID-Legal_Charter

Notes on initial Draft
Additions:

Urgency

STUPID PEOPLE RUSHING TO OUR COLLECTIVE DOOM

Add some urgency - articulate oncoming issues
 * behavioral targeting
 * information gathering practices
 * softness around policy around data in social networks
 * what level of ISP data capture is possible
 * data portability - desire to connect and what happens when you do
 * society of self surveillance
 * Rights and responsibilities

Is there digital citizenship - do we have rights in this large scale digital experiment - netizen ethical and moral rights in this realm and not reflected in law.

Where are you? How do you know your jurisdiction? (Like being on the 680 in Boston and being arrested on the 15 in LA. Not just going speeding.)
 * Opt in Opt out
 * transparency of contracts when a user signs into a service


 * you can kill a technology with bad sociological issues - MSFT Passport


 * Third party provider is where things get sticky

A lot of decisions are going to get made or not made in the next 2-3 years either lots of regulation, or it will run a muck. It would be great to see the tech and legal community and interested others get together and raise the BAR and design our structures for the future - what would best practices look like rather then slam into whatever we hit.

Digital 911. Very meshy network sending information back. Geolocation privacy (IETF GeoPriv) app-Loopt

Draft:

Problem definition There is a lack of cross pollination between the legal community and technical community innovating digital identity systems.


 * laws not in sync with technology - creating friction (e-signature)
 * Tech comes out disruptive and the law doesn't know how
 * New Laws coming out - creating uncertainty back into technology markets.

Additions:


 * who is responsible for adjudication in matters of digital identity (accountability, privacy laws, identity rights)
 * Legal frameworks don't address tech deployment in a global context

Draft:

We need to create a space for collaboration to understand
 * what does the law really think 'an identity is' (depends on context: Homeland Security/travel vs financial vs criminal?)
 * what do technologist mean when they use language describing identity and the technology they are building.

"THE LAW" needs to needs to evolve Solove's thesis the law needs to carefully evolve to handle notions of reputations and identity in the online world.

Additions:

WHAT WE ARE GOING TO DO
 * make better laws that
 * make better technologies to avoid this out of syncness

Understanding what in a legal framework asserting an identity means in different legal contexts.


 * eg/ Sweedish example
 * Limited Liability Persona
 * Constitution in Costa Rica - virtual persona rights.

Legal identity Reputation preceding us


 * 3rd Party Broker (Identity provider and Identity Oracle) legal rights and responsibility


 * discus legal and technical aspects of things like identities but are not identities.

draft:

Individuals and Businesses have a joint interest in an identity system that allocates risk and rewards in a socially optimal way.

addition:

If we had done this in the past things would have worked out better in other places why don't do this before the problem occurs.

HISTORICAL MESS-UPS - need articulation
 * digital signature example
 * copyright and DRM
 * surveillance wire-tap
 * MSFT with passport

Who additions/mentions on this call

 * retained/in house legal council
 * governance ICT regulation framework in Europe
 * Activity commercially here
 * kids online
 * credit reporting agencies
 * TJMax
 * UI - UX is really Important

Goals/Good outcomes
Better LAW and Better Technologies

articulating potenially good out comes to the 'urgency' list if we had the conversation sooner.

learn lessens before rather then after having a disaster. spinning out use-cases and being proactive and protecting for them.

Are there hard stops between current design of identity technologies and law.

Likely biggest conflict right now - the whole dataportability is a good start.
 * Facebook sense
 * exspunge data from google (viewing habbits, retreival and other use) and move it somewhere else

What is public space and what is private space online.
 * The social issues
 * revelation in one context does not mean revelation in another

challenge with the digital space to much and to little context - few context cues for choosing appropriate behavior - transparency and user-comprehension is key How you can provide technological transparency - legal transparency.

UI - UX is really Important

Next Actions

 * Bob doing another draft articulating the need/purpose of the event(s)


 * Judi and Look here Web 2.0 and the Law


 * Jeff add folks on the current CC for e-mail to the mailing list


 * Everyone: Review Identity Commons ID-Legal_Charter to so we can improve
 * those inclined are welcome to join the IC Community mailing list which is where the IC stewards talk about the overall organization and community.


 * Looking ahead - Kaliya to consider event options dates etc.