Re: [Kantara - Community] [community] an interesting question
I am not sure if I agree completely... Americans have a history of not trusting government, and as a matter of fact, America was born on the notion of the lack of trust in government. The media uses that to sell their product. But, Identity should not be treated as a government issue, nation issue, but a user-centric issue in an Internet connected world (global). Each user is the owner of their identity and each user should have the ability to provide the information that they want to provide when they engage in an Internet transaction (sharing information included) and maintain the anonymity when desired. NSTIC was misrepresented by the mainstream media, but the root of the issue is the name. We cannot have a Nation-centric identity eco-system in a global Internet. One of the beauties of the Internet is the lack of borders. A global initiative where governments, the private sector and user communities as interested parties build the trust framework and use some or one of the current trust framework initiatives out there. And I am not suggesting that NSTIC is necessarily nation-centric, but the name leads to that believe. I also believe that the misrepresentation of the media is actually a good thing. This will not necessarily "kill" the initiative it will improve it and maybe even "globalize it" as I have suggested. So, let's keep the conversation going... :) ----- Original Message ----- From: Tony Rutkowski Sent: 01/12/11 08:43 AM To: Drummond Reed Subject: [community] an interesting question The treatment of personal IdM in the U.S. is shaped in substantial measure by a messaging by the media and lobbying community that conveys a hostility to government - some of it extreme - where the government is always painted in negative terms. It is a perspective almost unknown elsewhere in the world. That perspective is reflected in some of the NSTIC dialogue last week. Has the calculus changed by recent events? --amr ____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net For all list information and functions, see: http://lists.idcommons.net/lists/info/community
And I'll disagree with you, Frank. The US conspiracy wackos on both the left & right will tar and feather any commercial enterprise which adapts the NSTIC as government lackeys, aided and abetted by the mainstream media. Vide Twitter, PayPal, Amazon, Visa, MasterCard, et al in the wake of the WikiLeaks fiasco. And if there were a futures market in wackos I'd suggest heavily investing... -dave On 1/12/2011 9:18 AM, Frank Wray wrote:
I am not sure if I agree completely... Americans have a history of not trusting government, and as a matter of fact, America was born on the notion of the lack of trust in government. The media uses that to sell their product.
But, Identity should not be treated as a government issue, nation issue, but a user-centric issue in an Internet connected world (global). Each user is the owner of their identity and each user should have the ability to provide the information that they want to provide when they engage in an Internet transaction (sharing information included) and maintain the anonymity when desired.
NSTIC was misrepresented by the mainstream media, but the root of the issue is the name. We cannot have a Nation-centric identity eco-system in a global Internet. One of the beauties of the Internet is the lack of borders. A global initiative where governments, the private sector and user communities as interested parties build the trust framework and use some or one of the current trust framework initiatives out there. And I am not suggesting that NSTIC is necessarily nation-centric, but the name leads to that believe.
I also believe that the misrepresentation of the media is actually a good thing. This will not necessarily "kill" the initiative it will improve it and maybe even "globalize it" as I have suggested.
So, let's keep the conversation going... :)
----- Original Message -----
From: Tony Rutkowski
Sent: 01/12/11 08:43 AM
To: Drummond Reed
Subject: [community] an interesting question
The treatment of personal IdM in the U.S. is shaped in substantial measure by a messaging by the media and lobbying community that conveys a hostility to government - some of it extreme - where the government is always painted in negative terms. It is a perspective almost unknown elsewhere in the world. That perspective is reflected in some of the NSTIC dialogue last week. Has the calculus changed by recent events? --amr
____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net
For all list information and functions, see: http://lists.idcommons.net/lists/info/community
Agree with Frank. Identity is a Human Right. A right to exist. The only
governing body who can do something about that is the UN but they seem to be
busy with other sorts of things and also seem to take a long time over
topics.
I would vote for the Right of Identity on the same level as Right of
integrity of the body and the Right to speak freely: Constitution. This will
spur the legislation for as far as it is needed since it will be reactive to
events.
Best Regards,
Wilfried Rijsemus,
Program Manager Enterprise Communities/Community Strategist
wrijsemus@cordys.com
www.cordys.com
T +31 341 375473 • M +31 6 10 890 572
CORDYS – Improving Business Operations
*
*
On Wed, Jan 12, 2011 at 3:18 PM, Frank Wray
I am not sure if I agree completely... Americans have a history of not trusting government, and as a matter of fact, America was born on the notion of the lack of trust in government. The media uses that to sell their product.
But, Identity should not be treated as a government issue, nation issue, but a user-centric issue in an Internet connected world (global). Each user is the owner of their identity and each user should have the ability to provide the information that they want to provide when they engage in an Internet transaction (sharing information included) and maintain the anonymity when desired.
NSTIC was misrepresented by the mainstream media, but the root of the issue is the name. We cannot have a Nation-centric identity eco-system in a global Internet. One of the beauties of the Internet is the lack of borders. A global initiative where governments, the private sector and user communities as interested parties build the trust framework and use some or one of the current trust framework initiatives out there. And I am not suggesting that NSTIC is necessarily nation-centric, but the name leads to that believe.
I also believe that the misrepresentation of the media is actually a good thing. This will not necessarily "kill" the initiative it will improve it and maybe even "globalize it" as I have suggested.
So, let's keep the conversation going... :)
----- Original Message -----
From: Tony Rutkowski
Sent: 01/12/11 08:43 AM
To: Drummond Reed
Subject: [community] an interesting question
The treatment of personal IdM in the U.S. is shaped in substantial measure by a messaging by the media and lobbying community that conveys a hostility to government - some of it extreme - where the government is always painted in negative terms. It is a perspective almost unknown elsewhere in the world. That perspective is reflected in some of the NSTIC dialogue last week. Has the calculus changed by recent events? --amr
____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net
For all list information and functions, see: http://lists.idcommons.net/lists/info/community
____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net
For all list information and functions, see: http://lists.idcommons.net/lists/info/community
I have been following this thread from the other side of the pond. An interesting and ongoing debate but I maintain that ‘I’ am the ONLY entity who owns my identity and it changes and morphs as I grow and continually add experiences. Now, I can keep this completely private as long as my ambition is to sit on a mountain top and hummm! If I want to engage with a community or society of any kind then I need to share or exchange it. All I want is to be able to chose what bits, at what time, for what reason and with whom I share it – the same things that I do with my cash. And, like my money, I want a record of these events. What I don’t want is any organisation, public or private, passing it on without my knowledge or consent. If government-centric then it will be designed and used for their benefit. If individual –centric the it can be ‘under my control, with my consent, for my benefit’. See http://blog.grahamsadd.com/ Regards Graham Graham Sadd Chairman & CEO Trusted Relationship Management T: +44 (0) 1628 510777 M: +44 (0) 7958 056171 E: graham.sadd@paoga.com mailto:graham.sadd@paoga.com W: www.paoga.com B: blog.grahamsadd.com http://blog.grahamsadd.com/ From: community-request@lists.idcommons.net [mailto:community-request@lists.idcommons.net] On Behalf Of Frank Wray Sent: 12 January 2011 14:18 To: trutkowski@netmagic.com; Drummond Reed Cc: Mary Ruddy; Walsh, Alan J; Rob Marano; community@lists.idcommons.net; community@kantarainitiative.org Subject: Re: [community] an interesting question I am not sure if I agree completely... Americans have a history of not trusting government, and as a matter of fact, America was born on the notion of the lack of trust in government. The media uses that to sell their product. But, Identity should not be treated as a government issue, nation issue, but a user-centric issue in an Internet connected world (global). Each user is the owner of their identity and each user should have the ability to provide the information that they want to provide when they engage in an Internet transaction (sharing information included) and maintain the anonymity when desired. NSTIC was misrepresented by the mainstream media, but the root of the issue is the name. We cannot have a Nation-centric identity eco-system in a global Internet. One of the beauties of the Internet is the lack of borders. A global initiative where governments, the private sector and user communities as interested parties build the trust framework and use some or one of the current trust framework initiatives out there. And I am not suggesting that NSTIC is necessarily nation-centric, but the name leads to that believe. I also believe that the misrepresentation of the media is actually a good thing. This will not necessarily "kill" the initiative it will improve it and maybe even "globalize it" as I have suggested. So, let's keep the conversation going... :) ----- Original Message ----- From: Tony Rutkowski Sent: 01/12/11 08:43 AM To: Drummond Reed Subject: [community] an interesting question The treatment of personal IdM in the U.S. is shaped in substantial measure by a messaging by the media and lobbying community that conveys a hostility to government - some of it extreme - where the government is always painted in negative terms. It is a perspective almost unknown elsewhere in the world. That perspective is reflected in some of the NSTIC dialogue last week. Has the calculus changed by recent events? --amr ____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net For all list information and functions, see: http://lists.idcommons.net/lists/info/community Notice/Disclaimer Internet communications are not secure and the company (PAOGA Limited) does not accept legal liability for the integrity of the contents of this message. This email is confidential and the contents may not be disclosed or used by anyone other than the intended recipient. If you are not the intended recipient and receive this email, please immediately contact the sender at the above location. Whilst PAOGA Limited attempts to sweep email and attachments for viri and other malware. It does not guarantee that either virus or malware-free and PAOGA Limited accepts no liability for any damage sustained as a result of viral or other similar infections. Anyone who communicates with us by email is taken to accept these risks. PAOGA Limited. Registered Office in UK No: 4572417, Registered Office: Moor Place, Moorlands Drive, Pinkneys Green, Maidenhead, Berkshire. SL6 6QS
On 1/12/2011 10:23 AM, Graham Sadd wrote:
An interesting and ongoing debate but I maintain that ‘I’ am the ONLY entity who owns my identity and it changes and morphs as I grow and continually add experiences.
This is obviously a personal strongly held belief. Do you admit that others may have different views and constructs of identity and accommodate them in some fashion? Or is your belief absolute and unyeilding? --tony ps. I lived for some years in Switzerland - which has a long record of strong support for human rights. However, there is a dimension of one's identity that is maintained by commune, canton, and federal levels and accepted as highly desirable - for example for public safety purposes.
This is a strongly held belief but I absolutely agree that others will have different views and that there is a huge majority who are happy to be 'managed'. What I want is to provide alternatives and choice for those who are concerned about privacy. Government will always look for a 'one size fits all' solution which will please nobody. Graham Sadd Chairman & CEO Trusted Relationship Management T: +44 (0) 1628 510777 M: +44 (0) 7958 056171 E: graham.sadd@paoga.com W: www.paoga.com B: blog.grahamsadd.com -----Original Message----- From: Tony Rutkowski [mailto:trutkowski@netmagic.com] Sent: 12 January 2011 15:50 To: Graham Sadd Cc: Frank Wray; Drummond Reed; Mary Ruddy; Walsh, Alan J; Rob Marano; community@lists.idcommons.net; community@kantarainitiative.org Subject: Re: [community] an interesting question On 1/12/2011 10:23 AM, Graham Sadd wrote:
An interesting and ongoing debate but I maintain that ‘I’ am the ONLY entity who owns my identity and it changes and morphs as I grow and continually add experiences.
This is obviously a personal strongly held belief. Do you admit that others may have different views and constructs of identity and accommodate them in some fashion? Or is your belief absolute and unyeilding? --tony ps. I lived for some years in Switzerland - which has a long record of strong support for human rights. However, there is a dimension of one's identity that is maintained by commune, canton, and federal levels and accepted as highly desirable - for example for public safety purposes. Notice/Disclaimer Internet communications are not secure and the company (PAOGA Limited) does not accept legal liability for the integrity of the contents of this message. This email is confidential and the contents may not be disclosed or used by anyone other than the intended recipient. If you are not the intended recipient and receive this email, please immediately contact the sender at the above location. Whilst PAOGA Limited attempts to sweep email and attachments for viri and other malware. It does not guarantee that either virus or malware-free and PAOGA Limited accepts no liability for any damage sustained as a result of viral or other similar infections. Anyone who communicates with us by email is taken to accept these risks. PAOGA Limited. Registered Office in UK No: 4572417, Registered Office: Moor Place, Moorlands Drive, Pinkneys Green, Maidenhead, Berkshire. SL6 6QS
I have been following this thread from the other side of the pond. An interesting and ongoing debate but I maintain that ‘I’ am the ONLY entity who owns my identity and it changes and morphs as I grow and continually add experiences. Now, I can keep this completely private as long as my ambition is to sit on a mountain top and hummm! If I want to engage with a community or society of any kind then I need to share or exchange it. All I want is to be able to chose what bits, at what time, for what reason and with whom I share it – the same things that I do with my cash. And, like my money, I want a record of these events. What I don’t want is any organisation, public or private, passing it on without my knowledge or consent. If government-centric then it will be designed and used for their benefit. If individual –centric the it can be ‘under my control, with my consent, for my benefit’. See http://blog.grahamsadd.com/ Regards Graham Graham Sadd T: +44 (0)1628 510777 M: +44 (0)7958 056171 E: mailto:graham.sadd@btinternet.com graham.sadd@btinternet.com B: http://blog.grahamsadd.com/ blog.grahamsadd.com From: community-request@lists.idcommons.net [mailto:community-request@lists.idcommons.net] On Behalf Of Frank Wray Sent: 12 January 2011 14:18 To: trutkowski@netmagic.com; Drummond Reed Cc: Mary Ruddy; Walsh, Alan J; Rob Marano; community@lists.idcommons.net; community@kantarainitiative.org Subject: Re: [community] an interesting question I am not sure if I agree completely... Americans have a history of not trusting government, and as a matter of fact, America was born on the notion of the lack of trust in government. The media uses that to sell their product. But, Identity should not be treated as a government issue, nation issue, but a user-centric issue in an Internet connected world (global). Each user is the owner of their identity and each user should have the ability to provide the information that they want to provide when they engage in an Internet transaction (sharing information included) and maintain the anonymity when desired. NSTIC was misrepresented by the mainstream media, but the root of the issue is the name. We cannot have a Nation-centric identity eco-system in a global Internet. One of the beauties of the Internet is the lack of borders. A global initiative where governments, the private sector and user communities as interested parties build the trust framework and use some or one of the current trust framework initiatives out there. And I am not suggesting that NSTIC is necessarily nation-centric, but the name leads to that believe. I also believe that the misrepresentation of the media is actually a good thing. This will not necessarily "kill" the initiative it will improve it and maybe even "globalize it" as I have suggested. So, let's keep the conversation going... :) ----- Original Message ----- From: Tony Rutkowski Sent: 01/12/11 08:43 AM To: Drummond Reed Subject: [community] an interesting question The treatment of personal IdM in the U.S. is shaped in substantial measure by a messaging by the media and lobbying community that conveys a hostility to government - some of it extreme - where the government is always painted in negative terms. It is a perspective almost unknown elsewhere in the world. That perspective is reflected in some of the NSTIC dialogue last week. Has the calculus changed by recent events? --amr ____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net For all list information and functions, see: http://lists.idcommons.net/lists/info/community
I have been following this thread from the other side of the pond. An interesting and ongoing debate but I maintain that ‘I’ am the ONLY entity who owns my identity and it changes and morphs as I grow and continually add experiences. Now, I can keep this completely private as long as my ambition is to sit on a mountain top and hummm! If I want to engage with a community or society of any kind then I need to share or exchange it. All I want is to be able to chose what bits, at what time, for what reason and with whom I share it – the same things that I do with my cash. And, like my money, I want a record of these events. What I don’t want is any organisation, public or private, passing it on without my knowledge or consent. If government-centric then it will be designed and used for their benefit. If individual –centric the it can be ‘under my control, with my consent, for my benefit’. See http://blog.grahamsadd.com/ Regards Graham Graham Sadd Chairman & CEO Trusted Relationship Management T: +44 (0) 1628 510777 M: +44 (0) 7958 056171 E: graham.sadd@paoga.com mailto:graham.sadd@paoga.com W: www.paoga.com B: blog.grahamsadd.com http://blog.grahamsadd.com/ From: community-request@lists.idcommons.net [mailto:community-request@lists.idcommons.net] On Behalf Of Frank Wray Sent: 12 January 2011 14:18 To: trutkowski@netmagic.com; Drummond Reed Cc: Mary Ruddy; Walsh, Alan J; Rob Marano; community@lists.idcommons.net; community@kantarainitiative.org Subject: Re: [community] an interesting question I am not sure if I agree completely... Americans have a history of not trusting government, and as a matter of fact, America was born on the notion of the lack of trust in government. The media uses that to sell their product. But, Identity should not be treated as a government issue, nation issue, but a user-centric issue in an Internet connected world (global). Each user is the owner of their identity and each user should have the ability to provide the information that they want to provide when they engage in an Internet transaction (sharing information included) and maintain the anonymity when desired. NSTIC was misrepresented by the mainstream media, but the root of the issue is the name. We cannot have a Nation-centric identity eco-system in a global Internet. One of the beauties of the Internet is the lack of borders. A global initiative where governments, the private sector and user communities as interested parties build the trust framework and use some or one of the current trust framework initiatives out there. And I am not suggesting that NSTIC is necessarily nation-centric, but the name leads to that believe. I also believe that the misrepresentation of the media is actually a good thing. This will not necessarily "kill" the initiative it will improve it and maybe even "globalize it" as I have suggested. So, let's keep the conversation going... :) ----- Original Message ----- From: Tony Rutkowski Sent: 01/12/11 08:43 AM To: Drummond Reed Subject: [community] an interesting question The treatment of personal IdM in the U.S. is shaped in substantial measure by a messaging by the media and lobbying community that conveys a hostility to government - some of it extreme - where the government is always painted in negative terms. It is a perspective almost unknown elsewhere in the world. That perspective is reflected in some of the NSTIC dialogue last week. Has the calculus changed by recent events? --amr ____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net For all list information and functions, see: http://lists.idcommons.net/lists/info/community Notice/Disclaimer Internet communications are not secure and the company (PAOGA Limited) does not accept legal liability for the integrity of the contents of this message. This email is confidential and the contents may not be disclosed or used by anyone other than the intended recipient. If you are not the intended recipient and receive this email, please immediately contact the sender at the above location. Whilst PAOGA Limited attempts to sweep email and attachments for viri and other malware. It does not guarantee that either virus or malware-free and PAOGA Limited accepts no liability for any damage sustained as a result of viral or other similar infections. Anyone who communicates with us by email is taken to accept these risks. PAOGA Limited. Registered Office in UK No: 4572417, Registered Office: Moor Place, Moorlands Drive, Pinkneys Green, Maidenhead, Berkshire. SL6 6QS
On 12 January 2011 15:35, Graham Sadd
What I don’t want is any organisation, public or private, passing it on without my knowledge or consent.
In order to achieve this you have to make DRM work - and persuade everyone you interact with to use the hardware required for DRM. Both seem to be impossible.
Trust requires a 2-way interaction and there are considerable benefits
to organisations, public and private, from sharing the load of Personal
Information Management with the subject. Given that appropriate
authentication and Verification procedures are followed then there are
mutual advantages in a record being accurate and up-to-date, reduced
costs and automatic legal compliance among them.
Graham Sadd
Chairman & CEO
Trusted Relationship Management
T: +44 (0) 1628 510777
M: +44 (0) 7958 056171
E: graham.sadd@paoga.com
W: www.paoga.com
B: blog.grahamsadd.com http://blog.grahamsadd.com/
From: Ben Laurie [mailto:benl@google.com]
Sent: 12 January 2011 15:58
To: Graham Sadd
Cc: Frank Wray; trutkowski@netmagic.com; Drummond Reed; Mary Ruddy;
Walsh, Alan J; Rob Marano; community@lists.idcommons.net;
community@kantarainitiative.org
Subject: Re: [community] an interesting question
On 12 January 2011 15:35, Graham Sadd
On 12 January 2011 16:49, Graham Sadd
Trust requires a 2-way interaction and there are considerable benefits to organisations, public and private, from sharing the load of Personal Information Management with the subject. Given that appropriate authentication and Verification procedures are followed then there are mutual advantages in a record being accurate and up-to-date, reduced costs and automatic legal compliance among them.
I do not dispute this, but you should not ask for the impossible: "What I don’t want is any organisation, public or private, passing it on without my knowledge or consent.". You cannot prevent this. You can penalise people who do, but you can't prevent it.
*Graham Sadd***
Chairman & CEO
[image: paoga document header]
*Trusted Relationship Management*
*T:* +44 (0) 1628 510777 tel:+441628510777
*M:* +44 (0) 7958 056171 tel:+447958056171
*E:* graham.sadd@paoga.com
*W:* www.paoga.com
*B:* *blog.grahamsadd.com*
*From:* Ben Laurie [mailto:benl@google.com] *Sent:* 12 January 2011 15:58 *To:* Graham Sadd *Cc:* Frank Wray; trutkowski@netmagic.com; Drummond Reed; Mary Ruddy; Walsh, Alan J; Rob Marano; community@lists.idcommons.net; community@kantarainitiative.org
*Subject:* Re: [community] an interesting question
On 12 January 2011 15:35, Graham Sadd
wrote: What I don’t want is any organisation, public or private, passing it on without my knowledge or consent.
In order to achieve this you have to make DRM work - and persuade everyone you interact with to use the hardware required for DRM. Both seem to be impossible.
*Notice/Disclaimer*
Internet communications are not secure and the company (PAOGA Limited) does not accept legal liability for the integrity of the contents of this message. This email is confidential and the contents may not be disclosed or used by anyone other than the intended recipient. If you are not the intended recipient and receive this email, please immediately contact the sender at the above location.
Whilst PAOGA Limited attempts to sweep email and attachments for viri and other malware. It does not guarantee that either virus or malware-free and PAOGA Limited accepts no liability for any damage sustained as a result of viral or other similar infections. Anyone who communicates with us by email is taken to accept these risks.
PAOGA Limited. Registered Office in UK No: 4572417, Registered Office: Moor Place, Moorlands Drive, Pinkneys Green, Maidenhead, Berkshire. SL6 6QS
I agree you cannot prevent it as in a 100% guarantee, but privacy aware technical design and the use of pseudonymity can make it darn hard and potentially not worth the effort .... vs. legal interception for example...
But that's a different realm - law enforcement. It's not user centric identity management. you design so these two cannot intersect.
Cheers
Colin
From: community-bounces@kantarainitiative.org [mailto:community-bounces@kantarainitiative.org] On Behalf Of Ben Laurie
Sent: Thursday, 13 January 2011 6:01 a.m.
To: Graham Sadd
Cc: community@kantarainitiative.org; Frank Wray; community@lists.idcommons.net; trutkowski@netmagic.com; Rob Marano
Subject: Re: [Kantara - Community] [community] an interesting question
On 12 January 2011 16:49, Graham Sadd
Generallly this is what I and some others have been describing
as the problem of "Privacy Beyond First Disclosure"... That is:
- One way to express it is to say that privacy is not the same as
secrecy... I can achieve secrecy by keeping everything to myself
- [viz. "There's no such thing as a shared secret".... ;^)] but
privacy is actually about how I retain control over data which I
disclose.
- At one level, as Bob Blakley put it, you cannot control the
narrative which others construct about you. To that extent you
have to accept that total privacy cannot co-exist with social
interaction. Even a hermit can't stop other people gossiping
about him.
- If you try to retain control over disclosed data by technical
means alone, then as Ben said below, it implies a working and
ubiquitous DRM infrastructure - which is neither technically
realistic nor (probably) socially desirable. The opportunities
such an infrastructure would create for abuse might well outweigh
the potential privacy-related benefit.
- Realistically, a privacy architecture would have to consist,
then, of a combination of technical and non-technical measures...
In other words, part of your privacy protection will come from
factors such as contractual provisions and legal recourse.
- I think that for those factors to work, the technology layer
has to do a better job of providing an audit trail which is
transparent to the right stakeholders, and which introduces a
real possibility of accountability.
- I suspect that something DRM-like has a role to play in that
architecture, if only in the form of something analogous to
watermarking. In other words, if I give my address to two online
merchants and one of them passes it on, against my will, to a
third party, I really neeed to be able to tell which is the leaky
merchant.
Hope this helps -
Robin
On Thu, 13 Jan 2011 12:12 +1300, "Colin Wallis"
Robin, Excellent. You've captured important parts of the essence of the situation. One way to think about watermarking your, for ex. email address: you will provide a different email address (or a different 'handle' or 'identifier') to each merchant. This abstraction mechanism will permit the audit of leaks, because the handles that refer to your real email address will each function just as the real email address would, but will permit auditability and the ability to track leaks to their source. Other pieces of the puzzle include authentication and non-repudiation of each side of each transaction, in parallel with privacy and auditability. Authentication should not compromise privacy. Non-repudiation assists with audits. regards, rich On 15/1/11 6:48 AM, Robin Wilton wrote:
Generallly this is what I and some others have been describing as the problem of "Privacy Beyond First Disclosure"... That is:
- One way to express it is to say that privacy is not the same as secrecy... I can achieve secrecy by keeping everything to myself - [viz. "There's no such thing as a shared secret".... ;^)] but privacy is actually about how I retain control over data which I disclose.
- At one level, as Bob Blakley put it, you cannot control the narrative which others construct about you. To that extent you have to accept that total privacy cannot co-exist with social interaction. Even a hermit can't stop other people gossiping about him.
- If you try to retain control over disclosed data by technical means alone, then as Ben said below, it implies a working and ubiquitous DRM infrastructure - which is neither technically realistic nor (probably) socially desirable. The opportunities such an infrastructure would create for abuse might well outweigh the potential privacy-related benefit.
- Realistically, a privacy architecture would have to consist, then, of a combination of technical and non-technical measures... In other words, part of your privacy protection will come from factors such as contractual provisions and legal recourse.
- I think that for those factors to work, the technology layer has to do a better job of providing an audit trail which is transparent to the right stakeholders, and which introduces a real possibility of accountability.
- I suspect that something DRM-like has a role to play in that architecture, if only in the form of something analogous to watermarking. In other words, if I give my address to two online merchants and one of them passes it on, against my will, to a third party, I really neeed to be able to tell which is the leaky merchant.
Hope this helps -
Robin On Thu, 13 Jan 2011 12:12 +1300, "Colin Wallis"
wrote: I agree you cannot prevent it as in a 100% guarantee, but privacy aware technical design and the use of pseudonymity can make it darn hard and potentially not worth the effort …. vs. legal interception for example…
But that's a different realm - law enforcement. It's not user centric identity management. you design so these two cannot intersect.
Cheers
Colin
From:community-bounces@kantarainitiative.org [mailto:community-bounces@kantarainitiative.org] On Behalf Of Ben Laurie Sent: Thursday, 13 January 2011 6:01 a.m. To: Graham Sadd Cc: community@kantarainitiative.org; Frank Wray; community@lists.idcommons.net; trutkowski@netmagic.com; Rob Marano Subject: Re: [Kantara - Community] [community] an interesting question
On 12 January 2011 16:49, Graham Sadd
mailto:graham.sadd@paoga.com> wrote: Trust requires a 2-way interaction and there are considerable benefits to organisations, public and private, from sharing the load of Personal Information Management with the subject. Given that appropriate authentication and Verification procedures are followed then there are mutual advantages in a record being accurate and up-to-date, reduced costs and automatic legal compliance among them.
I do not dispute this, but you should not ask for the impossible: "What I don’t want is any organisation, public or private, passing it on without my knowledge or consent.". You cannot prevent this. You can penalise people who do, but you can't prevent it.
Graham Sadd
Chairman & CEO
paoga document header
Trusted Relationship Management
T:+44 (0) 1628 510777 tel:+441628510777
M:+44 (0) 7958 056171 tel:+447958056171
E: graham.sadd@paoga.com mailto:graham.sadd@paoga.com
W:www.paoga.com http://www.paoga.com
B:_blog.grahamsadd.com http://blog.grahamsadd.com/_
From:Ben Laurie [mailto:benl@google.com mailto:benl@google.com] Sent: 12 January 2011 15:58 To: Graham Sadd Cc: Frank Wray; trutkowski@netmagic.com mailto:trutkowski@netmagic.com; Drummond Reed; Mary Ruddy; Walsh, Alan J; Rob Marano; community@lists.idcommons.net mailto:community@lists.idcommons.net; community@kantarainitiative.org mailto:community@kantarainitiative.org
Subject: Re: [community] an interesting question
On 12 January 2011 15:35, Graham Sadd
mailto:graham.sadd@paoga.com> wrote: What I don’t want is any organisation, public or private, passing it on without my knowledge or consent.
In order to achieve this you have to make DRM work - and persuade everyone you interact with to use the hardware required for DRM. Both seem to be impossible.
_Notice/Disclaimer_
Internet communications are not secure and the company (PAOGA Limited) does not accept legal liability for the integrity of the contents of this message. This email is confidential and the contents may not be disclosed or used by anyone other than the intended recipient. If you are not the intended recipient and receive this email, please immediately contact the sender at the above location.
Whilst PAOGA Limited attempts to sweep email and attachments for viri and other malware. It does not guarantee that either virus or malware-free and PAOGA Limited accepts no liability for any damage sustained as a result of viral or other similar infections. Anyone who communicates with us by email is taken to accept these risks.
PAOGA Limited. Registered Office in UK No: 4572417, Registered Office: Moor Place, Moorlands Drive, Pinkneys Green, Maidenhead, Berkshire. SL6 6QS
==== CAUTION: This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you. ==== _______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
Robin Wilton +44 (0)705 005 2931
_______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
-- regards, rich Richard Fetik, CISSP - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 831 531 4072 fetik@data-confidential.com Data Confidential - Intelligent Security for a Digital World
Thanks Rich -
Yes, that's a good example. My daughter once signed up to a mail
order catalogue and gave her Title as "Sheriff". It worked well
for one mail-order company.
Beyond that, it can become a problem of 'persona management', as
you try to remember which identifiers you have assigned to which
service provider. The other occasional problem is those service
providers (online) who don't let you pick your own identifier...
But the principle is a good one, which boils down to is
management of multiple pesudonyms.
Then there's the issue of applying the same principle to
disclosures of data other than identifiers...
Yrs.,
Robin
On Sat, 15 Jan 2011 13:02 -0800, "Richard Fetik"
I quote:
- Realistically, a privacy architecture would have to consist, then, of a combination of technical and non-technical measures... In other words, part of your privacy protection will come from factors such as contractual provisions and legal recourse.
A non-technical measure could also include a user sourced vendor reputation system. Could leverage existing orgs, http://datalossdb.org/, into a technical framework. Analogous to consumer reports for privacy policies.
From: community-bounces@kantarainitiative.org [mailto:community-bounces@kantarainitiative.org] On Behalf Of Robin Wilton
Sent: Saturday, January 15, 2011 6:48 AM
To: Colin Wallis; community@kantarainitiative.org
Subject: Re: [Kantara - Community] [community] an interesting question
Generallly this is what I and some others have been describing as the problem of "Privacy Beyond First Disclosure"... That is:
- One way to express it is to say that privacy is not the same as secrecy... I can achieve secrecy by keeping everything to myself - [viz. "There's no such thing as a shared secret".... ;^)] but privacy is actually about how I retain control over data which I disclose.
- At one level, as Bob Blakley put it, you cannot control the narrative which others construct about you. To that extent you have to accept that total privacy cannot co-exist with social interaction. Even a hermit can't stop other people gossiping about him.
- If you try to retain control over disclosed data by technical means alone, then as Ben said below, it implies a working and ubiquitous DRM infrastructure - which is neither technically realistic nor (probably) socially desirable. The opportunities such an infrastructure would create for abuse might well outweigh the potential privacy-related benefit.
- Realistically, a privacy architecture would have to consist, then, of a combination of technical and non-technical measures... In other words, part of your privacy protection will come from factors such as contractual provisions and legal recourse.
- I think that for those factors to work, the technology layer has to do a better job of providing an audit trail which is transparent to the right stakeholders, and which introduces a real possibility of accountability.
- I suspect that something DRM-like has a role to play in that architecture, if only in the form of something analogous to watermarking. In other words, if I give my address to two online merchants and one of them passes it on, against my will, to a third party, I really neeed to be able to tell which is the leaky merchant.
Hope this helps -
Robin
On Thu, 13 Jan 2011 12:12 +1300, "Colin Wallis"
Agreed - in fact, if you already use browser plugins like
Netcraft, you're exercising that principle. As you point out, the
right technology has to be in place, if a resource like
datalossdb is to be converted into a practical risk mitigation
tool for the average user (or their app or browser).
The non-technical risk mitigation comes into play too: for
instance, if I launch a service based on an app which includes a
built-in check against datalossdb, do I perhaps satisfy some
regulatory requirement or make my business insurer feel more
comfortable...?
Yrs.,
Robin
On Mon, 17 Jan 2011 12:01 -0800, "Turner, Greg"
I do not dispute this, but you should not ask for the impossible: "What I don’t want is any organisation, public or private, passing it on without my knowledge or consent.". You cannot prevent this. You can penalise people who do, but you can't prevent it.
I believe that we should ask for the impossible, as it is the only way to know the limits of the possible... I therefore believe that 1) we can prevent the passing of personal data without our (prior) knowledge or consent 2) we should not be able to prevent the passing of personal data without our (prior) knowledge or consent Well, that doesn't seem very consistent, but isn't consistency one of the lowest forms of intelligence... Preventing: in a trust architecture where all data is at one place and one place only, by default, the passing of data being done through pointers to the source and not a through a copy, only trusted parties can access the source through policy enforcement points (PEP). If A trusts B and not C, and if B gives C a pointer to A data, C won't be able to read it. Of course, B can take a screenshot and send it to C but then A can pretend that it is a fake, exclude B from his/her circle of trust. End of story. In such an architecture, it is the right to access the source that gives credibility to the claim. So, even if someone sends unauthorised data, a trust architecture provides the conditions for plausible deniability —or file a legal complain based on the violation of one's personal data policy. Not preventing: there are some claims in relation to personal data control that, if implemented, would be equivalent to *digital lobotomy*, or to *my very personal big brother*. If I send (a pointer to) a personal photo to a friend, and if tomorrow I decide that I don't like this photo anymore and erase it from my computer, I have no right to force my friend to forget about the photo if she made a copy in a personal album. I can ask her, but I can't force her. Ibid. if this friend wants to send it to one of her friends that I don't know or even don't trust: she can of course take a screenshot of the photo (or make a copy, depending on my policies) and send a link to this screenshot whithout having to ask me for any form of authorisation. My friends have a right to their own intimacy, so I don't need/want to control everything they do with the information I provide them with. Making the information public would be another matter, but there are circumstances where this would be perfectly legitimate as well. One possible solution to the prevention/non-prevention dilemma is a better understanding of the nature of identity. And to understand it, we need to get away from the confusion generated by ICT engineers and policy makers for whom identity=identifier. OpenID, SAML etc. are only interested in the identification *of* people and do not address the issue of identification *to* (and against) people, which is central to the process of identity construction. We also need to get away from the confusion between personal data and identity: one should be able to fully control one's personal data, but there is no way one can fully control one's identity: identity is a social construction which includes self-identity (Giddens) and identity through others (Laing). Someone's identity can't be isolated within a set of attributes under one's control. Identity is social, hence distributed in a network of trusted and not-trusted relationships —the people and organisations we do not trust also contribute to our identity. *Identity theft* is a misnomer as it is often nothing more than *identifier theft* —full identity theft, like the one described in Despair, a Nabokov's novel, is rare. To steal one's identity would require stealing all social relationships within the boundaries of that identity —and one has multiple identities, as parent, employee, customer, drag queen, accountant, entrepreneur, liberal, etc. Authentication and authorisation processes that would exploit the multi-dimentional properties of one's identity could provide more reliable outcomes than those based on simple, mono-dimentional identifiers... In such a world, everyone becomes an identity provider, and today's specialised identity providers (IDP) such as national ID providers are one among millions in a 'society of IPDs', or what I call an 'Internet of Subjects.' It should not be difficult to compute one's social surface, the trustworthiness of the 'surface' in relation to other known 'surfaces', one's worthiness within that surface, etc. Identity, like reputation, is contextual. Being distrusted by one group could be a good indicator that one should be trusted by another group (the enemies of...), so we need to support positive as well as negative identification —and double negative... This could be achieved by an identity centric internet (ICI) based on a clear functional separation between storage of personal data, under personal control, and the services creating/exploiting it. We need to achieve with personal data what we have just started with public data: free them from the application/service/organisational silos to put an end to the ever increasing fragmentation of our personal data. We need to call for the abolition of personal data slavery. Serge Ravet PS: a first step towards the separation of personal data from services could be the call for the split of Facebook into Baby Faces, like what was done with the split of Bell into Baby Bells in the 80s... Free our Data Now! Support the Internet of Subjects Manifesto! ---------------------------------------- tel +33 3 8643 1343 mob +33 6 0768 6727 Skype szerge www.iosf.org www.eife-l.org ----------------------------------------
At the risk of oversimplifying, the overarching goal is to make it possible
for legally-binding transactions to take place between parties via a
user-driven digital claims verification system. Getting governments (whose
primary purpose is to regulate and determine what is legal) to agree and
perhaps participate in such a system would be a tremendous leap forward --
similar to adopting/enforcing common traffic rules that enabled individuals
(and companies) to own and operate motor vehicles. Within the U.S., NSTIC is
the best proposal so far.
However, John Poindexter, the NSA, the CIA, the Patriot Act, RealID, etc.
(to name a few) have "poisoned the well" of trust with previous attempts to
build centralized digital information systems to allow the government to
know more about citizens than citizens know about the government.
The obstacles are huge. We not only have to convince legislators to act
without giving in to 'special interests', but also convince a rightfully
skeptical citizenry that NSTIC actually might make things better.
We can't afford to screw this up, and we can't afford to wait and let nature
take its course. IMHO, despotism is likely from either of these
alternatives.
"Perhaps (these) sentiments are not yet sufficiently fashionable to procure
them general favor; a long habit of not thinking a thing WRONG, gives it a
superficial appearance of being RIGHT...But the tumult soon subsides. Time
makes more converts than reason." - Common Sense, Thomas Paine.
On Wed, Jan 12, 2011 at 10:35 AM, Graham Sadd
I have been following this thread from the other side of the pond.
An interesting and ongoing debate but I maintain that ‘I’ am the ONLY entity who owns my identity and it changes and morphs as I grow and continually add experiences.
Now, I can keep this completely private as long as my ambition is to sit on a mountain top and hummm! If I want to engage with a community or society of any kind then I need to share or exchange it.
All I want is to be able to chose what bits, at what time, for what reason and with whom I share it – the same things that I do with my cash. And, like my money, I want a record of these events.
What I don’t want is any organisation, public or private, passing it on without my knowledge or consent.
If government-centric then it will be designed and used for their benefit.
If individual –centric the it can be ‘under my control, with my consent, for my benefit’.
See http://blog.grahamsadd.com/
Regards
Graham
*Graham Sadd***
Chairman & CEO
[image: paoga document header]
*Trusted Relationship Management*
*T:* +44 (0) 1628 510777
*M:* +44 (0) 7958 056171
*E:* graham.sadd@paoga.com
*W:* www.paoga.com
*B:* *blog.grahamsadd.com*
*From:* community-request@lists.idcommons.net [mailto: community-request@lists.idcommons.net] *On Behalf Of *Frank Wray *Sent:* 12 January 2011 14:18 *To:* trutkowski@netmagic.com; Drummond Reed *Cc:* Mary Ruddy; Walsh, Alan J; Rob Marano; community@lists.idcommons.net; community@kantarainitiative.org *Subject:* Re: [community] an interesting question
I am not sure if I agree completely... Americans have a history of not trusting government, and as a matter of fact, America was born on the notion of the lack of trust in government. The media uses that to sell their product.
But, Identity should not be treated as a government issue, nation issue, but a user-centric issue in an Internet connected world (global). Each user is the owner of their identity and each user should have the ability to provide the information that they want to provide when they engage in an Internet transaction (sharing information included) and maintain the anonymity when desired.
NSTIC was misrepresented by the mainstream media, but the root of the issue is the name. We cannot have a Nation-centric identity eco-system in a global Internet. One of the beauties of the Internet is the lack of borders. A global initiative where governments, the private sector and user communities as interested parties build the trust framework and use some or one of the current trust framework initiatives out there. And I am not suggesting that NSTIC is necessarily nation-centric, but the name leads to that believe.
I also believe that the misrepresentation of the media is actually a good thing. This will not necessarily "kill" the initiative it will improve it and maybe even "globalize it" as I have suggested.
So, let's keep the conversation going... :)
----- Original Message -----
From: Tony Rutkowski
Sent: 01/12/11 08:43 AM
To: Drummond Reed
Subject: [community] an interesting question
The treatment of personal IdM in the U.S. is
shaped in substantial measure by a messaging
by the media and lobbying community that conveys
a hostility to government - some of it extreme -
where the government is always painted in
negative terms. It is a perspective almost
unknown elsewhere in the world. That
perspective is reflected in some of the
NSTIC dialogue last week. Has the calculus
changed by recent events? --amr
____________________________________________________________
You received this message as a subscriber on the list:
community@lists.idcommons.net
To be removed from the list, send any message to:
community-unsubscribe@lists.idcommons.net
For all list information and functions, see:
http://lists.idcommons.net/lists/info/community
*Notice/Disclaimer*
Internet communications are not secure and the company (PAOGA Limited) does not accept legal liability for the integrity of the contents of this message. This email is confidential and the contents may not be disclosed or used by anyone other than the intended recipient. If you are not the intended recipient and receive this email, please immediately contact the sender at the above location.
Whilst PAOGA Limited attempts to sweep email and attachments for viri and other malware. It does not guarantee that either virus or malware-free and PAOGA Limited accepts no liability for any damage sustained as a result of viral or other similar infections. Anyone who communicates with us by email is taken to accept these risks.
PAOGA Limited. Registered Office in UK No: 4572417, Registered Office: Moor Place, Moorlands Drive, Pinkneys Green, Maidenhead, Berkshire. SL6 6QS
____________________________________________________________ You received this message as a subscriber on the list: community@lists.idcommons.net To be removed from the list, send any message to: community-unsubscribe@lists.idcommons.net
For all list information and functions, see: http://lists.idcommons.net/lists/info/community
You highlight the different attitudes to Personal Information Management
and Privacy between Europe and the US. Of course government have to have
and hold information about citizens in order to govern but they also
have a duty to protect and keep up-to-date such records. The UK
government have failed to do this with horrendous and repeated instances
of multiple, unsynchronised data silos with life changing errors, 'lost
and stolen' databases and, worse, sharing and selling personal
information to private organisations.
A key role for government departments would be in Verification of
individuals and Certification of data and assertions.
Graham Sadd
Chairman & CEO
Trusted Relationship Management
T: +44 (0) 1628 510777
M: +44 (0) 7958 056171
E: graham.sadd@paoga.com
W: www.paoga.com
B: blog.grahamsadd.com http://blog.grahamsadd.com/
From: Charles Andres [mailto:andres.charles@gmail.com]
Sent: 12 January 2011 16:29
To: Graham Sadd
Cc: Frank Wray; trutkowski@netmagic.com; Drummond Reed; Mary Ruddy;
Walsh, Alan J; Rob Marano; community@lists.idcommons.net;
community@kantarainitiative.org
Subject: Re: [community] an interesting question
At the risk of oversimplifying, the overarching goal is to make it
possible for legally-binding transactions to take place between parties
via a user-driven digital claims verification system. Getting
governments (whose primary purpose is to regulate and determine what is
legal) to agree and perhaps participate in such a system would be a
tremendous leap forward -- similar to adopting/enforcing common traffic
rules that enabled individuals (and companies) to own and operate motor
vehicles. Within the U.S., NSTIC is the best proposal so far.
However, John Poindexter, the NSA, the CIA, the Patriot Act, RealID,
etc. (to name a few) have "poisoned the well" of trust with previous
attempts to build centralized digital information systems to allow the
government to know more about citizens than citizens know about the
government.
The obstacles are huge. We not only have to convince legislators to act
without giving in to 'special interests', but also convince a
rightfully skeptical citizenry that NSTIC actually might make things
better.
We can't afford to screw this up, and we can't afford to wait and let
nature take its course. IMHO, despotism is likely from either of these
alternatives.
"Perhaps (these) sentiments are not yet sufficiently fashionable to
procure them general favor; a long habit of not thinking a thing WRONG,
gives it a superficial appearance of being RIGHT...But the tumult soon
subsides. Time makes more converts than reason." - Common Sense, Thomas
Paine.
On Wed, Jan 12, 2011 at 10:35 AM, Graham Sadd
On 1/12/2011 11:29 AM, Charles Andres wrote:
However, John Poindexter, the NSA, the CIA, the Patriot Act, RealID, etc. (to name a few) have "poisoned the well" of trust with previous attempts to build centralized digital information systems to allow the government to know more about citizens than citizens know about the government.
The dialogue seems to have answered the question posed - the propensity to vilify public officials and institutions with different views on this subject as apostates has not changed. Perhaps no surprise. Would you oppose identity checks or tracking of those who purchase extended clips for Glocks or does this also abridge perceived rights? --tony
My point was the road to public acceptance of any Govt-approved identity
plan/policy
will be steep. Plans to create positive momentum requires dealing with this
reality.
Re: your question: Specific policies regulating commerce/ownership of
dangerous substances/activities is context dependent.
Can we first agree on what the colored lights mean, and what side of the
road we all should drive on? (Right on Red except sometimes in Boston ;-).
On Wed, Jan 12, 2011 at 12:13 PM, Tony Rutkowski
On 1/12/2011 11:29 AM, Charles Andres wrote:
However, John Poindexter, the NSA, the CIA, the Patriot Act, RealID, etc. (to name a few) have "poisoned the well" of trust with previous attempts to build centralized digital information systems to allow the government to know more about citizens than citizens know about the government.
The dialogue seems to have answered the question posed - the propensity to vilify public officials and institutions with different views on this subject as apostates has not changed. Perhaps no surprise.
Would you oppose identity checks or tracking of those who purchase extended clips for Glocks or does this also abridge perceived rights?
--tony
Hello all.
I think the reason I am writing this message is to give my take on what
identity is, and how such a concept might be represented by technology. The
idea that I have held for more than 5.5 years revolves around the notion of
individuals who assert claims over a collection of devices as to identity,
and with which other individuals one may be interacting.
Now, before I tell you my beliefs in regard to identity, in regard to the
teleconference I joined several hours ago, the subject of the differences
between identity and privacy were raised. Indeed, I believe one's privacy is
an important issue, but intuitively to me at least, privacy definitely
should be considered only as a component of one's identity.
Identity to me is not something that can be escrowed by any organisation,
and trusted by individuals as being the sine qua non to every individual. I
back away from such attempts to produce a universal identifier. An
individual may indeed choose not to be identified by a "universal
identifier", and indeed, the fact that an individual might choose this could
in fact be, a claim that could be used to distinguish individuals.
Hence, identity cannot be captured by the use of any individual claim; a set
of claims might be better. A system, or perhaps more accurately, a
conceptual framework which yet may lend itself to some degree of
systematisation that captures a set of arbitrary claims representing
behavioural modes might work for asserting individual identity.
Governments may provide an identifier for those citizens who choose to
interact with their government. This identifier may be taken as a claim by
any other individuals, citizen or alien, as to the identity of the
individual with whom one is interacting. Personally, I would only accept a
"citizenship identification" indicates a degree to which I was interacting
with another one or more individuals over some medium.
So, summarily, I think individuals are identified by their behaviour, and
one's behaviour might be ascribable to a collection of claims and assertions
concerning the ownership and use by one individual to a collection of
identifiers, devices, physical and conceptual territory. A wise government
might also realise this; while they may provide an identifier to categorise
and audit service requests within its systems, they should not automatically
assume that one particular individual's activity can be ascribed to what
activity logs might say in regard to one particular identifier.
Hence, a system that might be able to aggregate variable claims together may
provide a practical way for anyone to assert their own individual set of
claims to others. Of course, a system as I envisage should be capable of 1:
allowing individuals who choose to use it to interact unimpeded with
individuals who do not and 2: accepting that individuals may choose to
identify themselves with some persona in some modes, with another persona in
other modes, and may choose not to interact with this system at all (hence
to remain anonymous) in yet other modes.
Although I had joined the earlier NSTIC teleconference, I was not sure that
my contribution was going to be appropriate, and hence, I didn't speak up.
However, the teleconference was informative, and I endeavour to be present
and possibly contribute in the future.
I hope most other individuals find these claims and assertions of mine
valuably indicative of my beliefs and behaviour.
Owen.
On 13 January 2011 08:37, Charles Andres
My point was the road to public acceptance of any Govt-approved identity plan/policy will be steep. Plans to create positive momentum requires dealing with this reality.
Re: your question: Specific policies regulating commerce/ownership of dangerous substances/activities is context dependent. Can we first agree on what the colored lights mean, and what side of the road we all should drive on? (Right on Red except sometimes in Boston ;-).
On Wed, Jan 12, 2011 at 12:13 PM, Tony Rutkowski
wrote: On 1/12/2011 11:29 AM, Charles Andres wrote:
However, John Poindexter, the NSA, the CIA, the Patriot Act, RealID, etc. (to name a few) have "poisoned the well" of trust with previous attempts to build centralized digital information systems to allow the government to know more about citizens than citizens know about the government.
The dialogue seems to have answered the question posed - the propensity to vilify public officials and institutions with different views on this subject as apostates has not changed. Perhaps no surprise.
Would you oppose identity checks or tracking of those who purchase extended clips for Glocks or does this also abridge perceived rights?
--tony
_______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
-- Clique Space(TM). Practical, Ubiquitous, and Individual Security and Identity in Cyberspace. Research paper on Clique Space: http://ssrn.com/abstract=1714848 Owen's Garden of Thought: http://owenpaulthomas.blogspot.com/ Clique Space(TM) Facebook Group: http://www.facebook.com/group.php?gid=81335296379 www.cliquespace.net Skype: owen.paul.thomas Phone: +61 401 493 433
On 13 January 2011 13:12, Owen Thomas
Personally, I would only accept a "citizenship identification" indicates a degree *[of trust I could ascribe to an interaction between]* one or more individuals over some medium.
Interactions in this system, whether I am a participant or not, would be modelled and presented to me as a user of the system. The level to which I could observe the interactions of, and interact with others would be an authorisation function of the system based upon the consistency of constraint-based parameters. -- Clique Space(TM). Practical, Ubiquitous, and Individual Security and Identity in Cyberspace. Research paper on Clique Space: http://ssrn.com/abstract=1714848 Owen's Garden of Thought: http://owenpaulthomas.blogspot.com/ Clique Space(TM) Facebook Group: http://www.facebook.com/group.php?gid=81335296379 www.cliquespace.net Skype: owen.paul.thomas Phone: +61 401 493 433
With respect, Tony, I think "vilification" is over-stating Charles'
position...
The negative reaction to perceived over-collection of data about
citizens, however benevolent the state's apparent aim, often arises out
of the imbalance Charles refers to: the state has the ability to grant
itself statutory powers reinforced by law enforcement. The citizen does
not enjoy that right, or any equivalent power.
I'm not convinced by your example of buying weaponry; first, it's an
argument from the particular (selling arms with no statutory ID checks
is a bad idea) to the general (statutory ID checks are a bad idea)... I
have seen you argue enough to know you can do better than that ;^)
Second, your example of firearms is not useful because it doesn't
translate well across borders (even US state borders...). What
constitutes perfectly acceptable firearms policy in one jurisdiction is
totally unconscionable in another.
Yrs.,
Robin
On Wed, 12 Jan 2011 12:13 -0500, "Tony Rutkowski"
On 1/12/2011 11:29 AM, Charles Andres wrote:
However, John Poindexter, the NSA, the CIA, the Patriot Act, RealID, etc. (to name a few) have "poisoned the well" of trust with previous attempts to build centralized digital information systems to allow the government to know more about citizens than citizens know about the government.
The dialogue seems to have answered the question posed - the propensity to vilify public officials and institutions with different views on this subject as apostates has not changed. Perhaps no surprise.
Would you oppose identity checks or tracking of those who purchase extended clips for Glocks or does this also abridge perceived rights?
--tony _______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
Robin Wilton +44 (0)705 005 2931
But Robin, in a democracy the state's actions are supposedly a reflection of the citizens' desires. Alternatively, a majority of the citizens can enact (or repeal) statutory powers. Even in a dictatorship or thugocracy (vide Tunisia, East Germany, etc.), a larege enough group of the citizenry can force government change. -dave On 1/15/2011 10:07 AM, Robin Wilton wrote:
With respect, Tony, I think "vilification" is over-stating Charles' position...
The negative reaction to perceived over-collection of data about citizens, however benevolent the state's apparent aim, often arises out of the imbalance Charles refers to: the state has the ability to grant itself statutory powers reinforced by law enforcement. The citizen does not enjoy that right, or any equivalent power.
I'm not convinced by your example of buying weaponry; first, it's an argument from the particular (selling arms with no statutory ID checks is a bad idea) to the general (statutory ID checks are a bad idea)... I have seen you argue enough to know you can do better than that ;^)
Second, your example of firearms is not useful because it doesn't translate well across borders (even US state borders...). What constitutes perfectly acceptable firearms policy in one jurisdiction is totally unconscionable in another.
Yrs., Robin
On Wed, 12 Jan 2011 12:13 -0500, "Tony Rutkowski"
wrote: However, John Poindexter, the NSA, the CIA, the Patriot Act, RealID, etc. (to name a few) have "poisoned the well" of trust with previous attempts to build centralized digital information systems to allow the government to know more about citizens than citizens know about the government. The dialogue seems to have answered the question posed - the propensity to vilify
On 1/12/2011 11:29 AM, Charles Andres wrote: public officials and institutions with different views on this subject as apostates has not changed. Perhaps no surprise.
Would you oppose identity checks or tracking of those who purchase extended clips for Glocks or does this also abridge perceived rights?
--tony _______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
Robin Wilton
+44 (0)705 005 2931
_______________________________________________ Community mailing list Community@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/community
Hi Dave -
On Sat, 15 Jan 2011 11:53 -0500, "Dave Kearns"
But Robin, in a democracy the state's actions are supposedly a reflection of the citizens' desires. Alternatively, a majority of the citizens can enact (or repeal) statutory powers.
In principle, perhaps. In practice: (1) "democracy" currently usually means "representative democracy", where those elected derive their mandate from having been elected, and the decisions they make once in power are not subject to any citizen input... (2) in a lot of modern democracies, it's an awful long time since those elected won the votes of majority of their citizens. Yrs., Robin Robin Wilton +44 (0)705 005 2931
participants (15)
-
Ben Laurie
-
Charles Andres
-
Colin Wallis
-
Dave Kearns
-
Dave Kearns
-
Frank Wray
-
Graham Sadd
-
Graham Sadd
-
Owen Thomas
-
Richard Fetik
-
Robin Wilton
-
Serge Ravet
-
Tony Rutkowski
-
Turner, Greg
-
Wilfried Rijsemus