I, like many others, have been lurking on this conversation. I debated whether or not to say what follows and finally decided that I needed to express my opinion. To set some context, I have always tried to live my life in a manner that treats all people, regardless of race, creed, colour, gender, ethnicity, etc, as equals with the right to express their opinion and have it heard. In addition I have also tried to proactively expose bias and discrimination for what they are. This being said, I have had concerns with the conversation in some of the email threads associated with the Code of Conduct. I strongly believe that the problems of non inclusion as evidenced by biased or discriminatory actions MUST not be condoned by ID professionals either in their actions or in the solutions they develop. However, I do not believe that the ID profession can, or should, set the bar on basic human rights. Rather, I believe ID professionals should affirm their belief in basic human rights. To me, the email threads have seemed like participants wanted the Code of Conduct to have specifics to address challenges like these that, in my opinion, go beyond the specifics of a professional in the Identity Space. To that point, I agree with Chris concerning focus or, as a corollary, not trying to solve all the world's issues in the Code of Conduct. I would suggest rather that, as part of implementing of the Code of Conduct, a peer review process needs to be established to deal with violations. That is the mechanism, in my opinion, that should address unethical behaviours such as bias and discrimination. It is also important to establish oversight of this peer review process, and of those involved in conducting it, in order to ensure that the process does not overlook, ignore, or even condone unethical behaviour. I also agree fully with others concerning the need for brevity and simplicity in stating the Code of Conduct. Those features, as evidenced by the longevity of the ACM code, lead to a lasting solution that stands the test of time. Ken On Tue, Dec 13, 2016 at 1:08 PM Chris Phillips <Chris.Phillips@canarie.ca> wrote: Normally I'm silent on saying I won't make the call but I'm the one that brought up the CISSP Code and won't be there and welcome dialogue on this in order for it to 'be considered'. In a nutshell, my *perception *is there's a lot of 'be a good human being and be professional to each other' in the IDPro code and to me that's a given. (if it isn't, that's a problem in a bigger context, not just in this one) If that’s a given, what is *SPECIFIC* to an Identity expert that is distinguishing and something that people can rally around? Will we resonate with people and hear them say 'Yeah, I support that' or 'Yeah, that's what I do around identity!' and 'I want to associate myself with this group because I subscribe to their approach/doctrine/techniques/mission/vision/values/goals/etc'. To me things can distill down to focus. CISSP is a/has a broad surface of security and associated principles which can include identity and best practices topics whereas an identity expert is that but as applied in the identity space with more focus on principles around identity and their application. An IDPro can be at least minimally a capable CISSP, but more specialized in the identity space. I hope these thoughts make sense — let me know if I'm off the mark as I currently don't have access to the wiki As always, thoughts welcome.. Chris. From: <dg-idpro-bounces@kantarainitiative.org> on behalf of Scott Shorter < scott.shorter@kuma.pro> Date: Tuesday, December 13, 2016 at 12:09 PM To: Megan Cannon <megan@kantarainitiative.org>, " dg-idpro@kantarainitiative.org" <dg-idpro@kantarainitiative.org> Subject: Re: [DG-IDPro] Reminder: Kantara ID Pro Code of Conduct Meeting today 2pm ET Thank you Megan. Agenda: 1. Review the draft in light of the comments on the discussion list. 1. Questions raised on the list: 1. Will the organization be providing training on what it means to achieve the objectives in the code? (A: seems to be an emerging consensus towards yes) 2. Are there any responsibilities to maintain compliance metrics such as David C's experience with the Athena Swan award process? (A: haven't heard anyone say yes to this) 3. Have we considered the CISSP / ISC2 Code of Ethics <https://www.isc2.org/ethics/default.aspx>? (A: at least one reviewer did look at that one yes) 2. Suggestions to the code of conduct from the list 1. Be more vague about the completeness of enumerated lists. 2. Be more explicit about "do no harm" 1. Q: What does harm mean? Looking forward to the call! - Scott *From: *<dg-idpro-bounces@kantarainitiative.org> on behalf of Megan Cannon < megan@kantarainitiative.org> *Date: *Tuesday, December 13, 2016 at 10:32 AM *To: *"dg-idpro@kantarainitiative.org" <dg-idpro@kantarainitiative.org> *Subject: *[DG-IDPro] Reminder: Kantara ID Pro Code of Conduct Meeting today 2pm ET Please join us for today's Code of Conduct Meeting: *Code of Conduct* *Tuesday, December 13, 2016* *2:00pm to 3:00pm Eastern* *Please join my meeting from your computer, tablet or smartphone.* https://global.gotomeeting.com/join/493642077 *You can also dial in using your phone.* United States +1 (312) 757-3129 *Access Code:* 493-642-077 *More phone numbers* Australia +61 2 8355 1040 Austria +43 7 2088 0034 Belgium +32 (0) 28 93 7018 Canada +1 (647) 497-9391 Denmark +45 69 91 89 28 Finland +358 (0) 923 17 0568 France +33 (0) 170 950 594 Germany +49 (0) 692 5736 7211 Ireland +353 (0) 15 360 728 Italy +39 0 247 92 13 01 Netherlands +31 (0) 208 080 219 New Zealand +64 9 280 6302 Norway +47 75 80 32 07 Spain +34 955 32 0845 Sweden +46 (0) 853 527 836 Switzerland +41 (0) 435 0167 13 United Kingdom +44 (0) 330 221 0088 First GoToMeeting? Try a test session: http://help.citrix.com/getready <http://help.citrix.com/getready> _______________________________________________ DG-IDPro mailing list DG-IDPro@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idpro -- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com