Folks, I put a discussion of Utah's Digital Identity on the agenda for tomorrow's call. I'm interested in what group members think of this approach. If you're not familiar with it and don't want to read the legislation (link in the agenda for tomorrow), this piece by Wayne Chang from Spruce ID gives an overview. https://blog.spruceid.com/utahs-digital-id-law-sb260-is-the-new-frontier-for... Have a better than expected day, John Wunderlich “The law, in its majestic equality, forbids rich and poor alike to sleep under bridges, to beg in the streets, and to steal their bread.” ― Anatole France Calendly: https://calendly.com/privacycdn LinkedIn: https://www.linkedin.com/in/privacycdn/ Bluesky: https://bsky.app/profile/privacycdn.bsky.social Mastodon: https://mastodon.social/@PrivacyCDN Twitter: https://twitter.com/PrivacyCDN -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
John, Group, I have a conflict tomorrow with the monthly Steering Committee meeting of the Secure Technology Alliance. I’ll cover my response to the legislation. I think it’s a smart reframing of the concepts behind Digital ID that could begin to lessen people’s fears about it. Lessening fears is very important - every rollout I’ve been involved with has met resistance. Much of the reframing addresses those fears. Wayne and Spruce have, as usual, done a nice job summarizing and positioning to benefit. I don’t see how any of this reframing in SB260 changes technology we have standardized over the last 8-10 years. DMVs in the US can still run Identity Proofing to resolve identity and “endorse” with a digital signature or a physical credential. I know that even with this conceptual reframing, privacy requirements at the ecosystem level are necessary to prevent the potential harms listed in the article and those that people fear. There is no technology that accomplishes optimal privacy without the legislative framework to enforce it and deter malicious or forgetful actors. I’m all for this reframing if it is going to improve people’s perceptions of Digital ID. Unfortunately, it seems like detractors of our current International Standards are using this reframing to try to drive a wedge that promotes their technology… when what we really need is the alignment between them that allows choice. After all, user choice is a privacy tenet also. David David Kelts (he/him) +1(617)487-9529 m david@decipher.id <mailto:david@decipher.id> Deciphering mobile identity for real-world application: decipher.id <http://decipher.id/>
On Nov 18, 2025, at 12:28 PM, John Wunderlich <john@wunderlich.ca> wrote:
Folks,
I put a discussion of Utah's Digital Identity on the agenda for tomorrow's call. I'm interested in what group members think of this approach. If you're not familiar with it and don't want to read the legislation (link in the agenda for tomorrow), this piece by Wayne Chang from Spruce ID gives an overview.
https://blog.spruceid.com/utahs-digital-id-law-sb260-is-the-new-frontier-for...
Have a better than expected day, John Wunderlich
“The law, in its majestic equality, forbids rich and poor alike to sleep under bridges, to beg in the streets, and to steal their bread.”
― Anatole France
Calendly: https://calendly.com/privacycdn LinkedIn: https://www.linkedin.com/in/privacycdn/ Bluesky: https://bsky.app/profile/privacycdn.bsky.social Mastodon: https://mastodon.social/@PrivacyCDN Twitter: https://twitter.com/PrivacyCDN
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. _______________________________________________ A Community Group mailing list of KantaraInitiative.org Wg-pemc mailing list -- wg-pemc@kantarainitiative.org To unsubscribe send an email to staff@kantarainitiative.org List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiat... ______ Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc
There are so many gotchas here that I really don't know where to start. I guess since the mdl is optional, theat verifiers DO NOT NEED TO ACCEPT IT? if accepted the verification process is unclear - in the UK a check code is issued, will that be the case for UTAH? Will a rental car insurance company cover a renter with just a digital ID? how to prove over 25? part of mdl? or the wallet? or what? And note that DHS privacy policies state something similar, but the DHS goons are not bound by privacy policies. And the biggest gotcha of all, new laws override old laws. The EU is facing this gotcha right now. Many of the featires listed in the article mention benefits that are in the US constitution, not clear why that is a benefit from Utah. Count me as a skeptic. Peace ..tom jones On Tue, Nov 18, 2025 at 9:29 AM John Wunderlich <john@wunderlich.ca> wrote:
Folks,
I put a discussion of Utah's Digital Identity on the agenda for tomorrow's call. I'm interested in what group members think of this approach. If you're not familiar with it and don't want to read the legislation (link in the agenda for tomorrow), this piece by Wayne Chang from Spruce ID gives an overview.
https://blog.spruceid.com/utahs-digital-id-law-sb260-is-the-new-frontier-for...
Have a better than expected day, John Wunderlich
“The law, in its majestic equality, forbids rich and poor alike to sleep under bridges, to beg in the streets, and to steal their bread.”
― Anatole France
Calendly: https://calendly.com/privacycdn LinkedIn: https://www.linkedin.com/in/privacycdn/ Bluesky: https://bsky.app/profile/privacycdn.bsky.social Mastodon: https://mastodon.social/@PrivacyCDN Twitter: https://twitter.com/PrivacyCDN
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. _______________________________________________ A Community Group mailing list of KantaraInitiative.org Wg-pemc mailing list -- wg-pemc@kantarainitiative.org To unsubscribe send an email to staff@kantarainitiative.org List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiat... ______ Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc
participants (3)
-
David Kelts -
John Wunderlich -
Tom Jones