To (somebody's? Lisa's?) point today about needing a term for an "agent" of the sort that acts in the interests of a person but that is made up of software, we could use (build on?) this definition already found in the Proposed Licensing for UMA report:

Electronic Agent: A computer program or an electronic or other automated means used independently to initiate an action or respond to electronic records or performances in whole or in part without review or action by an individual at the time of the action or response.

I apologize for not capturing that discussion in the notes. I'm going through and fleshing out the spreadsheet more now, and found this among the definitions in the report.

Eve Maler
Cell or Signal +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl



On Tue, May 21, 2019 at 1:15 PM Eve Maler <eve@xmlgrrl.com> wrote:
(To get access to the spreadsheet linked below, please request access individually, and I will add you.)

2019-05-21

Attending: Eve, Nancy, Lisa, Tim, Cigdem, Adrian, Domenico, Mark

Our goals in filling out the new use cases spreadsheet are:

  • Make crystal-clear the legal-technical mappings
  • Link to definitive definitions (and figure out which concepts need new terms and better definitions, and figure out if we need to refine our definitions in a new report vs. the first report)
    • E.g., define a new Proxy/Agent/whatever term? Define a term for an organization that is the equivalent of a "data subject" (the information is "about it") only it's not an individual?
  • Get people to put their hands up in identifying which use cases they care about, and add new use cases
  • Figure out how to incorporate all the necessary complex information into licenses, such as covering Requesting Agents and Requesting Parties as required (Dr. Bob and the institution he works with, e.g.)

Our hope is that there are some kinds of licensing that you can boilerplate, a la Creative Commons. That has been the premise behind our looking at CommonAccord.org, which literally has a GitHub system for reuse of legal text (and the Ricardian system in general: prose, code, parameters). Also, jurisdictions will suggest some similarities. (See our very early UX work.) But there is extreme variability that can arise based on things like the types of resources and scopes; for example, "getting some data" is different from "controlling a smart camera".

Eve's "new permission taxonomy" lists five possible axes of control: Scope, Grantee, Environment, Usage, and Downstream. UMA as a technical layer enables three of them. Legal licensing is needed for Usage (e.g., preventing usage for marketing purposes) and Downstream (e.g., specifically, preventing sharing with a further requesting party that doesn't share the same AS as the initial requesting party).

Adrian suggests following up to learn about the work of this group.


Eve Maler
Cell or Signal +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl