Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”

I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf

If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)



On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich <john@wunderlich.ca> wrote:
Adrian;

Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.

Sincerely,
John Wunderlich
(@PrivacyCDN)

On Feb 3, 2016, at 21:51, Adrian Gropper <agropper@healthurl.com> wrote:

The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.

The Venn is somewhat confusing. What is policy? Who's policy is it ?

What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?

PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.

Adrian

On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler <eve@xmlgrrl.com> wrote:
FWIW, I debuted a new, very lightweight Venn diagram in a blog post last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper and talk from last year.


Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl


On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg <kendaggtbs@gmail.com> wrote:
Hi UmanitRians,

I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.

Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).

For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.

I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA. 

My two cents,
Ken 

1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.)
2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 
3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.)
4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)




On Wednesday, 3 February 2016, Eve Maler <eve@xmlgrrl.com> wrote:
I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:


I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz have as well.)


Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl


On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com <arr@worldknowledgebank.com> wrote:

Is there an uma definition of privacy?

 

Regards,

 

Ann Racuya-Robbins

 

 

 

 

 

“When you share what you know in a just way

you sustain life and transform the way the world works.”

 

Ann Racuya-Robbins

Founder

Virtual Democratic Countries

https://www.worldknowledgebank.com

 

4440 Willard Ave #729

Chevy Chase, MD 20815

and

2 Placita Road, La Puebla, Espanola, New Mexico 87532

 

202.304.7103, 505.216.5343, 301.951.1809

 

This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.

 




--
Kenneth Dagg
Independent Consultant
Identification and Authentication
613-825-2091
kendaggtbs@gmail.com


_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma




--

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/
_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma



This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.



--

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/