uma privacy definition
Is there an uma definition of privacy? Regards, Ann Racuya-Robbins "When you share what you know in a just way you sustain life and transform the way the world works." Ann Racuya-Robbins Founder Virtual Democratic Countries https://www.worldknowledgebank.comhttps://www.worldknowledgebank.com/ 4440 Willard Ave #729 Chevy Chase, MD 20815 and 2 Placita Road, La Puebla, Espanola, New Mexico 87532 202.304.7103, 505.216.5343, 301.951.1809 This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here: http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.) *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way*
*you sustain life and transform the way the world works.”*
Ann Racuya-Robbins
*Founder*
*Virtual Democratic Countries*
*https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729
Chevy Chase, MD 20815
*and*
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is
something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not
that I'm totally in agreement with these definitions) all seem to revolve
around privacy being a state (this part I do agree with) and legislation
from various jurisdictions provide requirements to achieve this state
(without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and
Personal Information Protection and Electronic Documents Act (PIPEDA))
basically specify what must be achieved regarding the collection, storage,
use and disposal of Personally Identifiable Information (as well as
defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements
(including consent) for achieving it would be negligent and doing a
disservice to UMA.
My two cents,
Ken
(http://dictionary.reference.com/browse/privacy)
1. the state of being apart from other people orconcealed from their view;
solitude; seclusion: (Please leave the room and give me some privacy.)
2. the state of being free from unwanted or undue intrusion or disturbance
in one's private life or affairs; freedom to be let alone: (Tourists must
respect the tribe’s privacy. Those who wish to smoke can do so in the
privacy of their own homes.) See also invasion of privacy.
3. freedom from damaging publicity, public scrutiny,secret surveillance, or
unauthorized disclosure ofone’s personal data or information, as by
agovernment, corporation, or individual: (Ordinary citizens have a
qualified right to privacy. There is so much information about us online
that personal privacy may be a thing of the past.)
4. the state of being concealed; secrecy: (Before he told us of his plans,
he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com javascript:_e(%7B%7D,'cvml','arr@worldknowledgebank.com'); < arr@worldknowledgebank.com javascript:_e(%7B%7D,'cvml','arr@worldknowledgebank.com');> wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way*
*you sustain life and transform the way the world works.”*
Ann Racuya-Robbins
*Founder*
*Virtual Democratic Countries*
*https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729
Chevy Chase, MD 20815
*and*
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
FWIW, I debuted a new, very lightweight Venn diagram in a blog post
https://www.forgerock.com/blog/uma-identity-platform-release/ last week
(where ForgeRock was announcing its new platform version with UMA support!)
describing elements of privacy. It's not to be taken too literally, but it
echoes themes I talked about in this paper
http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222
and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way*
*you sustain life and transform the way the world works.”*
Ann Racuya-Robbins
*Founder*
*Virtual Democratic Countries*
*https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729
Chevy Chase, MD 20815
*and*
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
The video is lovely. "nothing about me without me" has been a rallying cry
of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How
many UMA Authorization Servers will one person have? Who will own my AS in
the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy
Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way*
*you sustain life and transform the way the world works.”*
Ann Racuya-Robbins
*Founder*
*Virtual Democratic Countries*
*https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729
Chevy Chase, MD 20815
*and*
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
I learned about the rallying cry from the health world, and passed it on to
my colleagues, and it applies equally to other domains, and to the places
where our data crosses domains.
The Venn is about the "practice of privacy" in organizations. Some of
privacy practice is simply about good security practice. Some of it is
about good policy and governance rules. (And these all overlap; the
intersections aren't empty, as is shown.) Where there hasn't been much in
the way of solutions, driven by little business motivation, is on
supporting the positive goals that individuals have that come under various
"privacy definitions". My testimony to the API Task Force
https://www.healthit.gov/facas/calendar/2016/01/26/api-task-force-virtual-he...
made a case about some factors that are arising now that seem to be
changing the equation somewhat.
Privacy by Design and Privacy Engineering are actually two very different
disciplines, though of course the goals aren't so very different. Privacy
Engineering is a very technical discipline, as I discovered firsthand when
I presented to the IEEE workshop -- deeply concerned with encryption
techniques, for example. I found it to be firmly ensconced in the upper
left bubble.
ForgeRock's solution includes both an AS component and an RS enablement
component. A variety of organizations could be interested, including
health/consumer/IoT platforms, governments, retail players/platforms, and
others. The sizes of the ecosystems range, so far, from "narrow" to
"medium". As you know, the "#wideeco" use case is one that has particular
challenges (and not just for UMA but for OAuth and other tech), and it's on
our roadmap to discuss in 2016.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:51 PM, Adrian Gropper
The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way*
*you sustain life and transform the way the world works.”*
Ann Racuya-Robbins
*Founder*
*Virtual Democratic Countries*
*https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729
Chevy Chase, MD 20815
*and*
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
Adrian; Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology. Sincerely, John Wunderlich (@PrivacyCDN) http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
mailto:eve@xmlgrrl.com> wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year. Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
mailto:kendaggtbs@gmail.com> wrote: Hi UmanitRians, I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com http://dictionary.com/ definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
mailto:eve@xmlgrrl.com> wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here: http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com <>
> wrote: Is there an uma definition of privacy? Regards,
Ann Racuya-Robbins
“When you share what you know in a just way
you sustain life and transform the way the world works.”
Ann Racuya-Robbins
Founder
Virtual Democratic Countries
https://www.worldknowledgebank.com https://www.worldknowledgebank.com/
4440 Willard Ave #729
Chevy Chase, MD 20815
and
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103 tel:202.304.7103, 505.216.5343 tel:505.216.5343, 301.951.1809 tel:301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 tel:613-825-2091 kendaggtbs@gmail.com mailto:kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ http://patientprivacyrights.org/donate-2/_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Privacy by Design always makes me think of the Alice in Wonderland: “When I
use a word,” Humpty Dumpty said in rather a scornful tone, “it means just
what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering:
http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to
share an AS, then I understand but that hardly counts as autonomy and it
sounds more like an add-on service to an IdP than a new thing. I suppose I
just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way*
*you sustain life and transform the way the world works.”*
Ann Racuya-Robbins
*Founder*
*Virtual Democratic Countries*
*https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729
Chevy Chase, MD 20815
*and*
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
Eve and other,
Thank you for your responses. While I agree fully that heading down the
rathole of definitions is a tricky and dangerous endeavour, I also strongly
believe that it is a necessary exercise (at least to some level of detail).
I would encourage UMA to continue. I will also bring the question of
defining Privacy to IAWG whose mandate, since it took over the Privacy WG a
couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol
designed to give an individual a unified control point for authorizing who
and what can get access to their digital data, content, and services, no
matter where all those things live." While I have heard this before it
finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can
get access to". In my interpretation that is access to collect - be that
for a millisecond examination or for the long term. In other words, also in
my interpretation, UMA does nothing for controlling the storage, use or
disposal of personally identifiable information. That is not a denunciation
of UMA - it is just a statement of what I think I just realized. Am I
correct?
If my eureka moment is true my suggestion would be to include an explicit
statement in the description of UMA that says that controlling the storage,
use and disposal of PII is outside the scope of UMA and the responsibility
of other protocols / processes. It may seem to be redundant but I think
that this type of statement would get people away from the idea that UMA
might be the "silver bullet" to fix their privacy woes that they are all
looking to discover. While I've not heard anyone ever say that it is, given
the increased emphasis on privacy, I could see some executives making that
interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
javascript:_e(%7B%7D,'cvml','john@wunderlich.ca');> wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
javascript:_e(%7B%7D,'cvml','agropper@healthurl.com');> wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
javascript:_e(%7B%7D,'cvml','eve@xmlgrrl.com');> wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
javascript:_e(%7B%7D,'cvml','kendaggtbs@gmail.com');> wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
javascript:_e(%7B%7D,'cvml','eve@xmlgrrl.com');> wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way*
*you sustain life and transform the way the world works.”*
Ann Racuya-Robbins
*Founder*
*Virtual Democratic Countries*
*https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729
Chevy Chase, MD 20815
*and*
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com javascript:_e(%7B%7D,'cvml','kendaggtbs@gmail.com');
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org javascript:_e(%7B%7D,'cvml','WG-UMA@kantarainitiative.org'); http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org javascript:_e(%7B%7D,'cvml','WG-UMA@kantarainitiative.org'); http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
Ken, you are mostly right but there are other, much larger problems I've
discovered in working with UMA in the real-life environment of health
records. The biggest problem, by far, in the definition is "an individual a
unified control point". This is widely ignored in practice. The systems
being discussed could easily end up with a separate AS for every RS or at
least a separate AS for every industry or region. This is completely
unnecessary from a privacy perspective and confuses the "autonomy" of the
individual in a privacy perspective.
The second large problem is "use". It's perfectly reasonable for UMA
to stay away from storage and disposal for all sorts of obvious reasons. It
is not reasonable, from a privacy perspective for UMA to avoid providing
notice of use to the individual via their AS. In healthcare and many other
domains the "internal" sharing of information is obfuscated for all sorts
of reasons on a massive scale. Some of these involve pretending to
de-identify high-dimensional data resources that can, and are,
re-identified and aggregated later. There are many other uses where notice
and transparency of use is not allowed.
These are the kind of things UMA should do at the base of the
standard according to privacy engineering. Other, more complicated things
like multiple ASs or complex, validated claims gathering would be layered
on in the privacy engineering sequence.
If we ignore privacy engineering, then we end up trying to fix things on
the legal side and just add more confusion and adoption barriers.
Adrian
On Thursday, February 4, 2016, Ken Dagg
Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
javascript:_e(%7B%7D,'cvml','agropper@healthurl.com');> wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
> Is there an uma definition of privacy? > > > > Regards, > > > > Ann Racuya-Robbins > > > > > > > > > > > > *“When you share what you know in a just way* > > *you sustain life and transform the way the world works.”* > > > > Ann Racuya-Robbins > > *Founder* > > *Virtual Democratic Countries* > > *https://www.worldknowledgebank.com > https://www.worldknowledgebank.com/* > > > > 4440 Willard Ave #729 > > Chevy Chase, MD 20815 > > *and* > > 2 Placita Road, La Puebla, Espanola, New Mexico 87532 > > > > 202.304.7103, 505.216.5343, 301.951.1809 > > > > This message (including any attachments) is intended only for the > use of the individual or entity to which it is addressed and may contain > information that is non-public, proprietary, privileged, confidential, and > exempt from disclosure under applicable law or may constitute as attorney > work product. If you are not the intended recipient, you are hereby > notified that any use, dissemination, distribution, or copying of this > communication is strictly prohibited. If you have received this > communication in error, notify us immediately by telephone and (i) destroy > this message if a facsimile or (ii) delete this message immediately if this > is an electronic communication. > > >
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com javascript:_e(%7B%7D,'cvml','kendaggtbs@gmail.com');
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
Adrian,
As I said to John, it is my opinion that UMA should not extend beyond what
it says it is: a protocol to provide a unified control point for
authorizing who and what can get access to their digital data. Anything
beyond that is, in my opinion, the responsibility of other protocols/
processes used by an organization.
Is the fact that implementations fail to use UMA as a "unified control
point" a deficiency in the protocol or a failure to enforce proper
usage? That is, a failure to call to task any organization that purports to
be using UMA but fails to implement the unified control point.
I agree fully with you regarding "notice of use". However, I'm not sure
(given that I'm a lurker rather than deeply involved) that NOU is within
the scope of UMA. I tend to try and "single purpose black box" modules to
allow combining them in innovative ways. As such, I would separate the NOU
and UCP modules of a solution.
Ken
On Thursday, 4 February 2016, Adrian Gropper
Ken, you are mostly right but there are other, much larger problems I've discovered in working with UMA in the real-life environment of health records. The biggest problem, by far, in the definition is "an individual a unified control point". This is widely ignored in practice. The systems being discussed could easily end up with a separate AS for every RS or at least a separate AS for every industry or region. This is completely unnecessary from a privacy perspective and confuses the "autonomy" of the individual in a privacy perspective.
The second large problem is "use". It's perfectly reasonable for UMA to stay away from storage and disposal for all sorts of obvious reasons. It is not reasonable, from a privacy perspective for UMA to avoid providing notice of use to the individual via their AS. In healthcare and many other domains the "internal" sharing of information is obfuscated for all sorts of reasons on a massive scale. Some of these involve pretending to de-identify high-dimensional data resources that can, and are, re-identified and aggregated later. There are many other uses where notice and transparency of use is not allowed.
These are the kind of things UMA should do at the base of the standard according to privacy engineering. Other, more complicated things like multiple ASs or complex, validated claims gathering would be layered on in the privacy engineering sequence.
If we ignore privacy engineering, then we end up trying to fix things on the legal side and just add more confusion and adoption barriers.
Adrian
On Thursday, February 4, 2016, Ken Dagg
javascript:_e(%7B%7D,'cvml','kendaggtbs@gmail.com');> wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: > I don't think there is any UMA publication that defines privacy, but > there is one (older) publication that discusses UMA with respect to Privacy > by Design, here: > > > http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... > > I was thinking recently that it might be a good time to revise this > paper, and/or write a new and more expanded one, in light of the many > regulatory moves being made and discussions about the role of "consent" (as > UMA enables) within those regulations. (I happen to have been doing a lot > of writing and presenting along those lines in various forms myself lately, > and others of us such as Jon Neiditz http://datalaw.net/ have as > well.) > > > > *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl > > > On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < > arr@worldknowledgebank.com> wrote: > >> Is there an uma definition of privacy? >> >> >> >> Regards, >> >> >> >> Ann Racuya-Robbins >> >> >> >> >> >> >> >> >> >> >> >> *“When you share what you know in a just way* >> >> *you sustain life and transform the way the world works.”* >> >> >> >> Ann Racuya-Robbins >> >> *Founder* >> >> *Virtual Democratic Countries* >> >> *https://www.worldknowledgebank.com >> https://www.worldknowledgebank.com/* >> >> >> >> 4440 Willard Ave #729 >> >> Chevy Chase, MD 20815 >> >> *and* >> >> 2 Placita Road, La Puebla, Espanola, New Mexico 87532 >> >> >> >> 202.304.7103, 505.216.5343, 301.951.1809 >> >> >> >> This message (including any attachments) is intended only for the >> use of the individual or entity to which it is addressed and may contain >> information that is non-public, proprietary, privileged, confidential, and >> exempt from disclosure under applicable law or may constitute as attorney >> work product. If you are not the intended recipient, you are hereby >> notified that any use, dissemination, distribution, or copying of this >> communication is strictly prohibited. If you have received this >> communication in error, notify us immediately by telephone and (i) destroy >> this message if a facsimile or (ii) delete this message immediately if this >> is an electronic communication. >> >> >> > >
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
Ken,
Your point is well taken, but is it not the case that UMA can be used as a
tool to help an individual protect personal information? It is not a
silver bullet in that simply having knowledge of your identification is
some information and of course using many methods one might be able to
infer many things from other things as well as the user inadvertently
giving access indirectly or even directly to someone they didn't realize.
We need something in law that says even if you get such information you
can't use it without the users permission and you must make effort to
delete it or inform them of your knowledge, etc... However, lacking
sufficient legal backing and possibly improvements in privacy in general
this is a tool that definitely helps the consumer control information
including personal information.
I think your point is it should be made clear that protecting personal
information is a difficult problem for which UMA is a tool to help but
doesn't solve.
John
rgds, John follow me: [image: Wordpress]
http://johnmathon.wordpress.com/[image: Twitter]
https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < arr@worldknowledgebank.com> wrote:
> Is there an uma definition of privacy? > > > > Regards, > > > > Ann Racuya-Robbins > > > > > > > > > > > > *“When you share what you know in a just way* > > *you sustain life and transform the way the world works.”* > > > > Ann Racuya-Robbins > > *Founder* > > *Virtual Democratic Countries* > > *https://www.worldknowledgebank.com > https://www.worldknowledgebank.com/* > > > > 4440 Willard Ave #729 > > Chevy Chase, MD 20815 > > *and* > > 2 Placita Road, La Puebla, Espanola, New Mexico 87532 > > > > 202.304.7103, 505.216.5343, 301.951.1809 > > > > This message (including any attachments) is intended only for the > use of the individual or entity to which it is addressed and may contain > information that is non-public, proprietary, privileged, confidential, and > exempt from disclosure under applicable law or may constitute as attorney > work product. If you are not the intended recipient, you are hereby > notified that any use, dissemination, distribution, or copying of this > communication is strictly prohibited. If you have received this > communication in error, notify us immediately by telephone and (i) destroy > this message if a facsimile or (ii) delete this message immediately if this > is an electronic communication. > > >
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
John, Points very well taken. However, I believe that there is a defined scope for UMA and, in my opinion, that scope needs to be respected. UMA should not try and become something more than it purports to be: a protocol for authorizing who and what can get access to personal information.
From a user perspective I agree fully with your points regarding a user having knowledge of what is being collected. However, notification of how and when it is being used (other than the initial notification that might accompany collection) is not, in my opinion, an UMA feature. It is, as you state, an issue that should be handled by internal processes that are governed by appropriate legislation and enforcement.
My suggestion regarding enhancing the definition of UMA was made to
emphasize the point that UMA is only one tool that organizations can use to
help them respect a user's privacy.
Ken
On Thursday, 4 February 2016, John Mathon
Ken,
Your point is well taken, but is it not the case that UMA can be used as a tool to help an individual protect personal information? It is not a silver bullet in that simply having knowledge of your identification is some information and of course using many methods one might be able to infer many things from other things as well as the user inadvertently giving access indirectly or even directly to someone they didn't realize. We need something in law that says even if you get such information you can't use it without the users permission and you must make effort to delete it or inform them of your knowledge, etc... However, lacking sufficient legal backing and possibly improvements in privacy in general this is a tool that definitely helps the consumer control information including personal information.
I think your point is it should be made clear that protecting personal information is a difficult problem for which UMA is a tool to help but doesn't solve.
John
rgds, John follow me: [image: Wordpress] http://johnmathon.wordpress.com/[image: Twitter] https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
javascript:_e(%7B%7D,'cvml','kendaggtbs@gmail.com');> wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
javascript:_e(%7B%7D,'cvml','agropper@healthurl.com');> wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: > I don't think there is any UMA publication that defines privacy, but > there is one (older) publication that discusses UMA with respect to Privacy > by Design, here: > > > http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... > > I was thinking recently that it might be a good time to revise this > paper, and/or write a new and more expanded one, in light of the many > regulatory moves being made and discussions about the role of "consent" (as > UMA enables) within those regulations. (I happen to have been doing a lot > of writing and presenting along those lines in various forms myself lately, > and others of us such as Jon Neiditz http://datalaw.net/ have as > well.) > > > > *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl > > > On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < > arr@worldknowledgebank.com> wrote: > >> Is there an uma definition of privacy? >> >> >> >> Regards, >> >> >> >> Ann Racuya-Robbins >> >> >> >> >> >> >> >> >> >> >> >> *“When you share what you know in a just way* >> >> *you sustain life and transform the way the world works.”* >> >> >> >> Ann Racuya-Robbins >> >> *Founder* >> >> *Virtual Democratic Countries* >> >> *https://www.worldknowledgebank.com >> https://www.worldknowledgebank.com/* >> >> >> >> 4440 Willard Ave #729 >> >> Chevy Chase, MD 20815 >> >> *and* >> >> 2 Placita Road, La Puebla, Espanola, New Mexico 87532 >> >> >> >> 202.304.7103, 505.216.5343, 301.951.1809 >> >> >> >> This message (including any attachments) is intended only for the >> use of the individual or entity to which it is addressed and may contain >> information that is non-public, proprietary, privileged, confidential, and >> exempt from disclosure under applicable law or may constitute as attorney >> work product. If you are not the intended recipient, you are hereby >> notified that any use, dissemination, distribution, or copying of this >> communication is strictly prohibited. If you have received this >> communication in error, notify us immediately by telephone and (i) destroy >> this message if a facsimile or (ii) delete this message immediately if this >> is an electronic communication. >> >> >> > >
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com javascript:_e(%7B%7D,'cvml','kendaggtbs@gmail.com');
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org javascript:_e(%7B%7D,'cvml','WG-UMA@kantarainitiative.org'); http://kantarainitiative.org/mailman/listinfo/wg-uma
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
Love the discussion! A couple of thoughts on some of the new points made:
- "Who and what can get access": We have discussed many times how the
claims-gathering system can also be used to constrain the requesting party
around purpose of use limitations, and in fact, the HEART group is just
about to take up its "semantic UMA profiling" work, which will likely
include this. A technical level of control would have to include layering
encryption-type techniques, whereas a business-legal level of control would
include techniques such as requiring "opt-in claims" or "signature claims"
for the requesting party to complete. I've even discussed with some
organizations the prospect of using claims-gathering to have a requesting
party agree to take on roles such as "power of attorney" (a proxy role for
the resource owner) in the form of sending a claim.
- "Unified control point": This is stated with respect to the nature of
the ecosystem in which the services are deployed. Even though UMA has been
successfully designed to be identifier-agnostic (see its design
principle #3
http://kantarainitiative.org/confluence/display/uma/UMA+Requirements),
if Alice's AS is a claims client to Bob's claim sources, without a way to
establish trust between them, there are security problems. It's currently
possible for Alice to choose her own AS(/likely IdP?) and Bob to choose his
own AS(/likely IdP?) if their services can have established trust off-stage
(in a medium-ecosystem way vs. totally dynamically) -- though I don't
anticipate that this level of choice is actually going to show up in the
market super-soon. As I said before, the #wideeco use case is the subject
of some of our 2016 work (to be prioritized shortly in today's meeting!).
If you haven't read the old http://tinyurl.com/umapbd paper, it's worth
reading it to see where UMA provides the basis for solutions and where it
doesn't; e.g., it makes clear that UMA isn't about storage, being
API-level. Implementation profiling and deployment profiling therefore, to
my mind, play a huge role for interoperable and successful usage in the
wild (wherever it's planned to be used cross-organization, anyway).
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 7:04 AM, John Mathon
Ken,
Your point is well taken, but is it not the case that UMA can be used as a tool to help an individual protect personal information? It is not a silver bullet in that simply having knowledge of your identification is some information and of course using many methods one might be able to infer many things from other things as well as the user inadvertently giving access indirectly or even directly to someone they didn't realize. We need something in law that says even if you get such information you can't use it without the users permission and you must make effort to delete it or inform them of your knowledge, etc... However, lacking sufficient legal backing and possibly improvements in privacy in general this is a tool that definitely helps the consumer control information including personal information.
I think your point is it should be made clear that protecting personal information is a difficult problem for which UMA is a tool to help but doesn't solve.
John
rgds, John follow me: [image: Wordpress] http://johnmathon.wordpress.com/[image: Twitter] https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler
wrote: > I don't think there is any UMA publication that defines privacy, but > there is one (older) publication that discusses UMA with respect to Privacy > by Design, here: > > > http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... > > I was thinking recently that it might be a good time to revise this > paper, and/or write a new and more expanded one, in light of the many > regulatory moves being made and discussions about the role of "consent" (as > UMA enables) within those regulations. (I happen to have been doing a lot > of writing and presenting along those lines in various forms myself lately, > and others of us such as Jon Neiditz http://datalaw.net/ have as > well.) > > > > *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl > > > On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < > arr@worldknowledgebank.com> wrote: > >> Is there an uma definition of privacy? >> >> >> >> Regards, >> >> >> >> Ann Racuya-Robbins >> >> >> >> >> >> >> >> >> >> >> >> *“When you share what you know in a just way* >> >> *you sustain life and transform the way the world works.”* >> >> >> >> Ann Racuya-Robbins >> >> *Founder* >> >> *Virtual Democratic Countries* >> >> *https://www.worldknowledgebank.com >> https://www.worldknowledgebank.com/* >> >> >> >> 4440 Willard Ave #729 >> >> Chevy Chase, MD 20815 >> >> *and* >> >> 2 Placita Road, La Puebla, Espanola, New Mexico 87532 >> >> >> >> 202.304.7103, 505.216.5343, 301.951.1809 >> >> >> >> This message (including any attachments) is intended only for the >> use of the individual or entity to which it is addressed and may contain >> information that is non-public, proprietary, privileged, confidential, and >> exempt from disclosure under applicable law or may constitute as attorney >> work product. If you are not the intended recipient, you are hereby >> notified that any use, dissemination, distribution, or copying of this >> communication is strictly prohibited. If you have received this >> communication in error, notify us immediately by telephone and (i) destroy >> this message if a facsimile or (ii) delete this message immediately if this >> is an electronic communication. >> >> >> > >
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
Oh, one more thing... "Positive Privacy" is exactly what I have meant all
these years when I contrast "Privacy" (or "Data Privacy") with "Selective
Sharing". UMA is a technology that enables user control (yes, Mark and I
have spoken about this many times before :-). It enables UX and back-end
implementation patterns of proactive delegation, reactive consent ("access
approval"), withdrawal of consent, and denial of consent -- all in a manner
that's not coarse-grained but "scoped-grained" (which could be relatedly
fine-grained depending on the API that was exposed).
UMA empowers individuals. But individuals are not the only parties in the
ecosystem, and it's important to recognize that the equation has got to be
win-win-win-win-win or no one will deploy the technology. There's a
separation of powers. The idea has been that RS's are authoritative over
resource sets and scopes (the "verbs and objects" of policies) -- meaning
that they can, say, still control their APIs for fun and profit if they
want. RO's are authoritative over mapping subjects to them to make policy
-- meaning they can do selective sharing. AS's are authoritative over
execution of the resulting policies -- meaning they are the experts at
authorization, access control, and policy decisionmaking. (Classic "P*P
architecture.)
Note that as we get into the BLT sandwich, we're finding places where we
have to soften the lines a bit. Oh, RS's want to wrest a bit more control
away from AS's at the edge? Okay, how do we do that? Oh, ROs want to be
sure RS's don't do that too much in a loosely coupled world? Okay, how do
we manage that?
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 8:11 AM, Eve Maler
Love the discussion! A couple of thoughts on some of the new points made:
- "Who and what can get access": We have discussed many times how the claims-gathering system can also be used to constrain the requesting party around purpose of use limitations, and in fact, the HEART group is just about to take up its "semantic UMA profiling" work, which will likely include this. A technical level of control would have to include layering encryption-type techniques, whereas a business-legal level of control would include techniques such as requiring "opt-in claims" or "signature claims" for the requesting party to complete. I've even discussed with some organizations the prospect of using claims-gathering to have a requesting party agree to take on roles such as "power of attorney" (a proxy role for the resource owner) in the form of sending a claim.
- "Unified control point": This is stated with respect to the nature of the ecosystem in which the services are deployed. Even though UMA has been successfully designed to be identifier-agnostic (see its design principle #3 http://kantarainitiative.org/confluence/display/uma/UMA+Requirements), if Alice's AS is a claims client to Bob's claim sources, without a way to establish trust between them, there are security problems. It's currently possible for Alice to choose her own AS(/likely IdP?) and Bob to choose his own AS(/likely IdP?) if their services can have established trust off-stage (in a medium-ecosystem way vs. totally dynamically) -- though I don't anticipate that this level of choice is actually going to show up in the market super-soon. As I said before, the #wideeco use case is the subject of some of our 2016 work (to be prioritized shortly in today's meeting!).
If you haven't read the old http://tinyurl.com/umapbd paper, it's worth reading it to see where UMA provides the basis for solutions and where it doesn't; e.g., it makes clear that UMA isn't about storage, being API-level. Implementation profiling and deployment profiling therefore, to my mind, play a huge role for interoperable and successful usage in the wild (wherever it's planned to be used cross-organization, anyway).
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 7:04 AM, John Mathon
wrote: Ken,
Your point is well taken, but is it not the case that UMA can be used as a tool to help an individual protect personal information? It is not a silver bullet in that simply having knowledge of your identification is some information and of course using many methods one might be able to infer many things from other things as well as the user inadvertently giving access indirectly or even directly to someone they didn't realize. We need something in law that says even if you get such information you can't use it without the users permission and you must make effort to delete it or inform them of your knowledge, etc... However, lacking sufficient legal backing and possibly improvements in privacy in general this is a tool that definitely helps the consumer control information including personal information.
I think your point is it should be made clear that protecting personal information is a difficult problem for which UMA is a tool to help but doesn't solve.
John
rgds, John follow me: [image: Wordpress] http://johnmathon.wordpress.com/[image: Twitter] https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: > Hi UmanitRians, > > I'm an UMA lurker. That being said, the discussion around privacy is > something of great interest to me and I couldn't resist chiming in. > > Dictionary definitions, such as the dictionary.com definition > below, (not that I'm totally in agreement with these definitions) all seem > to revolve around privacy being a state (this part I do agree with) > and legislation from various jurisdictions provide requirements to achieve > this state (without providing a definition of privacy). > > For example, Canada's two pieces of privacy legislation (Privacy Act > and Personal Information Protection and Electronic Documents Act (PIPEDA)) > basically specify what must be achieved regarding the collection, storage, > use and disposal of Personally Identifiable Information (as well as > defining what PII is) including what and where consent is required. > > I would suggest that defining privacy without defining the > requirements (including consent) for achieving it would be negligent and > doing a disservice to UMA. > > My two cents, > Ken > > (http://dictionary.reference.com/browse/privacy) > 1. the state of being apart from other people orconcealed from their > view; solitude; seclusion: (Please leave the room and give me some privacy.) > 2. the state of being free from unwanted or undue intrusion or > disturbance in one's private life or affairs; freedom to be let alone: > (Tourists must respect the tribe’s privacy. Those who wish to smoke can do > so in the privacy of their own homes.) See also invasion of privacy. > 3. freedom from damaging publicity, public scrutiny,secret > surveillance, or unauthorized disclosure ofone’s personal data or > information, as by agovernment, corporation, or individual: (Ordinary > citizens have a qualified right to privacy. There is so much information > about us online that personal privacy may be a thing of the past.) > 4. the state of being concealed; secrecy: (Before he told us of his > plans, he insisted on total privacy.) > > > > > On Wednesday, 3 February 2016, Eve Maler
wrote: > >> I don't think there is any UMA publication that defines privacy, >> but there is one (older) publication that discusses UMA with respect to >> Privacy by Design, here: >> >> >> http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... >> >> I was thinking recently that it might be a good time to revise this >> paper, and/or write a new and more expanded one, in light of the many >> regulatory moves being made and discussions about the role of "consent" (as >> UMA enables) within those regulations. (I happen to have been doing a lot >> of writing and presenting along those lines in various forms myself lately, >> and others of us such as Jon Neiditz http://datalaw.net/ have as >> well.) >> >> >> >> *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: >> @xmlgrrl >> >> >> On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < >> arr@worldknowledgebank.com> wrote: >> >>> Is there an uma definition of privacy? >>> >>> >>> >>> Regards, >>> >>> >>> >>> Ann Racuya-Robbins >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> *“When you share what you know in a just way* >>> >>> *you sustain life and transform the way the world works.”* >>> >>> >>> >>> Ann Racuya-Robbins >>> >>> *Founder* >>> >>> *Virtual Democratic Countries* >>> >>> *https://www.worldknowledgebank.com >>> https://www.worldknowledgebank.com/* >>> >>> >>> >>> 4440 Willard Ave #729 >>> >>> Chevy Chase, MD 20815 >>> >>> *and* >>> >>> 2 Placita Road, La Puebla, Espanola, New Mexico 87532 >>> >>> >>> >>> 202.304.7103, 505.216.5343, 301.951.1809 >>> >>> >>> >>> This message (including any attachments) is intended only for the >>> use of the individual or entity to which it is addressed and may contain >>> information that is non-public, proprietary, privileged, confidential, and >>> exempt from disclosure under applicable law or may constitute as attorney >>> work product. If you are not the intended recipient, you are hereby >>> notified that any use, dissemination, distribution, or copying of this >>> communication is strictly prohibited. If you have received this >>> communication in error, notify us immediately by telephone and (i) destroy >>> this message if a facsimile or (ii) delete this message immediately if this >>> is an electronic communication. >>> >>> >>> >> >> > > -- > Kenneth Dagg > Independent Consultant > Identification and Authentication > 613-825-2091 > kendaggtbs@gmail.com > _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
All,
Please understand that I'm not looking the UMA gift horse in the mouth. I
am truly grateful for what Eve and this community has done and am making
progress at being an implementer which I can now actually demo!!!
However, this thread is labeled UMA privacy definition and my comments are
to be taken in exactly that spirit. Privacy can be engineered and if it is,
then the legal and business domains are also improved. 2016 priorities
should consider privacy engineering and raise the "wide ecosystem" and
"notice" concerns to the top.
Adrian
On Thu, Feb 4, 2016 at 11:23 AM, Eve Maler
Oh, one more thing... "Positive Privacy" is exactly what I have meant all these years when I contrast "Privacy" (or "Data Privacy") with "Selective Sharing". UMA is a technology that enables user control (yes, Mark and I have spoken about this many times before :-). It enables UX and back-end implementation patterns of proactive delegation, reactive consent ("access approval"), withdrawal of consent, and denial of consent -- all in a manner that's not coarse-grained but "scoped-grained" (which could be relatedly fine-grained depending on the API that was exposed).
UMA empowers individuals. But individuals are not the only parties in the ecosystem, and it's important to recognize that the equation has got to be win-win-win-win-win or no one will deploy the technology. There's a separation of powers. The idea has been that RS's are authoritative over resource sets and scopes (the "verbs and objects" of policies) -- meaning that they can, say, still control their APIs for fun and profit if they want. RO's are authoritative over mapping subjects to them to make policy -- meaning they can do selective sharing. AS's are authoritative over execution of the resulting policies -- meaning they are the experts at authorization, access control, and policy decisionmaking. (Classic "P*P architecture.)
Note that as we get into the BLT sandwich, we're finding places where we have to soften the lines a bit. Oh, RS's want to wrest a bit more control away from AS's at the edge? Okay, how do we do that? Oh, ROs want to be sure RS's don't do that too much in a loosely coupled world? Okay, how do we manage that?
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 8:11 AM, Eve Maler
wrote: Love the discussion! A couple of thoughts on some of the new points made:
- "Who and what can get access": We have discussed many times how the claims-gathering system can also be used to constrain the requesting party around purpose of use limitations, and in fact, the HEART group is just about to take up its "semantic UMA profiling" work, which will likely include this. A technical level of control would have to include layering encryption-type techniques, whereas a business-legal level of control would include techniques such as requiring "opt-in claims" or "signature claims" for the requesting party to complete. I've even discussed with some organizations the prospect of using claims-gathering to have a requesting party agree to take on roles such as "power of attorney" (a proxy role for the resource owner) in the form of sending a claim.
- "Unified control point": This is stated with respect to the nature of the ecosystem in which the services are deployed. Even though UMA has been successfully designed to be identifier-agnostic (see its design principle #3 http://kantarainitiative.org/confluence/display/uma/UMA+Requirements), if Alice's AS is a claims client to Bob's claim sources, without a way to establish trust between them, there are security problems. It's currently possible for Alice to choose her own AS(/likely IdP?) and Bob to choose his own AS(/likely IdP?) if their services can have established trust off-stage (in a medium-ecosystem way vs. totally dynamically) -- though I don't anticipate that this level of choice is actually going to show up in the market super-soon. As I said before, the #wideeco use case is the subject of some of our 2016 work (to be prioritized shortly in today's meeting!).
If you haven't read the old http://tinyurl.com/umapbd paper, it's worth reading it to see where UMA provides the basis for solutions and where it doesn't; e.g., it makes clear that UMA isn't about storage, being API-level. Implementation profiling and deployment profiling therefore, to my mind, play a huge role for interoperable and successful usage in the wild (wherever it's planned to be used cross-organization, anyway).
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 7:04 AM, John Mathon
wrote: Ken,
Your point is well taken, but is it not the case that UMA can be used as a tool to help an individual protect personal information? It is not a silver bullet in that simply having knowledge of your identification is some information and of course using many methods one might be able to infer many things from other things as well as the user inadvertently giving access indirectly or even directly to someone they didn't realize. We need something in law that says even if you get such information you can't use it without the users permission and you must make effort to delete it or inform them of your knowledge, etc... However, lacking sufficient legal backing and possibly improvements in privacy in general this is a tool that definitely helps the consumer control information including personal information.
I think your point is it should be made clear that protecting personal information is a difficult problem for which UMA is a tool to help but doesn't solve.
John
rgds, John follow me: [image: Wordpress] http://johnmathon.wordpress.com/[image: Twitter] https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: > FWIW, I debuted a new, very lightweight Venn diagram in a blog post > https://www.forgerock.com/blog/uma-identity-platform-release/ > last week (where ForgeRock was announcing its new platform version with UMA > support!) describing elements of privacy. It's not to be taken too > literally, but it echoes themes I talked about in this paper > http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 > and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last > year. > > > > *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl > > > On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
> wrote: > >> Hi UmanitRians, >> >> I'm an UMA lurker. That being said, the discussion around privacy >> is something of great interest to me and I couldn't resist chiming in. >> >> Dictionary definitions, such as the dictionary.com definition >> below, (not that I'm totally in agreement with these definitions) all seem >> to revolve around privacy being a state (this part I do agree with) >> and legislation from various jurisdictions provide requirements to achieve >> this state (without providing a definition of privacy). >> >> For example, Canada's two pieces of privacy legislation (Privacy >> Act and Personal Information Protection and Electronic Documents Act >> (PIPEDA)) basically specify what must be achieved regarding the collection, >> storage, use and disposal of Personally Identifiable Information (as well >> as defining what PII is) including what and where consent is required. >> >> I would suggest that defining privacy without defining the >> requirements (including consent) for achieving it would be negligent and >> doing a disservice to UMA. >> >> My two cents, >> Ken >> >> (http://dictionary.reference.com/browse/privacy) >> 1. the state of being apart from other people orconcealed from >> their view; solitude; seclusion: (Please leave the room and give me some >> privacy.) >> 2. the state of being free from unwanted or undue intrusion or >> disturbance in one's private life or affairs; freedom to be let alone: >> (Tourists must respect the tribe’s privacy. Those who wish to smoke can do >> so in the privacy of their own homes.) See also invasion of privacy. >> 3. freedom from damaging publicity, public scrutiny,secret >> surveillance, or unauthorized disclosure ofone’s personal data or >> information, as by agovernment, corporation, or individual: (Ordinary >> citizens have a qualified right to privacy. There is so much information >> about us online that personal privacy may be a thing of the past.) >> 4. the state of being concealed; secrecy: (Before he told us of his >> plans, he insisted on total privacy.) >> >> >> >> >> On Wednesday, 3 February 2016, Eve Maler wrote: >> >>> I don't think there is any UMA publication that defines privacy, >>> but there is one (older) publication that discusses UMA with respect to >>> Privacy by Design, here: >>> >>> >>> http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... >>> >>> I was thinking recently that it might be a good time to revise >>> this paper, and/or write a new and more expanded one, in light of the many >>> regulatory moves being made and discussions about the role of "consent" (as >>> UMA enables) within those regulations. (I happen to have been doing a lot >>> of writing and presenting along those lines in various forms myself lately, >>> and others of us such as Jon Neiditz http://datalaw.net/ have >>> as well.) >>> >>> >>> >>> *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: >>> @xmlgrrl >>> >>> >>> On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < >>> arr@worldknowledgebank.com> wrote: >>> >>>> Is there an uma definition of privacy? >>>> >>>> >>>> >>>> Regards, >>>> >>>> >>>> >>>> Ann Racuya-Robbins >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> *“When you share what you know in a just way* >>>> >>>> *you sustain life and transform the way the world works.”* >>>> >>>> >>>> >>>> Ann Racuya-Robbins >>>> >>>> *Founder* >>>> >>>> *Virtual Democratic Countries* >>>> >>>> *https://www.worldknowledgebank.com >>>> https://www.worldknowledgebank.com/* >>>> >>>> >>>> >>>> 4440 Willard Ave #729 >>>> >>>> Chevy Chase, MD 20815 >>>> >>>> *and* >>>> >>>> 2 Placita Road, La Puebla, Espanola, New Mexico 87532 >>>> >>>> >>>> >>>> 202.304.7103, 505.216.5343, 301.951.1809 >>>> >>>> >>>> >>>> This message (including any attachments) is intended only for the >>>> use of the individual or entity to which it is addressed and may contain >>>> information that is non-public, proprietary, privileged, confidential, and >>>> exempt from disclosure under applicable law or may constitute as attorney >>>> work product. If you are not the intended recipient, you are hereby >>>> notified that any use, dissemination, distribution, or copying of this >>>> communication is strictly prohibited. If you have received this >>>> communication in error, notify us immediately by telephone and (i) destroy >>>> this message if a facsimile or (ii) delete this message immediately if this >>>> is an electronic communication. >>>> >>>> >>>> >>> >>> >> >> -- >> Kenneth Dagg >> Independent Consultant >> Identification and Authentication >> 613-825-2091 >> kendaggtbs@gmail.com >> > > > _______________________________________________ > WG-UMA mailing list > WG-UMA@kantarainitiative.org > http://kantarainitiative.org/mailman/listinfo/wg-uma > > --
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
Hi Eve and John - Evidently I cannot forward this to the entire list. Please forward it for me if it might be useful in the current discussion.
Hi folks - The link below provides a nice piece from Solove that provides a checklist of the regions in the "privacy" landscape. It is US focused, but all the harms concepts correlate with those in other jurisdictions (where other terms may be applied to compound the confusion).
For UMA design, development and deployment purposes, it seems that the term's ambiguity could use some unpacking before any system design and operation decisions are made to pursue its accomplishment.
https://www.law.upenn.edu/journals/lawreview/articles/volume154/issue3/Solov...
The various definitions are not mutually exclusive, but all are relevant to the analysis.
I have also attached a "harms matrix" (the excel spreadsheet that many of you have already seen) that previously attempted that unpacking of the term "Privacy," by correlating different interpretations of the term from dozens of existing laws. Like the Solove article, it seeks to provide a "map" to the privacy landscape. It will help map the relationship among privacy, data security, etc.
Spoiler alert - I believe that each type of harm comes down to measuring the integrity, reliability and predictability of the information input and output channels (data as expression and perception) from the perspective of individuals. The measurements of such "integrity" are myriad, and the accomplishment of a state of acceptable "privacy" for the individual will be contextually and subjectively driven. So that even a stable definition will defy easy categorization. That is familiar territory for the law, which recognizes that humans consistently refuse to be engineered into clear categories. Would we have it be otherwise? Those who desire to create anticipatory measurement of every possible problem "phase space" that is opened up with the exercise of human discretion may be disappointed with the result. This suggested "information channel integrity" paradigm gathers all the disparate pieces into a framework that can be operationalized in law (as it already has been - albeit in a distributed fashion) and technology (as UMA can help to foster). Btw, I welcome critiques/challenges to this "spoiler alert" concept as conceptual "stress testing" prior to its application to socio-technical systems.
It appears that UMA can help individuals to navigate the complex privacy landscape without having to oversimplify that landscape itself. It is akin to how a nature walk is made more satisfactory (at least to nerds like me) with a good nature field guide, even though the guide does not simplify the ecosystem itself - it just helps frame my understanding of and interaction with the intrinsically system. Law and policy (including privacy and data security law) is a field guide to human interaction "ecosystems."
Kind regards,
Scott
Scott L. David
Director of Policy
Center for Information Assurance and Cybersecurity
University of Washington - Applied Physics Laboratory
w- 206-897-1466
m- 206-715-0859
Tw - @ScottLDavid
________________________________
From: wg-uma-bounces@kantarainitiative.org
HI Scott et al, I like the spoiler :-) I believe that each type of harm comes down to measuring the integrity, reliability and predictability of the information input and output channels (data as expression and perception) from the perspective of individuals. Looking at what a consent based framework would need to be desired to more accurately depict UMA, its role in privacy I think this spoiler gets to the heart of it and as Ken mentioned it is a state. I think in this context Positive Privacy would be a great way to spell out these differences. Especially in terms of metrics. Two things I am working on at the moment is 1. a Use Case for international transfer of personal data based on consent, and 2. a series of workshops focused on consent and notice. In terms of 1. the use case, for a constant state of positive privacy that enables user control I think would combine elements like BCRS (on the backend) with UMA on the front end, wrapped in consent based framework built upon jurisdictional laws. 2. I think a workshop or conference with a call for papers regarding metrics from some key academics working in this field and on intermediary agents could really help quantify this. I have my eye on a few leaders in this space, but haven’t quite worked out the when. Perhaps these items could be a point of collaboration between CIS & UMA ? Its difficult to start a new stream of work, but, these might work into things we have on the go. As well, the new crisp clarity of Positive Privacy now makes this a point to which we can engage and describe the larger ecosystem that is needed to interact with UMA and notice ? (food for thought) - Mark
On 4 Feb 2016, at 16:57, Scott L. David
wrote: Hi Eve and John - Evidently I cannot forward this to the entire list. Please forward it for me if it might be useful in the current discussion.
Hi folks - The link below provides a nice piece from Solove that provides a checklist of the regions in the "privacy" landscape. It is US focused, but all the harms concepts correlate with those in other jurisdictions (where other terms may be applied to compound the confusion).
For UMA design, development and deployment purposes, it seems that the term's ambiguity could use some unpacking before any system design and operation decisions are made to pursue its accomplishment.
https://www.law.upenn.edu/journals/lawreview/articles/volume154/issue3/Solov... https://www.law.upenn.edu/journals/lawreview/articles/volume154/issue3/Solov...
The various definitions are not mutually exclusive, but all are relevant to the analysis.
I have also attached a "harms matrix" (the excel spreadsheet that many of you have already seen) that previously attempted that unpacking of the term "Privacy," by correlating different interpretations of the term from dozens of existing laws. Like the Solove article, it seeks to provide a "map" to the privacy landscape. It will help map the relationship among privacy, data security, etc.
Spoiler alert - I believe that each type of harm comes down to measuring the integrity, reliability and predictability of the information input and output channels (data as expression and perception) from the perspective of individuals. The measurements of such "integrity" are myriad, and the accomplishment of a state of acceptable "privacy" for the individual will be contextually and subjectively driven. So that even a stable definition will defy easy categorization. That is familiar territory for the law, which recognizes that humans consistently refuse to be engineered into clear categories. Would we have it be otherwise? Those who desire to create anticipatory measurement of every possible problem "phase space" that is opened up with the exercise of human discretion may be disappointed with the result. This suggested "information channel integrity" paradigm gathers all the disparate pieces into a framework that can be operationalized in law (as it already has been - albeit in a distributed fashion) and technology (as UMA can help to foster). Btw, I welcome critiques/challenges to this "spoiler alert" concept as conceptual "stress testing" prior to its application to socio-technical systems.
It appears that UMA can help individuals to navigate the complex privacy landscape without having to oversimplify that landscape itself. It is akin to how a nature walk is made more satisfactory (at least to nerds like me) with a good nature field guide, even though the guide does not simplify the ecosystem itself - it just helps frame my understanding of and interaction with the intrinsically system. Law and policy (including privacy and data security law) is a field guide to human interaction "ecosystems."
Kind regards, Scott
Scott L. David Director of Policy Center for Information Assurance and Cybersecurity University of Washington - Applied Physics Laboratory
w- 206-897-1466 m- 206-715-0859 Tw - @ScottLDavid
From: wg-uma-bounces@kantarainitiative.org mailto:wg-uma-bounces@kantarainitiative.org
mailto:wg-uma-bounces@kantarainitiative.org> on behalf of Eve Maler mailto:eve@xmlgrrl.com> Sent: Thursday, February 4, 2016 8:23 AM To: John Mathon Cc: Eve Maler Subject: Re: [WG-UMA] uma privacy definition Oh, one more thing... "Positive Privacy" is exactly what I have meant all these years when I contrast "Privacy" (or "Data Privacy") with "Selective Sharing". UMA is a technology that enables user control (yes, Mark and I have spoken about this many times before :-). It enables UX and back-end implementation patterns of proactive delegation, reactive consent ("access approval"), withdrawal of consent, and denial of consent -- all in a manner that's not coarse-grained but "scoped-grained" (which could be relatedly fine-grained depending on the API that was exposed).
UMA empowers individuals. But individuals are not the only parties in the ecosystem, and it's important to recognize that the equation has got to be win-win-win-win-win or no one will deploy the technology. There's a separation of powers. The idea has been that RS's are authoritative over resource sets and scopes (the "verbs and objects" of policies) -- meaning that they can, say, still control their APIs for fun and profit if they want. RO's are authoritative over mapping subjects to them to make policy -- meaning they can do selective sharing. AS's are authoritative over execution of the resulting policies -- meaning they are the experts at authorization, access control, and policy decisionmaking. (Classic "P*P architecture.)
Note that as we get into the BLT sandwich, we're finding places where we have to soften the lines a bit. Oh, RS's want to wrest a bit more control away from AS's at the edge? Okay, how do we do that? Oh, ROs want to be sure RS's don't do that too much in a loosely coupled world? Okay, how do we manage that?
Eve Maler Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 8:11 AM, Eve Maler
mailto:eve@xmlgrrl.com> wrote: Love the discussion! A couple of thoughts on some of the new points made: "Who and what can get access": We have discussed many times how the claims-gathering system can also be used to constrain the requesting party around purpose of use limitations, and in fact, the HEART group is just about to take up its "semantic UMA profiling" work, which will likely include this. A technical level of control would have to include layering encryption-type techniques, whereas a business-legal level of control would include techniques such as requiring "opt-in claims" or "signature claims" for the requesting party to complete. I've even discussed with some organizations the prospect of using claims-gathering to have a requesting party agree to take on roles such as "power of attorney" (a proxy role for the resource owner) in the form of sending a claim. "Unified control point": This is stated with respect to the nature of the ecosystem in which the services are deployed. Even though UMA has been successfully designed to be identifier-agnostic (see its design principle #3 http://kantarainitiative.org/confluence/display/uma/UMA+Requirements), if Alice's AS is a claims client to Bob's claim sources, without a way to establish trust between them, there are security problems. It's currently possible for Alice to choose her own AS(/likely IdP?) and Bob to choose his own AS(/likely IdP?) if their services can have established trust off-stage (in a medium-ecosystem way vs. totally dynamically) -- though I don't anticipate that this level of choice is actually going to show up in the market super-soon. As I said before, the #wideeco use case is the subject of some of our 2016 work (to be prioritized shortly in today's meeting!). If you haven't read the old http://tinyurl.com/umapbd http://tinyurl.com/umapbd paper, it's worth reading it to see where UMA provides the basis for solutions and where it doesn't; e.g., it makes clear that UMA isn't about storage, being API-level. Implementation profiling and deployment profiling therefore, to my mind, play a huge role for interoperable and successful usage in the wild (wherever it's planned to be used cross-organization, anyway). Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 7:04 AM, John Mathon
mailto:johnmathon@gmail.com> wrote: Ken, Your point is well taken, but is it not the case that UMA can be used as a tool to help an individual protect personal information? It is not a silver bullet in that simply having knowledge of your identification is some information and of course using many methods one might be able to infer many things from other things as well as the user inadvertently giving access indirectly or even directly to someone they didn't realize. We need something in law that says even if you get such information you can't use it without the users permission and you must make effort to delete it or inform them of your knowledge, etc... However, lacking sufficient legal backing and possibly improvements in privacy in general this is a tool that definitely helps the consumer control information including personal information.
I think your point is it should be made clear that protecting personal information is a difficult problem for which UMA is a tool to help but doesn't solve.
John
rgds, John follow me: http://johnmathon.wordpress.com/ https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
mailto:kendaggtbs@gmail.com> wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
mailto:agropper@healthurl.com> wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.” I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich < <>john@wunderlich.ca mailto:john@wunderlich.ca> wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, John Wunderlich (@PrivacyCDN)
http://privacybydesign.ca/ http://privacybydesign.ca/
http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 3, 2016, at 21:51, Adrian Gropper < <>agropper@healthurl.com mailto:agropper@healthurl.com> wrote:
The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler < <>eve@xmlgrrl.com mailto:eve@xmlgrrl.com> wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg < <>kendaggtbs@gmail.com mailto:kendaggtbs@gmail.com> wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com http://dictionary.com/ definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler < <>eve@xmlgrrl.com mailto:eve@xmlgrrl.com> wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, <>arr@worldknowledgebank.com mailto:arr@worldknowledgebank.com< <>arr@worldknowledgebank.com mailto:arr@worldknowledgebank.com> wrote: Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
“When you share what you know in a just way you sustain life and transform the way the world works.”
Ann Racuya-Robbins Founder Virtual Democratic Countries https://www.worldknowledgebank.com https://www.worldknowledgebank.com/
4440 Willard Ave #729 Chevy Chase, MD 20815 and 2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103 tel:202.304.7103, 505.216.5343 tel:505.216.5343, 301.951.1809 tel:301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 tel:613-825-2091 <>kendaggtbs@gmail.com mailto:kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list <>WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ http://patientprivacyrights.org/donate-2/_______________________________________________ WG-UMA mailing list <>WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 tel:613-825-2091 kendaggtbs@gmail.com mailto:kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
<2013 jan 20 privacy rights correlator as sent to Bali conference in 2013.xls><2014 jan 12 FIPPs key for privacy harms map-2-2.docx>_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
Must … resist … rathole … temptation Too late. Thinking about a privacy definition in relation to harms is too limiting. Harms are related to a potential impact in the event of a breach, but in a number of jurisdictions privacy is treated as a right - which puts in a different analytical framework. Recent decisions in Canada, for example, have created a civil tort of privacy (using the “Intrusion upon Seclusion” definition) and specifically say that no economic harm needs to be proven. The class bar in Canada is looking at this with interest. Sincerely, John Wunderlich (@PrivacyCDN) http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 4, 2016, at 14:53, Mark Lizar wrote:
HI Scott et al,
I like the spoiler :-)
I believe that each type of harm comes down to measuring the integrity, reliability and predictability of the information input and output channels (data as expression and perception) from the perspective of individuals.
Looking at what a consent based framework would need to be desired to more accurately depict UMA, its role in privacy I think this spoiler gets to the heart of it and as Ken mentioned it is a state. I think in this context Positive Privacy would be a great way to spell out these differences. Especially in terms of metrics.
Two things I am working on at the moment is 1. a Use Case for international transfer of personal data based on consent, and 2. a series of workshops focused on consent and notice.
In terms of 1. the use case, for a constant state of positive privacy that enables user control I think would combine elements like BCRS (on the backend) with UMA on the front end, wrapped in consent based framework built upon jurisdictional laws.
2. I think a workshop or conference with a call for papers regarding metrics from some key academics working in this field and on intermediary agents could really help quantify this. I have my eye on a few leaders in this space, but haven’t quite worked out the when.
Perhaps these items could be a point of collaboration between CIS & UMA ? Its difficult to start a new stream of work, but, these might work into things we have on the go. As well, the new crisp clarity of Positive Privacy now makes this a point to which we can engage and describe the larger ecosystem that is needed to interact with UMA and notice ?
(food for thought)
- Mark
On 4 Feb 2016, at 16:57, Scott L. David
mailto:sldavid@uw.edu> wrote: Hi Eve and John - Evidently I cannot forward this to the entire list. Please forward it for me if it might be useful in the current discussion.
Hi folks - The link below provides a nice piece from Solove that provides a checklist of the regions in the "privacy" landscape. It is US focused, but all the harms concepts correlate with those in other jurisdictions (where other terms may be applied to compound the confusion).
For UMA design, development and deployment purposes, it seems that the term's ambiguity could use some unpacking before any system design and operation decisions are made to pursue its accomplishment.
https://www.law.upenn.edu/journals/lawreview/articles/volume154/issue3/Solov... https://www.law.upenn.edu/journals/lawreview/articles/volume154/issue3/Solov...
The various definitions are not mutually exclusive, but all are relevant to the analysis.
I have also attached a "harms matrix" (the excel spreadsheet that many of you have already seen) that previously attempted that unpacking of the term "Privacy," by correlating different interpretations of the term from dozens of existing laws. Like the Solove article, it seeks to provide a "map" to the privacy landscape. It will help map the relationship among privacy, data security, etc.
Spoiler alert - I believe that each type of harm comes down to measuring the integrity, reliability and predictability of the information input and output channels (data as expression and perception) from the perspective of individuals. The measurements of such "integrity" are myriad, and the accomplishment of a state of acceptable "privacy" for the individual will be contextually and subjectively driven. So that even a stable definition will defy easy categorization. That is familiar territory for the law, which recognizes that humans consistently refuse to be engineered into clear categories. Would we have it be otherwise? Those who desire to create anticipatory measurement of every possible problem "phase space" that is opened up with the exercise of human discretion may be disappointed with the result. This suggested "information channel integrity" paradigm gathers all the disparate pieces into a framework that can be operationalized in law (as it already has been - albeit in a distributed fashion) and technology (as UMA can help to foster). Btw, I welcome critiques/challenges to this "spoiler alert" concept as conceptual "stress testing" prior to its application to socio-technical systems.
It appears that UMA can help individuals to navigate the complex privacy landscape without having to oversimplify that landscape itself. It is akin to how a nature walk is made more satisfactory (at least to nerds like me) with a good nature field guide, even though the guide does not simplify the ecosystem itself - it just helps frame my understanding of and interaction with the intrinsically system. Law and policy (including privacy and data security law) is a field guide to human interaction "ecosystems."
Kind regards, Scott
Scott L. David Director of Policy Center for Information Assurance and Cybersecurity University of Washington - Applied Physics Laboratory
w- 206-897-1466 m- 206-715-0859 Tw - @ScottLDavid
From: wg-uma-bounces@kantarainitiative.org mailto:wg-uma-bounces@kantarainitiative.org
mailto:wg-uma-bounces@kantarainitiative.org> on behalf of Eve Maler mailto:eve@xmlgrrl.com> Sent: Thursday, February 4, 2016 8:23 AM To: John Mathon Cc: Eve Maler Subject: Re: [WG-UMA] uma privacy definition Oh, one more thing... "Positive Privacy" is exactly what I have meant all these years when I contrast "Privacy" (or "Data Privacy") with "Selective Sharing". UMA is a technology that enables user control (yes, Mark and I have spoken about this many times before :-). It enables UX and back-end implementation patterns of proactive delegation, reactive consent ("access approval"), withdrawal of consent, and denial of consent -- all in a manner that's not coarse-grained but "scoped-grained" (which could be relatedly fine-grained depending on the API that was exposed).
UMA empowers individuals. But individuals are not the only parties in the ecosystem, and it's important to recognize that the equation has got to be win-win-win-win-win or no one will deploy the technology. There's a separation of powers. The idea has been that RS's are authoritative over resource sets and scopes (the "verbs and objects" of policies) -- meaning that they can, say, still control their APIs for fun and profit if they want. RO's are authoritative over mapping subjects to them to make policy -- meaning they can do selective sharing. AS's are authoritative over execution of the resulting policies -- meaning they are the experts at authorization, access control, and policy decisionmaking. (Classic "P*P architecture.)
Note that as we get into the BLT sandwich, we're finding places where we have to soften the lines a bit. Oh, RS's want to wrest a bit more control away from AS's at the edge? Okay, how do we do that? Oh, ROs want to be sure RS's don't do that too much in a loosely coupled world? Okay, how do we manage that?
Eve Maler Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 8:11 AM, Eve Maler
mailto:eve@xmlgrrl.com> wrote: Love the discussion! A couple of thoughts on some of the new points made: "Who and what can get access": We have discussed many times how the claims-gathering system can also be used to constrain the requesting party around purpose of use limitations, and in fact, the HEART group is just about to take up its "semantic UMA profiling" work, which will likely include this. A technical level of control would have to include layering encryption-type techniques, whereas a business-legal level of control would include techniques such as requiring "opt-in claims" or "signature claims" for the requesting party to complete. I've even discussed with some organizations the prospect of using claims-gathering to have a requesting party agree to take on roles such as "power of attorney" (a proxy role for the resource owner) in the form of sending a claim. "Unified control point": This is stated with respect to the nature of the ecosystem in which the services are deployed. Even though UMA has been successfully designed to be identifier-agnostic (see its design principle #3 http://kantarainitiative.org/confluence/display/uma/UMA+Requirements), if Alice's AS is a claims client to Bob's claim sources, without a way to establish trust between them, there are security problems. It's currently possible for Alice to choose her own AS(/likely IdP?) and Bob to choose his own AS(/likely IdP?) if their services can have established trust off-stage (in a medium-ecosystem way vs. totally dynamically) -- though I don't anticipate that this level of choice is actually going to show up in the market super-soon. As I said before, the #wideeco use case is the subject of some of our 2016 work (to be prioritized shortly in today's meeting!). If you haven't read the old http://tinyurl.com/umapbd http://tinyurl.com/umapbd paper, it's worth reading it to see where UMA provides the basis for solutions and where it doesn't; e.g., it makes clear that UMA isn't about storage, being API-level. Implementation profiling and deployment profiling therefore, to my mind, play a huge role for interoperable and successful usage in the wild (wherever it's planned to be used cross-organization, anyway). Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 7:04 AM, John Mathon
mailto:johnmathon@gmail.com> wrote: Ken, Your point is well taken, but is it not the case that UMA can be used as a tool to help an individual protect personal information? It is not a silver bullet in that simply having knowledge of your identification is some information and of course using many methods one might be able to infer many things from other things as well as the user inadvertently giving access indirectly or even directly to someone they didn't realize. We need something in law that says even if you get such information you can't use it without the users permission and you must make effort to delete it or inform them of your knowledge, etc... However, lacking sufficient legal backing and possibly improvements in privacy in general this is a tool that definitely helps the consumer control information including personal information.
I think your point is it should be made clear that protecting personal information is a difficult problem for which UMA is a tool to help but doesn't solve.
John
rgds, John follow me: http://johnmathon.wordpress.com/ https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
mailto:kendaggtbs@gmail.com> wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
mailto:agropper@healthurl.com> wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.” I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich < <>john@wunderlich.ca mailto:john@wunderlich.ca> wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, John Wunderlich (@PrivacyCDN)
http://privacybydesign.ca/ http://privacybydesign.ca/
http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 3, 2016, at 21:51, Adrian Gropper < <>agropper@healthurl.com mailto:agropper@healthurl.com> wrote:
The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler < <>eve@xmlgrrl.com mailto:eve@xmlgrrl.com> wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg < <>kendaggtbs@gmail.com mailto:kendaggtbs@gmail.com> wrote: Hi UmanitRians,
I'm an UMA lurker. That being said, the discussion around privacy is something of great interest to me and I couldn't resist chiming in.
Dictionary definitions, such as the dictionary.com http://dictionary.com/ definition below, (not that I'm totally in agreement with these definitions) all seem to revolve around privacy being a state (this part I do agree with) and legislation from various jurisdictions provide requirements to achieve this state (without providing a definition of privacy).
For example, Canada's two pieces of privacy legislation (Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA)) basically specify what must be achieved regarding the collection, storage, use and disposal of Personally Identifiable Information (as well as defining what PII is) including what and where consent is required.
I would suggest that defining privacy without defining the requirements (including consent) for achieving it would be negligent and doing a disservice to UMA.
My two cents, Ken
(http://dictionary.reference.com/browse/privacy http://dictionary.reference.com/browse/privacy) 1. the state of being apart from other people orconcealed from their view; solitude; seclusion: (Please leave the room and give me some privacy.) 2. the state of being free from unwanted or undue intrusion or disturbance in one's private life or affairs; freedom to be let alone: (Tourists must respect the tribe’s privacy. Those who wish to smoke can do so in the privacy of their own homes.) See also invasion of privacy. 3. freedom from damaging publicity, public scrutiny,secret surveillance, or unauthorized disclosure ofone’s personal data or information, as by agovernment, corporation, or individual: (Ordinary citizens have a qualified right to privacy. There is so much information about us online that personal privacy may be a thing of the past.) 4. the state of being concealed; secrecy: (Before he told us of his plans, he insisted on total privacy.)
On Wednesday, 3 February 2016, Eve Maler < <>eve@xmlgrrl.com mailto:eve@xmlgrrl.com> wrote: I don't think there is any UMA publication that defines privacy, but there is one (older) publication that discusses UMA with respect to Privacy by Design, here:
http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic...
I was thinking recently that it might be a good time to revise this paper, and/or write a new and more expanded one, in light of the many regulatory moves being made and discussions about the role of "consent" (as UMA enables) within those regulations. (I happen to have been doing a lot of writing and presenting along those lines in various forms myself lately, and others of us such as Jon Neiditz http://datalaw.net/ have as well.)
Eve Maler Cell +1 425.345.6756 tel:%2B1%20425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Feb 2, 2016 at 9:07 AM, <>arr@worldknowledgebank.com mailto:arr@worldknowledgebank.com< <>arr@worldknowledgebank.com mailto:arr@worldknowledgebank.com> wrote: Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
“When you share what you know in a just way you sustain life and transform the way the world works.”
Ann Racuya-Robbins Founder Virtual Democratic Countries https://www.worldknowledgebank.com https://www.worldknowledgebank.com/
4440 Willard Ave #729 Chevy Chase, MD 20815 and 2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103 tel:202.304.7103, 505.216.5343 tel:505.216.5343, 301.951.1809 tel:301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 tel:613-825-2091 <>kendaggtbs@gmail.com mailto:kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list <>WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ http://patientprivacyrights.org/donate-2/_______________________________________________ WG-UMA mailing list <>WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 tel:613-825-2091 kendaggtbs@gmail.com mailto:kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
<2013 jan 20 privacy rights correlator as sent to Bali conference in 2013.xls><2014 jan 12 FIPPs key for privacy harms map-2-2.docx>_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Forwarding for Scott.
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
---------- Forwarded message ----------
From: Scott L. David
Love the discussion! A couple of thoughts on some of the new points made:
- "Who and what can get access": We have discussed many times how the claims-gathering system can also be used to constrain the requesting party around purpose of use limitations, and in fact, the HEART group is just about to take up its "semantic UMA profiling" work, which will likely include this. A technical level of control would have to include layering encryption-type techniques, whereas a business-legal level of control would include techniques such as requiring "opt-in claims" or "signature claims" for the requesting party to complete. I've even discussed with some organizations the prospect of using claims-gathering to have a requesting party agree to take on roles such as "power of attorney" (a proxy role for the resource owner) in the form of sending a claim.
- "Unified control point": This is stated with respect to the nature of the ecosystem in which the services are deployed. Even though UMA has been successfully designed to be identifier-agnostic (see its design principle #3 http://kantarainitiative.org/confluence/display/uma/UMA+Requirements), if Alice's AS is a claims client to Bob's claim sources, without a way to establish trust between them, there are security problems. It's currently possible for Alice to choose her own AS(/likely IdP?) and Bob to choose his own AS(/likely IdP?) if their services can have established trust off-stage (in a medium-ecosystem way vs. totally dynamically) -- though I don't anticipate that this level of choice is actually going to show up in the market super-soon. As I said before, the #wideeco use case is the subject of some of our 2016 work (to be prioritized shortly in today's meeting!).
If you haven't read the old http://tinyurl.com/umapbd paper, it's worth reading it to see where UMA provides the basis for solutions and where it doesn't; e.g., it makes clear that UMA isn't about storage, being API-level. Implementation profiling and deployment profiling therefore, to my mind, play a huge role for interoperable and successful usage in the wild (wherever it's planned to be used cross-organization, anyway).
*Eve Maler *Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Thu, Feb 4, 2016 at 7:04 AM, John Mathon
wrote: Ken,
Your point is well taken, but is it not the case that UMA can be used as a tool to help an individual protect personal information? It is not a silver bullet in that simply having knowledge of your identification is some information and of course using many methods one might be able to infer many things from other things as well as the user inadvertently giving access indirectly or even directly to someone they didn't realize. We need something in law that says even if you get such information you can't use it without the users permission and you must make effort to delete it or inform them of your knowledge, etc... However, lacking sufficient legal backing and possibly improvements in privacy in general this is a tool that definitely helps the consumer control information including personal information.
I think your point is it should be made clear that protecting personal information is a difficult problem for which UMA is a tool to help but doesn't solve.
John
rgds, John follow me: [image: Wordpress] http://johnmathon.wordpress.com/[image: Twitter] https://twitter.com/john_mathon
On Thu, Feb 4, 2016 at 4:10 AM, Ken Dagg
wrote: Eve and other,
Thank you for your responses. While I agree fully that heading down the rathole of definitions is a tricky and dangerous endeavour, I also strongly believe that it is a necessary exercise (at least to some level of detail). I would encourage UMA to continue. I will also bring the question of defining Privacy to IAWG whose mandate, since it took over the Privacy WG a couple of years ago, includes Privacy.
That being said, your note said that UMA is "an OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live." While I have heard this before it finally sunk in and I think that understand what I have been missing before.
In my mind the key point is the phrase "for authorizing who and what can get access to". In my interpretation that is access to collect - be that for a millisecond examination or for the long term. In other words, also in my interpretation, UMA does nothing for controlling the storage, use or disposal of personally identifiable information. That is not a denunciation of UMA - it is just a statement of what I think I just realized. Am I correct?
If my eureka moment is true my suggestion would be to include an explicit statement in the description of UMA that says that controlling the storage, use and disposal of PII is outside the scope of UMA and the responsibility of other protocols / processes. It may seem to be redundant but I think that this type of statement would get people away from the idea that UMA might be the "silver bullet" to fix their privacy woes that they are all looking to discover. While I've not heard anyone ever say that it is, given the increased emphasis on privacy, I could see some executives making that interpretation.
Again, just my opinion.
Ken
On Wednesday, 3 February 2016, Adrian Gropper
wrote: Privacy by Design always makes me think of the Alice in Wonderland: “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
I like NIST's definition of privacy engineering: http://csrc.nist.gov/publications/drafts/nistir-8062/nistir_8062_draft.pdf
If by "narrow" and "medium" ecosystems you mean federations that agree to share an AS, then I understand but that hardly counts as autonomy and it sounds more like an add-on service to an IdP than a new thing. I suppose I just answered my own question about the product :-)
On Wed, Feb 3, 2016 at 10:14 PM, John Wunderlich
wrote: Adrian;
Think of it as Privacy by Intent, since it as as much about organizational cultural change and processes as it is about any specific technology.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 3, 2016, at 21:51, Adrian Gropper
wrote: The video is lovely. "nothing about me without me" has been a rallying cry of the Society for Participatory Medicine for years now.
The Venn is somewhat confusing. What is policy? Who's policy is it ?
What ForgeRock is selling is baffling. Who is buying AS from ForgeRock? How many UMA Authorization Servers will one person have? Who will own my AS in the sense of being able to take it off-line if they choose to?
PS: Privacy by Design has never sat well with me. I prefer Privacy Engineering, but that's maybe a personal problem for me.
Adrian
On Wed, Feb 3, 2016 at 9:30 PM, Eve Maler
wrote: FWIW, I debuted a new, very lightweight Venn diagram in a blog post https://www.forgerock.com/blog/uma-identity-platform-release/ last week (where ForgeRock was announcing its new platform version with UMA support!) describing elements of privacy. It's not to be taken too literally, but it echoes themes I talked about in this paper http://ieeexplore.ieee.org/xpl/abstractAuthors.jsp?reload=true&arnumber=7163222 and talk http://ieee-security.org/TC/SPW2015/IWPE/4.pdf from last year.
*Eve Maler *Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:01 PM, Ken Dagg
wrote: > Hi UmanitRians, > > I'm an UMA lurker. That being said, the discussion around privacy is > something of great interest to me and I couldn't resist chiming in. > > Dictionary definitions, such as the dictionary.com definition > below, (not that I'm totally in agreement with these definitions) all seem > to revolve around privacy being a state (this part I do agree with) > and legislation from various jurisdictions provide requirements to achieve > this state (without providing a definition of privacy). > > For example, Canada's two pieces of privacy legislation (Privacy Act > and Personal Information Protection and Electronic Documents Act (PIPEDA)) > basically specify what must be achieved regarding the collection, storage, > use and disposal of Personally Identifiable Information (as well as > defining what PII is) including what and where consent is required. > > I would suggest that defining privacy without defining the > requirements (including consent) for achieving it would be negligent and > doing a disservice to UMA. > > My two cents, > Ken > > (http://dictionary.reference.com/browse/privacy) > 1. the state of being apart from other people orconcealed from their > view; solitude; seclusion: (Please leave the room and give me some privacy.) > 2. the state of being free from unwanted or undue intrusion or > disturbance in one's private life or affairs; freedom to be let alone: > (Tourists must respect the tribe’s privacy. Those who wish to smoke can do > so in the privacy of their own homes.) See also invasion of privacy. > 3. freedom from damaging publicity, public scrutiny,secret > surveillance, or unauthorized disclosure ofone’s personal data or > information, as by agovernment, corporation, or individual: (Ordinary > citizens have a qualified right to privacy. There is so much information > about us online that personal privacy may be a thing of the past.) > 4. the state of being concealed; secrecy: (Before he told us of his > plans, he insisted on total privacy.) > > > > > On Wednesday, 3 February 2016, Eve Maler
wrote: > >> I don't think there is any UMA publication that defines privacy, >> but there is one (older) publication that discusses UMA with respect to >> Privacy by Design, here: >> >> >> http://kantarainitiative.org/confluence/display/uma/Privacy+by+Design+Implic... >> >> I was thinking recently that it might be a good time to revise this >> paper, and/or write a new and more expanded one, in light of the many >> regulatory moves being made and discussions about the role of "consent" (as >> UMA enables) within those regulations. (I happen to have been doing a lot >> of writing and presenting along those lines in various forms myself lately, >> and others of us such as Jon Neiditz http://datalaw.net/ have as >> well.) >> >> >> >> *Eve Maler *Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: >> @xmlgrrl >> >> >> On Tue, Feb 2, 2016 at 9:07 AM, arr@worldknowledgebank.com < >> arr@worldknowledgebank.com> wrote: >> >>> Is there an uma definition of privacy? >>> >>> >>> >>> Regards, >>> >>> >>> >>> Ann Racuya-Robbins >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> *“When you share what you know in a just way* >>> >>> *you sustain life and transform the way the world works.”* >>> >>> >>> >>> Ann Racuya-Robbins >>> >>> *Founder* >>> >>> *Virtual Democratic Countries* >>> >>> *https://www.worldknowledgebank.com >>> https://www.worldknowledgebank.com/* >>> >>> >>> >>> 4440 Willard Ave #729 >>> >>> Chevy Chase, MD 20815 >>> >>> *and* >>> >>> 2 Placita Road, La Puebla, Espanola, New Mexico 87532 >>> >>> >>> >>> 202.304.7103, 505.216.5343, 301.951.1809 >>> >>> >>> >>> This message (including any attachments) is intended only for the >>> use of the individual or entity to which it is addressed and may contain >>> information that is non-public, proprietary, privileged, confidential, and >>> exempt from disclosure under applicable law or may constitute as attorney >>> work product. If you are not the intended recipient, you are hereby >>> notified that any use, dissemination, distribution, or copying of this >>> communication is strictly prohibited. If you have received this >>> communication in error, notify us immediately by telephone and (i) destroy >>> this message if a facsimile or (ii) delete this message immediately if this >>> is an electronic communication. >>> >>> >>> >> >> > > -- > Kenneth Dagg > Independent Consultant > Identification and Authentication > 613-825-2091 > kendaggtbs@gmail.com > _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ _______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/
-- Kenneth Dagg Independent Consultant Identification and Authentication 613-825-2091 kendaggtbs@gmail.com
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
Thank you all for your contributions. I have a few follow-ups I will forward later.
Regards,
Ann Racuya-Robbins
“When you share what you know in a just way
you sustain life and transform the way the world works.”
Ann Racuya-Robbins
Founder
Virtual Democratic Countries
https://www.worldknowledgebank.comhttps://www.worldknowledgebank.com/
4440 Willard Ave #729
Chevy Chase, MD 20815
and
2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
From: wg-uma-bounces@kantarainitiative.org [mailto:wg-uma-bounces@kantarainitiative.org] On Behalf Of Eve Maler
Sent: Friday, February 05, 2016 1:12 PM
To: wg-uma@kantarainitiative.org WG
Hi; The whole “Definition of Privacy” thing is a sinkhole of definitions, frameworks and ontologies. For example, Solove’s “Taxonomy of Privacy http://papers.ssrn.com/sol3/papers.cfm?abstract_id=667622” identifies 16 different activities that could qualify. Privacy is individually perceived, socially constructed and varies contextually along a number of axes. In summary privacy is protean. It’s also quite uniquely an English word. This is why the Europeans refer to data protection rather than privacy. There is no word for privacy outside of English. It seems to me that it might be better to say that UMA is a tool that can, when deployed properly (for example, applying Privacy by Design as shown in Eve’s post earlier in this thread), protect personal data and let users assert some element of control over their personal information, but it is not sufficient by itself to guarantee privacy protections. Sincerely, John Wunderlich (@PrivacyCDN) http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 2, 2016, at 12:07, arr@worldknowledgebank.com wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
“When you share what you know in a just way you sustain life and transform the way the world works.”
Ann Racuya-Robbins Founder Virtual Democratic Countries https://www.worldknowledgebank.com https://www.worldknowledgebank.com/
4440 Willard Ave #729 Chevy Chase, MD 20815 and 2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
The reason I don't like "data protection" is that it's about the "fetal
crouch" part of what people want; the essential meaning of "protection" is
about keeping data in. A whole long history of "the rest of privacy" is
about other things having to do with decisional autonomy and more, which
goes beyond what the conversation has been attenuated into. Our lives are
not only lived in bits.(Justice Brandeis, for one, didn't spend any time on
iPads...) (I actually went to Brandeis U. :-) )
But all that said, point taken that coming up with a definition to beat all
definitions is probably a futile task! Isn't that why lawyers are simply
satisfied with defining terms up front in their documents and then sticking
to them?...
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:47 PM, John Wunderlich
Hi;
The whole “Definition of Privacy” thing is a sinkhole of definitions, frameworks and ontologies. For example, Solove’s “Taxonomy of Privacy http://papers.ssrn.com/sol3/papers.cfm?abstract_id=667622” identifies 16 different activities that could qualify. Privacy is individually perceived, socially constructed and varies contextually along a number of axes. In summary privacy is protean. It’s also quite uniquely an English word. This is why the Europeans refer to data protection rather than privacy. There is no word for privacy outside of English. It seems to me that it might be better to say that UMA is a tool that can, when deployed properly (for example, applying Privacy by Design as shown in Eve’s post earlier in this thread), protect personal data and let users assert some element of control over their personal information, but it is not sufficient by itself to guarantee privacy protections.
Sincerely, *John Wunderlich* *(@PrivacyCDN)*
http://privacybydesign.ca http://privacybydesign.ca
http://privacybydesign.caPrivacist & PbD Ambassador http://privacybydesign.ca
On Feb 2, 2016, at 12:07, arr@worldknowledgebank.com wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
*“When you share what you know in a just way* *you sustain life and transform the way the world works.”*
Ann Racuya-Robbins *Founder* *Virtual Democratic Countries* *https://www.worldknowledgebank.com https://www.worldknowledgebank.com/*
4440 Willard Ave #729 Chevy Chase, MD 20815 *and* 2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Eve; I tend to think of data protection as a series of obligations and conditions that data controllers and data processors have to meet to qualify for the privilege of handling my data, but I grant that may be an anomalous attitude. And the point of this conversation is that we are talking about privacy in the context of an OAuth-based protocol for the web, which means that we can, a priori, eliminate all kinds of definitions of privacy. Les Nessman https://en.wikipedia.org/wiki/Les_Nessman’s masking tape office boundaries, for example, aren’t really relevant here. At the risk of being tautological, I will refer this conversation to the UMA home page at Kantara which says, "User-Managed Access (UMA) is an award-winning https://kantarainitiative.org/uma-takes-home-award-from-eic-2014/ OAuth-based protocol designed to give a web user a unified control point for authorizing who and what can get access to their online personal data, content, and services, no matter where all those things live on the web.” That definition is an expression of a number of privacy principles and is sufficient unto itself. If the user wants aspects of privacy that aren’t subsumed in that definition, then they need to look elsewhere than UMA. Sincerely, John Wunderlich (@PrivacyCDN) http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 3, 2016, at 22:01, Eve Maler
wrote: The reason I don't like "data protection" is that it's about the "fetal crouch" part of what people want; the essential meaning of "protection" is about keeping data in. A whole long history of "the rest of privacy" is about other things having to do with decisional autonomy and more, which goes beyond what the conversation has been attenuated into. Our lives are not only lived in bits.(Justice Brandeis, for one, didn't spend any time on iPads...) (I actually went to Brandeis U. :-) )
But all that said, point taken that coming up with a definition to beat all definitions is probably a futile task! Isn't that why lawyers are simply satisfied with defining terms up front in their documents and then sticking to them?...
Eve Maler Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Wed, Feb 3, 2016 at 6:47 PM, John Wunderlich
mailto:john@wunderlich.ca> wrote: Hi; The whole “Definition of Privacy” thing is a sinkhole of definitions, frameworks and ontologies. For example, Solove’s “Taxonomy of Privacy http://papers.ssrn.com/sol3/papers.cfm?abstract_id=667622” identifies 16 different activities that could qualify. Privacy is individually perceived, socially constructed and varies contextually along a number of axes. In summary privacy is protean. It’s also quite uniquely an English word. This is why the Europeans refer to data protection rather than privacy. There is no word for privacy outside of English. It seems to me that it might be better to say that UMA is a tool that can, when deployed properly (for example, applying Privacy by Design as shown in Eve’s post earlier in this thread), protect personal data and let users assert some element of control over their personal information, but it is not sufficient by itself to guarantee privacy protections.
Sincerely, John Wunderlich (@PrivacyCDN)
http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 2, 2016, at 12:07, arr@worldknowledgebank.com mailto:arr@worldknowledgebank.com wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
“When you share what you know in a just way you sustain life and transform the way the world works.”
Ann Racuya-Robbins Founder Virtual Democratic Countries https://www.worldknowledgebank.com https://www.worldknowledgebank.com/
4440 Willard Ave #729 Chevy Chase, MD 20815 and 2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103 tel:202.304.7103, 505.216.5343 tel:505.216.5343, 301.951.1809 tel:301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
I really like Ken’s Privacy as a State point and agree with John in terms of the sinkhole description of the legacy privacy terminology and definitions. Its also abundantly clear that what we understood as privacy in the past no longer reflects modern privacy in a lot of ways. For example there is also a clear difference between Data Protection privacy and data control based privacy, where the individual control’s their own privacy. In my view this can be useful to describe what is very difficult to describe with legacy privacy discourse. It differentiates between data control and data protection, as well as provides a framework for privacy in discussing user consent through managed access and control frameworks. I have presented on this topic a couple of different presentations in the last few years teasing these issues out because they are very difficult to describe with legacy privacy discourse. The last iteration was called Positive Privacy, to explain consent based systems that provide personal data control. (or more modern privacy). Do you think Positive Privacy resonates in the context of UMA? Mark
On 4 Feb 2016, at 02:47, John Wunderlich
wrote: Hi;
The whole “Definition of Privacy” thing is a sinkhole of definitions, frameworks and ontologies. For example, Solove’s “Taxonomy of Privacy http://papers.ssrn.com/sol3/papers.cfm?abstract_id=667622” identifies 16 different activities that could qualify. Privacy is individually perceived, socially constructed and varies contextually along a number of axes. In summary privacy is protean. It’s also quite uniquely an English word. This is why the Europeans refer to data protection rather than privacy. There is no word for privacy outside of English. It seems to me that it might be better to say that UMA is a tool that can, when deployed properly (for example, applying Privacy by Design as shown in Eve’s post earlier in this thread), protect personal data and let users assert some element of control over their personal information, but it is not sufficient by itself to guarantee privacy protections.
Sincerely, John Wunderlich (@PrivacyCDN)
http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 2, 2016, at 12:07, arr@worldknowledgebank.com mailto:arr@worldknowledgebank.com wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
“When you share what you know in a just way you sustain life and transform the way the world works.”
Ann Racuya-Robbins Founder Virtual Democratic Countries https://www.worldknowledgebank.com https://www.worldknowledgebank.com/
4440 Willard Ave #729 Chevy Chase, MD 20815 and 2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
(oops — am resending Positive Privacy suggestion due to mixing up paragraph order) I really like Ken’s Privacy as a State point and agree with John in terms of the sinkhole description of the legacy privacy terminology and definitions. Its also abundantly clear that what we understood as privacy in the past no longer reflects modern privacy in a lot of ways. For example there is a clear difference between Data Protection privacy and data control based privacy, where the individual control’s their own privacy. I have presented on this topic a couple of different presentations in the last few years teasing these issues out because they are very difficult to describe with legacy privacy discourse. The last iteration was called Positive Privacy, to explain consent based systems that provide personal data control. (or more modern privacy). This can be useful to describe what is very difficult to describe with legacy privacy discourse. It differentiates between data control and data protection, as well as provides a framework for privacy in discussing user consent through managed access and control frameworks. Do you think Positive Privacy resonates in the context of UMA? Mark
On 4 Feb 2016, at 02:47, John Wunderlich
mailto:john@wunderlich.ca> wrote: Hi;
The whole “Definition of Privacy” thing is a sinkhole of definitions, frameworks and ontologies. For example, Solove’s “Taxonomy of Privacy http://papers.ssrn.com/sol3/papers.cfm?abstract_id=667622” identifies 16 different activities that could qualify. Privacy is individually perceived, socially constructed and varies contextually along a number of axes. In summary privacy is protean. It’s also quite uniquely an English word. This is why the Europeans refer to data protection rather than privacy. There is no word for privacy outside of English. It seems to me that it might be better to say that UMA is a tool that can, when deployed properly (for example, applying Privacy by Design as shown in Eve’s post earlier in this thread), protect personal data and let users assert some element of control over their personal information, but it is not sufficient by itself to guarantee privacy protections.
Sincerely, John Wunderlich (@PrivacyCDN)
http://privacybydesign.ca/ http://privacybydesign.ca/ http://privacybydesign.ca/Privacist & PbD Ambassador http://privacybydesign.ca/
On Feb 2, 2016, at 12:07, arr@worldknowledgebank.com mailto:arr@worldknowledgebank.com wrote:
Is there an uma definition of privacy?
Regards,
Ann Racuya-Robbins
“When you share what you know in a just way you sustain life and transform the way the world works.”
Ann Racuya-Robbins Founder Virtual Democratic Countries https://www.worldknowledgebank.com https://www.worldknowledgebank.com/
4440 Willard Ave #729 Chevy Chase, MD 20815 and 2 Placita Road, La Puebla, Espanola, New Mexico 87532
202.304.7103, 505.216.5343, 301.951.1809
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma http://kantarainitiative.org/mailman/listinfo/wg-uma
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org mailto:WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
participants (8)
-
Adrian Gropper
-
arr@worldknowledgebank.com
-
Eve Maler
-
John Mathon
-
John Wunderlich
-
Ken Dagg
-
Mark Lizar
-
Scott L. David