Binary Globe by GDj

Identity Decentralized

17 minute read

White House

  • The White House’s Future of the Internet is Available Today 2022-04-29 Indicio Tech

    The Biden administration, in coordination with 60 other countries, on Thursday unveiled a “Declaration for the Future of the Internet” that “reclaims the promise of the Internet in the face of the global opportunities and challenges presented by the 21st century.” 2022-04-28

  • A Collaborative Approach to Meeting the Challenges in President Biden’s Executive Order on Improving US Cybersecurity 2021-06-14

    One key aspect outlined in Section 4 of the Executive Order (EO) is securing the software supply chain. At issue here is the reality that the U.S. federal government—like nearly any other organization on the planet that uses computer technology in any form—relies on not just one but numerous types of software to process data and run operational equipment.

  • Recognizing Digital Identity as a National Issue 2021-06-14

    we dove into creating a centralized and holistic approach to protecting and regulating identity in the United States and the specifics of why digital identity and cybersecurity are national issues that the private sectors simply cannot tackle on their own. Here are some of the key takeaways.

  • Industry Implications of Executive Order on Improving the Nation’s Cybersecurity 2021-06-03

    President Biden’s recent issuance of the highly anticipated Executive Order on Improving the Nation’s Cybersecurity (EO or Order), in the midst of high-profile cyber-attacks on the Nation, brought new challenges to organizations looking to secure their cyber defenses. In this multipart podcast series, Wiley’s Government Contracts, Telecom, Media & Technology (TMT), and Privacy, Cyber & Data Governance attorneys provide a high-level overview of the Order.

  • Zero Trust Architecture in the White House Executive Order on Cybersecurity 2021-05-14 Adrian Gropper

    Please read Section 3 in the EO […] It may be time for us to explain Zero-Trust Architecture relationship to VCs and DIDs. My not-so-hidden agenda includes priority for considering authorization and delegation in our protocol work but our diverse community of security experts will surely make this a much broader discussion.

  • Executive order on Improving the Nations Cybersecurity 2021-05-12

    Sec. 3.  Modernizing Federal Government Cybersecurity.

    (a)  To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must take decisive steps to modernize its approach to cybersecurity, including by increasing the Federal Government’s visibility into threats, while protecting privacy and civil liberties.  The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS); centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks; and invest in both technology and personnel to match these modernization goals.

  • ACE Selects Four Blockchain Innovation Challenge Winners to Expand Economic Opportunity to Underserved Learners 2021-02-11

    The Lifelong Learner Project, Powered by Teachers, to develop a digital wallet in which teachers can store and access their credentials, certifications, and learning resources and securely share these verifiable credentials with entities such as state licensing systems, human resources departments, and learning management systems. The project is led by RANDA Solutions, in partnership with the Utah State Board of Education, ETS, Digital Promise, University Instructors, University of Colorado, Colorado Springs, Blockframe, Fluree, Evernym, Velocity Network Foundation, IDRamp, PhilosBDL, UPD Consulting, IATC, Credential Engine, and IMS Global.

USCIS - Digital Immigration Credentials

Healthcare

  • “Member as API” - The Interoperability and Patient Access final rule and Verifiable Credentials 2021-07-26 PocketCred

    The Interoperability and Patient Access final rule (CMS-9115-F) delivers on the government’s promise to put patients first, giving them access to their health information when they need it most and in a way they can best use it. As part of the MyHealthEData initiative, this final rule is focused on driving interoperability and patient access to health information by liberating patient data using CMS authority to regulate Medicare Advantage (MA), Medicaid, CHIP, and Qualified Health Plan (QHP) issuers on the Federally-facilitated Exchanges (FFEs).

Digital Identity

  • The Missing Ingredient for Globally Compatible ESG Data Collation and Reporting? Standardized Digital Entity Identification 2022-01-27 GLEIF

    Research conducted by GLEIF and the Data Foundation, indicates that the U.S. federal government alone uses 50 distinct and incompatible entity identification systems. When this fragmentation is amplified, taking into account the volume of different identifiers globally, it is easy to understand the challenges.

  • US Lawmakers Ask Government to Deliver Better Digital Identity Framework 2021-07-07 FindBiometrics

    witnesses should weigh any risks of voice and facial recognition software, which has historically exhibited bias against women and people of color, versus the potential benefits. This hearing will also discuss the future of digital identity frameworks, interoperability requirements and standards, and how the emerging technologies such as AI and distributed ledger technology could contribute to building a secure and effective digital ID.

  • Foster Introduces Bipartisan Digital Identity Legislation 2020-08-11
    • Establish a task force made up of key federal agencies and state representatives.
    • Direct NIST to create a new framework of standards to guide agencies in implementing identity systems.
    • Establish a grant program within the DHS to support states in upgrading.

Department of Education

  • US Education Department promotes putting student records on blockchain 2021-02-23 Cointelegraph

    The COVID-19 pandemic has exposed flaws across various sectors. As a result, a number of government departments are evaluating blockchain-based systems as possible solutions for challenges involving multiparty workflows, record-keeping, transparency and more.

    For example, the United States Department of Education recently provided funding for the launch of the “Education Blockchain Initiative.” Referred to as the EBI, this project is led by the American Council on Education — an organization that helps the higher education community shape effective public policy — and is designed to identify ways that blockchain can improve data flow between academic institutions and potential employers.

  • CONNECTED IMPACT Unlocking Education and Workforce Opportunity Through Blockchain 2020-06 ACE

    This report is the first phase of the Education Blockchain Initiative, funded by the U.S. Department of Education and managed by the American Council on Education (ACE). It summarizes an intensive research project to better understand the application of blockchain, a form of distributed ledger technology, to education. Its content is intended to inform policymakers, technology developers, education practitioners, and workforce entities about the state of and potential of interoperable digital credentials anchored on blockchains. This report also provides guidance to these stakeholders on the effective implementation of blockchain-based digital credentials infrastructure.

Personal Data Privacy

  • 2 Signs the US is Getting Tougher on Data Privacy Regulation 2022-09 Anonyme

    I know almost everyone can probably find something that they wished were different in the bill [ADPPA]. On the other hand, I do think we have a band-aid for the American people who are just fed up with the lack of privacy online

  • What is the American Data Privacy and Protection Act? 2022-06-20 IdentityReview

    If a business has had an annual revenue less than “$41 million, did not collect or process the data of more than 100,000 individuals, and did not derive more than 50% of revenue from transferring personal information” in the last three years, they are not considered a covered entity in this bill.

  • Kids PRIVCY ACT 2022-01-10 Me2BA

    We’re proud to support a bill that will:

    • Strengthen the legal protections afforded to children under COPPA, and extend COPPA protections to adolescents ages 13 to 17, who have long gone without privacy protections online, while creating new rights for families.
    • Prohibit surveillance advertising and other harmful uses of data on all digital services likely to be accessed by children, rather than limiting protection to ineffectual notice and consent on “child-directed sites.”
  • 75% of Americans Want National Data Privacy Standards 2021-11-03 Anonyme

    The clear majority of adults surveyed want national standards around how companies collect, process and share personal data to help protect users’ privacy and security online. Seven in 10 people agree with the federal government treating personal data security as a national security issue and investing in cybersecurity.

  • The US Data Privacy Law “Floor”: What Deserves Basic Protections? 2021-10 Anonyome

    The New York Times recently did a deep dive into the United States’ lack of a national data privacy law

    1. Data collection and sharing rights
    2. Opt-in consent
    3. Data minimization
    4. Non-discrimination and no data use discrimination
  • A US National Privacy Law Looks More Likely Than Ever 2021-04
  • Self-sovereign identity in the context of data protection and privacy 2020-11 YourStory SSI Explainer + Comparison with Personal Data Protection Bill, 2019.

    From a techno-legal perspective, data protection regimes like PDPB and GDPR regulate the processing of personal data—which has a broad and evolving definition. An authoritative paper on the subject classifies SSI data components into four categories — DIDs, credentials, revocation of credentials and hashes (relating to the first three).

FTC

  • FTC proposed consent order prohibits perpetual retention of personal information 2023-03-26

    We had previously written about an FTC proposed consent order that would prohibit a company from perpetual retention of personal health information. On March 2, 2023, the FTC announced a complaint and proposed consent with BetterHelp, Inc. that would prohibit the company from perpetual retention of personal information—a broader category. Also unlike the previous matter, the FTC did not cite to the health breach notification requirements, but instead included claims only under Section 5 of the FTC Act. Under the proposed consent, BetterHelp would pay $7.8 million, which the FTC may use for consumer redress.

  • FTC weighs new rules to protect Americans’ personal data 2022-08-11 Guardian

    The FTC is issuing an advanced notice of proposed rule-making to address commercial surveillance, the “business of collecting, analyzing, and profiting from information about people”. […] The public can offer input on the FTC notice and the commission will hold a virtual public forum on 8 September.

  • FTC announces Ed Tech prohibited from common data collection and monetization 2022-05-26 Me2BA

    Specifically, the FTC will be more closely monitoring all companies covered by the Children’s Online Privacy Protection Act of 1998 (COPPA), with particular attention to ed tech, to ensure that children have access to educational tools without being subject to surveillance capitalism.

  • Senate Asks FTC to Investigate ID.me for Deceptive Business Practices 2022-05-20 FindBiometrics

    The Senators’ complaints stem from comments that ID.me and CEO Blake Hall made about the nature of its facial recognition system. More specifically, they call attention to statements and a blog post in which Hall claimed that his company only performs one-to-one matching to compare a new selfie to an image on a photo ID during the identity verification process. One-to-one matching is considered to be both more accurate and more secure than alternative one-to-many solutions, since the user’s image is never cross-referenced against a larger database.

  • FTC on Commercial Surveillance and Data Security Rulemaking 2022-02-08 IdentityWoman

    There is a very real risk that because two companies control the mobile handset operating systems – Apple and Google – the will work to limit access to the APIs within the phone preventing any wallets created by other companies working well.

    This doesn’t have to happen and the risk of it happening will be reduced if the FTC gets involved to ensure a level playing field for wallet makers – and ensuring consumers will have a choice of who they trust with the sensitive data about who they transact with across the digital world. Thank you.

  • We Applaud the Confirmation of New FTC Commissioner, Alvaro Bedoya 2022-05-13 Me2Ba

    Bedoya’s research has shined a light on digital surveillance and its impact on people of color, immigrants, and the working class. He founded the Center on Privacy & Technology at Georgetown Law to focus on the importance of consumer privacy rights.

  • FTC’s Shot Across the Bow: Purpose and Use Restrictions Could Frame The Future of Personal Data Management 2021-11-03 Identity Praxis

    So that there is no uncertainty or doubt, however, Duball4 reports that, while consumer privacy is a chief concern for the commission, it is not the primary concern to the exclusion of other concerns. The commission is also worried about algorithmic bias and “dark patterns” practices.

Crypto

  • Executive Order on Ensuring Responsible Development of Digital Assets 2022-03-09 White House - President Biden

    We must promote access to safe and affordable financial services.  Many Americans are underbanked and the costs of cross-border money transfers and payments are high.  The United States has a strong interest in promoting responsible innovation that expands equitable access to financial services, particularly for those Americans underserved by the traditional banking system, including by making investments and domestic and cross-border funds transfers and payments cheaper, faster, and safer, and by promoting greater and more cost-efficient access to financial products and services.  The United States also has an interest in ensuring that the benefits of financial innovation are enjoyed equitably by all Americans and that any disparate impacts of financial innovation are mitigated.

  • The Infrastructure Bill and What it Holds for Crypto 2021-08-30 SelfKey Foundation

    Reports state that an amendment to the bill is unlikely when it is discussed during the autumn session. Moreover, the treasury has reportedly said it would provide clarifying guidance after the bill is passed to allow exemptions to firms that do not actually operate as brokers. The reported clarification from the Treasury is potentially a welcome sign that would improve the morale of the crypto community regarding the proposed bill.

  • New Directions for Government in the Second Era of the Digital Age 2021-02-05 Kuppinger Cole

    The Blockchain Research Institute™, in collaboration with the Washington DC based Chamber of Digital Commerce and other experts have produced a 120-page report on how the Biden-Harris administration could reimagine US technology strategy and policy—and take action to implement it.

FATF

IRS

  • ID.me and the future of biometric zero trust architecture 2022-04 Mike Vesey, IDRamp

    By combining verifiable digital credentials, which can be stored on a person’s mobile device, with biometric assurance, only the person who actually owns the device can use the credentials to prove their identity.

  • THE IRS AND ID.ME: PRIVACY OPTIONAL 2022-02-15 Trust Over IP

    While it is not clear why the IRS would relinquish this extremely sensitive capability in its entirety to a single, private-sector entity using a proprietary solution, there are clues

  • Rough Seas Ahead People 2022-01 MoxyTongue from the man who invented the term Self-Sovereign Idenitty, ID.me and the IRS.

    Humanity does not come into existence inside a database. The American Government does not come into authority “of, by, for” database entries.

    People prove birth certificates, birth certificates do not prove people.

  • IRS Using Facial Scanning 2022-01 Phil Windley

    The IRS will use ID.me’s authentication and identity proofing service exclusively starting sometime this summer. The identity proofing portion employs facial scanning by a third party, causing some concern.

  • IRS Will Soon Require Selfies for Online Access 2022-01 Krebs on Security

    If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me

US Patent and Trademarks (USPTO)

  • USPTO: CIO Jamie Holcombe 2021-01-04 Spreaker

    CIO Jamie Holcombe says identity verification with blockchain might be in the future for USPTO and talks about navigating changes in policy & law when considering a distributed ledger to store patents & trademarks. Among the interesting questions: do we start with patent #1 (applicant: George Washington)?

States

California

New York

Austin, TX

  • City of Austin dabbling in SSI 2020-03

    Many folks within the identity space see VC infrastructure as the future of identification. If much of our online identity is reputation based, then VCs represent a formal method for linking reputations and vouching for others to form a web of trust within which individuals are able to conduct identity transactions in a less centralized way.

Illinois

  • illinoisblockchain.tech
  • Illinois Partners with Evernym to Launch Birth Registration Pilot

    August 31, 2017 (Chicago/Salt Lake City) — Today the Illinois Blockchain Initiative announced its partnership with self-sovereign identity solutions leader Evernym, leveraging distributed ledger technology to provide secure digital identity solutions. The concept will augment work from the W3C’s Verifiable Claims Task Force and use the Sovrin Foundation’s distributed identity ledger to create a secure, “self-sovereign” identity for Illinois citizens during the birth registration process.

Wyoming

  • Principal Authority 2021-09-15 Blockchain Commons

    Principal Authority focuses not just on a single person’s authority to act digitally, but also on their ability to delegate to and require duties from other entities. In other words, these peer-to-peer relationships works within the context of a state who recognizes the concept of Principal Authority. Thus the use of Principal Authority to empower Self-Sovereign Identity provides a legal foothold for many of the original 10 #SSI principles. It also suggests five additional duties that are generally defined under the Laws of Agency to be due from agents to Principals.

  • 2020 Select Committee on Blockchain, Financial Technology and Digital Innovation Technology - Click on 11/2/2020 meeting details, and find the discussion on Disclosure of private cryptographic keys @ 9:30 am.

Utah

  • January Walker (UT04) on the Future of Self-Sovereign Identity 2022-09-03 Web3 Domains

    There are so many things that build into your identity and you’ll take all this information and it’ll be issued to you through a decentralized ID. These wallets will have layers of protection that protect your information, like your Social Security number or your birth certificate, or your marriage license. You’ll have this extra layer of protection when you need to prove your identity, and this could apply to a passport as well.

  • Utah State Legislature Passes Facial Recognition Bill 2021-03-05

    The Utah bill, on the other hand, allows public agencies to use facial recognition as long as certain guidelines are followed. Most notably, law enforcement officers must submit a written request before performing a facial recognition search, and must be able to provide a valid reason for doing so.

See Also


Ecosystem Overview

This page includes a breakdown of the Web Standards, Protocols,Open Source Projects, Organizations, Companies, Regions, Government and Policy surrounding Verifiable Credentials and Self Sovereign Identity.

Updated: 2024-02-26 4 minute read

Tags:

Verifiable Credentials with JSON-LD and BBS+ Signatures

BBS signatures were implicitly proposed by Boneh, Boyen, and Shacham (CRYPTO ’04) as part of their group signature scheme, and explicitly cast as stand-alone signatures by Camenisch and Lysyanskaya (CRYPTO ’04). A provably secure version, called BBS+, was then devised by Au, Susilo, and Mu (SCN ’...

Updated: 2023-09-29 8 minute read

Tags:
BBS
Data Integrity
JSON-LD
Verifiable Credentials
W3C

Verifiable Credentials with JOSE (JWT) / COSE (CBOR)

Digital proof mechanisms, a subset of which are digital signatures, are required to ensure the protection of a verifiable credential. Having and validating proofs, which may be dependent on the syntax of the proof (for example, using the JSON Web Signature of a JSON Web Token for proofing a key h...

Updated: 2023-09-09 12 minute read

Tags:
COSE
IANA
JOSE
JWT
Verifiable Credentials
W3C

Verifiable Credentials (ZKP-CL) Anoncreds

This credential format was created specifically to leverage the CL Signatures. JSON-JWT and JSON-LD Signatures each have their own way of representing the meaning of the attributes within a VC. JSON-JWT references an IANA registry and assumes a “closed world” authority model based on that authori...

Updated: 2023-09-29 6 minute read

Tags:
Anoncreds
Evernym
Hyperledger Foundation
IBM
IDEMIX
Sovrin Foundation
Verifiable Credentials
W3C
ZKP-CL