[WG-P3] NSTIC Privacy Workshop
mark at smartspecies.com
Thu Jun 23 06:16:52 EDT 2011
A reminder that there is a NSTIC Privacy Workshop on Monday. To this
end I am wondering if P3/NSTIC-DG members would like to submit a paper
or statement to this workshop?
I believe that there are two P3 members that will be attending who may
be able to deliver this input personally. I realise that this is very
short notice to organise input, but if members are interested in
submitting I would be happy to edit and contribute to this input on
behalf of P3. We mentioned last week that we are not going to have
a call to organise input today. Instead there is a NSTIC-DG call
tomorrow where input can be collated and discussed.
Start Date: Monday, June 27, 2011
End Date: Tuesday, June 28, 2011
(1) Objectives of Privacy Workshop
This workshop will discuss the privacy-enhancing objectives of the
National Strategy for Trusted Identities in Cyberspace (NSTIC) and how
to effectively implement them in the Identity Ecosystem Framework,
including issues involved with overcoming the challenges of
establishing user-centric privacy protections. The goal of this
workshop is to provide a venue for discussion about developing
workable policies, practices and guidelines for privacy protections as
well as effective means of implementing these protection
Some Privacy related input from last week's call may be a good place
to start. Here is some salient points that were made in regards to
How is privacy going to be represented on the steering committee?
How will privacy decisions be made by the steering committee?
Kantara has a good model of governance to draw upon for response,
A Kantara response may include representing international standards in
privacy. Suggestions were made that the steering committee will need
to represent standards community according to particular areas of
governance. Assessment criteria and process will be needed for each
of these areas. FICAM being one of them.
In addition, last week we discussed how education was a critical part
to understanding privacy in the context of NSTIC. Education in this
respect may be a critical point of discussion at the workshop. In
this regard, contextual understanding of the use of identity in a
national strategy may also be very valuable for understanding the
international aspects of privacy the NSTIC strategy may need to include.
(Maybe something along the lines of)
Increased control of identity for individuals (an NSTIC objective)
reduces the sharing and exposure of data and in this way fundamentally
provides increased privacy protection. Although, once personal
information is shared, the need for privacy transcends national
borders and privacy protections will need to be considered in this
context. Emerging protocols like UMA may also present a privacy by
design approach for NSTIC that is worth noting as a way to address
some of these challenges.
In this regard, I urge members who are interested in contributing to
this workshop to provide additional input/discussion in this thread in
order to develop a draft input for the NSTIC-DG tomorrow.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the WG-P3