How to Protect Human Trust
The question of what we are trying to protect in the IDEF Identity Ecosystem is the essential question of all our work in my view:
The IDEF Identity Ecosystem must be dedicated to protecting human capabilities and the human attributes they create. We should protect human capabilities (and resultant attributes) stated in the Bill of Rights and Martha Nussbaum’s 10 core capabilities.* (See below)
What an ID Ecosystem participant must not do to protect human capabilities and the resultant human attributes is prospectively or retrospectively appropriate personal human identity attributes and metadata (PHIDAM) for commercial purposes. A participant must not use personal human identity attributes and metadata without an offer and acceptance of an enhancement to one or more human capability and an offer and acceptance to share revenue based on an informed valuation of use of PHIDAM for commercial purposes.
What an ID Ecosystem participant must do to protect human capabilities and the resultant human attributes is consider and treat personal human identity attributes and metadata PHIDAM as items of great value.
As Anil John of FICAM has said
“attributes are the new money” … “My personal perspective is that in the current online environment, our personal identity attributes should be considered items of great value.
“What does it take to enable a person to say who they are in the digital world while having the same confidence, protections and rights that they expect in the real world?”
For terminology I recommend “personal human identity attributes and metadata”.
I agree with others that creating an exact list is not necessary but I think gathering references is useful and I will add to the wiki for future reference.
(1.1) Baseline security requirements are intended to define the proper execution of all Identity Ecosystem core operations and functions that support transactions:
(1.2) Baseline security requirements are intended to define the proper execution of all Identity Ecosystem functions—registration through to authorization—that support transactions:
(2.1) That require authentication; and
(2.2) That require authentication and access control; and
(3.1) Where personal human identity attributes and metadata and/or sensitive business information is collected, transmitted, retained, processed, disclosed, and/or disposed of
(3.2) Where personally identifiable information and/or sensitive business information is collected, transmitted, retained, processed, disclosed, and/or disposed of
* Core Capabilities
i. Life. Being able to live to the end of a human life of normal length; not dying prematurely, or before one’s life is so reduced as to be not worth living.
ii. Being able to have good health, including reproductive health; to be adequately nourished; to have adequate shelter.
iii. Bodily integrity. Being able to move freely from place to place; to be secure against violent assault, including sexual assault and domestic violence; having opportunities for sexual satisfaction and for choice in matters of reproduction.
iv. Senses, imagination, and thought. Being able to use the senses, to imagine, think, and reason-and to do these things in a “truly human” way, a way informed and cultivated by an adequate education, including, but by no means limited to, literacy and basic mathematical and scientific training. Being able to use imagination and thought in connection with experiencing and producing works and events of one’s own choice, religious, literary, musical, and so forth. Being able to use one’s mind in ways protected by guarantees of freedom of expression with respect to both political and artistic speech, and freedom of religious exercise. Being able to have pleasurable experiences and to avoid nonbeneficial pain.
v. Emotions. Being able to have attachments to things and people outside ourselves; to love those who love and care for us, to grieve at their absence; in general, to love, to grieve, to experience longing, gratitude, and justified anger. Not having one’s emotional development blighted by fear and anxiety. (Supporting this capability means supporting forms of human association that can be shown to be crucial in their development.)
vi. Practical reason. Being able to form a conception of the good and to engage in critical reflection about the planning of one’s life. (This entails protection for the liberty of conscience and religious observance.)
vii. Affiliation. (A) Being able to live with and toward others, to recognize and show concern for other human beings, to engage in various forms of social interaction; to be able to imagine the situation of another. (Protecting this capability means protecting institutions that constitute and nourish such forms of affiliation, and also protecting the freedom of assembly and political speech.) (B) Having the social bases of self-respect and nonhumiliation; being able to be treated as a dignified being whose worth is equal to that of others. This entails provisions of nondiscrimination on the basis of race, sex, sexual orientation, ethnicity, caste, religion, national origin.
viii. Other species. Being able to live with concern for and in relation to animals, plants, and the world of nature.
ix. Being able to laugh, to play, to enjoy recreational activities.
x. Control over one’s environment. (A) Political. Being able to participate effectively in political choices that govern one’s life; having the right of political participation, protections of free speech and association. (B) Material. Being able to hold property (both land and movable goods), and having property rights on an equal basis with others; having the right to seek employment on an equal basis with others; having the freedom from unwarranted search and seizure. In work, being able to work as a human being, exercising practical reason and entering into meaningful relationships of mutual recognition with other workers.
Martha C. Nussbaum. CREATING CAPABILITIES, Harvard University Press, 2011.