Human Capability and the Future of the Human Trust Experience
Did you see the example I contributed in response to Andrew’s question along the same lines. I have copied it below?
Last week I also suggested a process along with others for engaging a larger community for input.
Here are some other proposals:
A bit of taxonomy work on the wiki to collect more input around the core concepts of human capabilities, human attributes and personal information targeted to align with the Identity Ecosystem Framework IDEF dashboard. This could be done or not by a subgroup and should include outreach for input. This discussion should weight the fact that “personal information” has lost much of its meaning because it continues to be defined too narrowly and is perpetually playing catch up to changes in information systems, business practice and well, human capability. So to say we are dedicated to protecting personal information does not inspire much trust. This work could well be a trans-committee kind of work.
I have a proposal moving forward here and elsewhere on a Memorandum of Social Cooperation which operationalizes the
human capability approach beginning at Registration. One of the distinguishing features of the Memorandum of Social Cooperation is that it discusses the responsibilities of all parties in an IDEF transaction, not solely the providers’ responsibilities. I am mindful that HIPPA requirements begin at Registration and we might well look to aspects of HIPPA for Memorandum implementation. I believe there may be technical solutions aligned with these ideas and of course that is welcome.
Ryan you said “I would suggest that a requirement for encrypting audit and security logs would be well within the scope of what I have described—as long as the owner of those audit and security logs executes a function supporting the described transaction.” Excellent idea and the right direction forward in my view.
If we can voluntarily agree on ”what we are trying to protect” that is better than having to mandate compliance.
On Registration: you said “However, if you signed up to have a booklet
of coupons delivered to your house using an online form, that would currently be out of scope for
what we are considering.” Please elaborate why this is out of scope?
I will be providing alternative language to you “target statement” in another email.
My earlier example.
“Human capabilities are sometimes described as functions. More generally human capabilities refers to things a person can do, how a person can act.
For example, speaking (speech) is a human capability. When, by what means, how long, the pitch of the person’s voice, how loud a person speaks, where a person spoke from, whether a person used sign language… are human attributes that arise from the human capability to speak. Because human capabilities are dynamic and expanding so too human attributes are dynamic and expanding. In cyberspace and online environments human capabilities and the human attributes they create is a dynamic and expanding kind of information.
To protect this human capability, for example, American democracy created a right to free speech (with some provisos) which covers more or less all the human attributes that arise from speaking. For this reason we don’t have a right to speak limited to a device. So for example we don’t have a human right to speak limited to speaking on a telephone. This would limit and discourage the dynamic and expanding human function of speech. If a third party takes the human attributes created by a human capability and uses it to make money we would consider that an appropriation and a violation of copyright.
In cyberspace, online environments and information systems we draw on privacy provisions to protect the human capability and human attributes of speech.
In America there is general agreement (consensus if you will) that limiting the right to speak or appropriating speech erodes social cooperation in a society.
Regards,
Ann Racuya-Robbins”