JLINC overview demo discussion

From IIW

JLINC Overview

Tuesday 2F

Convener: Victor Grey

Notes-taker(s): Dan Finlay

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Enabling the negotiation and recording of data sharing contracts.  Allowing verifiability as well as GDPR compliance, i.e. “right to be forgotten”.

The source of contracts and agreements is extensible. Riak database ends up being the signed contract store for most enterprises, but can store to any persistence method, including any blockchain.

LINC is not an identity provider, it’s a data transaction layer for exchanging permissioned data.

Two questions from me:

  1. Where are these user preferences stored? Anywhere the parties choose to. JLINC is a tool for creating & exchanging agreements and updating them.
  2. We are still trusting these services to delete data to “forget” it, right?  This forgetfulness is just a “best effort to comply” situation?

Some contracts will include a “minimum data to retain account”, and if the user chooses to redact any of that information, the account would be closed as per the original agreement.

Some terms are proposed.

- iat

- context

- terms address

- data address

- REF Required

-   The rights holder signs them

The data custodian signs them.

JLINC hash generated

Stellar Ledger ID recorded (a key for lookup on whatever ledger)

Victor likes the Stellar 32-byte hash format, and will probably continue using it even if they drop Stellar as their ledger.

LINC handles the legal aspects of signing a data permission agreement. If you need to record a data permission, or the redaction of a data permission, LINC can be a framework for recording the two sides of that agreement as the points that it changes.