NSTIC /4 Sessions Combined (W5C)

From IIW

Session Topic: ANSTIC and Privacy (W5C)

Convener: Jeff, John Biccum, Dave Sanford

Notes-taker(s): Rick Campbell

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

From Rick:

Some privacy compromise is an expected part of doing business, e. g. fraud analysis by credit card companies. In Identity parlance, the IDP (or Attribute Provider - AP) needs to know the RP, not just the user.

NSTIC - motivation is fundamentally that there is a public good.

FIPPS could be that public good.

Things that government can do:

  • put money into it (analagous to building roads)
  • begin to define regulartions in ways that help people understand
  • Incentivize the desired behavior, e. g. define procurement regulations for suppliers

Proposal: Some modification to the trust framework could enable private sector IDPs to make money. (See credit card thing above)

PETS - Privacy Enhancing Technologies - to model a coin (???).