Episode 002: 02‐04‐2024 Why the US needs a trust framework for privacy - GluuFederation/identerati-office-hours GitHub Wiki

• Host: Mike Schwartz, Founder/CEO Gluu

• Co-Host: Ross Foard, US citizen

• Guest: David Kelts, Mobile Identity expert for human-centric ID and mDL

  *Tuesday April 2, 12:00 CST Linkedin Event

Linkedin Discussion

Description

David posits that privacy isn't safe in any digital identity architecture, and without a trust framework operating in the US, we will not implement privacy.

Homework

• Mobile ID can bring both convenience and citizen privacy via BioMetric Update

Extra Credit

• MOBILE DRIVER’S LICENSES: Backgrounder and Written Testimony House Financial Services Committee, Hearing on Verifying Identity while Preserving Privacy in the Digital Age

  • pdf

• Virtual hearing: Task Force on Artificial Intelligence of the Committee on Financial Services, U.S. House of Representatives, July 16, 2021

  • Minutes
  • Testimony

Livestream Audio Archive

Here

Mike's takeaways

• Without a trust framework, citizens may have little recourse when breaches occur.

• Consumer may want to use the wallet of their choice, but it doesn't mean issuers will agree to trust storage of credentials in these wallets.

• Trust frameworks that implement the three-entity "holder-issuer-verifier" decentralized model v. the two-entity "idp-sp" federated modela are novel, and it may take time to build such trust frameworks due to the newness of it all.

• mDL is a great technology for selective disclosure. But citizens need other credentials issued by the government or third parties.