#Portability4Trust - Personal Data Portability for Trust Frameworks
22
#Portability 4Trust Personal Data Portability for Trust Frameworks Phil Wolff The DataPortability Project IIW Spring 2011
-
Upload
phil-wolff -
Category
Technology
-
view
2.039 -
download
0
description
We're building on our Portability Policy work to make data portability standards and practices available in a form that the new trust frameworks can use.
Transcript of #Portability4Trust - Personal Data Portability for Trust Frameworks
#Portability4TrustPersonal Data Portability
for Trust Frameworks
Phil WolffThe DataPortability Project
IIW Spring 2011
#portability4trust
A new Disclosure
• Describe your portability practices• Plain language• Common structure– Readable, Comparable
• Iconography– Readable: the CC pattern
2010
#portability4trust
Privacy v. Portability
• Your Privacy Policy tells visitors what you can do with their data.
• Your Portability Policy tells them what they can do with their data.
#portability4trust
4 Stages of Relationship
• Backing Up• Closing An Account
• Watching For Updates • Broadcasting Changes
Made Here
• Public Data• Access from Other Products• APIs and Data Formats• Where Things Are Stored
• Identity and Authentication• Working with Things Stored
Elsewhere
Start
Sync Share/Access
Exit
#portability4trust
The DataPortability Project Is Revving Our Portability Policy In Two Threads• Portability Policy Summit– Feedback from large adopters
• Portability4Trust– Tools for • trust framework authorities • trust framework providers
#portability4trust
The OAuth Triangle
People
Relying Party
Identity Provider
#portability4trust
The OAuth Triangle
People
Relying Party
Identity Provider
#portability4trust
The Trust TriangleTrust Frameworks• Culture• Contracts• Verification
People
Relying Party
Identity Provider
#portability4trust
7 Portability4Trust Deliverables
1. A portability principles manifesto2. A portability policy pledge 3. A portability policy template 4. A portability policy minimum disclosure 5. A portability policy minimum practice 6. A portability policy recommended practice 7. A portability glossary
#portability4trust
1. Personal Data Portability Principles Manifesto
List the principles of data portability and why they matter
#portability4trust
2. Policy Pledge
A short, direct promise to support the data portability principles
#portability4trust
3. Policy Template
Like the questions at PortabilityPolicy.org, a structure to assure all data portability principles are addressed and disclosed, supported or not
#portability4trust
4. Policy Minimum Disclosure
Describe the least amount of disclosure required by a trust framework
#portability4trust
5. Policy Minimum Practice
Describe required data portability practices. This is prescriptive.
#portability4trust
6. Policy Recommended Practice
Describe portability practices above and beyond the required.• Recommended practices may
become Required • with trust community support
#portability4trust
7. Data Portability Glossary
Defining terms
#portability4trust
#portability4trust
• DataPortability.org• p4t Google Group• Wednesday calls
1
5
234
6
#portability4trust
2011q2 Roadmap
•Write, Test, Revise, Release• Listen, Repeat
#portability4trust
Next steps
• Working here at IIW• Online, weekly conference calls• At other events– 10-13 May. European Identity Conference. Munich – 11-13 May. Telco 2 and Personal Data 5. London – 19-21 May. PII 2011 and PrivacyCamp – Silicon
Valley
#portability4trust
What we need
• 5 volunteers to work on the documents
• One firm to volunteer legal counsel for two hours of early advice
• Contributions to DPP 501[c]3 to fund travel and meetings
#portability4trust
#portability4trust
• DataPortability.org• p4t Google Group• Wednesday calls
@evanwolfskype:[email protected]+1-510-343-5664
