Please see the prior post and the post before about how we got to discussing this.
We can not forget that the Holocaust was enabled by the IBM corporation and its Hollerith machine. How did this happen? What were these systems? How did they work? and particularly how did the private sector corporation IBM end up working a democratically elected government to do very horrible things to vast portions of its citizenry? These are questions we can not ignore.
In 2006 Stefan Brands gave a talk that made a huge impression on me he warned us and audience of very well meaning technologists that we had to be very careful because we could incrementally create a system that could lead to enabling a police state. It was shocking at the time but after a while the point he was making sunk in and stuck with me. He shared this quote (this slide is from a presentation he gave around the same time)
It is the likability that is the challenge.
We have to have the right and freedom NOT to be required to use our “real name” and birthdate for everything.
This is the defacto linkable identifier that the government is trying to push out over everything so they can link everything they do together.
Stephan proposes another Fair Information Principle.
I will share more of Stephan’s slides because I think they are prescient for today.
Stephan’s slides talk about User-Centrism technology and ideas in digital identity – ideas that have virtually no space or “air time” in the NSTIC discussions because everything has been broken down (and I believe intentionally so) into “security” “standards” “privacy” “trust frameworks” silos that divide up the topic/subject in ways that inhibit really tackling user-centrism or how to build a working system that lives up to the IDEALS that were outlined in the NSTIC document.
I have tried and tried and tried again to speak up in the year and a half before the IDESG and the 2 years since its existence to make space for considering how we actually live up to ideals in the document. Instead we are stuck in a looping process of non-consensus process (if we had consensus I wouldn’t be UN-consensusing on the issues I continue to raise). The IDESG are not taking user-centrism seriously, we are not looking at how people are really going to have their rights protected – how people will use and experience these large enterprise federations.
Yes everyone that is what we are really talking about…Trust Framework is just a code word for Enterprise Federation.
I went to the TSCP conference a big defence/aerospace federation (who was given NSTIC grants to work on Trust Framework Development Guidance) where this lovely lady Iana from Deloitte who worked on the early versions of NSTIC and potential governance outlines for IDESG – she said very very clearly “Trust Frameworks ARE Enterprise Federations” and it was like – ahhh a breath of fresh clear honest air – talking about what we are really talking about.
So back to the Stephan Brands re-fresher slides on user-centric ID so we don’t forget what it is.
Look at these, take them seriously.
National ID
Dear IDESG, I’m sorry. I didn't call you Nazi's.
The complaint was that I called my fellow IDESG colleagues Nazi’s. He was unsatisfied with my original statement about the tweet on our public management council mailing list. Some how this led to the Ombudsman taking on the issue and after I spoke with him in Tampa it was followed by a drawn out 5 week “investigation” by the Ombudsman before he issued a recommendation.
Then turns out after all was said and done there was never actually a formal complaint. There was the ombudsman taking action on his own. (its funny how organizations can use Ombudsman to not actually protect people with in institutions but use them as institutional forces to push people out who speak up and ask too many questions)
During the time I was being investigated I experienced intensive trolling about the matter on twitter itself. The trolling was done by someone obviously familiar with the situation who was upset. There were only 5 people familiar with them matter as it was ongoing through this investigation.During my own IIW conference the troll topped off the week by making implicit rape threats. This was very very disruptive and upsetting to me so much so I don’t even remember that IIW.
Here is the tweet that I authored while pondering theories of organizational dynamics in Tampa and without any intent to cause an association in the mind of a reader with IDESG, NSTIC, nor any person or persons in particular note that I did not reference anyone with a @____ or add any signifying hashtags e.g., #idesg or #nstic in this tweeted comment. So unless you were reading everything you would never know I said it.
I own that the tweet was provocative but it was It was not my intent to cause harm to anybody or to the IDESG organization and wider identity community.
We can’t put documents up for community and public input and say “its 40 page document nobody has time to read” and laugh as if it is funny that the process is so bad that there is no ability for the body of the organization let alone the public to have insight. That is how not good things begin to happen no one is looking. I was trying to make a point that the meeting was being badly badly run and that poor process can lead to really bad outcomes.
I am very sorry if the tweet had an emotionally negative impact on people on the management council. I fully acknowledge that referencing anything relative to the Nazi era is triggering. It touches on our collective shame and surfaces vulnerability it is very hard to look at.
I also believe that we have to actually be prepared to do so. If we don’t examine the past we can’t be sure we will not repeat it. [Please click to see my my next post for this to be further expounded upon]
I didn’t choose to say anything along these lines because I was in the middle of a process with the Ombudsman I thought that would be honored and let to run its course.
I also didn’t feel one should feed internet trolls – one was being very aggressive and pestering me for an apology.
I think that we all need to keep in mind our roles as Directors of the IDESG when we interact with the public and with each other.
This includes hiding behind pseudonyms and aggressively trolling to get back at someone you are upset with. Which also happened – either deal with the issue in a formal process or take them out on twitter but do’t do both.
The whole process left my and my attorney puzzled. My attorney wrote a letter to the Management Council/Board of Directors with a whole bunch of questions and now that this is posted we look forward to their answers to those questions.
No one from he IDESG including the ombudsman ever responded or was concerned by the aggressive trolling and implicit rape threats on twitter by someone intimately familiar with the ongoing ombudsman process.
Abusive behavior towards women isn’t just a physical thing it is a psychological as well. I have felt unsafe in the Identity community since this incident. I am now setting it aside though and stepping forth in my full power.
BC Identity Citizen Consultation Results!!!!
This article explains more about the different parts of the British Columbia Citizen Consultation about their “identity card’ along with how it is relevant and can inform the NSTIC effort. [Read more…] about BC Identity Citizen Consultation Results!!!!
Resources for HopeX Talk.
I accepted an invitation from Aestetix to present with him at HopeX (10).
It was a follow-on talk to his Hope 9 presentation that was on #nymwars.
He is on the volunteer staff of the HopeX conference and was on the press team that helped handle all the press that came for the Ellsberg – Snowden conversation that happened mid-day Saturday. It was amazing and it went over an hour – so our talk that was already at 11pm (yes) was scheduled to start at midnight.
Here are the slides for it – I modified them enough that they make sense if you just read them. My hope is that we explain NSTIC, how it works and the opportunity to get involved to actively shape the protocols and policies maintained.
[Read more…] about Resources for HopeX Talk.
BC Government Innovation in eID + Citizen Engagement.
I wrote an article for Re:ID about the BC Government’s Citizen Engagement process that they did for their eID system.
Here is the PDF: reid_spring_14-BC
BC’S CITIZEN ENGAGEMENT:A MODEL FOR FUTURE PROGRAMS
Because of my decade long advocacy for the rights and dignity of our digital selves, I have become widely known as “Identity Woman.” The Government of British Columbia invited me to participate as an industry specialist/expert in its citizen consultation regarding the province’s Services Card. I want to share the story of BC’s unique approach, as I hope that more jurisdictions and the effort I am most involved with of late, the U.S. government’s National Strategy for Trusted Identities in Cyberspace, will choose to follow it.
The Canadian Province of British Columbia engaged the public about key issues and questions the BC Services Card raised. The well-designed process included a panel of randomly selected citizens. They met face- to-face, first to learn about the program, then to deliberate key issues and finally make implementation recommendations to government.
[Read more…] about BC Government Innovation in eID + Citizen Engagement.
