Uncategorized

People and their representatives are rightly concerned about how biometric systems are used. This week while reading all the industry news I came across this article – CCIA Testifies On Maryland Biometric Privacy Proposal, Submits Written Comments On Biometric, Childrens, And Health Privacy Bills.

So what is BIPA? It is the Biometric Information Privacy Act that Illinois passed several years ago requiring any capturing of a biometric information in a template and in samples must get the subjects explicit consent. If companies don’t they face really large fines. White Castle just might have a $17billion dollar fine for violations over 10 years.

Industry associations like the Computer & Communications Industry Association are pushing back against these measures. This is their job to lobby on behalf of their members. Here is what they said.

The following can be attributed to CCIA State Policy Director Khara Boender:

“We share Maryland legislators’ concern about protecting biometric privacy and request that measures to address this important issue provide enough lead time for responsible sites to comply. We also recommend directing protections toward high-risk practices and aligning key definitions with privacy standards to encourage harmonization across state laws and aid compliance.”

“Privacy is particularly important for health data and for children online. While CCIA supports privacy measures tailored to specific age groups and the handling of more sensitive health data, the bills legislators are considering should prioritize ways to enable responsible companies to provide effective protections  rather than introducing punitive models with private rights of action that, in other states, have opened the floodgates to costly lawsuits.”

– CCIA Blog

I am hoping that organizations like CCIA can actually come to the Thoughtful Biometrics Workshop on March 16th and talk together with folks who are concerned about biometrics usage by the private sector and by government.

I have been engaging with folks who work developing biometric systems and folks who are concerned about biometric systems for in preparation for the Thoughtful Biometrics Workshop coming up March 16th.

Two weeks ago I attended Biometrics Regulation: Global State-of-Play Symposium (one to many talking on zoom with no chat function) put on by the Berkeley Center for Longterm Cybersecurity.

The aim of the virtual symposium is to discuss the global state-of-play for biometric data protection. We want to think more critically about biometric technologies as well as biometric regulation. As a result, we want to merge conversations on data protection compliance with broader technological, social and policy issues in different biometric technologies.

– Workshop Description Biometrics Regulation: Global State of Play Symposium

The presentations were interesting and it was great to have folks from all around the world present. India’s Aadhaar system was discussed and a newer system that has similar qualities was just rolled out in Brazil.

However something very concerning – throughout the discussion there was repeated conflation of biometrics with digital ID. This conflation is a problem to have the type of real discussion we need to have about both but to not conflate them.

I think the conflation comes from the builders of certain systems like Aadhaar and MOSIP along with those promoting these systems like the World Bank and Omidyar.

I’ve been working on “Digital Identity” since 2002-3 and the folks that inspired me to look at this issue were really considering how independent people expressed themselves in the digital world with their handles or avatars. This really began with the general public with the first internet services in the west like AOL, Compuserve and Prodigy. When you signed up to these services you picked a handle/user-name or maybe a few and that likely connected to an e-mail account. This user-name and the email associated with it are “digital identities”. Your twitter handle is a digital identity. Your Gmail account or Yahoo account is a digital identity.

In the last 10 years you have these large scale national ID (Aadhaar) systems being developed (MOSIP) and pushed out to whole populations that in order to get a “record in the digital database” as a citizen you have to go through an erollment and registration system that requires you to share your biometrics – often a photo, iris scans of your two eyes and capturing of all 10 finger prints. Then this national system deduplicates you – makes sure you didn’t already enroll and then issues you a ID number that is in the digital database of the nation state.

Then these national ID systems then create ways to “authenticate” against the database – prove that the person is represented by a given number/record in a database.

This is a very different architecture/design of digital identity than people have accounts in digital services. These two very different paradigms of what “digital identity” is – is part of the massive confusion around the language we are using.

There is a new paradigms around digital identity that involve collecting and sharing attributes from authoritative sources in the form of Verifiable Credentials is yet another type of decentralized digital identity that I spend a lot of time these days working on and convening people working on it at the Internet Identity Workshop.

Several years ago I co-wrote a paper about how biometrics could play nice with this new decentralized digital identity called Six Principles for Self-Sovereign Biometrics. If you look at what US Citizenship and Immigration is doing with their roll out of digital green cards using the verifiable credential technology on the digital green card holder’s wallet will have a photo encoded that when presented can be checked against the presenter’s face in real life. This aligns with what we outline. There is no “phone home” to the USCIS database to pull the photo and then compare – the needed biometric a photo is digitally signed and in a credential that can be compared with the presenter.

I just learned about a 2021 GAO report. It says that This means it is likely that more agencies are using FRT for more reasons. This report seems relevant because for the third time legislation is being put forward to do a Federal Facial Recognition Ban just this week.

The diagrams within the report do a good job of articulating clearly and simply different use-cases and how the systems work. I think they are great points of reference for us to use next week at the Thoughtful Biometrics Workshop on March 16th.

This set of diagrams articulates a whole range of uses by federal agencies.

This diagram really stood out for me because they are clear that there is a difference between Matching or what they call Verification or Identification. This different is really key and today there are proposals coming out from congress about banning FRT broadly.

This type of broad ban would limit the ability of agencies to use computer vision to match people to their documents – a technology that is widely used at boarder crossing in the US now and TSA has begun experimenting with at check points.

It would also limit the use of Biometrics as part of Biometric Exit I wrote about last week that compares passengers boarding flights leaving the US complied with access to galleries of photos of passengers drawn from DHS records (from entrance photos, document photos and passport records).

The GAO report includes a table breaking down the number of facial recognition systems owned by each agency:

• Commerce Department: one system, used for physical security.
• Defense Department: seven systems, used for physical security, domestic law enforcement, national security and defense, and other purposes.
• Energy Department: one system, used for physical security.
• Health and Human Services Department: three systems, used for physical security, domestic law enforcement and digital access/cybersecurity.
• Homeland Security Department: four systems, used for domestic law enforcement, border and transportation security, and national security and defense.
• Justice Department: seven systems, used for physical security, domestic law enforcement, national security and defense, and other purposes.
• State Department: one system, used for border and transportation security, and national security and defense.
• General Services Administration: one system, used for digital access/cybersecurity.
• NASA: one system, used for “other” purposes, including employee identification if they forgot their badges.

I recommend scanning through the report to see the range of use-cases. I think it can be useful in having a nuanced conversation about use-cases/applications that make sense and ones that could be harmful and really impact civil liberties.

I work on digital identity and this described below experience really highlighted the problem with much of the Biometrics industry and governments who use the technology – no explanation of what is actually happening or how a system got the template of my face. It re-affirmed for me the need for the Thoughtful Biometrics Workshop coming up March 16th.

I left SFO on Saturday at midnight on an EVA flight to Taipei. 

Biometric Exit combined with boarding that involved no presentment of a ticket or passport really caught me off guard. It was quite frankly creepy. 

I never agreed to share my photo with the airline – or to be part of a gallery (The group of photos of all people who would be getting on a plane). I just thought I was going through normal boarding where I would share my ticket and passport as part of getting on the plane. 

Instead I was asked to stand in front of a camera/screen that took my photo and then beeped/flashed green to say it was ok for me to get on the plane. 

When I said to the woman who was at the gate – what was going on that I hadn’t consented to this and where did they get the template to do this.  She was a bit surprised by my question and  shrugged and said she thought they got it off the chip on my passport.  Except I know this didn’t happen.  When I checked my bag in they only did that machine readability off the visual MRTD part of my passport – by swiping it through the reader on their keyboard.  

So I’m putting things together about what I think happened. 

CBP is doing Biometric Exit in collaboration with the airline.  (article confirming this)

The PNR – passenger name record is shared ahead of time with CBP – they put together a gallery (templates/photos of all the people who’s names appear as being on the flight) and then they use this gallery when folks pass through the live scanner.  This is me putting things together based on some of what I know and what I think is going on. 

The fact that there was no signage to explain to folks what is happening or how is really scary to me. This type of thing – where all of a sudden a thing is scanning your face and giving you a go/no-go to get on a plane is why people mis-trust facial recognition systems and technology.  I checked San Francisco has a ban on facial recognition technology – but only for local government agencies. 

I hope we can talk about this experience and others at the Thoughtful Biometrics Workshop coming up March 16th.  Please join us. 

I am reading a new article out asking if 2023 is the year of Digital ID.

It might be – lots of good developments are happening.

AND we also have a disaster of communication about how some systems work.

The article is referencing the way that TSA works where the employee puts the ID into a card reader which verifies the ID and then looks at the picture of the person presenting it to see if it matches. Then goes on to talk about how the digital version would work.

A digital ID would work the same way. The person would present a phone, which would have a barcode or QR code, which can be scanned, and links to a government record. “Essentially, your phone becomes a token which refers to a government authorized database,” said Miller.

– Is 2023 the Year of the Digital ID?

If that is how it is going to work – where I am presenting tokens that “refer to a government authorized database” then count me out. It sounds like to the non-sophsticated reader it pings the database and pulls down a photo of the person sharing the token. It might work this way – if people think reading it it does work this way – we can’t get adoption in the US. The ACLU has a whole report out about the worrisome phone home architecture that is optional with the mDL standard.

I did a search for mDL and TSA and this PDF showed up.

Look there is a direct link between the issuing authority and the TSA in the Relying party role – the little arrow says Key/Cert Exchange but is the public going to read that? Or are they going to think there is a connection to the database.

Another problem with the report and the way they talk about the solutions is that there are only phone hardware and software manufactures that are listed as the rightful arbiter of this system of IDs. What about other wallet manufactures.

One of the big developments related to biometrics in the United States in the last month is a call by senators “calling on TSA to immediately halt its deployment of facial recognition technology.”

My understanding of what is going on is facial matching between a presented document with a photo on it (passport or drivers license/stateID) and the person present. This is a similar kind of matching that happens when I cross the US boarder with my green card – they have my green card picture on file and then they point a camera at me and see if I match the picture on my card. 1:1 matching.

There are a lot of questions the Senators ask you can see the full letter here.

1. Please provide data on the accuracy and volume of TSA’s facial recognition technology program from 2020 to 2022 broken down by race, ethnicity, and gender that includes:

1. the rate of false positives and negatives produced;
2. the total number of travelers who had their face scanned by TSA;  
3. the total number of travelers who opted out;
4. the total number of cases where TSA stored its facial scans, instead of immediately deleting.

2. How are travelers notified of their right to opt-out of facial recognition? What are the effects on a traveler who chooses to opt-out of facial recognition?

3. Under TSA’s current system, do travelers who choose to opt-out face any additional consequences or additional screenings, pat-downs, interrogations, or even detention, beyond what they would have encountered at a non-facial recognition airport?

4. What training measures does TSA currently mandate for staff to regarding travelers who choose to opt-out of facial recognition technology?

5. Has TSA ever shared biometric data with other government agencies? If so, which agencies and for what purposes?

6. What measures is TSA taking to protect biometric data from cyberattacks or any other form of unauthorized distribution or release? How does TSA ensure the security of Americans’ data that third-parties have access to? Is TSA aware of any breaches of travelers’ biometric data collected at US airports? If so, please detail all such breaches.

This has prompted some responses from the biometrics industry with a post by the International Biometrics and Identity Association (IBIA) and the Security Industry Alliance (SIA). Both push saying that there are significant mis-understandings about the technology and how it works.

There is also video interview with Robert Tappan the Executive Director of IBIA on the Identity Week site. The interview is about 10 min and covers these topics:

1. Why do you think the terms “surveillance” and “identity verification” have been conflated? What are the perceptions of facial biometrics? True or not?
2. Is there evidence at all to suggest face verification technology is being used in the wrong way to invade privacy?
3. Talking to some vendors, some say there are some inherent biases in the level of technology that are being mitigated. Do you disagree that bias in biometrics now exists?
4. What are the differences between surveillance and verification that you suggested in your comments?
5. How do these claims/ beliefs affect trust?
6. Describe the level of progress in America with biometric deployments and are some unfounded beliefs that biometrics are ‘threatening our democracy’ derailing progress?

It is these deep disconnect between how the technology works in the real world, what it does and the public and legislator’s concern about it that the Thoughtful Biometrics Workshop was created for. My hope is we can dig and explore the nuances. I hope you will join us on March 16th.

The workshop is coming up March 16th virtually. If what I write below resonates with you please consider joining us

I thought long and hard about key constituencies to invite to the Thoughtful Biometrics Workshop and why. I collaborated with Kyra Auerbach to create this image that captures it.

There are many biometrics, ways to capture and measure them, and places in a techno-social system they can be implemented.

The technology landscape is wide and the policy and issue landscape they present is also vast.

This is what we explore at the Thoughtful Biometrics Workshop. 

Biometrics as a technology are not entirely “new” – for example, photos have been a part of government-issued identity documents for almost 100 years as 1:1 matching between a human and an identity document. As technologies have progressed (computer vision, AI, ML), new biometric technologies have emerged, enabling products with various use-cases and applications.

There is much to consider regarding thoughtful use. This is one reason we don’t pre-set an agenda, but instead invite key stakeholder communities with different knowledge bases and perspectives to engage in mutual learning and dialogue. 

Our hope is to gather humans who care about, are interested in, and are concerned about technology, in order for new perspectives and opportunities to shape future policy to emerge. These are the stakeholder groups invited to the Thoughtful Biometrics Workshop and why:

Civil Society Advocates and the Interested Public

New technologies have many implications. The public is naturally concerned about Biometric Technologies, while Civil Society Advocacy organizations are tracking the development of these technologies and raising concerns about their usage in various contexts. 

TBW provides an opportunity to share concerns and ask deep questions of the people who make and implement the technologies, to understand more about how they work in practice. There is also opportunity to share research and studies that have been done highlighting the flaws and misuses of biometric technology with creators, implementers and policy makers. 

Biometric Research Scientists & Companies that make Biometrics Products

Companies use the work of biometric scientists to make products. Many technologies are combined to make products that apply to different use-cases.  TBW provides an opportunity to share details of how various biometric modalities work (capture and comparison mechanisms) in practice, and to dispel misconceptions. There is also opportunity to share how technologies are combined to make products and how these work with other systems. 

Policy Makers and Regulators

Biometrics are diffusing and being adopted in a variety of settings across many domains: employment, government, commercial and civil society.  Some of these uses are aligned with existing policy requirements, some are novel uses that are not yet regulated at all. 

TBW provides an opportunity to understand the concerns that civil society advocates and the public have about existing and future uses that require reasonable regulation. The event is also an opportunity to learn in more detail from experts in biometrics and understand how the technology works in practice. 

Biometrics Implementers in the Private Sector, Government, Civil Society

These are organizations who buy biometrics technology solutions from companies to use in their day-to-day operations. They apply the technology either for authentication (checking someone matches an enrolled identity) or for identification. TBW provides an opportunity to share how and why they use biometric products to solve operational needs and explain more about their reasoning. 
​The event is also an opportunity to learn more details of how the technology works from the researchers, and to hear more about concerns regarding misuse and overuse. 

Technologists Working in Related Areas

There are a range of neighboring technologies and systems often used in conjunction with Biometrics, including identity and access management. TBW provides an opportunity to learn from a  range of stakeholders involved in biometrics technology, and to share perspectives about how neighboring technologies interact with biometrics.  

I first was exposed to biometrics at scale when I was working within the National Strategy for Trusted Identities in Cyberspace – Identity Ecosystem Steering Group that would host meetings “next to” biometric industry conferences. They were really kinda freaky for the technology presented and how I imagined it all being used.

I still have a very cautionary attitude towards biometrics technology however I am not scared of them in part because I have met folks who work more closely with and deepened my understanding.

In the fall of 2020 I proposed to Jack Callahan. We put on the first Thoughtful Biometrics workshop in March 2021. Now we are organizing the 2nd one coming up March 16, 2023. It is virtual and online. Learn more here and Register!

This is explanation of Biometrics I wrote for the workshop.

The term “biometrics” comes from two roots:  

bio meaning biological life + metrics meaning measurement

Therefore, it is defined as the measurement of biological characteristics. Every person has unique bodily or physical (biological) characteristics, and these can be measured, described and recorded or documented in various ways. Once documented they can be compared for identification or authentication purposes. 

Biometrics existed well before the creation of digital computers. For example, fingerprints have been collected and compared to establish identity since the mid-1800’s, and photographs used on documents such as passports starting about 100 years ago. 

Digital technology and other key innovations over the last 40 years, including advances in computer vision, algorithmic processes, and matching algorithms have expanded biometrics deeply into our digital world. 

Types of biometrics

All biometric modalities are basically two types; physiological and behavioral.

Examples of physiological biometrics include fingerprint, iris, retina, face, palm, and vein recognition. Examples of behavioral biometrics include signature and voice recognition.

APPLICATIONS OF BIOMETRICS:

1:1 matching for authentication:

Looking at a biometric associated with a particular person or record and seeing if the person presenting a sample of their biometric matches the biometric template that was previously enrolled. For example, 1:1 Matching on devices such as unlocking a phone using a fingerprint or faceprint.

Human 1:1 Matching against a document such as a passport, drivers license or other document. This can be done by a human looking at the picture and comparing, such as when you buy an age-restricted product. The clerk does a match between the document and a face along with checking the age of the person presenting the document. 

Computer 1:1 Matching against a document such as a passport, drivers license or other document. Computer vision is used to look at the person standing in front of a camera and compare them to a photo encoded on a document.

1:1 Matching against a sample enrolled in a system. An employer might have a biometric enrolled and on file to be compared to 1:1 when the employee presents themselves.

1:small n matching for authentication

This type of biometric usage involves the enrollment of a small group of people into a system. One use-case is all the people boarding a particular plane. The individuals traveling can share their photo and travel documents with the airline in the check in process. The photos are now in a gallery of a few hundred. When going to board the plane individuals can present themselves and be allowed to board after they match one of the faces in the gallery of photos of people who are passengers on the plane.

1:large n matching and identification

An important question for this mode is: does it happen in real time, or later in a forensic context?

In real time a video can capture snapshots of faces and then run the faces against a large n of potentially millions of people. If implemented on a camera on a public street, this would output a list of all the people who walked past. 

Forensic use of biometrics really began over a century ago with fingerprint matching. Fingerprints lifted from crime scenes were compared with fingerprint records of people. This is still done today but with electronic systems doing the matching. For forensic facial recognition, images of people are captured in retrospect from video or still photographs from a crime scene. These are compared with large data sets of images of people along with their names. 

EXAMPLES OF OTHER PLACES WE USE BIOMETRICS

Smart Speakers

Voice recognition goes beyond understanding speech; some devices are able to distinguish between people based on a pre-enrolled voice print. We could also see databases of voice prints created to compare samples against, much like we have photos of people being compared using facial recognition algorithms.

Wearable Sensors for Health tracking

There are more and more devices that use sensors to track things like heart rate, temperature, or oxygen levels. These devices in the form of rings, watches, bracelets, etc. record and share this information.

Augmented Reality (AR) and Virtual Reality (VR) Devices

AR and VR work with sensors that track head location and movements, eye movement and focus, facial expressions, hand movements, heart rate and even perspiration.  

We may have missed some biometrics use-cases –  feel free to reach out and share more! 

Infominer and I have been publishing the weekly Identosphere Newsletter and Summary of all that is happening Self-Sovereign and Decentralized Identity.

These are ways you can contribute a one time end of the year contribution:

Prices
	$500 $500.00 USD
	$1000 $1,000.00 USD
	$1500 $1,500.00 USD
	$2000 $2,000.00 USD
 

Or subscribe with a contribution every month this button will take you to a page where you can pick a monthly contribution amount.

You can also choose to pay monthly via Patreon.

Or you can reach out to Kaliya and ask for an invoice kaliya@identitywoman.net

Today, Sept 8th, the FTC held a Public Forum on commercial surveillance and data security and I made a public comment that you can find below.

I think the community focused on SSI should collaborate together on some statements to respond to the the FTC advance notice of proposed rulemaking related to this and has a series of 95 questions (in federal register or on the FTC site) that it invites written public comment on by October 21st. Here is a 3 page fact sheet about what they are focused on.

The Federal Trade Commission (“FTC”) is publishing this advance notice of proposed rulemaking (“ANPR”) to request public comment on the prevalence of commercial surveillance and data security practices that harm consumers. Specifically, the Commission invites comment on whether it should implement new trade regulation rules or other regulatory alternatives concerning the ways in which companies collect, aggregate, protect, use, analyze, and retain consumer data, as well as transfer, share, sell, or otherwise monetize that data in ways that are unfair or deceptive.

– federal register

Here are my Comments:

Thank you, My name is Kaliya Young and my online handle is “Identity Woman” – I have been working for 20 years on the challenge of how people can control and represent their digital selves online with dignity and be empowered. I co-founded the Internet Identity Workshop in 2005 and continue to convene it every 6 months. 

A lot of of the questions put forward relate to regulating these “bad things” happening by companies to people. I also encourage the FTC to take a forward looking approach by consider the work of values based technical communities working on alternative mechanics for data sharing between consumers and companies. 

Two projects I advise Dazzel Dao and JLINX are seeking to end surveillance capitalism via open standards and open source tools to: 

1. Give people tools collect of data that they generate in the digital world
2. Being able organize and get value from THEIR data from a range of sources 
3. and ways to share data under the consumer’s control with companies they trust in with new mechanisms to technically withdraw consent for having the information. 

Rule making should support these positive constructive efforts of ethical technologists. 

—————-

The risk of technology are often not seen until it is too late – I want to bring the Commissioners attention to a key issue that they could help with under the rule making related to data security as it relates to digital wallets – needed for the exchange and sharing of data between consumers and companies via protocols like Verifiable Credentials. 

There is a very real risk that because two companies control the mobile handset operating systems – Apple and Google – the will work to limit access to the APIs within the phone  preventing any wallets created by other companies working well.  

This doesn’t have to happen and the risk of it happening will be reduced if the FTC gets involved to ensure a level playing field for wallet makers – and ensuring consumers will have a choice of who they trust with the sensitive data about who they transact with across the digital world. Thank you.  

This series began in November with Logging Off Facebook: What Comes Next?

The 2nd event will be March 4th online

Both events are going to be Open Space Technology for three sessions. We will co-create the agenda the opening hour.

The 3rd Event will be April 1 online.

Building on the previous one we will consider how to mitigate harms as we enter into Web 3.

This is the text of an email I got today from a company that i had a contract with last year. It is really really really annoying the whole process of sending secure communications and documents. Once I finished reading it – I was reminded quite strongly why we need DIDComm as a protocol to enable the secure transport of all sorts of things not just signed VCs but intermediate uses – just PDF based things that have important information. Greetings from Tax1099.com !

Your 1099-NEC was submitted by COMPANY X for 2021.

Instructions for opening the form: Click on the attachment provided with this email. You will be prompted for your password, which is 8 characters. Please enter the first 4 letters of the name listed after the word ‘Dear…’ at the beginning of this email, all lowercase, and the last 4 digits of the tax ID (either SSN/EIN or ITIN).

For example:1. If your name appears on the form as Mary May with an SSN of 711223456, then the password would be mary3456 (first 4 characters of your Full Name / Business Name + last 4 digits of your SSN/ITIN number). 2. If your business name appears on the form as A & D with ITIN as 012847934, then the password would be ad7934 (first 2 characters without spaces and special characters of your organization name + last 4 digits of your ITIN/EIN number).  3. If your business name appears on the form as Mary May PLLC with ITIN as 012847934, then the password would be mary7934 (first 4 characters of your organization name + last 4 digits of your ITIN/EIN number). 4. If your name appears on the form as Al & D with ITIN as 517223355, then the password would be ald3355 (first 3 characters (ignore special characters and spaces) of your Full Name / Business Name since the Full Name / Business Name is shorter than 4 characters + last 4 digits of your SSN/ITIN number). 5. If your name appears on the form as Mary May without an SSN/ITIN number, then the password would be mary (first 4 characters of your Full Name / Business Name). 6. If your name appears on the form as Al & D without SSN/ITIN number, then the password would be ald (first 3 characters (ignore special characters and spaces) of your Full Name / Business Name since the Full Name / Business Name is shorter than 4 characters). 7. If your name or business name appears on the form as My Test with TIN as 012847934, then the password would be myte7934 (first 4 characters of your name or organization name + last 4 digits of your TIN/EIN/SSN number).

If you encounter any problem in opening your eForm, please check whether:1.You have entered the first 4 characters of your name/organization name (in lowercase letters). 2.You have entered the last 4 digits of your SSN/ITIN/EIN number.

I am pleased to share that I have joined the Secure Justice Advisory board. I have known Brian Hofer since he was one of the leaders within Oakland Privacy that successfully resisted the Domain Awareness Center for Oakland.

I wrote a guest blog post about a philosophy of activism and theory of change called Engaging with Industry that I share with Brian.

He has agreed to join the Advisory board for the next Thoughtful Biometrics Workshop that I am organizing for 2022.

I’m speaking today at the Phocuswright conference and this post is sharing key resources for folks who are watching/attending who want to get engaged with our work.

The Covid Credentials Initiative where I am the Ecosystems Director is the place to start. We have a vibrant global learning community striving to solve challenge of common standards for covid credentials and health passes.

• Subscribe to our newsletter – comes out every 2 weeks.
• Join/Get Involved and you can join our Slack

We have a Travel Summit Dec 1 & 2

As more and more governments adopt major COVID certificate standards to reopen borders, the travel industry is working hard to catch up on their technology to meet the evolving travel requirements. However, there is still no shortage of complaints from travelers about their cumbersome international travel experiences. 

Our community has been working within Linux Foundation Public Health (LFPH) to support the implementers of COVID credential solutions with a particular focus on facilitating interoperability among technology standards while preserving the privacy of individual data. At this critical juncture of global reopening, LFPH and Affinidi, a leading player in the space, are bringing key actors from the travel industry and technology vendors who are serving the travel industry together, to share and discuss:

• What technology solutions are in use to issue, process, manage and verify COVID certificates along the journey for international travelers, from before they leave home to their arrival at the hotel at their destination
• How they navigate and implement the complicated health policies and travel rules
• What the key challenges they are facing to provide a safe and smooth travel experience, including major technology and policy gaps that the LFPH/CCI community can help address

The agenda and speakers will be announced soon. Grab your seat today!

APAC Edition Dec 1

EU/US Edition Dec 2

We collaborated with Good Health Pass Collaborative on developing the Good Health Pass Interoperability Blueprint within the Trust over IP Foundation.

We at CCI are keen to continue this work and get travel happening together and welcome more active participation from the travel industry. Please join us!

There is also the Travel and Hospitality Special Interest Group at the Decentralized Identity Foundation it was this group that inspired and started work within the Trust over IP working group to develop a hospitality addendum.

It became clear to me again today why we here in California need Verifiable Credentials. I teach in a CCC – a California Community College. This summer I have a class and right now is the “census deadline” to drop students who haven’t been attending class.

Below is the note we were sent regarding fraudulent student applications.

Dear Faculty teaching summer 2021 courses, Fraudulent CCC Apply applications may have impacted the enrollment of your class. If so, these would be “students” that you were likely preparing to DROP with Census for no show. It is even that much more important that you COMPLETE YOUR Census ON Time. If you are not sure if any student is from a fraudulent application, you can look at your student roster. If there is a student with no phone number listed, they may be fraudulent because this is one of the identifying markers with this statewide problem. If you have students like this that have not attended class, complete your census, and please email your class code and the student ID number to __@____.edu