• Skip to primary navigation
  • Skip to main content

Identity Woman

Independent Advocate for the Rights and Dignity of our Digital Selves

  • About
  • Services
  • Media Coverage
  • Podcast
  • Blog
  • Contact
  • Show Search
Hide Search

Uncategorized

Industry orgs “warn” states against BIPA style laws. Why not have a dialogue at Thoughtful Biometrics Workshop – March 16th

Kaliya Young · March 10, 2023 ·

People and their representatives are rightly concerned about how biometric systems are used. This week while reading all the industry news I came across this article – CCIA Testifies On Maryland Biometric Privacy Proposal, Submits Written Comments On Biometric, Childrens, And Health Privacy Bills.

So what is BIPA? It is the Biometric Information Privacy Act that Illinois passed several years ago requiring any capturing of a biometric information in a template and in samples must get the subjects explicit consent. If companies don’t they face really large fines. White Castle just might have a $17billion dollar fine for violations over 10 years.

Industry associations like the Computer & Communications Industry Association are pushing back against these measures. This is their job to lobby on behalf of their members. Here is what they said.

The following can be attributed to CCIA State Policy Director Khara Boender:

“We share Maryland legislators’ concern about protecting biometric privacy and request that measures to address this important issue provide enough lead time for responsible sites to comply. We also recommend directing protections toward high-risk practices and aligning key definitions with privacy standards to encourage harmonization across state laws and aid compliance.”

“Privacy is particularly important for health data and for children online. While CCIA supports privacy measures tailored to specific age groups and the handling of more sensitive health data, the bills legislators are considering should prioritize ways to enable responsible companies to provide effective protections  rather than introducing punitive models with private rights of action that, in other states, have opened the floodgates to costly lawsuits.”

– CCIA Blog

I am hoping that organizations like CCIA can actually come to the Thoughtful Biometrics Workshop on March 16th and talk together with folks who are concerned about biometrics usage by the private sector and by government.

Biometrics =/= Digital ID

Kaliya Young · March 10, 2023 ·

I have been engaging with folks who work developing biometric systems and folks who are concerned about biometric systems for in preparation for the Thoughtful Biometrics Workshop coming up March 16th.

Two weeks ago I attended Biometrics Regulation: Global State-of-Play Symposium (one to many talking on zoom with no chat function) put on by the Berkeley Center for Longterm Cybersecurity.

The aim of the virtual symposium is to discuss the global state-of-play for biometric data protection. We want to think more critically about biometric technologies as well as biometric regulation. As a result, we want to merge conversations on data protection compliance with broader technological, social and policy issues in different biometric technologies.

– Workshop Description Biometrics Regulation: Global State of Play Symposium

The presentations were interesting and it was great to have folks from all around the world present. India’s Aadhaar system was discussed and a newer system that has similar qualities was just rolled out in Brazil.

However something very concerning – throughout the discussion there was repeated conflation of biometrics with digital ID. This conflation is a problem to have the type of real discussion we need to have about both but to not conflate them.

I think the conflation comes from the builders of certain systems like Aadhaar and MOSIP along with those promoting these systems like the World Bank and Omidyar.

I’ve been working on “Digital Identity” since 2002-3 and the folks that inspired me to look at this issue were really considering how independent people expressed themselves in the digital world with their handles or avatars. This really began with the general public with the first internet services in the west like AOL, Compuserve and Prodigy. When you signed up to these services you picked a handle/user-name or maybe a few and that likely connected to an e-mail account. This user-name and the email associated with it are “digital identities”. Your twitter handle is a digital identity. Your Gmail account or Yahoo account is a digital identity.

In the last 10 years you have these large scale national ID (Aadhaar) systems being developed (MOSIP) and pushed out to whole populations that in order to get a “record in the digital database” as a citizen you have to go through an erollment and registration system that requires you to share your biometrics – often a photo, iris scans of your two eyes and capturing of all 10 finger prints. Then this national system deduplicates you – makes sure you didn’t already enroll and then issues you a ID number that is in the digital database of the nation state.

– How Aadhaar is Giving an Identity to 1.3 Billion Citizens?

Then these national ID systems then create ways to “authenticate” against the database – prove that the person is represented by a given number/record in a database.

– How Aadhaar is Giving an Identity to 1.3 Billion Citizens?

This is a very different architecture/design of digital identity than people have accounts in digital services. These two very different paradigms of what “digital identity” is – is part of the massive confusion around the language we are using.

There is a new paradigms around digital identity that involve collecting and sharing attributes from authoritative sources in the form of Verifiable Credentials is yet another type of decentralized digital identity that I spend a lot of time these days working on and convening people working on it at the Internet Identity Workshop.

Several years ago I co-wrote a paper about how biometrics could play nice with this new decentralized digital identity called Six Principles for Self-Sovereign Biometrics. If you look at what US Citizenship and Immigration is doing with their roll out of digital green cards using the verifiable credential technology on the digital green card holder’s wallet will have a photo encoded that when presented can be checked against the presenter’s face in real life. This aligns with what we outline. There is no “phone home” to the USCIS database to pull the photo and then compare – the needed biometric a photo is digitally signed and in a credential that can be compared with the presenter.

Federal Agencies using Facial Recognition Technology: GAO report from 2021

Kaliya Young · March 10, 2023 ·

I just learned about a 2021 GAO report. It says that This means it is likely that more agencies are using FRT for more reasons. This report seems relevant because for the third time legislation is being put forward to do a Federal Facial Recognition Ban just this week.

The diagrams within the report do a good job of articulating clearly and simply different use-cases and how the systems work. I think they are great points of reference for us to use next week at the Thoughtful Biometrics Workshop on March 16th.

This set of diagrams articulates a whole range of uses by federal agencies.

– GAO report: Facial Recognition Technology: Current and Planned Uses by Federal Agencies

This diagram really stood out for me because they are clear that there is a difference between Matching or what they call Verification or Identification. This different is really key and today there are proposals coming out from congress about banning FRT broadly.

– GAO report: Facial Recognition Technology: Current and Planned Uses by Federal Agencies

This type of broad ban would limit the ability of agencies to use computer vision to match people to their documents – a technology that is widely used at boarder crossing in the US now and TSA has begun experimenting with at check points.

It would also limit the use of Biometrics as part of Biometric Exit I wrote about last week that compares passengers boarding flights leaving the US complied with access to galleries of photos of passengers drawn from DHS records (from entrance photos, document photos and passport records).

The GAO report includes a table breaking down the number of facial recognition systems owned by each agency:

  • Commerce Department: one system, used for physical security.
  • Defense Department: seven systems, used for physical security, domestic law enforcement, national security and defense, and other purposes.
  • Energy Department: one system, used for physical security.
  • Health and Human Services Department: three systems, used for physical security, domestic law enforcement and digital access/cybersecurity.
  • Homeland Security Department: four systems, used for domestic law enforcement, border and transportation security, and national security and defense.
  • Justice Department: seven systems, used for physical security, domestic law enforcement, national security and defense, and other purposes.
  • State Department: one system, used for border and transportation security, and national security and defense.
  • General Services Administration: one system, used for digital access/cybersecurity.
  • NASA: one system, used for “other” purposes, including employee identification if they forgot their badges.

I recommend scanning through the report to see the range of use-cases. I think it can be useful in having a nuanced conversation about use-cases/applications that make sense and ones that could be harmful and really impact civil liberties.

Biometric Exit – its creepy.

Kaliya Young · February 27, 2023 ·

I work on digital identity and this described below experience really highlighted the problem with much of the Biometrics industry and governments who use the technology – no explanation of what is actually happening or how a system got the template of my face. It re-affirmed for me the need for the Thoughtful Biometrics Workshop coming up March 16th.

I left SFO on Saturday at midnight on an EVA flight to Taipei. 

Biometric Exit combined with boarding that involved no presentment of a ticket or passport really caught me off guard. It was quite frankly creepy. 

I never agreed to share my photo with the airline – or to be part of a gallery (The group of photos of all people who would be getting on a plane). I just thought I was going through normal boarding where I would share my ticket and passport as part of getting on the plane. 

Instead I was asked to stand in front of a camera/screen that took my photo and then beeped/flashed green to say it was ok for me to get on the plane. 

When I said to the woman who was at the gate – what was going on that I hadn’t consented to this and where did they get the template to do this.  She was a bit surprised by my question and  shrugged and said she thought they got it off the chip on my passport.  Except I know this didn’t happen.  When I checked my bag in they only did that machine readability off the visual MRTD part of my passport – by swiping it through the reader on their keyboard.  

So I’m putting things together about what I think happened. 

CBP is doing Biometric Exit in collaboration with the airline.  (article confirming this)

The PNR – passenger name record is shared ahead of time with CBP – they put together a gallery (templates/photos of all the people who’s names appear as being on the flight) and then they use this gallery when folks pass through the live scanner.  This is me putting things together based on some of what I know and what I think is going on. 

The fact that there was no signage to explain to folks what is happening or how is really scary to me. This type of thing – where all of a sudden a thing is scanning your face and giving you a go/no-go to get on a plane is why people mis-trust facial recognition systems and technology.  I checked San Francisco has a ban on facial recognition technology – but only for local government agencies. 

I hope we can talk about this experience and others at the Thoughtful Biometrics Workshop coming up March 16th.  Please join us. 

Digital ID architectures matter. So does the way we talk about them.

Kaliya Young · February 26, 2023 ·

I am reading a new article out asking if 2023 is the year of Digital ID.

It might be – lots of good developments are happening.

AND we also have a disaster of communication about how some systems work.

The article is referencing the way that TSA works where the employee puts the ID into a card reader which verifies the ID and then looks at the picture of the person presenting it to see if it matches. Then goes on to talk about how the digital version would work.

A digital ID would work the same way. The person would present a phone, which would have a barcode or QR code, which can be scanned, and links to a government record. “Essentially, your phone becomes a token which refers to a government authorized database,” said Miller.

– Is 2023 the Year of the Digital ID?

If that is how it is going to work – where I am presenting tokens that “refer to a government authorized database” then count me out. It sounds like to the non-sophsticated reader it pings the database and pulls down a photo of the person sharing the token. It might work this way – if people think reading it it does work this way – we can’t get adoption in the US. The ACLU has a whole report out about the worrisome phone home architecture that is optional with the mDL standard.

I did a search for mDL and TSA and this PDF showed up.

Look there is a direct link between the issuing authority and the TSA in the Relying party role – the little arrow says Key/Cert Exchange but is the public going to read that? Or are they going to think there is a connection to the database.

Another problem with the report and the way they talk about the solutions is that there are only phone hardware and software manufactures that are listed as the rightful arbiter of this system of IDs. What about other wallet manufactures.

Biometrics in Airports? Senators call for a ban. The IBIA & SIA respond. Lets discuss at Thoughtful Biometrics Workshop March 16th.

Kaliya Young · February 24, 2023 ·

One of the big developments related to biometrics in the United States in the last month is a call by senators “calling on TSA to immediately halt its deployment of facial recognition technology.”

My understanding of what is going on is facial matching between a presented document with a photo on it (passport or drivers license/stateID) and the person present. This is a similar kind of matching that happens when I cross the US boarder with my green card – they have my green card picture on file and then they point a camera at me and see if I match the picture on my card. 1:1 matching.

There are a lot of questions the Senators ask you can see the full letter here.

1. Please provide data on the accuracy and volume of TSA’s facial recognition technology program from 2020 to 2022 broken down by race, ethnicity, and gender that includes:

  1. the rate of false positives and negatives produced;
  2. the total number of travelers who had their face scanned by TSA;  
  3. the total number of travelers who opted out;
  4. the total number of cases where TSA stored its facial scans, instead of immediately deleting.

2. How are travelers notified of their right to opt-out of facial recognition? What are the effects on a traveler who chooses to opt-out of facial recognition?

3. Under TSA’s current system, do travelers who choose to opt-out face any additional consequences or additional screenings, pat-downs, interrogations, or even detention, beyond what they would have encountered at a non-facial recognition airport?

4. What training measures does TSA currently mandate for staff to regarding travelers who choose to opt-out of facial recognition technology?

5. Has TSA ever shared biometric data with other government agencies? If so, which agencies and for what purposes?

6. What measures is TSA taking to protect biometric data from cyberattacks or any other form of unauthorized distribution or release? How does TSA ensure the security of Americans’ data that third-parties have access to? Is TSA aware of any breaches of travelers’ biometric data collected at US airports? If so, please detail all such breaches.

This has prompted some responses from the biometrics industry with a post by the International Biometrics and Identity Association (IBIA) and the Security Industry Alliance (SIA). Both push saying that there are significant mis-understandings about the technology and how it works.

There is also video interview with Robert Tappan the Executive Director of IBIA on the Identity Week site. The interview is about 10 min and covers these topics:

  1. Why do you think the terms “surveillance” and “identity verification” have been conflated? What are the perceptions of facial biometrics? True or not?
  2. Is there evidence at all to suggest face verification technology is being used in the wrong way to invade privacy?
  3. Talking to some vendors, some say there are some inherent biases in the level of technology that are being mitigated. Do you disagree that bias in biometrics now exists?
  4. What are the differences between surveillance and verification that you suggested in your comments?
  5. How do these claims/ beliefs affect trust?
  6. Describe the level of progress in America with biometric deployments and are some unfounded beliefs that biometrics are ‘threatening our democracy’ derailing progress?

It is these deep disconnect between how the technology works in the real world, what it does and the public and legislator’s concern about it that the Thoughtful Biometrics Workshop was created for. My hope is we can dig and explore the nuances. I hope you will join us on March 16th.

Who is invited to the Thoughtful Biometrics Workshop?

Kaliya Young · February 16, 2023 ·

The workshop is coming up March 16th virtually. If what I write below resonates with you please consider joining us

I thought long and hard about key constituencies to invite to the Thoughtful Biometrics Workshop and why. I collaborated with Kyra Auerbach to create this image that captures it.

Constituencies for the Thoughtful Biometrics Workshop

There are many biometrics, ways to capture and measure them, and places in a techno-social system they can be implemented.

The technology landscape is wide and the policy and issue landscape they present is also vast.

This is what we explore at the Thoughtful Biometrics Workshop. 

Biometrics as a technology are not entirely “new” – for example, photos have been a part of government-issued identity documents for almost 100 years as 1:1 matching between a human and an identity document. As technologies have progressed (computer vision, AI, ML), new biometric technologies have emerged, enabling products with various use-cases and applications.

There is much to consider regarding thoughtful use. This is one reason we don’t pre-set an agenda, but instead invite key stakeholder communities with different knowledge bases and perspectives to engage in mutual learning and dialogue. 

Our hope is to gather humans who care about, are interested in, and are concerned about technology, in order for new perspectives and opportunities to shape future policy to emerge. These are the stakeholder groups invited to the Thoughtful Biometrics Workshop and why:

Civil Society Advocates and the Interested Public

New technologies have many implications. The public is naturally concerned about Biometric Technologies, while Civil Society Advocacy organizations are tracking the development of these technologies and raising concerns about their usage in various contexts. 

TBW provides an opportunity to share concerns and ask deep questions of the people who make and implement the technologies, to understand more about how they work in practice. There is also opportunity to share research and studies that have been done highlighting the flaws and misuses of biometric technology with creators, implementers and policy makers. 

Biometric Research Scientists & Companies that make Biometrics Products

Companies use the work of biometric scientists to make products. Many technologies are combined to make products that apply to different use-cases.  TBW provides an opportunity to share details of how various biometric modalities work (capture and comparison mechanisms) in practice, and to dispel misconceptions. There is also opportunity to share how technologies are combined to make products and how these work with other systems. 

Policy Makers and Regulators

Biometrics are diffusing and being adopted in a variety of settings across many domains: employment, government, commercial and civil society.  Some of these uses are aligned with existing policy requirements, some are novel uses that are not yet regulated at all. 

TBW provides an opportunity to understand the concerns that civil society advocates and the public have about existing and future uses that require reasonable regulation. The event is also an opportunity to learn in more detail from experts in biometrics and understand how the technology works in practice. 

Biometrics Implementers in the Private Sector, Government, Civil Society

These are organizations who buy biometrics technology solutions from companies to use in their day-to-day operations. They apply the technology either for authentication (checking someone matches an enrolled identity) or for identification. TBW provides an opportunity to share how and why they use biometric products to solve operational needs and explain more about their reasoning. 
​The event is also an opportunity to learn more details of how the technology works from the researchers, and to hear more about concerns regarding misuse and overuse. 

Technologists Working in Related Areas

There are a range of neighboring technologies and systems often used in conjunction with Biometrics, including identity and access management. TBW provides an opportunity to learn from a  range of stakeholders involved in biometrics technology, and to share perspectives about how neighboring technologies interact with biometrics.  

What are biometrics?

Kaliya Young · February 9, 2023 ·

I first was exposed to biometrics at scale when I was working within the National Strategy for Trusted Identities in Cyberspace – Identity Ecosystem Steering Group that would host meetings “next to” biometric industry conferences. They were really kinda freaky for the technology presented and how I imagined it all being used.

I still have a very cautionary attitude towards biometrics technology however I am not scared of them in part because I have met folks who work more closely with and deepened my understanding.

In the fall of 2020 I proposed to Jack Callahan. We put on the first Thoughtful Biometrics workshop in March 2021. Now we are organizing the 2nd one coming up March 16, 2023. It is virtual and online. Learn more here and Register!

This is explanation of Biometrics I wrote for the workshop.

The term “biometrics” comes from two roots:  

bio meaning biological life + metrics meaning measurement

Therefore, it is defined as the measurement of biological characteristics. Every person has unique bodily or physical (biological) characteristics, and these can be measured, described and recorded or documented in various ways. Once documented they can be compared for identification or authentication purposes. 

Biometrics existed well before the creation of digital computers. For example, fingerprints have been collected and compared to establish identity since the mid-1800’s, and photographs used on documents such as passports starting about 100 years ago. 

Digital technology and other key innovations over the last 40 years, including advances in computer vision, algorithmic processes, and matching algorithms have expanded biometrics deeply into our digital world. 

Types of biometrics

All biometric modalities are basically two types; physiological and behavioral.

Examples of physiological biometrics include fingerprint, iris, retina, face, palm, and vein recognition. Examples of behavioral biometrics include signature and voice recognition.

APPLICATIONS OF BIOMETRICS:

1:1 matching for authentication:

Looking at a biometric associated with a particular person or record and seeing if the person presenting a sample of their biometric matches the biometric template that was previously enrolled. For example, 1:1 Matching on devices such as unlocking a phone using a fingerprint or faceprint.

Human 1:1 Matching against a document such as a passport, drivers license or other document. This can be done by a human looking at the picture and comparing, such as when you buy an age-restricted product. The clerk does a match between the document and a face along with checking the age of the person presenting the document. 

Computer 1:1 Matching against a document such as a passport, drivers license or other document. Computer vision is used to look at the person standing in front of a camera and compare them to a photo encoded on a document.

1:1 Matching against a sample enrolled in a system. An employer might have a biometric enrolled and on file to be compared to 1:1 when the employee presents themselves.

1:small n matching for authentication

This type of biometric usage involves the enrollment of a small group of people into a system. One use-case is all the people boarding a particular plane. The individuals traveling can share their photo and travel documents with the airline in the check in process. The photos are now in a gallery of a few hundred. When going to board the plane individuals can present themselves and be allowed to board after they match one of the faces in the gallery of photos of people who are passengers on the plane.

1:large n matching and identification

An important question for this mode is: does it happen in real time, or later in a forensic context?

In real time a video can capture snapshots of faces and then run the faces against a large n of potentially millions of people. If implemented on a camera on a public street, this would output a list of all the people who walked past. 

Forensic use of biometrics really began over a century ago with fingerprint matching. Fingerprints lifted from crime scenes were compared with fingerprint records of people. This is still done today but with electronic systems doing the matching. For forensic facial recognition, images of people are captured in retrospect from video or still photographs from a crime scene. These are compared with large data sets of images of people along with their names. 

EXAMPLES OF OTHER PLACES WE USE BIOMETRICS

Smart Speakers

Voice recognition goes beyond understanding speech; some devices are able to distinguish between people based on a pre-enrolled voice print. We could also see databases of voice prints created to compare samples against, much like we have photos of people being compared using facial recognition algorithms.

Wearable Sensors for Health tracking

There are more and more devices that use sensors to track things like heart rate, temperature, or oxygen levels. These devices in the form of rings, watches, bracelets, etc. record and share this information.

Augmented Reality (AR) and Virtual Reality (VR) Devices

AR and VR work with sensors that track head location and movements, eye movement and focus, facial expressions, hand movements, heart rate and even perspiration.  

We may have missed some biometrics use-cases –  feel free to reach out and share more! 

Quoted in IEEE article about Worldcoin and their shift to Digital ID.

Ali · January 5, 2023 ·

I was asked to offer my perspective on the risks associated with the biometric data of Worldcoin, which was included in an article Spectrum IEEE published.

A crypto currency, Worldcoin, aspires to become the most globally and uniformly distributed cryptocurrency ever by allocating the same modest number of coins to every individual on Planet. The business has spent the last year creating a system that allows other parties to utilize its vast registration of “unique humans” for various identity-focused applications.

However, Worldcoin’s biometrics-focused approach is being greeted with widespread concerns regarding privacy, security, and transparency.

Here is the section of the article where I was mentioned about the possible risks posed by Worldcoin’s biometric data.

“It’s also questionable how useful the concept of ‘unique humanness’ really is outside of niche cryptocentric applications, says Kaliya Young, an identity researcher and activist. Identity plays a broader role in everyday life, she says: ‘I care what your university degrees are, where you were born, how much money you make, all sorts of attributes that PoP doesn’t solve for.'”

Another one:

“Worldcoin’s biggest challenge may not be the functionality of its technology but questions of trust. The central goal of blockchains is to avoid relying on centralized authorities, but by using complex, custom hardware to recruit users, the company is setting itself up as a powerful arbiter of digital identity. ‘Worldcoin posits that everyone in the world should have their eyeball scanned by them and they should be the decider of who’s a unique human,” says Young. ‘Please explain to me how that’s not ultracentralized.‘”

You may read the complete article by clicking on the following link: https://spectrum.ieee.org/worldcoin

Identosphere

Kaliya Young · November 15, 2022 ·

Infominer and I have been publishing the weekly Identosphere Newsletter and Summary of all that is happening Self-Sovereign and Decentralized Identity.

These are ways you can contribute a one time end of the year contribution:

Prices

Or subscribe with a contribution every month this button will take you to a page where you can pick a monthly contribution amount.

this QR code goes to the Paypal Donation page

You can also choose to pay monthly via Patreon.

Or you can reach out to Kaliya and ask for an invoice kaliya@identitywoman.net

FTC on Commercial Surveillance and Data Security Rulemaking

Kaliya Young · September 8, 2022 ·

Today, Sept 8th, the FTC held a Public Forum on commercial surveillance and data security and I made a public comment that you can find below.

I think the community focused on SSI should collaborate together on some statements to respond to the the FTC advance notice of proposed rulemaking related to this and has a series of 95 questions (in federal register or on the FTC site) that it invites written public comment on by October 21st. Here is a 3 page fact sheet about what they are focused on.

The Federal Trade Commission (“FTC”) is publishing this advance notice of proposed rulemaking (“ANPR”) to request public comment on the prevalence of commercial surveillance and data security practices that harm consumers. Specifically, the Commission invites comment on whether it should implement new trade regulation rules or other regulatory alternatives concerning the ways in which companies collect, aggregate, protect, use, analyze, and retain consumer data, as well as transfer, share, sell, or otherwise monetize that data in ways that are unfair or deceptive.

– federal register

Here are my Comments:

Thank you, My name is Kaliya Young and my online handle is “Identity Woman” – I have been working for 20 years on the challenge of how people can control and represent their digital selves online with dignity and be empowered. I co-founded the Internet Identity Workshop in 2005 and continue to convene it every 6 months. 

A lot of of the questions put forward relate to regulating these “bad things” happening by companies to people. I also encourage the FTC to take a forward looking approach by consider the work of values based technical communities working on alternative mechanics for data sharing between consumers and companies. 

Two projects I advise Dazzel Dao and JLINX are seeking to end surveillance capitalism via open standards and open source tools to: 

  1. Give people tools collect of data that they generate in the digital world
  2. Being able organize and get value from THEIR data from a range of sources 
  3. and ways to share data under the consumer’s control with companies they trust in with new mechanisms to technically withdraw consent for having the information. 

Rule making should support these positive constructive efforts of ethical technologists. 

—————-

The risk of technology are often not seen until it is too late – I want to bring the Commissioners attention to a key issue that they could help with under the rule making related to data security as it relates to digital wallets – needed for the exchange and sharing of data between consumers and companies via protocols like Verifiable Credentials. 

There is a very real risk that because two companies control the mobile handset operating systems – Apple and Google – the will work to limit access to the APIs within the phone  preventing any wallets created by other companies working well.  

This doesn’t have to happen and the risk of it happening will be reduced if the FTC gets involved to ensure a level playing field for wallet makers – and ensuring consumers will have a choice of who they trust with the sensitive data about who they transact with across the digital world. Thank you.  

Media Mention: MIT Technology Review

Kaliya Young · April 7, 2022 ·

I was quoted in the article in MIT Technology Review on April 6, 2022, “Deception, exploited workers, and cash handouts: How Worldcoin recruited its first half a million test users.”

Worldcoin, a startup built on a promise of a fairly-distributed, cryptocurrency-based universal basic income, is building a biometric database by collecting data from the financially disadvantaged in the developing nations, in exchange for cash incentives.

Below is the paragraph which I am quoted in, with regards to Worldcoin’s business.

Others remain unconvinced that Worldcoin can actually reach everyone in the world—and instead, serves as a distraction from ongoing work to create new identity paradigms. Identity expert Kaliya Young, while declining to comment on Worldcoin specifically, says that “it’s common for companies to claim that ‘if everyone in the world was in our system, everything would be fine.’ Newsflash: everybody is not going to be in your system, so let’s move on and talk about how we solve problems” in online identity.

You can read the entire article by following this link, https://www.technologyreview.com/2022/04/06/1048981/worldcoin-cryptocurrency-biometrics-web3/

Event Series: Making the Augmented Social Network Vision a Reality

Kaliya Young · February 18, 2022 ·

This series began in November with Logging Off Facebook: What Comes Next?

The 2nd event will be March 4th online

Naming the Harms of Web 1 & 2.0

Both events are going to be Open Space Technology for three sessions. We will co-create the agenda the opening hour.

The 3rd Event will be April 1 online.

Mitigating Harms in Web3

Building on the previous one we will consider how to mitigate harms as we enter into Web 3.

Why we need DIDComm

Kaliya Young · January 12, 2022 ·

This is the text of an email I got today from a company that i had a contract with last year. It is really really really annoying the whole process of sending secure communications and documents.
Once I finished reading it – I was reminded quite strongly why we need DIDComm as a protocol to enable the secure transport of all sorts of things not just signed VCs but intermediate uses – just PDF based things that have important information.


Greetings from Tax1099.com !
Your 1099-NEC was submitted by COMPANY X for 2021.
 
Instructions for opening the form:

Click on the attachment provided with this email. You will be prompted for your password, which is 8 characters. Please enter the first 4 letters of the name listed after the word ‘Dear…’ at the beginning of this email, all lowercase, and the last 4 digits of the tax ID (either SSN/EIN or ITIN).
For example:1. If your name appears on the form as Mary May with an SSN of 711223456, then the password would be mary3456 (first 4 characters of your Full Name / Business Name + last 4 digits of your SSN/ITIN number).

2. If your business name appears on the form as A & D with ITIN as 012847934, then the password would be ad7934 (first 2 characters without spaces and special characters of your organization name + last 4 digits of your ITIN/EIN number). 

3. If your business name appears on the form as Mary May PLLC with ITIN as 012847934, then the password would be mary7934 (first 4 characters of your organization name + last 4 digits of your ITIN/EIN number).

4. If your name appears on the form as Al & D with ITIN as 517223355, then the password would be ald3355 (first 3 characters (ignore special characters and spaces) of your Full Name / Business Name since the Full Name / Business Name is shorter than 4 characters + last 4 digits of your SSN/ITIN number).

5. If your name appears on the form as Mary May without an SSN/ITIN number, then the password would be mary (first 4 characters of your Full Name / Business Name).

6. If your name appears on the form as Al & D without SSN/ITIN number, then the password would be ald (first 3 characters (ignore special characters and spaces) of your Full Name / Business Name since the Full Name / Business Name is shorter than 4 characters).

7. If your name or business name appears on the form as My Test with TIN as 012847934, then the password would be myte7934 (first 4 characters of your name or organization name + last 4 digits of your TIN/EIN/SSN number).
If you encounter any problem in opening your eForm, please check whether:1.You have entered the first 4 characters of your name/organization name (in lowercase letters).

2.You have entered the last 4 digits of your SSN/ITIN/EIN number.

Joining Secure Justice Advisory Board

Kaliya Young · December 1, 2021 ·

I am pleased to share that I have joined the Secure Justice Advisory board. I have known Brian Hofer since he was one of the leaders within Oakland Privacy that successfully resisted the Domain Awareness Center for Oakland.

I wrote a guest blog post about a philosophy of activism and theory of change called Engaging with Industry that I share with Brian.

He has agreed to join the Advisory board for the next Thoughtful Biometrics Workshop that I am organizing for 2022.

COVID & Travel Resources for Phocuswright

Kaliya Young · November 17, 2021 ·

I’m speaking today at the Phocuswright conference and this post is sharing key resources for folks who are watching/attending who want to get engaged with our work.

The Covid Credentials Initiative where I am the Ecosystems Director is the place to start. We have a vibrant global learning community striving to solve challenge of common standards for covid credentials and health passes.

  • Subscribe to our newsletter – comes out every 2 weeks.
  • Join/Get Involved and you can join our Slack

We have a Travel Summit Dec 1 & 2

As more and more governments adopt major COVID certificate standards to reopen borders, the travel industry is working hard to catch up on their technology to meet the evolving travel requirements. However, there is still no shortage of complaints from travelers about their cumbersome international travel experiences. 

Our community has been working within Linux Foundation Public Health (LFPH) to support the implementers of COVID credential solutions with a particular focus on facilitating interoperability among technology standards while preserving the privacy of individual data. At this critical juncture of global reopening, LFPH and Affinidi, a leading player in the space, are bringing key actors from the travel industry and technology vendors who are serving the travel industry together, to share and discuss:

  • What technology solutions are in use to issue, process, manage and verify COVID certificates along the journey for international travelers, from before they leave home to their arrival at the hotel at their destination
  • How they navigate and implement the complicated health policies and travel rules
  • What the key challenges they are facing to provide a safe and smooth travel experience, including major technology and policy gaps that the LFPH/CCI community can help address

The agenda and speakers will be announced soon. Grab your seat today!

APAC Edition Dec 1

EU/US Edition Dec 2

We collaborated with Good Health Pass Collaborative on developing the Good Health Pass Interoperability Blueprint within the Trust over IP Foundation.

We at CCI are keen to continue this work and get travel happening together and welcome more active participation from the travel industry. Please join us!

There is also the Travel and Hospitality Special Interest Group at the Decentralized Identity Foundation it was this group that inspired and started work within the Trust over IP working group to develop a hospitality addendum.

Podcast: Identikit with Michelle Dennedy

Kaliya Young · August 25, 2021 ·

Click on the Image to get to the podcast

For the opening episode of ‘Identikit Sequent X’, Michelle Dennedy welcomes Kaliya Young, also known as The Identity Woman, to Smarter Markets for our latest series examining the evolution of digital identity, and how self-sovereign identity, specifically, can advance a consent-based economy.

Kaliya is one of the world’s leading experts in self-sovereign identity and identity on the blockchain. She is the co-author of ‘A Comprehensive Guide to Self-Sovereign Identity’ and is widely known as The Identity Woman; also the name of her blog and twitter handle. Ms. Young has committed her life to the development of an open standards-based internet layer that empowers and enables the people and was named one of the most influential women in tech by Fast Company Magazine.

Navigating Digital Identity in Political Economies RxC Talk.

Kaliya Young · August 25, 2021 ·

We had a great conversation about digital identity in Political Economies and specifically a paper with a proposal by Bryan Ford.

Life on Intersections: Digital Identity in Political Economies

Most digital identity systems are centralized (e.g., in big government or technology organizations) or individualistic (e.g., in most blockchain projects). However, being in the world is fundamentally social and intersectional — we are all part of networks. So how might we formalize digital identity in a way that better reflects this complex reality? This panel with leading social technology and computer researchers explores more robust digital identity approaches and potential application areas in political economies.

Special Topic IIW 1/2 Day Virtual Events – UX July 22nd and Business Aug 4th

Kaliya Young · June 29, 2021 ·

I’m super excited to announce that we have two different special topic IIWs coming up. If you interest or practice focuses on either of these we invite you to join us!!!

User-Experience and SSI is coming up Thursday July 22nd.

The Business of SSI is coming up Thursday August 4th.

From the EventBrite about the UX event

This IIW Special Topic event creates the space for User Experience Professionals, Product Managers, Interface Designers, and those in related roles working on decentralized identity or self-sovereign identity applications and tools to discuss, share and collaborate together.

We know there is a lot happening in the industry and we know that just as important to the success of the technology as the “tech stack” is the human experience while using applications built on it. This half day event is an opportunity for those focused on UX to dive deeply into this side of things.

From the EventBrite about the Business of SSI event

This IIW Spceial Topic event is for CEOs, Founders, Business Development leads, anyone who cares about the Business of SSI . It provides the space for you to discuss, share and collaborate together.

The Internet Identity Workshop has been bringing together innovators in the field of Identity focused around the individual since 2005. While open standards are essential to open digital identity systems, as important to getting adoption are viable business models and products that solve real world pain points for customers. This half day event is an opportunity for those focused the Business of SSI to dive deeply into this side of things.

Fake Students

Kaliya Young · June 19, 2021 ·

It became clear to me again today why we here in California need Verifiable Credentials. I teach in a CCC – a California Community College. This summer I have a class and right now is the “census deadline” to drop students who haven’t been attending class.

Below is the note we were sent regarding fraudulent student applications.

Dear Faculty teaching summer 2021 courses, Fraudulent CCC Apply applications may have impacted the enrollment of your class. If so, these would be “students” that you were likely preparing to DROP with Census for no show. It is even that much more important that you COMPLETE YOUR Census ON Time. If you are not sure if any student is from a fraudulent application, you can look at your student roster. If there is a student with no phone number listed, they may be fraudulent because this is one of the identifying markers with this statewide problem. If you have students like this that have not attended class, complete your census, and please email your class code and the student ID number to __@____.edu

Quoted In: Everything You Need to Know About “Vaccine Passports”

Kaliya Young · April 4, 2021 ·

Earlier this week I spoke to Molly who wrote this article about so called “vaccine passports” we don’t call them that though (Only government’s issue passports). Digital Vaccination Certificates would be more accurate.

Early on when the Covid-19 Credentials Initiative was founded I joined to help. In December the initiative joined LFPH and I become the Ecosystems Director working to support the community along with my colleagues Lucy Yang the Community Director and John Walker as the Community Architect.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 5
  • Go to Next Page »

     Copyright © 2023 Identity Woman  evelurie.com/web design/develop     

  • Terms of Use
  • Privacy Policy
  • Sitemap
  • Contact