So, I will be a panelist in the following workshop.
2012 NSTIC/IDtrust Workshop: “Technologies and Standards Enabling the Identity Ecosystem”
March 13-14, 2012
NIST – Administration Building – Green Auditorium – Gaithersburg, MD
| 8:45 am | Welcome – NSTIC GoalsJeremy Grant, NIST |
| 9:15 am | Level – Setting: “An Introduction to the 3rd Epoch of IDtrust”Ian Glazer, Gartner |
| 9:30 am | Keynote-Mapping the Global IDentity EcosystemSpeakers: Karen O’Donoghue, ISOC and Lucy Lynch, ISOC |
| 10:00 am | Panel: Gaps and Challenges for Advancing the Global Identity EcosystemModerator: Lucy Lynch, ISOC Panelists:
· Tom Smedinghoff, Edwards Wildman Palmer LLP · John Bradley, OpenID Foundation · Ken Klingenstein, Internet2 · Leif Johansson, NORDUnet · Nat Sakimura, NRI / OpenID Foundation |
Possible Topics:
- Gap between US and EU – EU’s Data Protection Regulation requires “Explicit Consent” while US’s Consumer Privacy Bill of Rights allows “Respect for Context (Implicit Consent, necessity) ” judged from the context.
- What constitutes “meaningful consent”?
- “Data Protection” v.s. “Privacy Protection”
- Level of Protection, Level of Control.
- “Rights to be forgotten” v.s. “Rights to change one’s mind”.
- Is deletion of data (rights to be forgotten) realistic (esp. for the ones that were passed to third parties)?
- Provider Linkability and Consumer Linkability [1]
- Cross boarder transfer of the data
- Why do we expect that it works this time? : Business model around authentication and attribute transfer.
[1] Different service providers colluding and linking personal data to create unwanted “identity” is a violation of privacy. On the other hand, linking the data location for the user so that he can effectively control the data improves the privacy control.