The recent Identity Management Law and Policy Workshop at the World Bank highlighted how pivotal a time this is for Open Identity Exchange members with global interests. The Open Identity Exchange has published a white paper that reports on those discussions.
The EU is pushing forward with new regulations regarding the use of eID. The EU initiative joins a tension with the international interests of the organizations involved and user’s experience and expectation of services that are simply available regardless of national borders and laws.
We get in the way of user expectations at our peril. We must also create a mutual understanding of eID strength and quality in a global ecosystem that transacts at high volumes and velocities whether apparent to the user or not. We are looking for commonality of legal rules and technical standards needed to enable reuse of eID without harmonization.
Attendees at the recent workshop supported this notion. The need for outcome based standards in eID such as those applied in the UK and adopted for the EU eIDAS Regulation reflected the UK thought leadership. The eIDAS Regulation explicitly avoided harmonization in favor of allowing Member States to develop eID systems best suited to their citizens and transactions, instead focusing on how we can mutually accept eID cross-border based on standards for the exchange of eID assertions and the interpretation of their quality through mapping to an agreed set of identity assurance levels.
Throughout 2016 OIX will return to these pivotal issues in a series of Identity, Law and Policy workshops. Each workshop will examine these issues through the different lenses of a range of experts and stakeholders in the United States, Europe and the UK. OIX’s collaboration with the World Bank and the American Bar Association will be reflected in our work with EU officials and EEMA, the European Association for Identity and Security, in Amsterdam on March 24th with support from Verizon and Digidentity. Each workshop’s output will in turn inform discussions at the next. The London workshop in May will be co-sponsored by the UK Society for Computers & Law with support from Microsoft and the UK Cabinet Office Identity Assurance Program. We will report findings at the Cloud Identity Summit in New Orleans in June and at the third Economics of Identity Conference in London in October.
This white paper and those to follow reflect OIX’s goal to complement the work of public and private sector organizations specializing in legislation, policy, regulation and law. We hope to bring our members’ pragmatic business and technical interoperability focus to these pivotal and increasingly global policy and legal issues. In so doing, regulation and legislation might be better crafted and as a result users, customers and citizens might be better served online, and their privacy and security better protected.
Source:: Trusted Transactions