Discover more from Phil Windley's Technometria
Reciprocal Negotiated Accountability; Technometria - Issue #15
The self-sovereign internet underscores a tension between those who desire perfect oversight of society and those who desire perfect privacy. In this newsletter we explore a method for conditional legibility of private communications.
In Self-Sovereign Communication, Oskar Van Deventer, discusses the communications layer enabled by DIDs. This is the same layer that I’ve labeled the self-sovereign internet.
Self-sovereign communication is an important aspect of self-sovereign identity (SSI), namely having safe, secure, private and independent communication channels to request and present identity information, and to execute the business decision for which that information was needed. This blog presents some emerging technologies related to self-sovereign communication…
Oskar lays out nine requirements for self-sovereign communications (emphasis added):
The communication channel shall be usable for machine-readable issuer-holder-verifier interactions.
The communication channel shall be protected against eavesdropping, impersonation, message modification and repudiation.
Parties shall be able to digitally find each other and to establish a communication channel.
The communication channel between counterparties shall be persistent.
The communication channel shall be intrinsically symmetrical.
The communication channel shall not unnecessarily disclose information between counterparties or to third parties.
The communication channel shall be unilaterally closable.
The communication channel shall not depend on third parties more than needed.
The communication channel shall enable compliance with legal requirements, like legal intercept.
I was pleased to see these principles laid out clearly because many of them are often discussed (including by me) as properties of DIDComm, without the precision Oskar imposes.
The last, as Oskar concedes, is likely to be the most controversial. Indeed, when I read it my first reaction was to start arguing. If complying with legal requirements means creating backdoors to DIDComm, I’d oppose it.
The problem with backdoors for complying with legal requirements is that now developers and cloud operators are left with the task of determining who the good guys are. The whole point of decentralized communication systems is to avoid the kind of centralized, single-point-of-failure that backdoors imply.
Reciprocal Negotiated Accountability
In Reciprocal Negotiated Accountability, Daniel Hardman proposes an alternative to backdoors.
Privacy and oversight are often viewed as mutually incompatible. Here’s how we can achieve both, with bi-directional accountability.
Daniel’s idea is to combine two capabilities to create a decentralized system for enabling accountability.
The first is digital watermarks and data terms of service. The watermark is a cryptographically signed addition to the original document that states the terms behind the sharing. For example, a sales agreement could include data sharing terms that state the recipient may not disclose named aspects of the document except under legal subpoena.
The second is provisional anonymity where identifying information is encrypted and the encrypted packaged is shared with the recipient. The keys to decrypt are shared with a third party under escrow with legal requirements that the keys only be reveled to the recipient under specific conditions.
Daniel combines these into a decentralized system of opt-in agreements between parties that are tailored to the context and circumstances of the specific communications channel and data sharing. The legal agreement defines the requirements that must be met for access.
Daniel calls this “reciprocal negotiated accountability” because both parties negotiate and agreement about how shared data will be treated.
Daniel’s solution won’t make those who wish for unfettered access to communications channels happy. But it represents an alternative to backdoors that solves many of the problems backdoors present while protecting privacy for legitimate uses–as negotiated by the parties sharing data.
That’s all for this week. Thanks for reading.
Please follow me on Twitter.
If you enjoyed this, please consider sharing it with a friend or twenty. Just forward this email, or point them at my news page.
I’d love to hear what you enjoyed and what you’d like to see more (or less) of. And if you see something you think I’d enjoy, let me know. Just reply to this email.
P.S. You may be receiving this email because you signed up for my Substack. If you’re not interested, simply unsubscribe.
© 2021 Phillip J. Windley. Some rights reserved. Technometria is a trademark of PJW LC.
By Phil Windley
I build things; I write code; I void warranties
In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue