Versions Compared

Old Version 6

changes.mady.by.user iainh1 NA (Unlicensed)

Saved on

compared with

New Version 7

changes.mady.by.user iainh1 NA (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

We envisage using contract law as the basis for establishing legally binding relationships between information provider (the individual), and information consumer (most typically, an organisation). In that sense, an individual makes  information available under contract to any entity that wishes to access it, subject to that organisation being able to accept the terms and conditions associated with that contract.

The VPI agreement is likely to have a number of sub-agreements, differentiated by specific terms and conditions associated with each sharing instance (e.g. you can use this for X, Y and Z, but must confirm back to me that no other use was enabled, and that my information was destroyed after these uses). The bulk of the work we envisage will be around working through the detailed permutations of data type, by usage type, by nature of ongoing use - in order to come up with a workable set of options.

When a set of options have been identified, we will work to create a solid description of each, a visual icon representing each, and illustrate one or more means through which an individuals VPI availability and preferences can be discovered and shared without their manual intervention. In turn, we will show how an organisation might digitally discover and 'sign' an individuals VPI agreement in order to instantiate that contract, and complete the loop by accessing and using the relevant data, and completing/ confirming any contract driven obligations (e.g. payment, data deletion). We will document the means through which liabilities in each transaction will be assessed and which party will underpin them.

In support of this work, we will show a reputation management mechanic that will aid an individual in determining which organisations might best be able to work with their data in these new ways. Also, a compliance mechanism will be defined in order to assure that VPI agreements are being adhered to.

Lastly, the above will be published as a VPI trust framework, likely led by Mydex CIC and published via The Open Identity Exchange.