Versions Compared

Old Version 4

changes.mady.by.user Eve Maler

Saved on

compared with

New Version Current

changes.mady.by.user Eve Maler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

UMA Legal

Part of the UMA WG's work is overtly technical, and part of the work explores other layers of the BLT (business-legal-technical) sandwich. The documents here reflect work in these other areas, many produced by the ad hoc "legal subgroup". This work has, from time to time, been managed as a "subgroup" of the overall Work Group. The overall goal of the subgroup: Accelerate work is accelerate adoption and reduce inhibitors in a business context.

Mission

The animating mission of the legal subgroup in 2015:

Develop recommendations about resource owner-and-requesting party [Alice-and-Bob], resource server-and-authorization server [service-and-hub], and any other transactional relationships in the UMA environment, keeping in mind international jurisdictional friendliness; applicability to many different vertical and horizontal use cases, including health; and support of higher-level access federation trust frameworks and similar efforts.

The sharpened mission in 2016:

Focus on:

  • Drafting model text (the term and abbreviation definitions and the model clauses)
  • Gathering requirements for the environment for using the model text 
  • Being guinea pigs for the environment

Target Q1 for external beta review of the model text. "Accordion" the environment requirements to account for budgetary uncertainty.

Sources of Liability Tension

These are some key pairwise relationships we are exploring for the "liability tensions" within them, that is, the misalignment of incentives that leads to a reluctance to deal with each other, mistrust, or added friction in decisions to use or deploy UMA.

...

We published a draft Report in February 2018 (nicknamed "UMA Business Model") called A Proposed Licensing Model for User-Managed Access (or, "How the UMA protocol enables a license-based model for controlling access rights to personal digital assets"). You can retrieve it from the Kantara Initiative Reports and Recommendations page. This report is intended for professionals in the areas of law, privacy, risk, compliance, security policy, and business policy, particularly those responsible for building and running UMA-enabled services. Please visit our Legal Subgroup Notes page for more detail and links.

What is the purpose of the UMA business/legal framework? The UMA technical protocol enables individuals to apply protection policies to their digital assets by using services to issue various kinds of "permission tokens". The UMA business/legal framework above the protocol maps those permission tokens and related artifacts to licenses as legal devices. This licensing mechanism is valuable to individuals, organizations, legal professionals, and privacy professionals because it allows "Alice" to license "Bob" to use her digital resources on her terms.

History

This slide deck, presented at Digital Contracts, Identities, and Blockchain at MIT in May 2016, shared some key early use cases (slide 26+). A few additional artifacts are available on the WG's GitHub wiki. All of this work predates the analysis being performed.

The subgroup found funding to work with legal expert (now UMA WG Legal Editor) Tim Reiniger starting in 2017, with a schedule to produce three staged deliverables. The first, Use Cases for Analyzing and Determining a Legal Framework, was delivered in draft on 28 Feb 2017, with the group providing commentary and revisions as input to later stages, resulting in a revised final version delivered 26 Mar 2017. The second, The Legal Value Perspective for UMA Use Cases, was delivered on 31 May 2017, again after extensive group review and commentary. The third, UMA Definitions Annotated, was delivered 25 Aug 2017. A broader "legal framework" (now called business model), incorporating a revised version of the definitions, was published in early 2018. The model text work has previously been encoded in draft form in the CommonAccord.org system. CommonAccord is: "...an initiative to create global codes of legal transacting by codifying and automating legal documents, including contracts, permits, organizational documents, and consents. We anticipate that there will be codes for each jurisdiction, in each language. For international dealings and coordination, there will be at least one "global" code." The subgroup's past meeting times and notes are here. Legal topics are currently being covered in the main Work Group call series. See the UMA home pageUMA calendar, and main Meetings and Minutes page for details.

Just visiting? We invite you to join the Work Group! Visit our home page and see the Join link there.