Hello everyone
This is the running update from the Executive Director. Have questions or comments? Suggest some added information or edits? Contact Colin at kantarainitiative dot org.
...
As I begin this on the first day of September, it feels like the intensity of August - both temperature as well as emotions running high over events around the world - is easing back. One thing that did not seem to ease back , was the intensity of online webinars. That thought was in my mind yesterday, August 31st, as I readied myself to present Kantara's work to the ONC's Patient Identity and Matching Working Session. With close to 400 attendees at the height of the day , there was no pressure! ('yea, right') but I drew some comfort from other Kantara members and supporters presenting as well as referencing publicly shouting-out our efforts. Grateful thanks goes to Noreen Whysel and Catherine Schulten from the FIRE WG for helping me prep prepare the slides and to the HIA WG HIAWG for its efforts on in drafting the written submission due later this week.
Just in while I type , is the UK's government's response to the their call for evidence on digital identity from a year ago (if you read last month's Director's Corner one could be forgiven for thinking their ears were burning..
) ...where Kantara submitted these comments. 'Better late than never', it 's is great to finally see movement on this at last. If you read last month's Director's Corner one could be forgiven for thinking their ears were burning... The IA-WG judging by industry's reaction here to the indication of new or altered legislation and where additionally, the point was made that Security does not feature in the 6 principles to frame digital identity delivery and policy in the UK - those being Privacy, Transparency, Inclusivity, Interoperability, Proportionality and Good Governance - principles which no-one could argue with. But no Security principle?
Meanwhile in the US, there's industry talk of Congressman Bill Foster (D-IL) proposing a bill with a working title 'to establish a governmentwide approach to improving digital identity, and for other purposes'. I'll keep you posted if I hear more.
The IAWG has a continual slew of similar calls for input on its slate that it . It works on these around its main role as the steward of the Identity Assurance program and its associated Trust Framework, which has constant maintenance and improvement cycles throughout the year. The current consultation is on the European Union's eIDAS regulation, Implementing Acts and the success or otherwise of the strategy, led by Individual contributor Mark King. Thank you Mark! Globally acknowledged as we are, there is a never ending stream of requests for our input. We need more volunteers to lead work and sponsors to support the effort. If the current global conditions find you with some spare time, please contribute it to Kantara, where, now more than ever, there 's are more more requests to engage and more work as a result , landing on our plate.
Last Wednesday I was privileged to be able to offer Kantara's insights to the UK's Liberal Democrat party which were well received, on 3 questions posed to a representative group of industry entities: Standards - we'll never have "one standard" so what is the goal?; Current UK challenges & threats - where does the UK fall behind and what might happen if we keep that way?; Wishlist - if you could demand anything of the UK government what would it be? Our responses go to assist Lib Dem parliamentarians in understanding the challenges around digital identity and to inform future policy. Meanwhile the UK continues to await the government's response to the Call for evidence on the matter nearly a year ago, into which Kantara contributed.
Kantara kicked off its own Summer webinar series in July too with the Assurance Program's 'what does it take to be approved as NIST 800-63-3 conformant?' and the UMA Working Group's 21st Century Health Information Interoperability + user Control'. Both of these were well presented and well attended. A special thanks to speakers ID.me's Blake Hall, KUMA's Ray Kimble, NIST's David Temoshok, HIE of One's Adrian Gropper and Identos's Alec Laws, wonderfully supported by Staff and in particular Ruth Puente, who helped with both sessions. Summer's not over yet so stand by for other announcements!
With many vacation plans reset to staycations, the working groups were more active and more well attended than is usual for this time of the year. Kantara's three Information Sharing Interoperability Working Group project streams made good progress, with the externally drafted Personal Data Receipt Framework being given its first showing, before it is formally contributed for peer review, study and comment. It was a similar story with the AdvCIS (Advanced Consent & Info Sharing) developing a draft Consent Receipt v1.2 and the Intentcasting project getting into a steady rhythm of meetings.
July was also the month that most comments on draft standards being developed in ISO SC27 WG5 were due. Kantara's Board SDO Liaison sub committee were hard at work, in particular, on ISO TS 27560 - Consent record information structure, where there are opportunities at both a high level and detailed level, to contribute to the direction of this work. If members would like to contribute to ISO SC27 standards in Digital Identity and Privacy technologies, you can do that via Kantara's formal liaison with ISO.
UMA also had well attended meetings as it continues new work on the profile with the interim working title of 'Wallet/Relationship Manager'. UMA's last meeting of the month did a pulse check on implementations and was pleasing to see news of an additional one. The FIRE WG always has early drafts seeking informal comment and this month s no exception with the Mobile Assurance Specification.
As always the Identity Assurance work group had a full plate of work this month. It just narrowly missed its target to have the Service Assessment Criteria for NIST 800-63-3 IAL3, AAL3 and FAL3 working group approved. In addition, the Assurance Program itself continues its internal development project to make it even more globally reputable than it already is. Given the criticality of digital identity in the current world crisis, it's perhaps not surprising that we have seen none of the traditional summer vacation slow-down and we look forward to making announcements about more CSPs attaining the coveted Kantara Trust Mark later in the year.
Kantara Europe was busy as usual with coaching of existing projects and settling in new projects selected in the final call and Kantara Individual Contributor member, and globally acknowledged privacy expert, John Wunderlich did just that. Juggling his client work, along with a stint temporary stint as Chair of the ISI-WG, John also put his hand up to spin up the much anticipated Kantara mDL Discussion Group. This DG will focus on rounding out the ISO 18013-5 mDL standard's privacy and security recommendations in Annex E - a critically essential success factor to enable the development of the fledgling global mDL ecosystem. Some of you may have seen and heard John (and Kantara President Matt) speaking on Secure Technology Alliance's Webinar #3 (note that there were some technical issues impacting this session but it is being re-recorded). Our collective hats off to you John Wunderlich. We applaud your quiet resolve and magnanimity. Give John, and the Leadership Council, a few weeks to get the Charter approved and for Staff to build the wiki space and we will let you know when the site is up and the GPA ready for you to acknowledge.
The IAWG also completed work sponsored by ID.ME to develop Service Assessment Criteria (SAC) at Assurance Level 3 for Identity Assurance (IAL3), Authentication Assurance (AAL3), and Federation Assurance (FAL3) of NIST’s SP 800-63 Revision 3. These SAC are currently undergoing Public and IPR Review. Thanks to ID.ME for its support in developing this important part of Kantara’s Identity Assurance Framework.
Kantara Europe was busy as usual coaching existing NGI_Trust projects and, as mentioned last month, working with a large consortium on a new funding bid for 2021. Kantara’s Educational Foundation made further progress on its policy framework.
July saw us welcome a new liaison - Digital Identity New Zealand, the industry association for digital identity in that part of the world. For me personally it's great to be able to share Kantara's experiences and to learn from DINZ in return, since a lot has changed in the 5+ years I have been away. With agencies from both the Australian and New Zealand governments as members, Kantara is increasingly well represented downunder. Individual Contributors renewing in July were Dr Tom Sullivan and Wesley Dunnington. Thank you for your continued support!
While on a more personal note, July is a month where the northern and southern hemispheres are at their extremes. As I sat in my back garden on a hot and sunny summer's day I was reminded by this as a friend posted a picture of Mount Ruapehu in the center of New Zealand's North Island fully laden with snow, ready for the ski season which this person knew I would be envious. I had planned a few days off to ski in Austria in early April, but of course it was cancelled by COVID as were so many of our business or personal plans, wherever we were in the world. I partially made up for it last week however when I took a few days off in Munich to be with extended family. It's a beautiful city in a beautiful part of Germany so it was well worth the hassle of the travel that even on this short distance seemed as tiring as a long-haul. Maybe it's due to breathing your own air for so long! ;-( . Masks were mandatory all through the airport, on the plane for the flight, in the arrival airport, on public transport, in shops and anywhere crowded, but the level of compliance was high. And we came equipped with anti-bacterial gel and wipes, not that we needed them since the airline, all shops, restaurants etc made them readily available so in terms of personal risk, although heightened, it felt manageable.
Onwards as we traverse another month in these challenging and constantly changing times!
Kind regardsIt‘S project name is Demoiselle with a focus on Long Term Security of Systems, Systems of Systems and Organizations & Societies all through policy, process and technology planes. This is more IoT oriented than Kantara's traditionally known core capabilities but, with IDoT becoming so relevant now and having the global reach to expertise that we do, the consortium sought out Kantara to fill this much needed gap in its enviable line-up of partners.
I want to round out this month's blog with a hat-tip to the Board. All summer-long it has been undertaking a deep strategic review of Kantara - the organization’s capabilities, its vision and mission, and its role in the global ecosystem. The last review of this kind took place in 2016, the year I took up the post of ED. In the intervening five years, Kantara has changed in nearly every dimension, with the exception of its foundational ethics and ethos which remains as the Founders chartered it back in 2009. 2020, Kantara's 11th year of operation seemed an entirely appropriate year to review and reset. If you have a futurist view of Kantara please let the Board know by emailing directors at kantarainitiative dot org. It aims to share its initial thoughts on the findings with you all and here on this blog next month.
Grab the last of the sun in the north or the spring skiing in the south, because the last quarter of 2020 looks set to be something of a game-changer for Kantara.
Onwards!
Kind regards,
Colin
Around the Houses:
Marketing:
Follow us online: https://twitter.com/KantaraNews and https://twitter.com/UMAWG and https://twitter.com/KantaraCISWG.
- Miss something? See our press releases here.
Want to start a Kantara local chapter in your town? We are happy to help. Just Contact us.
Program, Work Group and Discussion Group Updates:
You can always keep up with the latest news from the Work and Discussion Groups directly on the Leadership Council's Blog. See the list of public groups here.
...
Not sure where to find things? Membership Bella, Ruth, Armin, Oliver, Chris and myself are only too willing to assist. Contact them here.
...