...
In this workgroup’s discussions about protecting the privacy of individuals and identifying the entities that will be accountable or responsible for meeting requirements for creating and supporting Privacy Enhancing Mobile Credentials, it seems that some roles are being conflated. To that end, I created the following diagram to help me distinguish between the hardware, software, or systems that are the endpoints of the data flows in such a data system and the entities that should use those tools to build trust between themselves. I suggest below that each entity uses an agent, which may be composed of one or more systems for identity.
...
A Holder Agent would be the combination of mobile devices and apps that contain the Holder’s mobile credential (mDL, Health Card, Student ID, etc.).
A Verifier Agent would be the combination of credential reader and software the Verifiers uses to collect credentials when presented by the Holder.
...
In the diagram below the interior triangle are machine-readable data flows between endpoints. The exterior dotted lines represent the human understandable processes between the entities that use the data flow to accomplish their purposes. This helps me to disentangle, for example, the requirement for a Verifier organization to have policies and training in place for its' staff with respect to concerning data collected from a Holder from the requirement of Verifier Agents to implement data minimization in their systems.
...