[governance] GPLv3 implementation of "user centric identity"?

Norbert Bollow nb at bollow.ch
Thu Mar 30 07:19:25 EST 2006 

Milton Mueller <Mueller at syr.edu> wrote:

> "user centric identity" is a proposed _topic for a policy
> discussion_.

Yes.  And a proper question for evaluating whether we (SIUG)
want to support this proposal is to ask "is there realistic
reason to hope for benefits from this discussion which exceed
the risks and costs?"

I have no doubt that "user centric identity" is a worthwhile
and important topic.  In other words, I don't doubt that
there's good reason to hope for benefits from the debate
which exceed the cost of committing a portion of IGF time to
this topic.

I am however concerned that accepting this topic for IGF might
have the unintended side-effect of significantly strengthening
DRM systems, if the debate results in the creation of a widely-
accepted identity system (whether user-centric or not) which
has licensing terms that are compatible with its use in DRM
systems.

I care very much about the following two points:

(1) That the internet can be used by any two consenting parties
    for exchanging data in any format that these two parties
    agree upon, including securely encrypted forms of data exchange.

(2) That the internet can be used for "turning the digital divide
    into digital opportunity" (see paragraph 49 of the Tunis Agenda).

I view both of these as being potentially threatened by DRM systems.
In this post, I'll not go into the details of why exactly I see
these as threatened by DRM systems, but I'd be happy to elaborate
upon request.  In any case, I believe that there is string reason
to avoid any course of action that could result in the strengthening
of DRM systems.

As a result, I think that there is a significant risk related to
accepting "user centric identity" as an IGF topic.

This risk can be reduced to what IMO is an acceptable level by
finding someone who is committed to creating a GPLv3 licensed
implementation of whatever would be the emerging consensus of the
discussions at IGF.

> To put it more bluntly, it is a bit odd to say, "we support
> discussing topic X, but only if the topic is defined in a way that
> presumes that everyone agrees with us on how X should be handled."

I'm not asking everyone to agree with us.  I'm just asking whether
there is at least one person or organization willing and able to
create an implementation that avoids the DRM issue (and the one way
which I can see right now for achieving this is GPLv3 licensing).
I would make this commitment if I could afford to make the time
commitment, which I unfortunately cannot.

If no-one wants to do this, I think the risk would be too great
that discussing this topic at IGF would only result in
implementations that would (at least when considered from our
viewpoint) do much more harm than good.

Greetings,
Norbert.
_______________________________________________
governance mailing list
governance at lists.cpsr.org
https://ssl.cpsr.org/mailman/listinfo/governance

More information about the Governance mailing list