0 00:00:00,000 --> 00:00:30,000 Dear viewer, these subtitles were generated by a machine via the service Trint and therefore are (very) buggy. If you are capable, please help us to create good quality subtitles: https://c3subtitles.de/talk/151 Thanks! 1 00:00:10,950 --> 00:00:11,950 So 2 00:00:13,470 --> 00:00:15,029 as all of you can see, 3 00:00:16,260 --> 00:00:18,119 this is the first talk about Europe, the 4 00:00:18,120 --> 00:00:20,669 United States of America and identity 5 00:00:20,670 --> 00:00:21,670 ecosystems. 6 00:00:23,190 --> 00:00:25,979 Yeah. This is Christopher Engelman. 7 00:00:25,980 --> 00:00:28,829 Yes, he's a speaker today. 8 00:00:28,830 --> 00:00:30,659 Please have warm applause for him. 9 00:00:38,940 --> 00:00:41,249 And so you might start. 10 00:00:41,250 --> 00:00:42,179 Yes. 11 00:00:42,180 --> 00:00:43,859 Well, thank you. 12 00:00:43,860 --> 00:00:46,289 Thank you to the organizers of the 13 00:00:46,290 --> 00:00:48,299 car's computer conference for having me. 14 00:00:48,300 --> 00:00:50,129 It's a great honor to be here. 15 00:00:50,130 --> 00:00:52,349 And thank you for coming 16 00:00:52,350 --> 00:00:54,479 at this early time after probably 17 00:00:54,480 --> 00:00:56,159 a long night. 18 00:00:56,160 --> 00:00:58,289 I guess most of you went to bed late 19 00:00:58,290 --> 00:01:00,029 just like I did. 20 00:01:00,030 --> 00:01:02,429 I still, I hope I can manage 21 00:01:02,430 --> 00:01:03,599 to catch your attention 22 00:01:04,650 --> 00:01:05,650 with some. 23 00:01:06,510 --> 00:01:08,849 Ideas, descriptions 24 00:01:10,920 --> 00:01:13,499 about digital identity 25 00:01:13,500 --> 00:01:15,869 policies currently 26 00:01:15,870 --> 00:01:18,329 taking place of being shaping 27 00:01:18,330 --> 00:01:20,819 up in Europe and 28 00:01:20,820 --> 00:01:22,409 the United States of America. 29 00:01:23,940 --> 00:01:26,699 Let me briefly introduce myself. 30 00:01:26,700 --> 00:01:27,959 You know my name Christopher Engelman. 31 00:01:29,610 --> 00:01:31,559 I work at the Locarno University, just 32 00:01:31,560 --> 00:01:34,739 south of Hamburg and Luna Book 33 00:01:34,740 --> 00:01:36,899 and have for quite some while been 34 00:01:36,900 --> 00:01:39,329 studying the history 35 00:01:39,330 --> 00:01:41,489 and theory of cultural techniques 36 00:01:41,490 --> 00:01:43,889 of authentication media. 37 00:01:43,890 --> 00:01:46,319 So some of you and I will 38 00:01:46,320 --> 00:01:48,119 get back to that in a moment. 39 00:01:48,120 --> 00:01:50,549 Might have seen my talk two years ago 40 00:01:50,550 --> 00:01:53,009 where I gave a presentation 41 00:01:53,010 --> 00:01:54,359 basically on the history of 42 00:01:54,360 --> 00:01:56,729 authentication, media and on naming. 43 00:01:56,730 --> 00:01:58,859 And in some ways, what I'm doing 44 00:01:58,860 --> 00:02:00,719 today is a continuation of that. 45 00:02:03,270 --> 00:02:05,579 That said, my 46 00:02:05,580 --> 00:02:07,769 talk basically is divided 47 00:02:07,770 --> 00:02:08,770 in two parts. 48 00:02:10,110 --> 00:02:12,059 First one, as I just said, is a recap of 49 00:02:12,060 --> 00:02:13,679 what I said two years ago because I think 50 00:02:13,680 --> 00:02:14,789 it's important to understand the 51 00:02:14,790 --> 00:02:15,790 contemporary 52 00:02:17,910 --> 00:02:20,369 dynamics and and 53 00:02:20,370 --> 00:02:21,419 things taking place 54 00:02:22,860 --> 00:02:25,089 and the contemporary things taking place 55 00:02:25,090 --> 00:02:27,149 actually behind those 56 00:02:27,150 --> 00:02:28,389 two acronyms. 57 00:02:28,390 --> 00:02:30,959 Com 220, 2012 238. 58 00:02:30,960 --> 00:02:33,419 And Stick, which 59 00:02:33,420 --> 00:02:35,849 I will then go into 60 00:02:35,850 --> 00:02:37,770 in the second part of the talk. 61 00:02:38,910 --> 00:02:39,910 So. 62 00:02:44,180 --> 00:02:45,589 Let's start with the recap. 63 00:02:45,590 --> 00:02:46,789 What's in a name? 64 00:02:46,790 --> 00:02:48,829 That was the title of of the top two 65 00:02:48,830 --> 00:02:49,830 years ago. 66 00:02:50,780 --> 00:02:53,150 Basically, I showed that 67 00:02:54,950 --> 00:02:57,229 the rise of the modern nation state is 68 00:02:57,230 --> 00:02:59,359 linked to the stabilization of naming 69 00:02:59,360 --> 00:03:00,360 of people 70 00:03:02,210 --> 00:03:04,489 in the sense of making people making 71 00:03:04,490 --> 00:03:06,379 a population after addressable. 72 00:03:06,380 --> 00:03:08,689 And the format that has emerged 73 00:03:09,950 --> 00:03:12,199 is basically the name surname 74 00:03:12,200 --> 00:03:14,119 system. This was already talked about a 75 00:03:14,120 --> 00:03:15,470 little bit in a presentation 76 00:03:17,120 --> 00:03:18,860 on on the first evening 77 00:03:19,970 --> 00:03:22,489 new neutral ground in a burning 78 00:03:22,490 --> 00:03:23,490 world. 79 00:03:24,500 --> 00:03:26,629 So the states in certain parts of 80 00:03:26,630 --> 00:03:28,340 the world quite far back, 81 00:03:29,690 --> 00:03:32,719 but in the so-called developed world 82 00:03:32,720 --> 00:03:35,179 or in Europe, the U.S. 83 00:03:35,180 --> 00:03:37,249 and some other parts where 84 00:03:37,250 --> 00:03:39,439 we have seen the emergence of a modern 85 00:03:39,440 --> 00:03:41,659 nation state sometime after the 86 00:03:41,660 --> 00:03:43,819 17th century, the 87 00:03:43,820 --> 00:03:45,619 stabilization of the naming system was 88 00:03:45,620 --> 00:03:47,749 actually a relatively slow 89 00:03:47,750 --> 00:03:50,719 process, which took 90 00:03:50,720 --> 00:03:52,789 a couple of hundred years to to come 91 00:03:52,790 --> 00:03:53,790 to bear. 92 00:03:57,150 --> 00:03:59,549 So I show that naming an identity 93 00:03:59,550 --> 00:04:01,439 regime emerge and economic, military, 94 00:04:01,440 --> 00:04:03,539 colonial social welfare 95 00:04:03,540 --> 00:04:05,669 in migratory contexts, 96 00:04:05,670 --> 00:04:07,019 and that names are not a matter of 97 00:04:07,020 --> 00:04:08,020 choice. 98 00:04:09,120 --> 00:04:10,919 Instead, there are mandatory modern 99 00:04:10,920 --> 00:04:12,749 nation states. People are not free not to 100 00:04:12,750 --> 00:04:13,770 have names, and 101 00:04:15,300 --> 00:04:17,609 I guess nobody knows anybody who has 102 00:04:17,610 --> 00:04:19,679 no name, at least in the 103 00:04:19,680 --> 00:04:20,819 real world. 104 00:04:20,820 --> 00:04:23,129 Everybody has some sort of 105 00:04:23,130 --> 00:04:24,629 basic registered name. 106 00:04:27,910 --> 00:04:30,129 So it's the same time 107 00:04:30,130 --> 00:04:32,889 those names are basically 108 00:04:32,890 --> 00:04:36,009 referencing a body of an individual, 109 00:04:36,010 --> 00:04:37,010 and there's 110 00:04:38,830 --> 00:04:41,259 all time for all of the history 111 00:04:41,260 --> 00:04:43,449 of identity systems. 112 00:04:43,450 --> 00:04:45,699 This pesky problem 113 00:04:45,700 --> 00:04:48,399 of linking a certain identifier, 114 00:04:48,400 --> 00:04:50,440 usually like name and surname, 115 00:04:52,180 --> 00:04:55,419 birthdays and so forth to a certain body. 116 00:04:55,420 --> 00:04:57,489 Um, some researchers have 117 00:04:57,490 --> 00:04:59,559 called this the gap between the body 118 00:04:59,560 --> 00:05:01,719 and the document, and 119 00:05:01,720 --> 00:05:03,879 closing this gap is an 120 00:05:03,880 --> 00:05:05,949 issue that you try to 121 00:05:05,950 --> 00:05:08,109 deal with with basically biometrics 122 00:05:08,110 --> 00:05:10,449 and pre-digital biometrics are 123 00:05:10,450 --> 00:05:12,579 things like handwritten signatures, 124 00:05:12,580 --> 00:05:14,109 which leave a trace of the body 125 00:05:15,220 --> 00:05:17,619 descriptions like eye color, hair color, 126 00:05:17,620 --> 00:05:18,620 hate 127 00:05:20,770 --> 00:05:22,059 or, for example. 128 00:05:22,060 --> 00:05:24,249 Also, pictures can be understood as 129 00:05:24,250 --> 00:05:25,959 biometrics. 130 00:05:25,960 --> 00:05:28,149 So basically, when I say to govern is to 131 00:05:28,150 --> 00:05:29,709 address what is being 132 00:05:31,060 --> 00:05:33,399 what, what state or tries to 133 00:05:33,400 --> 00:05:35,979 be able to address is 134 00:05:35,980 --> 00:05:38,079 an individual in 135 00:05:38,080 --> 00:05:39,309 an individual's body. 136 00:05:41,810 --> 00:05:43,939 Also, identity 137 00:05:43,940 --> 00:05:46,099 is duplication, and that means control 138 00:05:46,100 --> 00:05:47,689 duplication with registers, 139 00:05:48,950 --> 00:05:51,409 meaning that if you get 140 00:05:51,410 --> 00:05:53,689 an identity in 141 00:05:53,690 --> 00:05:55,729 some sort of nation state, you usually 142 00:05:55,730 --> 00:05:57,799 are issued some sort of paper 143 00:05:57,800 --> 00:05:59,360 starts with the birth certificate, 144 00:06:00,680 --> 00:06:02,869 which is pretty much mandatory 145 00:06:02,870 --> 00:06:04,850 in most parts of the world. 146 00:06:06,470 --> 00:06:08,869 So you cannot enter a territory 147 00:06:08,870 --> 00:06:10,939 from sort of say within without being 148 00:06:10,940 --> 00:06:12,499 registered. 149 00:06:12,500 --> 00:06:14,879 But the way the system 150 00:06:14,880 --> 00:06:18,079 works is basically while you have 151 00:06:18,080 --> 00:06:19,999 this credential, this document 152 00:06:20,000 --> 00:06:22,309 identifying you, there's 153 00:06:22,310 --> 00:06:24,799 also a so-called copy 154 00:06:24,800 --> 00:06:26,929 in the register, which 155 00:06:26,930 --> 00:06:28,490 proves that you have this 156 00:06:29,510 --> 00:06:31,819 document and essentially makes 157 00:06:31,820 --> 00:06:32,749 it valid. 158 00:06:32,750 --> 00:06:34,669 So only this this form of duplicate 159 00:06:34,670 --> 00:06:35,670 duplication 160 00:06:37,730 --> 00:06:40,189 of a register and an issued document 161 00:06:40,190 --> 00:06:41,190 is 162 00:06:42,380 --> 00:06:43,380 making the 163 00:06:44,480 --> 00:06:47,149 generating that identifier 164 00:06:47,150 --> 00:06:48,470 ability of the individual. 165 00:06:50,540 --> 00:06:52,609 Um, the second 166 00:06:52,610 --> 00:06:54,469 part here is important. 167 00:06:54,470 --> 00:06:57,289 What basically happened 168 00:06:57,290 --> 00:07:00,049 sometime in the 19th and 20th century 169 00:07:00,050 --> 00:07:02,149 is this nation states monopolized 170 00:07:02,150 --> 00:07:04,099 these registers. 171 00:07:04,100 --> 00:07:07,129 You're not being registered as a citizen 172 00:07:07,130 --> 00:07:09,439 by some sort of private 173 00:07:09,440 --> 00:07:11,659 enterprise or business or 174 00:07:11,660 --> 00:07:14,330 even civil society organization. 175 00:07:15,770 --> 00:07:18,379 It is the nation state that maintains 176 00:07:18,380 --> 00:07:20,569 these registers, right. 177 00:07:20,570 --> 00:07:22,579 In Germany, it's the standard center 178 00:07:22,580 --> 00:07:24,589 major burden where you have 179 00:07:25,670 --> 00:07:27,199 where those registers are kept. 180 00:07:29,570 --> 00:07:31,279 And in the U.S., in England, there are 181 00:07:31,280 --> 00:07:33,859 similar institutions in place. 182 00:07:33,860 --> 00:07:36,199 The difference between Europe and 183 00:07:36,200 --> 00:07:38,299 Anglo-Saxon countries is just how 184 00:07:38,300 --> 00:07:40,489 important these registers 185 00:07:40,490 --> 00:07:42,889 are in everyday life and they become. 186 00:07:46,220 --> 00:07:47,810 In a context of other states 187 00:07:49,250 --> 00:07:52,039 ever more important as we going to see 188 00:07:52,040 --> 00:07:54,169 soon, so 189 00:07:55,790 --> 00:07:58,099 um, the the last 190 00:07:58,100 --> 00:07:59,929 point was that identity systems are media 191 00:07:59,930 --> 00:08:02,809 systems changing as media change. 192 00:08:02,810 --> 00:08:04,309 And this is what we're seeing now. 193 00:08:04,310 --> 00:08:06,499 Basically, existent identity 194 00:08:06,500 --> 00:08:08,569 systems are built on 195 00:08:08,570 --> 00:08:11,209 paper based bureaucracies. 196 00:08:11,210 --> 00:08:13,339 The issue you papers and they process 197 00:08:13,340 --> 00:08:15,169 your data on papers. 198 00:08:15,170 --> 00:08:16,789 Of course, they are the hybrids by now, 199 00:08:16,790 --> 00:08:18,079 as we all know. 200 00:08:18,080 --> 00:08:19,879 But essentially, 201 00:08:23,000 --> 00:08:25,069 the history of these systems is linked to 202 00:08:25,070 --> 00:08:27,799 the to the history 203 00:08:27,800 --> 00:08:29,269 of the availability of and 204 00:08:30,620 --> 00:08:32,749 uh, yeah, of the widespread availability 205 00:08:32,750 --> 00:08:33,979 of paper. 206 00:08:33,980 --> 00:08:36,678 Now we have a new media 207 00:08:36,679 --> 00:08:38,779 regime for 20 208 00:08:38,780 --> 00:08:40,729 or 30 years in which people conduct 209 00:08:40,730 --> 00:08:42,558 business, which is digital media and the 210 00:08:42,559 --> 00:08:43,788 internet. 211 00:08:43,789 --> 00:08:46,519 And everything I'm going to talk 212 00:08:46,520 --> 00:08:48,470 about from now on is basically 213 00:08:50,000 --> 00:08:51,639 describing how state or 214 00:08:53,150 --> 00:08:55,759 tries to handle this 215 00:08:55,760 --> 00:08:58,520 media transition to a digital 216 00:08:59,540 --> 00:09:01,429 system and tries to create digital 217 00:09:01,430 --> 00:09:02,430 identities. 218 00:09:04,320 --> 00:09:06,689 So, by the way, 219 00:09:06,690 --> 00:09:09,149 roughly 19, the 1980s 220 00:09:09,150 --> 00:09:10,289 of the last century 221 00:09:11,910 --> 00:09:13,289 in the developed nations, 222 00:09:14,700 --> 00:09:17,490 we had a system while we had a situation 223 00:09:18,510 --> 00:09:19,510 in the second 224 00:09:22,050 --> 00:09:23,439 where First World countries were 225 00:09:23,440 --> 00:09:25,739 uniformly dubious registration 226 00:09:25,740 --> 00:09:27,809 have international travel 227 00:09:27,810 --> 00:09:29,909 regulated by passport system 228 00:09:29,910 --> 00:09:31,979 and basically most, 229 00:09:31,980 --> 00:09:34,379 if not all, people neatly named 230 00:09:34,380 --> 00:09:35,969 and addressable. 231 00:09:35,970 --> 00:09:37,829 The paperwork was all tidy and well 232 00:09:37,830 --> 00:09:39,840 organized and. 233 00:09:42,960 --> 00:09:44,909 And all people, with few exceptions, had 234 00:09:44,910 --> 00:09:46,989 an address in the form of name, surname, 235 00:09:46,990 --> 00:09:49,559 birth place, postal address and so forth. 236 00:09:49,560 --> 00:09:51,119 And then, of course, and that's what I 237 00:09:51,120 --> 00:09:52,559 just said, the internet happened 238 00:09:53,610 --> 00:09:55,799 and looking back at. 239 00:09:55,800 --> 00:09:58,559 And we don't want to do now is 240 00:09:58,560 --> 00:09:59,560 basically. 241 00:10:02,460 --> 00:10:04,739 Go back to the 1990s to 80s and 90s 242 00:10:04,740 --> 00:10:06,989 and show what happened when 243 00:10:06,990 --> 00:10:08,819 this media, when the onset of the 244 00:10:08,820 --> 00:10:10,919 aforementioned medias media change 245 00:10:10,920 --> 00:10:12,539 took place. 246 00:10:12,540 --> 00:10:14,009 So the internet happened. 247 00:10:14,010 --> 00:10:16,079 And if 248 00:10:16,080 --> 00:10:17,639 you look back at the time when the 249 00:10:17,640 --> 00:10:19,529 internet became a widespread phenomenon, 250 00:10:21,510 --> 00:10:23,789 one could see 251 00:10:23,790 --> 00:10:25,949 that from from 252 00:10:25,950 --> 00:10:28,289 today's perspective, one could see 253 00:10:28,290 --> 00:10:31,379 that in the 20 year history in between, 254 00:10:31,380 --> 00:10:33,689 we have three 255 00:10:33,690 --> 00:10:36,209 waves of administrative attempts 256 00:10:36,210 --> 00:10:38,759 to create digital identities for citizens 257 00:10:39,990 --> 00:10:42,119 or to put, in other words, to 258 00:10:42,120 --> 00:10:44,130 give people digital names 259 00:10:45,270 --> 00:10:47,849 which are equivalent to the name surname 260 00:10:47,850 --> 00:10:49,979 system and thus to make them 261 00:10:49,980 --> 00:10:52,349 addressable and to create a 262 00:10:52,350 --> 00:10:54,510 capacity to govern digitally. 263 00:10:55,710 --> 00:10:56,710 So 264 00:10:57,960 --> 00:11:01,079 I think we um, 265 00:11:01,080 --> 00:11:02,519 I think there are just three waves. 266 00:11:03,690 --> 00:11:06,779 The first wave is basically the mid-90s 267 00:11:06,780 --> 00:11:08,489 when the internet became a widespread 268 00:11:08,490 --> 00:11:10,619 phenomenon where in the US 269 00:11:10,620 --> 00:11:12,779 you see the Clipper Ship Initiative, 270 00:11:12,780 --> 00:11:15,149 the digital signature stunned standard 271 00:11:15,150 --> 00:11:17,219 and the signature exists in 272 00:11:17,220 --> 00:11:18,929 Germany, India and Germany. 273 00:11:20,070 --> 00:11:22,739 And I would explain those initiatives 274 00:11:22,740 --> 00:11:23,740 now. 275 00:11:29,410 --> 00:11:30,410 So. 276 00:11:33,670 --> 00:11:35,469 In the mid-nineties, the internet became 277 00:11:35,470 --> 00:11:37,209 a socially and economically and also 278 00:11:37,210 --> 00:11:39,639 political phenomenon and 279 00:11:39,640 --> 00:11:42,069 a sizable and growing amount 280 00:11:42,070 --> 00:11:44,199 of people conducted important 281 00:11:44,200 --> 00:11:46,569 parts of their life online to business 282 00:11:46,570 --> 00:11:48,969 and entirely new economic sectors 283 00:11:48,970 --> 00:11:51,219 began to emerge in both Europe 284 00:11:51,220 --> 00:11:52,239 and the U.S. 285 00:11:52,240 --> 00:11:54,639 governments began to draft regulations 286 00:11:54,640 --> 00:11:56,949 to enable digital names for 287 00:11:56,950 --> 00:11:58,840 the population, for the individuals. 288 00:12:00,280 --> 00:12:02,109 I will focus here on Germany and the 289 00:12:02,110 --> 00:12:04,209 American example because 290 00:12:04,210 --> 00:12:06,309 both of the limited time and 291 00:12:06,310 --> 00:12:08,019 also I'm not an expert on the 292 00:12:08,020 --> 00:12:10,479 developments in other European countries. 293 00:12:11,770 --> 00:12:13,989 In 1993, one of the first acts 294 00:12:13,990 --> 00:12:16,419 of the still fresh Clinton administration 295 00:12:16,420 --> 00:12:18,789 was that the inventor of the internet, 296 00:12:18,790 --> 00:12:20,949 Al Gore, introduced the 297 00:12:20,950 --> 00:12:22,869 proposal for the national information 298 00:12:22,870 --> 00:12:25,149 infrastructure, which in hindsight 299 00:12:25,150 --> 00:12:27,069 can be understood as the first serious 300 00:12:27,070 --> 00:12:29,019 attempt was one of the first serious 301 00:12:29,020 --> 00:12:31,599 attempts of creating 302 00:12:31,600 --> 00:12:34,179 official online identities 303 00:12:34,180 --> 00:12:35,180 by statehood, 304 00:12:36,310 --> 00:12:37,749 part of the national information 305 00:12:37,750 --> 00:12:39,099 infrastructure. 306 00:12:39,100 --> 00:12:40,749 This is the information superhighway you 307 00:12:40,750 --> 00:12:41,750 all heard about. 308 00:12:42,910 --> 00:12:45,249 The policy proposal was suppose called 309 00:12:45,250 --> 00:12:46,749 national information infrastructure, 310 00:12:47,920 --> 00:12:50,139 but in the press it was usually 311 00:12:50,140 --> 00:12:51,879 referred to as the information 312 00:12:51,880 --> 00:12:52,880 superhighway. 313 00:12:55,120 --> 00:12:56,120 Part of this 314 00:12:58,030 --> 00:13:00,399 program was an ambitious crypto policy 315 00:13:00,400 --> 00:13:02,919 proposal, which essentially 316 00:13:02,920 --> 00:13:05,349 envisioned a government approved 317 00:13:05,350 --> 00:13:07,839 cryptography for all digital devices 318 00:13:07,840 --> 00:13:09,999 connected to IP networks, 319 00:13:10,000 --> 00:13:12,399 and this namely via the digital signature 320 00:13:12,400 --> 00:13:14,529 standard and to escrowed encryption 321 00:13:14,530 --> 00:13:17,079 standard SSL. 322 00:13:17,080 --> 00:13:18,909 I don't know if this is readable. 323 00:13:20,980 --> 00:13:23,049 This is basically 324 00:13:23,050 --> 00:13:25,059 the proposals in this case for the 325 00:13:25,060 --> 00:13:26,739 digital signature standard. 326 00:13:27,910 --> 00:13:30,039 As you can, you can download these 327 00:13:30,040 --> 00:13:32,169 from the National Institute for 328 00:13:32,170 --> 00:13:33,580 Standards list. 329 00:13:35,130 --> 00:13:37,289 It's just the first page, of course, and 330 00:13:37,290 --> 00:13:38,879 this is the escrowed and Crypton 331 00:13:38,880 --> 00:13:41,519 standard, which 332 00:13:41,520 --> 00:13:44,100 gave rise to much controversy. 333 00:13:46,950 --> 00:13:48,419 The escrowed encryption standard is 334 00:13:48,420 --> 00:13:50,339 probably better known as the Clipper chip 335 00:13:50,340 --> 00:13:52,619 initiative, anybody knows about 336 00:13:52,620 --> 00:13:53,620 the Clipper chip. 337 00:13:54,480 --> 00:13:55,799 OK, a few people. 338 00:13:55,800 --> 00:13:57,419 So I will explain a little bit because I 339 00:13:57,420 --> 00:13:59,789 think it's important to know this history 340 00:13:59,790 --> 00:14:01,859 in order to put what is happening today 341 00:14:01,860 --> 00:14:04,649 in context. Also, I think it 342 00:14:04,650 --> 00:14:07,529 might give some 343 00:14:07,530 --> 00:14:10,169 some ideas also about the revelations 344 00:14:10,170 --> 00:14:12,239 that Snowden gave us 345 00:14:13,410 --> 00:14:14,490 how the policy 346 00:14:16,080 --> 00:14:18,239 was influenced by the failure of this 347 00:14:18,240 --> 00:14:19,240 initiative. 348 00:14:20,460 --> 00:14:22,649 So the Clipper chip 349 00:14:22,650 --> 00:14:24,570 initiative was named after this 350 00:14:25,980 --> 00:14:28,349 device, which was 351 00:14:29,490 --> 00:14:31,289 if the standard would have come to bear 352 00:14:32,640 --> 00:14:35,369 to be implemented in all 353 00:14:35,370 --> 00:14:36,370 telephones 354 00:14:37,500 --> 00:14:38,500 in the U.S.. 355 00:14:39,610 --> 00:14:41,739 And the chip basically 356 00:14:41,740 --> 00:14:43,059 had two functions. 357 00:14:43,060 --> 00:14:45,129 It would allow encrypted voice 358 00:14:45,130 --> 00:14:47,229 telecommunication and at the same 359 00:14:47,230 --> 00:14:50,109 time, what they call lawful interception 360 00:14:50,110 --> 00:14:52,299 of set encrypted 361 00:14:52,300 --> 00:14:53,300 communication 362 00:14:54,370 --> 00:14:55,989 via the escrowed keys. 363 00:14:55,990 --> 00:14:58,569 So basically, there was an official 364 00:14:58,570 --> 00:14:59,590 and and 365 00:15:00,850 --> 00:15:03,319 uh, well and officially 366 00:15:03,320 --> 00:15:05,559 acknowledged backdoor built 367 00:15:05,560 --> 00:15:07,779 into the crypto in this 368 00:15:07,780 --> 00:15:09,190 chip so that 369 00:15:10,540 --> 00:15:12,909 if a warrant was issued, uh, 370 00:15:12,910 --> 00:15:14,979 law enforcement agencies would 371 00:15:14,980 --> 00:15:17,139 be able to 372 00:15:17,140 --> 00:15:19,329 eavesdrop on the communications done 373 00:15:19,330 --> 00:15:21,339 by this device or done over these 374 00:15:21,340 --> 00:15:22,340 devices. 375 00:15:23,180 --> 00:15:25,269 Um, the case would be 376 00:15:25,270 --> 00:15:27,459 escrowed would be held by 377 00:15:27,460 --> 00:15:28,660 government institutions. 378 00:15:29,890 --> 00:15:30,890 Um. 379 00:15:31,850 --> 00:15:34,279 It is, uh, much less 380 00:15:34,280 --> 00:15:36,679 widely known that there was a second ship 381 00:15:36,680 --> 00:15:38,749 called Capstone, which 382 00:15:38,750 --> 00:15:40,789 basically implemented the same crypto 383 00:15:40,790 --> 00:15:42,919 protocols but 384 00:15:42,920 --> 00:15:45,049 instead of telephones was supposed to 385 00:15:45,050 --> 00:15:47,090 be implemented in personal computers. 386 00:15:48,730 --> 00:15:51,289 Capstone Besides 387 00:15:51,290 --> 00:15:54,769 the capacity to encrypt and decrypt 388 00:15:54,770 --> 00:15:56,030 online communication, 389 00:15:57,800 --> 00:15:59,989 would also have implemented the set 390 00:15:59,990 --> 00:16:01,549 digital signature standard. 391 00:16:04,950 --> 00:16:06,899 Oops, wrong way. 392 00:16:06,900 --> 00:16:08,820 So this is an implementation of 393 00:16:10,200 --> 00:16:12,269 this is this is one of the 394 00:16:12,270 --> 00:16:13,949 devices that actually contained the 395 00:16:13,950 --> 00:16:16,349 capstone chip. It was a PCR, 396 00:16:16,350 --> 00:16:17,350 a that 397 00:16:18,960 --> 00:16:21,389 was actually sold on the market and 398 00:16:21,390 --> 00:16:23,489 where you were able 399 00:16:23,490 --> 00:16:24,539 to use 400 00:16:25,800 --> 00:16:28,049 this crypto chip 401 00:16:28,050 --> 00:16:30,239 on there it 402 00:16:30,240 --> 00:16:32,309 was. It actually found it 403 00:16:32,310 --> 00:16:33,929 was actually implement, I think, in some 404 00:16:33,930 --> 00:16:36,989 military contexts 405 00:16:36,990 --> 00:16:39,299 anyhow. So Capstone 406 00:16:39,300 --> 00:16:41,039 was supposed to implement digital 407 00:16:41,040 --> 00:16:43,469 signatures, and 408 00:16:43,470 --> 00:16:45,089 the official press release in this 409 00:16:45,090 --> 00:16:47,519 context reads here. 410 00:16:47,520 --> 00:16:49,409 The National Institute of Sanitization 411 00:16:49,410 --> 00:16:51,059 has been developing digital signatures 412 00:16:51,060 --> 00:16:53,249 technology that would provide a way to 413 00:16:53,250 --> 00:16:54,839 verify the author and send off an 414 00:16:54,840 --> 00:16:56,699 electronics message. 415 00:16:56,700 --> 00:16:59,039 So this is the important part here. 416 00:16:59,040 --> 00:17:01,409 Um, mostly in public 417 00:17:01,410 --> 00:17:03,119 folklore, when people talk about the 418 00:17:03,120 --> 00:17:04,500 clipper chip, they talk about 419 00:17:05,760 --> 00:17:06,760 eavesdropping. 420 00:17:07,810 --> 00:17:10,239 And basically 421 00:17:10,240 --> 00:17:12,309 bugging telephones. 422 00:17:12,310 --> 00:17:14,379 But the the 423 00:17:14,380 --> 00:17:16,479 proposal that the Clinton 424 00:17:16,480 --> 00:17:18,759 administration basically made 425 00:17:18,760 --> 00:17:20,828 and try to implement had 426 00:17:20,829 --> 00:17:22,899 watch ahead a much wider scope 427 00:17:24,400 --> 00:17:27,399 besides those lawful 428 00:17:27,400 --> 00:17:29,859 interception eavesdropping capacities. 429 00:17:31,390 --> 00:17:33,459 This program also envisioned 430 00:17:33,460 --> 00:17:35,769 digital identities 431 00:17:35,770 --> 00:17:38,229 for the US citizens based 432 00:17:38,230 --> 00:17:41,079 on a officially recognized 433 00:17:41,080 --> 00:17:43,479 and officially implemented 434 00:17:43,480 --> 00:17:45,699 cryptographic system, with 435 00:17:45,700 --> 00:17:48,159 ciphers provided by the government 436 00:17:48,160 --> 00:17:50,859 in this case, by the end, actually by the 437 00:17:50,860 --> 00:17:53,259 NIST, the National Institute 438 00:17:53,260 --> 00:17:54,260 for Standardization 439 00:17:55,690 --> 00:17:57,069 and the NSA. 440 00:17:57,070 --> 00:17:59,139 So the NSA was publicly 441 00:17:59,140 --> 00:18:01,119 part of this program. 442 00:18:01,120 --> 00:18:03,249 And and uh, 443 00:18:03,250 --> 00:18:05,079 you will find in all the documents 444 00:18:07,240 --> 00:18:09,730 mentioned that the NSA approved of this 445 00:18:11,080 --> 00:18:13,479 algorithms to be used 446 00:18:13,480 --> 00:18:14,480 here. 447 00:18:15,230 --> 00:18:17,449 So basically, and that's why I said it 448 00:18:17,450 --> 00:18:20,059 might illustrate some of the developments 449 00:18:20,060 --> 00:18:21,799 that we are seeing today. 450 00:18:21,800 --> 00:18:23,929 The NSA acted in 451 00:18:23,930 --> 00:18:26,149 the open and set 452 00:18:26,150 --> 00:18:27,739 in not only NSA, basically the U.S. 453 00:18:27,740 --> 00:18:29,689 government acted in the open, said we 454 00:18:29,690 --> 00:18:32,419 need encrypted communication 455 00:18:32,420 --> 00:18:34,759 for our citizens to enable 456 00:18:34,760 --> 00:18:36,949 them to conduct business 457 00:18:36,950 --> 00:18:38,219 and so forth. 458 00:18:38,220 --> 00:18:39,829 Cybercrime and you know all this. 459 00:18:40,910 --> 00:18:43,069 But at the same time, we 460 00:18:43,070 --> 00:18:45,769 need to be able to intercept 461 00:18:45,770 --> 00:18:48,019 and control those 462 00:18:48,020 --> 00:18:51,679 cryptographic communications 463 00:18:51,680 --> 00:18:54,079 and thus 464 00:18:54,080 --> 00:18:55,519 we are offering. 465 00:18:55,520 --> 00:18:57,709 And it was a proposal was not 466 00:18:57,710 --> 00:18:59,299 a law that actually got enacted. 467 00:18:59,300 --> 00:19:01,399 We are offering a 468 00:19:01,400 --> 00:19:04,459 public key cryptography infrastructure 469 00:19:04,460 --> 00:19:06,709 for basically 470 00:19:06,710 --> 00:19:08,839 the U.S. situation that 471 00:19:08,840 --> 00:19:11,659 would allow both, on the one hand, 472 00:19:11,660 --> 00:19:14,029 secure communication, on the other hand, 473 00:19:14,030 --> 00:19:15,889 lawful interception. 474 00:19:15,890 --> 00:19:18,019 Right. So of course, 475 00:19:19,490 --> 00:19:21,589 few people in 476 00:19:21,590 --> 00:19:24,199 civil society actually liked this idea, 477 00:19:24,200 --> 00:19:27,499 and the opposition against 478 00:19:27,500 --> 00:19:30,049 this policy proposal was one of the 479 00:19:30,050 --> 00:19:32,329 formative campaigns for 480 00:19:32,330 --> 00:19:34,519 the Electronic Frontier Foundation. 481 00:19:35,960 --> 00:19:38,389 Also, the business community 482 00:19:38,390 --> 00:19:40,759 opposed this project strongly 483 00:19:40,760 --> 00:19:42,979 because if they feared 484 00:19:42,980 --> 00:19:45,619 for their export chances, if 485 00:19:45,620 --> 00:19:47,809 every computing device made 486 00:19:47,810 --> 00:19:48,829 in the U.S. 487 00:19:48,830 --> 00:19:51,709 would contain a government backdoor. 488 00:19:51,710 --> 00:19:54,799 Right. So eventually, 489 00:19:54,800 --> 00:19:57,319 the whole thing fell apart 490 00:19:57,320 --> 00:19:59,359 and never came to bear. 491 00:19:59,360 --> 00:20:01,579 So we're now in roughly 492 00:20:01,580 --> 00:20:03,739 1996, and this is the US 493 00:20:03,740 --> 00:20:04,740 situation. 494 00:20:06,500 --> 00:20:08,689 There is a well-funded 495 00:20:08,690 --> 00:20:09,690 and and, 496 00:20:11,300 --> 00:20:13,369 uh, high 497 00:20:13,370 --> 00:20:14,779 level attempt to create digital 498 00:20:14,780 --> 00:20:17,689 identities, which basically, 499 00:20:17,690 --> 00:20:20,089 um falls apart 500 00:20:20,090 --> 00:20:22,149 because of the 501 00:20:22,150 --> 00:20:24,409 way this was set 502 00:20:24,410 --> 00:20:26,989 up at the same time, 503 00:20:26,990 --> 00:20:28,700 um, in Germany. 504 00:20:29,990 --> 00:20:31,279 This is how McCaul. I didn't find a 505 00:20:31,280 --> 00:20:33,589 better picture with this nice and 506 00:20:35,120 --> 00:20:37,699 from from the election campaign, 507 00:20:37,700 --> 00:20:40,879 uh, secure into the future. 508 00:20:40,880 --> 00:20:42,769 It's what it reads there. 509 00:20:42,770 --> 00:20:44,839 At the same time, the Homewood School 510 00:20:44,840 --> 00:20:46,250 Administration actually 511 00:20:47,360 --> 00:20:48,360 tried 512 00:20:49,490 --> 00:20:51,469 to implement their own digital identity 513 00:20:51,470 --> 00:20:54,439 regime and actively 514 00:20:54,440 --> 00:20:56,569 discussed this during the most 515 00:20:56,570 --> 00:20:58,819 part most, most of the first 516 00:20:58,820 --> 00:21:01,400 part of the 90s and 517 00:21:03,710 --> 00:21:06,019 very late in during 518 00:21:06,020 --> 00:21:07,519 his term. 519 00:21:07,520 --> 00:21:08,520 How do you say you? 520 00:21:09,520 --> 00:21:11,059 Um um 521 00:21:13,180 --> 00:21:14,089 uh. 522 00:21:14,090 --> 00:21:15,380 The administration 523 00:21:16,550 --> 00:21:18,019 enacted the information on some 524 00:21:18,020 --> 00:21:20,179 communications deans to Gazette's 525 00:21:20,180 --> 00:21:22,249 UDCA, which contained two 526 00:21:22,250 --> 00:21:24,649 so-called signature Gazette's 527 00:21:24,650 --> 00:21:26,479 and two signature Gazette's, which is 528 00:21:26,480 --> 00:21:29,089 basically valid to the state, has been 529 00:21:29,090 --> 00:21:31,219 changed a couple of times provided 530 00:21:31,220 --> 00:21:33,229 the legal prerequisites to create a 531 00:21:33,230 --> 00:21:34,969 digital equivalent for handwritten 532 00:21:34,970 --> 00:21:37,339 signatures and provided regulation 533 00:21:37,340 --> 00:21:39,859 for the implementation of an officially 534 00:21:39,860 --> 00:21:42,079 recognized public key infrastructure 535 00:21:42,080 --> 00:21:43,080 in Germany. 536 00:21:43,790 --> 00:21:45,649 Unlike the US system, there were no 537 00:21:45,650 --> 00:21:47,749 provisions for key escrow, 538 00:21:47,750 --> 00:21:49,429 but the government would create and 539 00:21:49,430 --> 00:21:52,549 maintain the root institution. 540 00:21:52,550 --> 00:21:53,550 And, of course, 541 00:21:54,800 --> 00:21:56,959 hold the root case from which all 542 00:21:56,960 --> 00:21:59,179 officially recognized digital signatures 543 00:21:59,180 --> 00:22:01,519 in Germany would have to be derived. 544 00:22:02,800 --> 00:22:05,349 The signature, because became law 545 00:22:05,350 --> 00:22:07,779 on January 1st, 1997, 546 00:22:07,780 --> 00:22:09,999 and the German government 547 00:22:10,000 --> 00:22:12,579 boosted it as the first digital signature 548 00:22:12,580 --> 00:22:14,919 law worldwide and somewhat 549 00:22:14,920 --> 00:22:17,439 naively, the German government 550 00:22:17,440 --> 00:22:19,539 expected a white stripped of 551 00:22:19,540 --> 00:22:21,579 widespread adaptation of digital 552 00:22:21,580 --> 00:22:23,949 signatures and envisioned a system 553 00:22:23,950 --> 00:22:26,109 where people would voluntarily use those 554 00:22:26,110 --> 00:22:27,110 signatures 555 00:22:28,420 --> 00:22:30,879 as to official address for 556 00:22:30,880 --> 00:22:33,279 transactions like legal contracts 557 00:22:33,280 --> 00:22:35,889 for e-government and also 558 00:22:35,890 --> 00:22:38,079 for health care and 559 00:22:38,080 --> 00:22:39,849 other welfare state provisions. 560 00:22:41,360 --> 00:22:42,789 And they've actually pretty lofty 561 00:22:42,790 --> 00:22:45,439 e-government, uh, visions 562 00:22:45,440 --> 00:22:47,599 which never came to bear and 563 00:22:47,600 --> 00:22:49,909 also the uptake in the market. 564 00:22:49,910 --> 00:22:50,910 Um. 565 00:22:51,900 --> 00:22:53,640 Basically did not happen at all. 566 00:22:55,320 --> 00:22:58,379 The German government, however, continued 567 00:22:58,380 --> 00:23:00,509 to promote and develop 568 00:23:00,510 --> 00:23:02,669 its digital signature vision 569 00:23:02,670 --> 00:23:04,919 and programs as 570 00:23:04,920 --> 00:23:07,469 the solution to the internet identity 571 00:23:07,470 --> 00:23:08,879 problem. 572 00:23:08,880 --> 00:23:10,979 And in the following years. 573 00:23:10,980 --> 00:23:13,439 So from 1997 on, 574 00:23:13,440 --> 00:23:16,409 um, quite some, uh, 575 00:23:16,410 --> 00:23:18,479 quite a bunch of pilot programs 576 00:23:18,480 --> 00:23:20,549 were initiated, which 577 00:23:20,550 --> 00:23:24,029 are relied on smart card systems, 578 00:23:24,030 --> 00:23:26,879 which basically implemented provisions 579 00:23:26,880 --> 00:23:29,129 as outlined by the signature visits 580 00:23:29,130 --> 00:23:30,569 to signature law in English. 581 00:23:32,200 --> 00:23:34,629 So in other words, by 1996, 582 00:23:34,630 --> 00:23:36,369 the German government had decided that 583 00:23:36,370 --> 00:23:38,109 rolling out a public key infrastructure 584 00:23:38,110 --> 00:23:39,699 and providing digital signatures to 585 00:23:39,700 --> 00:23:41,859 submit to German citizens 586 00:23:41,860 --> 00:23:44,169 is an essential aspect 587 00:23:44,170 --> 00:23:46,239 of digital politics. 588 00:23:46,240 --> 00:23:48,220 And despite many setbacks 589 00:23:49,330 --> 00:23:50,799 and at least four different 590 00:23:50,800 --> 00:23:53,529 administrations in power since then, 591 00:23:53,530 --> 00:23:55,959 um, this vision is 592 00:23:55,960 --> 00:23:58,299 still division of the German government. 593 00:24:00,610 --> 00:24:01,869 So the second wave 594 00:24:03,970 --> 00:24:06,549 of digital identity policies of 595 00:24:06,550 --> 00:24:09,819 state sponsored digital identity policies 596 00:24:09,820 --> 00:24:11,589 is basically the last decade. 597 00:24:11,590 --> 00:24:13,869 And in this context, 598 00:24:13,870 --> 00:24:14,870 I will 599 00:24:16,570 --> 00:24:18,549 solely speak about the German example 600 00:24:18,550 --> 00:24:21,039 because interestingly, 601 00:24:21,040 --> 00:24:23,769 in the US, not much happened. 602 00:24:23,770 --> 00:24:26,499 And I believe that after the Clipper chip 603 00:24:26,500 --> 00:24:29,349 debacle and also after 9-11, 604 00:24:29,350 --> 00:24:31,629 um, other things were 605 00:24:31,630 --> 00:24:32,769 more important. 606 00:24:32,770 --> 00:24:35,559 And nobody really dared to 607 00:24:35,560 --> 00:24:37,589 touch this issue again. 608 00:24:37,590 --> 00:24:38,739 Um, and also 609 00:24:40,420 --> 00:24:42,249 there were fears of interfering with the 610 00:24:42,250 --> 00:24:45,459 explosive growth of the IT sector. 611 00:24:45,460 --> 00:24:47,679 Um, nobody really wants to touch 612 00:24:47,680 --> 00:24:50,259 that market because evidently 613 00:24:50,260 --> 00:24:51,819 at least the market was functioning. 614 00:24:51,820 --> 00:24:54,399 Even from a government perspective, 615 00:24:54,400 --> 00:24:56,889 the inability to identify 616 00:24:56,890 --> 00:24:59,529 people in a legally 617 00:24:59,530 --> 00:25:01,690 valid way remains. 618 00:25:02,990 --> 00:25:05,449 So, uh, except 619 00:25:05,450 --> 00:25:08,059 some ill fated attempts by the Bush 620 00:25:08,060 --> 00:25:10,519 Bush administration to piggyback 621 00:25:10,520 --> 00:25:12,319 a digital signature initiative on the 622 00:25:12,320 --> 00:25:14,389 Real ID Act in 2005, there 623 00:25:14,390 --> 00:25:16,939 was no large scale 624 00:25:16,940 --> 00:25:18,140 policy approach 625 00:25:19,820 --> 00:25:20,820 to 626 00:25:21,920 --> 00:25:24,019 towards providing digital 627 00:25:24,020 --> 00:25:25,020 identities. 628 00:25:27,440 --> 00:25:29,899 The situation in Europe is different 629 00:25:29,900 --> 00:25:31,969 in the last decade. 630 00:25:31,970 --> 00:25:34,279 By the mid 2000s 631 00:25:34,280 --> 00:25:36,079 2000, most European countries were 632 00:25:36,080 --> 00:25:38,329 pursuing some sort of smartcard based 633 00:25:38,330 --> 00:25:40,399 identity system because most European 634 00:25:40,400 --> 00:25:42,709 countries have identity cards 635 00:25:42,710 --> 00:25:44,959 like the German identity 636 00:25:44,960 --> 00:25:45,979 card. 637 00:25:45,980 --> 00:25:48,439 And most countries 638 00:25:48,440 --> 00:25:51,659 tried to transition those cards to 639 00:25:51,660 --> 00:25:53,929 to chip cards to smart cards 640 00:25:53,930 --> 00:25:56,239 and use those smart cards and some 641 00:25:56,240 --> 00:25:58,459 some way or another to implement 642 00:25:58,460 --> 00:26:00,140 digital identity solutions. 643 00:26:03,490 --> 00:26:05,679 In Germany, this was 644 00:26:05,680 --> 00:26:08,739 one of the main, uh, 645 00:26:08,740 --> 00:26:11,139 policy areas of the 646 00:26:11,140 --> 00:26:12,140 UM 647 00:26:13,210 --> 00:26:15,609 ruling Red-Green coalition of Chancellor 648 00:26:15,610 --> 00:26:17,709 Schroeder, which enacted a number 649 00:26:17,710 --> 00:26:19,959 of bills with ambitious programs to 650 00:26:19,960 --> 00:26:22,329 provide German citizens with smart cards 651 00:26:22,330 --> 00:26:24,759 holding digital signatures. 652 00:26:24,760 --> 00:26:26,469 Most of these laws were based on the 653 00:26:26,470 --> 00:26:28,419 specifications given by the 654 00:26:28,420 --> 00:26:30,189 aforementioned signature Gazette's, 655 00:26:31,300 --> 00:26:33,189 but included some alterations made 656 00:26:33,190 --> 00:26:35,469 necessary by the European Union's 657 00:26:35,470 --> 00:26:37,209 Digital Signature Directive from 2000 658 00:26:37,210 --> 00:26:38,379 2001. 659 00:26:38,380 --> 00:26:40,569 Basically, the European Union 660 00:26:40,570 --> 00:26:43,029 said the German signature 661 00:26:43,030 --> 00:26:44,529 Gazette's from 97 662 00:26:45,820 --> 00:26:48,369 makes unrealistic 663 00:26:48,370 --> 00:26:50,439 assumptions on the necessary 664 00:26:50,440 --> 00:26:52,629 security levels for digital signatures, 665 00:26:52,630 --> 00:26:55,959 for example, the trust centers. 666 00:26:55,960 --> 00:26:57,640 So the secondary trust centers 667 00:26:59,020 --> 00:27:00,909 that like that companies like Georgia 668 00:27:00,910 --> 00:27:04,029 Telecom also would run, uh 669 00:27:04,030 --> 00:27:05,530 uh, needed to be 670 00:27:06,650 --> 00:27:08,889 of such high security level that they 671 00:27:08,890 --> 00:27:10,839 were economically infeasible. 672 00:27:10,840 --> 00:27:12,429 This was one one of the things that the 673 00:27:12,430 --> 00:27:13,430 European Union 674 00:27:15,310 --> 00:27:17,409 criticized and which had to be changed 675 00:27:17,410 --> 00:27:19,000 into German network assets. 676 00:27:21,280 --> 00:27:23,289 This would administration initiated three 677 00:27:23,290 --> 00:27:25,989 projects in Germany, the elected electron 678 00:27:25,990 --> 00:27:28,239 and others, which has Vice, 679 00:27:28,240 --> 00:27:30,879 which is the electronic ID card. 680 00:27:30,880 --> 00:27:33,129 Today, it's called a new 681 00:27:33,130 --> 00:27:35,499 passenger list was because some 682 00:27:35,500 --> 00:27:38,349 sort of PR agency 683 00:27:39,640 --> 00:27:41,109 did some research and found out that 684 00:27:41,110 --> 00:27:44,169 electronic im, 685 00:27:44,170 --> 00:27:46,359 uh, has some connotations that 686 00:27:46,360 --> 00:27:49,119 people that make people suspicious. 687 00:27:49,120 --> 00:27:51,219 So noia personalized license nisi, 688 00:27:51,220 --> 00:27:53,469 which just means new personal 689 00:27:53,470 --> 00:27:54,999 I.D. card. 690 00:27:55,000 --> 00:27:57,159 So one of the project 691 00:27:57,160 --> 00:28:00,009 was the electronic and almost was 692 00:28:00,010 --> 00:28:01,899 second project was electronically was 693 00:28:01,900 --> 00:28:03,369 sometimes called electronic health care 694 00:28:03,370 --> 00:28:05,289 card, and the third project was the 695 00:28:05,290 --> 00:28:06,369 so-called job card. 696 00:28:07,750 --> 00:28:09,969 It has analysis which you see here with 697 00:28:09,970 --> 00:28:11,919 the former Minister of Interior Otto 698 00:28:11,920 --> 00:28:12,920 Shealy. 699 00:28:13,480 --> 00:28:15,699 It's the idea that every German is 700 00:28:15,700 --> 00:28:18,179 expected to have um 701 00:28:19,240 --> 00:28:20,650 and um, 702 00:28:21,730 --> 00:28:24,069 which actually most Germans also own. 703 00:28:24,070 --> 00:28:25,959 There's actually no obligation to have 704 00:28:25,960 --> 00:28:27,429 fun. You just have to have either a 705 00:28:27,430 --> 00:28:29,429 passport or an ID card. 706 00:28:29,430 --> 00:28:31,599 Um, but most people in 707 00:28:31,600 --> 00:28:33,699 Germany have have this 708 00:28:33,700 --> 00:28:35,829 I.D. card because it's 709 00:28:35,830 --> 00:28:37,270 it's used fairly often. 710 00:28:43,110 --> 00:28:45,269 So the 711 00:28:45,270 --> 00:28:47,639 legal prerequisites of the of the 712 00:28:47,640 --> 00:28:49,799 electronic ID card when acted 713 00:28:49,800 --> 00:28:51,869 in November 2012 and 714 00:28:51,870 --> 00:28:53,939 2011 in the so-called anti-terror 715 00:28:53,940 --> 00:28:56,099 law, which 716 00:28:56,100 --> 00:28:58,439 basically which, whether 717 00:28:58,440 --> 00:28:59,880 basically used the chance 718 00:29:01,260 --> 00:29:03,449 of the impact of 9-11 719 00:29:03,450 --> 00:29:05,939 to say We need electronic 720 00:29:05,940 --> 00:29:08,369 ID ID 721 00:29:08,370 --> 00:29:10,440 media because 722 00:29:11,700 --> 00:29:14,159 it makes it easier to find terrorists. 723 00:29:14,160 --> 00:29:16,319 It's the usual story. 724 00:29:16,320 --> 00:29:19,169 The system, of course, and 725 00:29:19,170 --> 00:29:21,599 the law have been been shaping 726 00:29:21,600 --> 00:29:24,179 up for a much longer before. 727 00:29:24,180 --> 00:29:26,279 It was just a good chance 728 00:29:26,280 --> 00:29:27,780 to to enact it. 729 00:29:29,360 --> 00:29:31,639 The actual roll out of this 730 00:29:31,640 --> 00:29:34,099 electronic identity card 731 00:29:34,100 --> 00:29:37,549 only took place since October 2010, 732 00:29:37,550 --> 00:29:40,549 and by now around 20 million 733 00:29:40,550 --> 00:29:42,889 are rolled out to the German citizens. 734 00:29:42,890 --> 00:29:45,229 And in another 10 years, all 735 00:29:45,230 --> 00:29:47,779 18 million German citizens 736 00:29:47,780 --> 00:29:49,159 should have one of these in their 737 00:29:49,160 --> 00:29:50,160 pockets. 738 00:29:51,170 --> 00:29:53,479 This I.D. card contains a chip which 739 00:29:53,480 --> 00:29:55,010 again holds the private key 740 00:29:56,030 --> 00:29:58,159 of a 741 00:29:58,160 --> 00:29:59,689 digital signature infrastructure and 742 00:29:59,690 --> 00:30:02,119 authentication infrastructure, 743 00:30:02,120 --> 00:30:04,579 which also can 744 00:30:04,580 --> 00:30:06,289 be but not necessarily 745 00:30:08,300 --> 00:30:10,009 linked back to the route maintained at 746 00:30:10,010 --> 00:30:11,389 the Buddhist Nets. I Can Tool, which is 747 00:30:11,390 --> 00:30:12,799 an official institution 748 00:30:15,440 --> 00:30:17,659 that does the oversight on 749 00:30:17,660 --> 00:30:19,249 of the public key infrastructure in 750 00:30:19,250 --> 00:30:20,250 Germany. 751 00:30:21,650 --> 00:30:24,019 So people 752 00:30:24,020 --> 00:30:25,429 actually have those things, they just 753 00:30:25,430 --> 00:30:27,129 don't use them, right? 754 00:30:27,130 --> 00:30:28,130 This 755 00:30:30,110 --> 00:30:32,569 there is absolutely no digital 756 00:30:32,570 --> 00:30:34,909 uptake in the electronic 757 00:30:34,910 --> 00:30:37,219 identity and digital signature 758 00:30:37,220 --> 00:30:40,099 capacity of this capability 759 00:30:40,100 --> 00:30:42,889 of this electronic ID 760 00:30:42,890 --> 00:30:43,789 card. 761 00:30:43,790 --> 00:30:45,409 Still, I think it's an important part 762 00:30:45,410 --> 00:30:47,509 that the roll out takes place and that 763 00:30:47,510 --> 00:30:48,510 the government 764 00:30:49,880 --> 00:30:51,889 still maintains its stance that this is 765 00:30:51,890 --> 00:30:52,890 important. 766 00:30:54,230 --> 00:30:56,479 Also in 2003 and in 767 00:30:56,480 --> 00:30:58,730 2003, two years after the 768 00:30:59,870 --> 00:31:01,969 anti-terror blog, it's another piece of 769 00:31:01,970 --> 00:31:04,579 legislation of the Red-Green 770 00:31:04,580 --> 00:31:06,739 Coalition of the past, 771 00:31:06,740 --> 00:31:08,959 and that was to gazette, so one is 772 00:31:08,960 --> 00:31:10,999 using the existing King Faisal. 773 00:31:11,000 --> 00:31:13,579 So this is the law for the modernization 774 00:31:13,580 --> 00:31:15,830 of the, um, 775 00:31:17,240 --> 00:31:19,099 what is this health insurance, right? 776 00:31:20,450 --> 00:31:22,879 This was part of the famous agenda 2010, 777 00:31:22,880 --> 00:31:25,039 the 2010 efforts of reforms of 778 00:31:25,040 --> 00:31:26,629 the welfare state. 779 00:31:26,630 --> 00:31:28,759 And in a way, it's an even more 780 00:31:28,760 --> 00:31:29,839 ambitious project. 781 00:31:29,840 --> 00:31:32,029 And it just showed Electronics 782 00:31:32,030 --> 00:31:33,320 Shop hasn't lost face 783 00:31:34,820 --> 00:31:36,979 because this law 784 00:31:36,980 --> 00:31:39,109 basically. So you see, it's what is 785 00:31:39,110 --> 00:31:40,110 it article? 786 00:31:42,620 --> 00:31:44,539 Is it actually on there? 787 00:31:44,540 --> 00:31:46,219 Oh, no, it's it's not listed. 788 00:31:46,220 --> 00:31:48,869 I think it's an Article five and on 789 00:31:48,870 --> 00:31:51,169 disputing pixel 790 00:31:51,170 --> 00:31:52,170 tags. It's 791 00:31:54,020 --> 00:31:56,959 because this law mandated 792 00:31:56,960 --> 00:31:59,299 that every German would get 793 00:31:59,300 --> 00:32:00,300 such a card. 794 00:32:01,310 --> 00:32:03,169 The electronics contact's card electronic 795 00:32:03,170 --> 00:32:04,170 health care card 796 00:32:05,360 --> 00:32:07,639 Since Germany has universal health care 797 00:32:07,640 --> 00:32:10,069 since actually 1892, 798 00:32:10,070 --> 00:32:12,949 Wellcome America in modernity 799 00:32:12,950 --> 00:32:15,529 this means that every German 800 00:32:15,530 --> 00:32:16,640 will get such a card. 801 00:32:18,840 --> 00:32:21,269 Without going into too much detail, 802 00:32:21,270 --> 00:32:23,339 this card is basically the front end 803 00:32:23,340 --> 00:32:26,489 of an ambitious e-health infrastructure, 804 00:32:26,490 --> 00:32:28,859 including electronic health records 805 00:32:28,860 --> 00:32:30,450 for every individual. 806 00:32:31,680 --> 00:32:32,680 And 807 00:32:33,810 --> 00:32:36,929 if actually coming to fruition 808 00:32:36,930 --> 00:32:39,119 would probably be 809 00:32:39,120 --> 00:32:40,120 the biggest. 810 00:32:41,770 --> 00:32:44,319 Electronic identity system worldwide, 811 00:32:45,370 --> 00:32:47,559 the card is being rolled out since 812 00:32:47,560 --> 00:32:48,700 2011. 813 00:32:50,200 --> 00:32:52,299 By now, there's 25 million 814 00:32:52,300 --> 00:32:54,429 of those out there and they 815 00:32:54,430 --> 00:32:56,739 expect to total roll out within the next 816 00:32:56,740 --> 00:32:57,740 two years. 817 00:33:00,230 --> 00:33:03,049 So the important part here is 818 00:33:03,050 --> 00:33:06,559 that the digital signature 819 00:33:06,560 --> 00:33:09,379 on this card is compatible 820 00:33:09,380 --> 00:33:11,389 to the digital signature on the new 821 00:33:11,390 --> 00:33:13,489 personal office was on the electronic 822 00:33:13,490 --> 00:33:14,839 ID card. 823 00:33:14,840 --> 00:33:17,269 It's basically the same system 824 00:33:17,270 --> 00:33:19,819 and you can use them, vice versa, 825 00:33:19,820 --> 00:33:20,929 at least in certain 826 00:33:22,310 --> 00:33:24,499 in certain parts of the system. 827 00:33:26,990 --> 00:33:27,990 So. 828 00:33:30,880 --> 00:33:31,880 Second, 829 00:33:33,040 --> 00:33:35,679 again, here is the issue 830 00:33:35,680 --> 00:33:38,049 that even though this system 831 00:33:38,050 --> 00:33:40,179 was mandated by law to be in 832 00:33:40,180 --> 00:33:42,519 place and up and running 833 00:33:42,520 --> 00:33:44,739 by 2006, the actual rollout 834 00:33:44,740 --> 00:33:47,139 only started two years ago 835 00:33:47,140 --> 00:33:49,629 and the e-health infrastructure 836 00:33:49,630 --> 00:33:51,279 envisioned in this program is actually 837 00:33:51,280 --> 00:33:52,569 not implemented yet, 838 00:33:53,680 --> 00:33:55,119 partly because there was fierce 839 00:33:55,120 --> 00:33:57,669 opposition by the medical community 840 00:33:57,670 --> 00:34:00,099 by doctors which 841 00:34:00,100 --> 00:34:02,349 feared the Gleeson, a patient, 842 00:34:02,350 --> 00:34:04,539 a transparent patient, which I think 843 00:34:04,540 --> 00:34:05,540 is actually not true 844 00:34:06,640 --> 00:34:09,158 because the privacy 845 00:34:10,239 --> 00:34:12,729 infrastructure that is 846 00:34:12,730 --> 00:34:14,319 part of the electronic records onto its 847 00:34:14,320 --> 00:34:16,779 cadre is 848 00:34:16,780 --> 00:34:18,789 a fairly sophisticated and interesting 849 00:34:18,790 --> 00:34:20,919 approach of of dealing with the 850 00:34:20,920 --> 00:34:22,779 privacy issues in the medical 851 00:34:23,889 --> 00:34:24,968 context. 852 00:34:24,969 --> 00:34:27,339 But what it would definitely 853 00:34:27,340 --> 00:34:29,738 enable is to make the medical system 854 00:34:29,739 --> 00:34:31,569 much more transparent than it is today. 855 00:34:31,570 --> 00:34:33,428 And that was one of the reasons why it 856 00:34:33,429 --> 00:34:35,529 was implemented because the government 857 00:34:35,530 --> 00:34:38,289 basically drops 250 858 00:34:38,290 --> 00:34:40,448 billions each year into the health care 859 00:34:40,449 --> 00:34:42,579 system and has no good ways of 860 00:34:42,580 --> 00:34:44,738 tracing where that money goes. 861 00:34:44,739 --> 00:34:46,809 And basically, medical 862 00:34:46,810 --> 00:34:49,689 community in Germany has managed 863 00:34:49,690 --> 00:34:51,789 to slow 864 00:34:51,790 --> 00:34:53,948 down at least the implementation 865 00:34:53,949 --> 00:34:56,379 of this project and is actively trying 866 00:34:57,460 --> 00:34:59,840 to prevent UM. 867 00:35:02,570 --> 00:35:04,999 Well, be cautious here is 868 00:35:05,000 --> 00:35:06,799 actively trying to prevent to becoming 869 00:35:06,800 --> 00:35:08,299 more transparent than it is today. 870 00:35:08,300 --> 00:35:10,279 OK. Ten more minutes, we need to rush 871 00:35:12,590 --> 00:35:15,709 the third part of. 872 00:35:15,710 --> 00:35:17,989 Those aforementioned 873 00:35:17,990 --> 00:35:20,689 three policy projects by the Schluter 874 00:35:20,690 --> 00:35:22,759 administration was the so-called job 875 00:35:22,760 --> 00:35:23,689 cut. 876 00:35:23,690 --> 00:35:25,339 And let me go back to this interesting 877 00:35:25,340 --> 00:35:27,259 for the German listeners because the 878 00:35:27,260 --> 00:35:29,539 agenda 2010, the social welfare 879 00:35:29,540 --> 00:35:31,939 reforms enacted by Schluter 880 00:35:31,940 --> 00:35:34,069 have been much disputed 881 00:35:34,070 --> 00:35:36,019 and they go back to the parts of them. 882 00:35:36,020 --> 00:35:37,519 Go back to this 883 00:35:39,560 --> 00:35:42,439 report by the Commission for 884 00:35:42,440 --> 00:35:45,109 Modern Services in the Labor Market, 885 00:35:45,110 --> 00:35:47,239 the so-called Hartz Commission, 886 00:35:47,240 --> 00:35:49,759 which basically 887 00:35:49,760 --> 00:35:52,519 led to the Hartsville, uh, 888 00:35:52,520 --> 00:35:53,749 framework and so forth. 889 00:35:53,750 --> 00:35:56,479 And if you look at this long list of 890 00:35:56,480 --> 00:35:58,669 of things that that that are mentioned 891 00:35:58,670 --> 00:36:00,829 there, you will see they 892 00:36:00,830 --> 00:36:02,419 actually can't really see it here. 893 00:36:02,420 --> 00:36:03,619 You probably can't either. 894 00:36:04,640 --> 00:36:05,640 Oops. 895 00:36:06,740 --> 00:36:08,959 That it says signal to a car to on 896 00:36:08,960 --> 00:36:10,079 here. 897 00:36:10,080 --> 00:36:12,319 Right? So you have all kinds of things 898 00:36:12,320 --> 00:36:14,449 fertile air passenger service are going 899 00:36:14,450 --> 00:36:16,099 to a vital building, uniquely your job 900 00:36:16,100 --> 00:36:19,039 center, whatever the usual welfare, state 901 00:36:19,040 --> 00:36:21,649 uninsurance, employment issues, right? 902 00:36:21,650 --> 00:36:24,589 And among this, in 2002, 903 00:36:24,590 --> 00:36:26,189 they have signaled Toccata. 904 00:36:26,190 --> 00:36:27,319 Right. 905 00:36:27,320 --> 00:36:29,579 So again, in Germany, will 906 00:36:29,580 --> 00:36:31,759 you see that basically 907 00:36:31,760 --> 00:36:33,379 the welfare state is being used as a 908 00:36:33,380 --> 00:36:35,389 medium, as a vehicle to implement digital 909 00:36:35,390 --> 00:36:36,279 identity? 910 00:36:36,280 --> 00:36:37,309 Right. 911 00:36:37,310 --> 00:36:38,310 And 912 00:36:39,920 --> 00:36:41,779 next to universal health care, we have 913 00:36:41,780 --> 00:36:44,119 universal unemployment 914 00:36:44,120 --> 00:36:47,269 insurance also since 1892. 915 00:36:47,270 --> 00:36:49,429 And as part of this unemployment 916 00:36:49,430 --> 00:36:52,069 insurance, employers 917 00:36:52,070 --> 00:36:54,049 have to report the working hours 918 00:36:55,430 --> 00:36:58,459 and the income of the employees 919 00:36:58,460 --> 00:37:01,639 to the insurance entities. 920 00:37:01,640 --> 00:37:04,009 And this is done on paper 921 00:37:04,010 --> 00:37:06,199 to this day, and Division of 922 00:37:06,200 --> 00:37:08,869 the Food Administration was to 923 00:37:08,870 --> 00:37:11,089 do this digitally and to system 924 00:37:11,090 --> 00:37:12,769 to do this had the name Eleanor 925 00:37:12,770 --> 00:37:14,059 Electronica and get in. 926 00:37:15,710 --> 00:37:17,599 Actually, this would have not included a 927 00:37:17,600 --> 00:37:19,699 cart because the Gesundheit 928 00:37:19,700 --> 00:37:21,469 cart and electronic shop hasn't. 929 00:37:21,470 --> 00:37:23,419 All sides would have had the signature 930 00:37:23,420 --> 00:37:26,539 necessary to use the system, 931 00:37:26,540 --> 00:37:27,540 so. 932 00:37:30,200 --> 00:37:31,879 There are some pictures of job cuts if 933 00:37:31,880 --> 00:37:33,109 you start to look around. 934 00:37:33,110 --> 00:37:34,819 It was called job cuts before it was 935 00:37:34,820 --> 00:37:35,989 called Eleanor. 936 00:37:35,990 --> 00:37:37,969 But basically this was a cardless systems 937 00:37:39,770 --> 00:37:42,139 which would use the existing public 938 00:37:42,140 --> 00:37:43,879 infrastructure provided by the two other 939 00:37:43,880 --> 00:37:46,129 courts to function. 940 00:37:46,130 --> 00:37:47,270 Eleanor actually 941 00:37:49,310 --> 00:37:50,749 didn't come to bear because of the 942 00:37:50,750 --> 00:37:52,129 privacy issues. 943 00:37:52,130 --> 00:37:53,569 In this case, there would have been a 944 00:37:53,570 --> 00:37:55,699 central repository for all the data that 945 00:37:55,700 --> 00:37:56,700 was to be collected 946 00:37:58,850 --> 00:38:00,979 for the unemployment insurance, and the 947 00:38:00,980 --> 00:38:03,079 privacy risk were deemed to be too high, 948 00:38:03,080 --> 00:38:05,059 and it was considerable political 949 00:38:05,060 --> 00:38:07,459 opposition to the system 950 00:38:07,460 --> 00:38:09,559 and eventually it was scrapped 951 00:38:09,560 --> 00:38:11,329 in 2011. 952 00:38:11,330 --> 00:38:13,429 There are no new ideas how 953 00:38:13,430 --> 00:38:15,979 to do this. So expect 954 00:38:15,980 --> 00:38:18,139 in the next two or three years some 955 00:38:18,140 --> 00:38:20,389 new proposals how to reform 956 00:38:20,390 --> 00:38:22,459 the unemployment insurance and 957 00:38:22,460 --> 00:38:24,560 how to give it a digital infrastructure. 958 00:38:27,330 --> 00:38:28,439 So wait a minute. 959 00:38:28,440 --> 00:38:30,569 OK. So basically my point here 960 00:38:30,570 --> 00:38:33,299 is that between 2000 961 00:38:33,300 --> 00:38:35,999 one and 2010, roughly 962 00:38:36,000 --> 00:38:38,639 we have a second wave of 963 00:38:38,640 --> 00:38:41,519 attempts to create digital identities, 964 00:38:41,520 --> 00:38:43,649 at least in Europe and especially in 965 00:38:43,650 --> 00:38:45,149 Germany. 966 00:38:45,150 --> 00:38:47,429 That is to use the welfare state 967 00:38:47,430 --> 00:38:49,529 as a vehicle to implement public key 968 00:38:49,530 --> 00:38:52,259 infrastructure and 969 00:38:52,260 --> 00:38:53,260 have 970 00:38:55,010 --> 00:38:56,519 a situation where you actually have use 971 00:38:56,520 --> 00:38:58,049 cases where the populations, where the 972 00:38:58,050 --> 00:39:00,119 citizens need to use that system 973 00:39:00,120 --> 00:39:02,909 because people deal 974 00:39:02,910 --> 00:39:05,009 with welfare, with the welfare state 975 00:39:05,010 --> 00:39:07,289 and its provisions quite 976 00:39:07,290 --> 00:39:08,939 frequently in their life. 977 00:39:08,940 --> 00:39:09,940 Right. 978 00:39:10,920 --> 00:39:12,779 Again, at the same time in the US, 979 00:39:12,780 --> 00:39:14,879 there's nothing really publicly 980 00:39:14,880 --> 00:39:15,880 visible. 981 00:39:16,920 --> 00:39:18,479 The private sector does interesting 982 00:39:18,480 --> 00:39:20,609 things, though there is a 983 00:39:20,610 --> 00:39:23,309 there isn't, as some people 984 00:39:23,310 --> 00:39:25,229 will know, as lively debate going on in 985 00:39:25,230 --> 00:39:27,329 the US between 2000 986 00:39:27,330 --> 00:39:28,330 2010. 987 00:39:29,820 --> 00:39:32,429 Competing systems for online 988 00:39:32,430 --> 00:39:33,900 identity federation, 989 00:39:35,190 --> 00:39:37,349 lifting debate about cryptographic 990 00:39:37,350 --> 00:39:38,350 protocols 991 00:39:40,050 --> 00:39:42,419 and some companies folks 992 00:39:42,420 --> 00:39:44,609 in this case, actually Microsoft, 993 00:39:44,610 --> 00:39:46,559 at least for some time, taking a very 994 00:39:46,560 --> 00:39:48,779 progressive stance with Kim Cameron 995 00:39:48,780 --> 00:39:50,669 publishing the seven loss of identity and 996 00:39:50,670 --> 00:39:51,629 so forth. 997 00:39:51,630 --> 00:39:53,789 But on the government side, not much 998 00:39:53,790 --> 00:39:55,020 is happening this time frame. 999 00:40:00,860 --> 00:40:02,599 Also, at the same time, what happens in 1000 00:40:02,600 --> 00:40:04,669 the US, of course, is and not 1001 00:40:04,670 --> 00:40:06,859 only in the US basically worldwide is 1002 00:40:06,860 --> 00:40:09,409 the rise of social media, Facebook, 1003 00:40:09,410 --> 00:40:11,779 Twitter, Google Plus 1004 00:40:11,780 --> 00:40:14,359 and so forth and off smartphones. 1005 00:40:14,360 --> 00:40:16,669 So the I.T. landscape changes 1006 00:40:16,670 --> 00:40:18,409 tremendously and especially with 1007 00:40:19,550 --> 00:40:21,739 what boost Bruce Sterling 1008 00:40:21,740 --> 00:40:22,740 called the stacks. 1009 00:40:23,990 --> 00:40:26,449 So Amazon, Facebook, 1010 00:40:26,450 --> 00:40:28,849 Twitter, Apple 1011 00:40:28,850 --> 00:40:30,469 and Google. 1012 00:40:30,470 --> 00:40:33,169 You have a massive concentration 1013 00:40:33,170 --> 00:40:35,479 of online activity 1014 00:40:35,480 --> 00:40:37,549 with very, very few actors which 1015 00:40:37,550 --> 00:40:38,959 are based out of the US, 1016 00:40:40,700 --> 00:40:42,859 which basically 1017 00:40:42,860 --> 00:40:45,799 are India in the position 1018 00:40:45,800 --> 00:40:47,929 to identify people or 1019 00:40:47,930 --> 00:40:49,969 to provide identity services. 1020 00:40:49,970 --> 00:40:51,829 And this will come to bear in the third 1021 00:40:51,830 --> 00:40:53,629 wave, which I will not now talk about. 1022 00:40:55,010 --> 00:40:57,889 And I believe we are now entering 1023 00:40:57,890 --> 00:40:59,959 the third wave in the in 1024 00:40:59,960 --> 00:41:02,660 the last two years, basically since 2011. 1025 00:41:06,050 --> 00:41:08,929 So it's almost 2014 1026 00:41:08,930 --> 00:41:11,089 now, which is actually 20 years 1027 00:41:11,090 --> 00:41:13,519 after the Clipper chip initiative. 1028 00:41:13,520 --> 00:41:15,529 And as I said, we are looking back at 1029 00:41:15,530 --> 00:41:17,779 almost 20 years of basically 1030 00:41:17,780 --> 00:41:19,849 failed attempts by a 1031 00:41:19,850 --> 00:41:21,439 nation state to provide digital 1032 00:41:21,440 --> 00:41:23,779 identities, clipper chip failed 1033 00:41:23,780 --> 00:41:25,849 signature visits and all 1034 00:41:25,850 --> 00:41:27,919 those lofty visions of 1035 00:41:27,920 --> 00:41:29,899 results, card electronics and space and 1036 00:41:29,900 --> 00:41:31,729 so forth. I just mentioned also failed so 1037 00:41:31,730 --> 00:41:32,809 far. 1038 00:41:32,810 --> 00:41:34,909 There is there is no real uptake 1039 00:41:34,910 --> 00:41:37,009 because this use case, the systems 1040 00:41:37,010 --> 00:41:39,139 are complicated and so forth. 1041 00:41:39,140 --> 00:41:41,329 But still, I would assert 1042 00:41:43,190 --> 00:41:45,289 that the nation states have 1043 00:41:45,290 --> 00:41:47,659 not given up pursuing 1044 00:41:47,660 --> 00:41:50,749 their vision of creating basically 1045 00:41:50,750 --> 00:41:53,629 public key cryptography based 1046 00:41:53,630 --> 00:41:55,699 digital identities for their citizens. 1047 00:42:00,050 --> 00:42:02,269 So let me ask a little bit 1048 00:42:02,270 --> 00:42:03,270 of stuff you. 1049 00:42:06,370 --> 00:42:07,839 So spare you the Declaration of 1050 00:42:07,840 --> 00:42:09,879 Independence of Cyberspace, which as you 1051 00:42:09,880 --> 00:42:11,799 probably all know, there's an interesting 1052 00:42:11,800 --> 00:42:14,409 little note in their own identities, 1053 00:42:14,410 --> 00:42:16,329 which I think have completely been 1054 00:42:16,330 --> 00:42:18,729 invalidated by the current developments. 1055 00:42:18,730 --> 00:42:19,840 In 2011, 1056 00:42:21,160 --> 00:42:23,549 the Obama administration published 1057 00:42:23,550 --> 00:42:25,539 the National Strategy for Trusted 1058 00:42:25,540 --> 00:42:27,729 Identities in Cyberspace, enhancing 1059 00:42:27,730 --> 00:42:29,799 online choice, efficiency, security 1060 00:42:29,800 --> 00:42:30,800 and privacy. 1061 00:42:32,110 --> 00:42:34,419 What is? And the acronyms 1062 00:42:34,420 --> 00:42:35,419 and stick. 1063 00:42:35,420 --> 00:42:37,629 So if 1064 00:42:37,630 --> 00:42:39,099 you look for this, you will see and still 1065 00:42:39,100 --> 00:42:41,529 quite often, um, 1066 00:42:41,530 --> 00:42:43,299 basically. And stick is there is an 1067 00:42:43,300 --> 00:42:45,129 invitation to civil society, to 1068 00:42:45,130 --> 00:42:47,049 businesses and also to government 1069 00:42:47,050 --> 00:42:49,389 entities to engage in debate 1070 00:42:51,280 --> 00:42:53,409 on the necessities 1071 00:42:53,410 --> 00:42:56,319 and formats of implementations 1072 00:42:56,320 --> 00:42:58,449 of digital identity protocols and 1073 00:42:58,450 --> 00:42:59,450 formats. 1074 00:43:00,400 --> 00:43:02,409 In a way, I think it's a regime of the 1075 00:43:02,410 --> 00:43:03,670 responsible ization 1076 00:43:04,930 --> 00:43:07,089 of the Society for the Problem 1077 00:43:07,090 --> 00:43:09,549 of Digital Identity and delegates 1078 00:43:09,550 --> 00:43:11,769 the thorny issue away from the states 1079 00:43:11,770 --> 00:43:13,959 into the society. 1080 00:43:13,960 --> 00:43:16,089 At the same time, the 1081 00:43:16,090 --> 00:43:18,249 U.S. government, of course, 1082 00:43:18,250 --> 00:43:20,439 takes part in this debates and 1083 00:43:20,440 --> 00:43:22,119 is an important stakeholder. 1084 00:43:26,960 --> 00:43:27,980 Give me a second. 1085 00:43:36,240 --> 00:43:37,240 So. 1086 00:43:38,710 --> 00:43:40,329 Oops! This is actually not readable. 1087 00:43:41,440 --> 00:43:43,329 Sorry about that. So you see Barack 1088 00:43:43,330 --> 00:43:45,219 Obama's signature down there. 1089 00:43:45,220 --> 00:43:47,439 And the first paragraph here 1090 00:43:47,440 --> 00:43:49,749 reads, As a nation, we are addressing 1091 00:43:49,750 --> 00:43:51,429 many of the technical and policy 1092 00:43:51,430 --> 00:43:53,349 shortcomings that have led to insecurity 1093 00:43:53,350 --> 00:43:55,659 in cyberspace. Among these shortcomings 1094 00:43:55,660 --> 00:43:57,519 is the online authentication of people in 1095 00:43:57,520 --> 00:43:58,569 devices. 1096 00:43:58,570 --> 00:44:00,639 The president's Cyber Space 1097 00:44:00,640 --> 00:44:02,169 Policy review established trusted 1098 00:44:02,170 --> 00:44:04,419 identities as a cornerstone of improved 1099 00:44:04,420 --> 00:44:06,099 cyber security. 1100 00:44:06,100 --> 00:44:07,100 So the end stick 1101 00:44:09,010 --> 00:44:11,439 process is supposed 1102 00:44:11,440 --> 00:44:13,059 to solve this problem, right? 1103 00:44:14,650 --> 00:44:16,779 Furthermore, the unstick this is 1104 00:44:16,780 --> 00:44:18,879 still quotes from the same 1105 00:44:18,880 --> 00:44:21,189 document states that central 1106 00:44:21,190 --> 00:44:22,659 to the strategies of protest, a 1107 00:44:22,660 --> 00:44:23,769 conviction that the role of the 1108 00:44:23,770 --> 00:44:25,659 government and receiving the identity 1109 00:44:25,660 --> 00:44:27,849 ecosystem is critical and must 1110 00:44:27,850 --> 00:44:29,320 be carefully calibrated. 1111 00:44:30,340 --> 00:44:31,599 On the one hand, the government should 1112 00:44:31,600 --> 00:44:33,279 never over the final overregulate 1113 00:44:33,280 --> 00:44:35,229 existing and growing market for identity 1114 00:44:35,230 --> 00:44:37,059 and authentication. 1115 00:44:37,060 --> 00:44:38,649 If government were to choose a single 1116 00:44:38,650 --> 00:44:40,029 approach to develop the identity 1117 00:44:40,030 --> 00:44:42,279 ecosystem, it could inhibit innovation 1118 00:44:42,280 --> 00:44:44,199 and limit private sector opportunities. 1119 00:44:45,340 --> 00:44:46,570 So it is. 1120 00:44:47,650 --> 00:44:49,749 I read those quotes to you because this 1121 00:44:49,750 --> 00:44:52,329 is this contains 1122 00:44:52,330 --> 00:44:54,519 important policy directives 1123 00:44:54,520 --> 00:44:56,619 which differ from what the European Union 1124 00:44:56,620 --> 00:44:58,809 attempts to do, as you will see 1125 00:44:58,810 --> 00:44:59,810 in a second. 1126 00:45:00,460 --> 00:45:02,469 So it says. 1127 00:45:05,210 --> 00:45:06,919 The role of government is critical, and 1128 00:45:06,920 --> 00:45:08,779 at the same time, the government should 1129 00:45:08,780 --> 00:45:10,189 keep some sort of hands off 1130 00:45:12,710 --> 00:45:14,179 approach. 1131 00:45:14,180 --> 00:45:15,319 Furthermore, on the other hand, the 1132 00:45:15,320 --> 00:45:16,699 current market for interoperable and 1133 00:45:16,700 --> 00:45:18,319 privacy enhancing solutions remains 1134 00:45:18,320 --> 00:45:20,449 fragmented and encrypted in it, 1135 00:45:20,450 --> 00:45:22,699 and its pace of evolution does not match 1136 00:45:22,700 --> 00:45:24,169 the nation's nations meet. 1137 00:45:24,170 --> 00:45:25,549 So far, the problem statement? 1138 00:45:28,760 --> 00:45:30,949 So how should in the US 1139 00:45:30,950 --> 00:45:33,049 contexts and identity ecosystem 1140 00:45:33,050 --> 00:45:35,509 come to bear? As I showed the European 1141 00:45:35,510 --> 00:45:36,859 approach, the German approach is 1142 00:45:36,860 --> 00:45:38,929 basically to 1143 00:45:38,930 --> 00:45:41,179 create a system where the state 1144 00:45:41,180 --> 00:45:43,519 issues use some sort of 1145 00:45:43,520 --> 00:45:45,620 cryptographic credential, 1146 00:45:47,180 --> 00:45:49,489 which which enables us to offer, 1147 00:45:49,490 --> 00:45:50,959 which enables you to authenticate 1148 00:45:50,960 --> 00:45:51,960 yourself online. 1149 00:45:53,330 --> 00:45:55,699 The US, at least when 1150 00:45:55,700 --> 00:45:57,470 when one would believe this paper 1151 00:45:58,790 --> 00:46:01,009 will take a different approach. 1152 00:46:01,010 --> 00:46:03,139 Ultimately, the identity ecosystem can 1153 00:46:03,140 --> 00:46:05,059 only be designed and built by the private 1154 00:46:05,060 --> 00:46:06,060 sector. 1155 00:46:06,590 --> 00:46:08,929 So think about this for a minute. 1156 00:46:08,930 --> 00:46:10,169 What does this mean? 1157 00:46:10,170 --> 00:46:11,209 Right? 1158 00:46:11,210 --> 00:46:13,589 This means and I understand 1159 00:46:13,590 --> 00:46:16,189 I read the end stick basically 1160 00:46:16,190 --> 00:46:19,249 as an invitation in this context 1161 00:46:19,250 --> 00:46:20,269 that the U.S. 1162 00:46:20,270 --> 00:46:22,729 government encourages 1163 00:46:22,730 --> 00:46:24,259 the private sector. 1164 00:46:24,260 --> 00:46:26,569 For example, the aforementioned 1165 00:46:26,570 --> 00:46:28,819 stacks, Amazon, Apple, Google 1166 00:46:28,820 --> 00:46:31,309 and so forth to actively 1167 00:46:31,310 --> 00:46:34,069 engage in developing and 1168 00:46:34,070 --> 00:46:36,380 building an identity ecosystem. 1169 00:46:37,730 --> 00:46:39,799 The government, Fletcher said it 1170 00:46:39,800 --> 00:46:40,800 will support it 1171 00:46:41,900 --> 00:46:44,059 and ensure that the identity system 1172 00:46:44,060 --> 00:46:46,429 respects privacy and supports 1173 00:46:46,430 --> 00:46:48,319 civil liberties of the individuals. 1174 00:46:48,320 --> 00:46:49,320 And it also 1175 00:46:50,750 --> 00:46:53,569 asserts that they will implement those 1176 00:46:53,570 --> 00:46:55,909 this identity ecosystem within 1177 00:46:55,910 --> 00:46:58,039 their own institutions, 1178 00:46:58,040 --> 00:46:59,270 within their own services. 1179 00:47:03,740 --> 00:47:06,259 Currently, the debate on how 1180 00:47:06,260 --> 00:47:08,779 this ecosystem is supposed to be built 1181 00:47:08,780 --> 00:47:11,269 is mostly taking place and Identity 1182 00:47:11,270 --> 00:47:12,530 Ecosystem Steering Group, 1183 00:47:14,420 --> 00:47:16,819 which is a public private partnership. 1184 00:47:16,820 --> 00:47:18,739 And if you look at the membership list, 1185 00:47:18,740 --> 00:47:20,869 it's it's really impressive. 1186 00:47:20,870 --> 00:47:22,939 Yes, it's it's it's a 1187 00:47:22,940 --> 00:47:24,110 very, very long list. 1188 00:47:25,160 --> 00:47:26,929 And basically everybody, you would expect 1189 00:47:26,930 --> 00:47:28,999 us on there and also everybody you 1190 00:47:29,000 --> 00:47:30,799 wouldn't expect, like the American Civil 1191 00:47:30,800 --> 00:47:32,449 Liberties Union and the Electronic 1192 00:47:32,450 --> 00:47:34,129 Frontier Foundation and so forth. 1193 00:47:34,130 --> 00:47:35,239 So I'm running out of time. 1194 00:47:35,240 --> 00:47:37,429 I have to clean up. 1195 00:47:40,120 --> 00:47:41,959 Just skip through this. 1196 00:47:41,960 --> 00:47:42,960 So 1197 00:47:44,180 --> 00:47:46,699 another important point I want to 1198 00:47:46,700 --> 00:47:48,949 raise awareness to in the context of the 1199 00:47:48,950 --> 00:47:51,949 stick is there is 1200 00:47:51,950 --> 00:47:54,409 there is something interesting 1201 00:47:54,410 --> 00:47:56,449 going on in this document when it comes 1202 00:47:56,450 --> 00:47:58,849 to the question of where 1203 00:47:58,850 --> 00:48:01,189 is the identity actually generated and 1204 00:48:01,190 --> 00:48:03,829 who controls that? 1205 00:48:03,830 --> 00:48:05,449 Remember what I said in the first part 1206 00:48:05,450 --> 00:48:08,269 that nation states basically monopolized 1207 00:48:08,270 --> 00:48:10,699 the registers historically 1208 00:48:10,700 --> 00:48:12,739 and the European? 1209 00:48:12,740 --> 00:48:14,840 And the German example shows that 1210 00:48:16,730 --> 00:48:19,039 this monopolization is also taking place 1211 00:48:19,040 --> 00:48:21,679 in the context of digital identity 1212 00:48:21,680 --> 00:48:22,680 provisioning. 1213 00:48:25,820 --> 00:48:28,009 In the Antarctic, it's very hard 1214 00:48:28,010 --> 00:48:30,229 to find out what the actual role 1215 00:48:30,230 --> 00:48:32,479 of government issued identity 1216 00:48:32,480 --> 00:48:34,519 credentials like birth certificates, 1217 00:48:34,520 --> 00:48:36,049 Social Security numbers and all those 1218 00:48:36,050 --> 00:48:37,459 things would be. 1219 00:48:37,460 --> 00:48:39,559 And they talk about identity media 1220 00:48:39,560 --> 00:48:40,939 is available in many formats and so 1221 00:48:40,940 --> 00:48:42,679 forth. And then there is this 1222 00:48:44,510 --> 00:48:47,149 little footnote on Page five, 1223 00:48:47,150 --> 00:48:49,429 which basically says for sworn 1224 00:48:49,430 --> 00:48:50,899 statements transactions, you may want to 1225 00:48:50,900 --> 00:48:52,309 know their true identity. 1226 00:48:53,510 --> 00:48:56,779 No, no. What is the true identity? 1227 00:48:56,780 --> 00:48:58,459 If you look into this document, you won't 1228 00:48:58,460 --> 00:49:00,709 find any definition of true identity. 1229 00:49:00,710 --> 00:49:02,779 You will find all kinds of crypto lingo, 1230 00:49:02,780 --> 00:49:03,979 which is really interesting. 1231 00:49:03,980 --> 00:49:05,599 And it's worthwhile reading because you 1232 00:49:05,600 --> 00:49:07,819 get a very, you know, plain 1233 00:49:07,820 --> 00:49:09,319 explanation of, you know, what 1234 00:49:09,320 --> 00:49:11,599 credentials are and non-personal 1235 00:49:11,600 --> 00:49:13,099 entities and so forth. 1236 00:49:13,100 --> 00:49:14,869 But here there is true identity. 1237 00:49:14,870 --> 00:49:15,870 So what? 1238 00:49:16,890 --> 00:49:18,949 What might that be? 1239 00:49:18,950 --> 00:49:20,539 On Page Eight, it says the threat of a 1240 00:49:20,540 --> 00:49:21,739 strategy and is important. 1241 00:49:21,740 --> 00:49:23,359 Fido belief does not exploit. 1242 00:49:23,360 --> 00:49:24,829 Not sorry. 1243 00:49:29,850 --> 00:49:31,709 Does not explicitly address identity and 1244 00:49:31,710 --> 00:49:33,899 trust issues in the offline world. 1245 00:49:33,900 --> 00:49:35,699 However, offline online identity 1246 00:49:35,700 --> 00:49:37,529 solutions can and should complement each 1247 00:49:37,530 --> 00:49:39,929 other identity proofing, 1248 00:49:39,930 --> 00:49:41,579 verifying the identity of an individual 1249 00:49:41,580 --> 00:49:42,719 and the quality of identity. 1250 00:49:42,720 --> 00:49:45,119 Source documents have a profound impact 1251 00:49:45,120 --> 00:49:46,979 on establishing trusted identities. 1252 00:49:48,210 --> 00:49:50,070 What are identity? 1253 00:49:52,980 --> 00:49:54,269 Give me a second identity source 1254 00:49:54,270 --> 00:49:55,679 documents. 1255 00:49:55,680 --> 00:49:57,749 Again, just like two identities, 1256 00:49:57,750 --> 00:50:00,509 this is not defined within the unstick 1257 00:50:00,510 --> 00:50:02,979 documents, I haven't found any definition 1258 00:50:02,980 --> 00:50:05,159 there. Some online debates about this, 1259 00:50:05,160 --> 00:50:07,319 which is interesting, but 1260 00:50:07,320 --> 00:50:09,569 I believe what this 1261 00:50:09,570 --> 00:50:11,849 actually means is that the government 1262 00:50:11,850 --> 00:50:14,129 says, and it's totally 1263 00:50:14,130 --> 00:50:15,839 logical to say that I don't want really 1264 00:50:15,840 --> 00:50:16,829 scandalize it. 1265 00:50:16,830 --> 00:50:18,809 What I want to scandalize is that this is 1266 00:50:18,810 --> 00:50:21,029 not debated in the open, as it should 1267 00:50:21,030 --> 00:50:23,489 be, that the government 1268 00:50:23,490 --> 00:50:25,949 basically remains 1269 00:50:27,870 --> 00:50:30,029 the entity which will issue the 1270 00:50:30,030 --> 00:50:32,219 source documents for true identities. 1271 00:50:32,220 --> 00:50:35,369 Right. Which would keep the registers 1272 00:50:35,370 --> 00:50:37,349 and those source documents might be birth 1273 00:50:37,350 --> 00:50:39,099 certificates or something similar. 1274 00:50:39,100 --> 00:50:40,100 Right. 1275 00:50:40,830 --> 00:50:43,499 All the stick in a way does is 1276 00:50:43,500 --> 00:50:45,779 to invite the interested public 1277 00:50:45,780 --> 00:50:48,659 in a debate, how to render 1278 00:50:48,660 --> 00:50:50,909 digital credentials on the base 1279 00:50:50,910 --> 00:50:53,069 of the source documents, and how 1280 00:50:53,070 --> 00:50:55,769 to how to generate 1281 00:50:55,770 --> 00:50:57,420 an identity ecosystem 1282 00:50:58,530 --> 00:51:00,629 that makes both authentication and 1283 00:51:00,630 --> 00:51:02,049 privacy possible. 1284 00:51:02,050 --> 00:51:03,089 Right. 1285 00:51:03,090 --> 00:51:05,639 So in a way, if you think, 1286 00:51:05,640 --> 00:51:07,769 uh, think about it in 1287 00:51:07,770 --> 00:51:09,629 the context of crypto lingo, the state 1288 00:51:09,630 --> 00:51:12,539 remains the root entity that provides 1289 00:51:12,540 --> 00:51:14,070 the initial authentication 1290 00:51:15,120 --> 00:51:17,669 on on which basis to all other 1291 00:51:17,670 --> 00:51:20,549 follow ups of authentication 1292 00:51:20,550 --> 00:51:21,550 should take place. 1293 00:51:22,440 --> 00:51:23,999 OK, we're almost out of time. 1294 00:51:24,000 --> 00:51:26,249 Just let me jump to Europe. 1295 00:51:26,250 --> 00:51:28,869 European Union third wave. 1296 00:51:28,870 --> 00:51:31,139 Um um. 1297 00:51:32,340 --> 00:51:33,869 The indicator that the third wave is 1298 00:51:33,870 --> 00:51:35,580 happening in the European Union is the 1299 00:51:36,840 --> 00:51:38,549 proposal for a regulation of the European 1300 00:51:38,550 --> 00:51:39,550 Parliament. 1301 00:51:40,410 --> 00:51:41,410 Forget it 1302 00:51:42,630 --> 00:51:45,029 of electronic identification 1303 00:51:45,030 --> 00:51:46,619 and trust services for electronic 1304 00:51:46,620 --> 00:51:48,449 transactions in the internal market. 1305 00:51:49,680 --> 00:51:52,049 Um, so the European Commission basically 1306 00:51:52,050 --> 00:51:53,050 2012 1307 00:51:54,360 --> 00:51:56,579 floated this document and started 1308 00:51:56,580 --> 00:51:59,819 to engage in a discussion of how to unify 1309 00:51:59,820 --> 00:52:02,219 the existing many electronic 1310 00:52:02,220 --> 00:52:04,049 identification systems of the member 1311 00:52:04,050 --> 00:52:05,099 states. 1312 00:52:05,100 --> 00:52:07,049 As I showed you, Germany has a really 1313 00:52:07,050 --> 00:52:09,569 ambitious and fairly sophisticated 1314 00:52:09,570 --> 00:52:11,699 ID card system, electronic health 1315 00:52:11,700 --> 00:52:13,349 care card and so forth. 1316 00:52:13,350 --> 00:52:16,199 Other European member states 1317 00:52:16,200 --> 00:52:18,359 have similar systems like France, 1318 00:52:18,360 --> 00:52:19,360 Austria 1319 00:52:20,430 --> 00:52:22,530 and most of the Scandinavian countries. 1320 00:52:23,580 --> 00:52:25,679 The current situation is that 1321 00:52:25,680 --> 00:52:28,079 this, um 1322 00:52:28,080 --> 00:52:30,179 uh, that these systems are completely 1323 00:52:30,180 --> 00:52:32,129 incompetent or mostly incompatible, 1324 00:52:33,450 --> 00:52:35,820 and especially not, um 1325 00:52:37,170 --> 00:52:38,609 are not facilitating 1326 00:52:39,780 --> 00:52:41,879 Inter European digital transaction 1327 00:52:41,880 --> 00:52:44,729 based on the identity, uh, 1328 00:52:44,730 --> 00:52:47,339 provisions these systems give. 1329 00:52:47,340 --> 00:52:49,499 So what? 1330 00:52:49,500 --> 00:52:52,589 Com Thirty eight to thirty eight tries 1331 00:52:52,590 --> 00:52:54,719 to achieve is a 1332 00:52:54,720 --> 00:52:57,119 harmonization of the 1333 00:52:57,120 --> 00:52:59,279 yes is a harmonization of the 1334 00:52:59,280 --> 00:53:02,219 existing identity systems 1335 00:53:02,220 --> 00:53:04,379 of the applicable laws and to 1336 00:53:04,380 --> 00:53:06,509 force member states to make 1337 00:53:06,510 --> 00:53:08,939 two systems compatible compatible. 1338 00:53:08,940 --> 00:53:11,099 It does not mandate that member states 1339 00:53:11,100 --> 00:53:13,289 actually implement their digital 1340 00:53:13,290 --> 00:53:14,909 identity system. 1341 00:53:14,910 --> 00:53:17,279 So the European Commission 1342 00:53:17,280 --> 00:53:19,079 does not say to some country that doesn't 1343 00:53:19,080 --> 00:53:20,969 have a system like that, you need this 1344 00:53:20,970 --> 00:53:23,159 right? It just says if you have 1345 00:53:23,160 --> 00:53:25,769 a system or if you start to build up 1346 00:53:25,770 --> 00:53:27,839 Electronic Identity System, 1347 00:53:27,840 --> 00:53:30,569 it needs to be compatible with 1348 00:53:30,570 --> 00:53:33,449 the other European systems. 1349 00:53:33,450 --> 00:53:36,419 Um, and of course, there's an important 1350 00:53:36,420 --> 00:53:37,920 industry policy 1351 00:53:40,050 --> 00:53:42,539 aspect to this because 1352 00:53:42,540 --> 00:53:44,759 this is a market of 400 million people 1353 00:53:44,760 --> 00:53:46,079 and is quite some 1354 00:53:47,190 --> 00:53:49,799 businesses in the European 1355 00:53:49,800 --> 00:53:52,019 Union, which compete to 1356 00:53:52,020 --> 00:53:54,359 provide the services and into necessary 1357 00:53:54,360 --> 00:53:55,360 hardware. 1358 00:53:56,670 --> 00:53:58,439 OK, I have to stop here, I guess, and I 1359 00:53:58,440 --> 00:54:00,899 will take questions 1360 00:54:00,900 --> 00:54:03,819 now. I can talk a little bit more about 1361 00:54:03,820 --> 00:54:05,999 2:38, if you like, 1362 00:54:06,000 --> 00:54:08,219 but so far there is 1363 00:54:08,220 --> 00:54:10,499 not much really interesting in there, 1364 00:54:10,500 --> 00:54:13,019 except that the security 1365 00:54:13,020 --> 00:54:15,089 level that, for example, the German 1366 00:54:15,090 --> 00:54:17,849 system would provide, uh, 1367 00:54:17,850 --> 00:54:19,349 would not be, 1368 00:54:20,610 --> 00:54:22,680 uh, would not be maintained 1369 00:54:24,180 --> 00:54:25,979 if this commission would not be 1370 00:54:25,980 --> 00:54:26,909 maintainable. 1371 00:54:26,910 --> 00:54:28,649 If this commission proposal would come to 1372 00:54:28,650 --> 00:54:31,079 bear, they would actually lower 1373 00:54:31,080 --> 00:54:33,509 the security level 1374 00:54:33,510 --> 00:54:34,679 there. Thank you. 1375 00:54:41,860 --> 00:54:43,449 Oh, thank you. 1376 00:54:43,450 --> 00:54:45,969 Christopher Engelman, OK. 1377 00:54:45,970 --> 00:54:48,309 We have now, I guess, about five minutes 1378 00:54:48,310 --> 00:54:50,379 for Q&A, 1379 00:54:50,380 --> 00:54:52,359 so there are some people already standing 1380 00:54:52,360 --> 00:54:53,769 on the microphones. 1381 00:54:53,770 --> 00:54:55,749 And are there some questions from the 1382 00:54:55,750 --> 00:54:56,769 internet? 1383 00:54:56,770 --> 00:54:58,449 There are no questions from the internet. 1384 00:54:58,450 --> 00:55:01,179 So stream what are you doing? 1385 00:55:01,180 --> 00:55:02,180 OK. 1386 00:55:02,710 --> 00:55:05,229 I think we will start with microphone two 1387 00:55:05,230 --> 00:55:07,389 because you stand there the most time. 1388 00:55:07,390 --> 00:55:08,949 Yeah, thank you. 1389 00:55:08,950 --> 00:55:10,339 Thanks for the interesting talk. 1390 00:55:10,340 --> 00:55:12,060 I just had a comment about instead. 1391 00:55:13,240 --> 00:55:15,159 So I do understand the reason why they 1392 00:55:15,160 --> 00:55:16,389 created it that way. 1393 00:55:17,590 --> 00:55:20,289 It was when the person was appointed 1394 00:55:20,290 --> 00:55:22,449 to work on this stick. 1395 00:55:22,450 --> 00:55:24,579 He he had no experience in 1396 00:55:24,580 --> 00:55:26,889 India's identity management space, 1397 00:55:26,890 --> 00:55:29,349 and the whole work was delegated to Nest. 1398 00:55:29,350 --> 00:55:31,629 Yes. And the nice guys. 1399 00:55:31,630 --> 00:55:33,189 However, at that time they had a project 1400 00:55:33,190 --> 00:55:35,649 on going on smart grid 1401 00:55:35,650 --> 00:55:37,749 and that was supposed to be considered 1402 00:55:37,750 --> 00:55:39,759 to be a very successful effort. 1403 00:55:39,760 --> 00:55:42,699 And so they had this notion of private 1404 00:55:42,700 --> 00:55:44,439 public partnership, which was then later 1405 00:55:44,440 --> 00:55:46,719 copied into the European Commission 1406 00:55:46,720 --> 00:55:48,369 in various other efforts. 1407 00:55:48,370 --> 00:55:50,439 And they looked at talk 1408 00:55:50,440 --> 00:55:52,809 to those guys and then found out that 1409 00:55:52,810 --> 00:55:55,089 they actually in they had guys who 1410 00:55:55,090 --> 00:55:57,189 worked on, developed, 1411 00:55:57,190 --> 00:55:58,819 wrote the specification for the public 1412 00:55:58,820 --> 00:56:00,909 key infrastructure theme park in 1413 00:56:00,910 --> 00:56:03,129 particular, and here to understand some 1414 00:56:03,130 --> 00:56:04,409 of the terms that you highlighted. 1415 00:56:04,410 --> 00:56:06,489 This are true identity layers 1416 00:56:06,490 --> 00:56:08,619 of assurances, identity proving. 1417 00:56:08,620 --> 00:56:10,509 There's actually a document that theme 1418 00:56:10,510 --> 00:56:12,759 park had written in the 1419 00:56:12,760 --> 00:56:15,579 special publication 863. 1420 00:56:15,580 --> 00:56:17,259 And that explains what some of those 1421 00:56:17,260 --> 00:56:18,219 terms mean. 1422 00:56:18,220 --> 00:56:20,799 And it also explains 1423 00:56:20,800 --> 00:56:22,119 what the role of the government is in 1424 00:56:22,120 --> 00:56:23,139 that space. 1425 00:56:23,140 --> 00:56:25,179 And what it's supposed to be doing is to 1426 00:56:25,180 --> 00:56:27,429 create policy documents 1427 00:56:27,430 --> 00:56:29,499 that explain what you have to do 1428 00:56:29,500 --> 00:56:31,719 at the specific levels of assurance, 1429 00:56:31,720 --> 00:56:33,010 different security levels 1430 00:56:34,030 --> 00:56:35,739 to fulfill the needs of the government 1431 00:56:35,740 --> 00:56:37,539 for specific applications. 1432 00:56:37,540 --> 00:56:40,149 And so while that's all great, 1433 00:56:40,150 --> 00:56:41,829 it's a great idea and also sounds 1434 00:56:41,830 --> 00:56:43,569 possible given that you have two identity 1435 00:56:43,570 --> 00:56:45,369 providers already in the U.S. 1436 00:56:45,370 --> 00:56:47,619 established, which doesn't exist in 1437 00:56:47,620 --> 00:56:49,269 Europe to the same extent. 1438 00:56:50,980 --> 00:56:53,319 So far, it had failed to, even 1439 00:56:53,320 --> 00:56:54,339 for the U.S. 1440 00:56:54,340 --> 00:56:56,679 government as a consumer to actually 1441 00:56:56,680 --> 00:56:58,269 make use of their own technology. 1442 00:56:58,270 --> 00:56:59,949 They had been coming up because there are 1443 00:56:59,950 --> 00:57:02,079 already policies available for 1444 00:57:02,080 --> 00:57:04,059 themselves as customers. 1445 00:57:04,060 --> 00:57:06,249 And to my knowledge, none of those had 1446 00:57:06,250 --> 00:57:08,349 been so 1447 00:57:08,350 --> 00:57:09,699 far in use 1448 00:57:09,700 --> 00:57:11,989 in what was the last part. 1449 00:57:11,990 --> 00:57:14,139 So none of those are sort of these 1450 00:57:14,140 --> 00:57:16,269 trust frameworks and the technologies 1451 00:57:16,270 --> 00:57:18,069 they had come up for themselves. 1452 00:57:18,070 --> 00:57:20,679 Not talking about for the citizens 1453 00:57:20,680 --> 00:57:23,049 like for themselves less as US 1454 00:57:23,050 --> 00:57:24,189 government within their own 1455 00:57:24,190 --> 00:57:26,019 infrastructure, within their own 1456 00:57:26,020 --> 00:57:27,020 procurement processes, 1457 00:57:28,150 --> 00:57:29,709 even the deployment prior to that, the 1458 00:57:29,710 --> 00:57:30,969 public key infrastructure they had 1459 00:57:30,970 --> 00:57:33,079 created, which was one of the largest in 1460 00:57:33,080 --> 00:57:35,919 the world they hadn't 1461 00:57:35,920 --> 00:57:37,899 ever took a very long time and had been 1462 00:57:37,900 --> 00:57:39,149 very complicated. 1463 00:57:39,150 --> 00:57:39,789 Mm-Hmm. 1464 00:57:39,790 --> 00:57:40,790 Thank you. 1465 00:57:42,040 --> 00:57:43,989 I'd like to talk to you after after the 1466 00:57:43,990 --> 00:57:46,659 Q&A and thinks so. 1467 00:57:46,660 --> 00:57:47,660 Okay, thank you. 1468 00:57:49,000 --> 00:57:51,219 It would be great if you have some, 1469 00:57:51,220 --> 00:57:53,139 some shorter questions, please. 1470 00:57:53,140 --> 00:57:55,209 So because we have not that much time, 1471 00:57:55,210 --> 00:57:56,919 so I guess three minutes left. 1472 00:57:56,920 --> 00:57:59,109 So but if you can 1473 00:57:59,110 --> 00:58:01,389 ask your questions here, I guess you 1474 00:58:01,390 --> 00:58:03,129 will have a discussion later. 1475 00:58:03,130 --> 00:58:05,199 Over there? I guess so. 1476 00:58:05,200 --> 00:58:06,200 Microphone one, please. 1477 00:58:07,330 --> 00:58:09,399 Thank you. I think one thing that 1478 00:58:09,400 --> 00:58:11,559 is very important to to 1479 00:58:11,560 --> 00:58:13,899 see the difference is that 1480 00:58:13,900 --> 00:58:14,979 when someone makes 1481 00:58:17,110 --> 00:58:19,059 activity in the web, it's not the 1482 00:58:19,060 --> 00:58:20,409 identity that makes this. 1483 00:58:20,410 --> 00:58:22,629 It's the person who holds the card 1484 00:58:22,630 --> 00:58:24,189 to this identity. 1485 00:58:24,190 --> 00:58:26,439 So it's not a direct a direct 1486 00:58:26,440 --> 00:58:28,659 link to a person, which is which cannot 1487 00:58:28,660 --> 00:58:29,709 be changed. 1488 00:58:29,710 --> 00:58:31,929 And I think we should we should 1489 00:58:31,930 --> 00:58:34,029 keep in mind that it's not OK, that 1490 00:58:34,030 --> 00:58:36,309 it's not a good idea to 1491 00:58:36,310 --> 00:58:38,589 chip an individual from 1492 00:58:38,590 --> 00:58:40,149 birth to death with the number. 1493 00:58:40,150 --> 00:58:42,009 I think that there was activities in the 1494 00:58:42,010 --> 00:58:44,209 past in our history from 1495 00:58:44,210 --> 00:58:46,359 a very bad regime that we saw 1496 00:58:46,360 --> 00:58:48,429 that it is bad, but results of 1497 00:58:48,430 --> 00:58:50,949 doing this. So perhaps 1498 00:58:50,950 --> 00:58:53,199 how do you think about making 1499 00:58:53,200 --> 00:58:55,629 these kind of identity more 1500 00:58:55,630 --> 00:58:56,719 temporary thing? 1501 00:58:56,720 --> 00:58:58,779 So like when I need a taxi, I 1502 00:58:58,780 --> 00:59:00,549 call a taxi and I get a taxi for a 1503 00:59:00,550 --> 00:59:02,739 temporary time and I give it back them. 1504 00:59:02,740 --> 00:59:03,790 So when I need that 1505 00:59:04,810 --> 00:59:06,219 identity I.D. 1506 00:59:06,220 --> 00:59:08,379 for internet transaction, I can go 1507 00:59:08,380 --> 00:59:10,509 and get some more temporary time, and 1508 00:59:10,510 --> 00:59:12,269 then it expires. 1509 00:59:12,270 --> 00:59:14,229 But what do you think about such ideas 1510 00:59:14,230 --> 00:59:16,899 that such an idea does not 1511 00:59:16,900 --> 00:59:18,279 last for the whole life? 1512 00:59:18,280 --> 00:59:20,289 It's just for a temporary time? 1513 00:59:21,820 --> 00:59:22,820 Yes. 1514 00:59:23,680 --> 00:59:25,809 Well, in no way I wanted 1515 00:59:25,810 --> 00:59:27,519 to sound affirmative of everything that 1516 00:59:27,520 --> 00:59:29,439 is happening. That is was rather meant as 1517 00:59:29,440 --> 00:59:31,210 a description, on the other hand. 1518 00:59:32,950 --> 00:59:34,929 Governments have this idea of life 1519 00:59:34,930 --> 00:59:37,389 courses and of 1520 00:59:37,390 --> 00:59:40,419 the necessity of a lifelong 1521 00:59:40,420 --> 00:59:41,919 viability. Of an address of an 1522 00:59:41,920 --> 00:59:44,019 individual, which 1523 00:59:44,020 --> 00:59:45,969 even more is even more important if you 1524 00:59:45,970 --> 00:59:47,619 have a welfare state which actually 1525 00:59:47,620 --> 00:59:49,869 supports the life, biological 1526 00:59:49,870 --> 00:59:51,789 well-being and so forth of an individual. 1527 00:59:53,290 --> 00:59:55,539 So creating temporary 1528 00:59:55,540 --> 00:59:57,909 identity identities is 1529 00:59:57,910 --> 01:00:01,009 in a government context, not feasible. 1530 01:00:01,010 --> 01:00:03,219 And how to solve 1531 01:00:03,220 --> 01:00:05,499 this problem of, 1532 01:00:05,500 --> 01:00:06,500 on the one hand, 1533 01:00:07,600 --> 01:00:09,609 the desire to have temporary identities 1534 01:00:09,610 --> 01:00:11,859 and not have a fixed identity and 1535 01:00:11,860 --> 01:00:14,229 governments needing that, that's 1536 01:00:14,230 --> 01:00:15,230 difficult. 1537 01:00:17,010 --> 01:00:19,169 OK, so I guess one 1538 01:00:19,170 --> 01:00:21,419 last very short question, 1539 01:00:21,420 --> 01:00:23,309 and then please have a discussion later, 1540 01:00:23,310 --> 01:00:25,679 so we're out of time, actually 1541 01:00:25,680 --> 01:00:26,969 trust me on this one. 1542 01:00:26,970 --> 01:00:28,059 Oh, OK. 1543 01:00:28,060 --> 01:00:29,339 Yeah, you want to hear this one? 1544 01:00:29,340 --> 01:00:31,409 So first, Amos statics, 1545 01:00:31,410 --> 01:00:32,819 Can somebody verify me? 1546 01:00:32,820 --> 01:00:33,929 Yes. OK, good. 1547 01:00:33,930 --> 01:00:34,930 Thank you. 1548 01:00:35,430 --> 01:00:37,349 I say this because I believe I'm the 1549 01:00:37,350 --> 01:00:39,419 first pseudonymous member of the 1550 01:00:39,420 --> 01:00:41,519 Instigator ESG Group, 1551 01:00:41,520 --> 01:00:43,739 which has created a number of interesting 1552 01:00:43,740 --> 01:00:44,999 discussions within that group, 1553 01:00:46,320 --> 01:00:48,119 by the way, regarding the first part of 1554 01:00:48,120 --> 01:00:50,549 the talk with regards 1555 01:00:50,550 --> 01:00:52,079 to the American perspective. 1556 01:00:52,080 --> 01:00:53,759 One of the key differences between Europe 1557 01:00:53,760 --> 01:00:55,799 and America is that the United States 1558 01:00:55,800 --> 01:00:57,509 does not have a national I.D. 1559 01:00:57,510 --> 01:00:59,609 and this has led to some of 1560 01:00:59,610 --> 01:01:01,349 the confusion within that truth. 1561 01:01:01,350 --> 01:01:03,359 And it's also worth noting that the whole 1562 01:01:03,360 --> 01:01:05,579 true idea your true name thing has 1563 01:01:05,580 --> 01:01:07,829 been a major topic of discussion, 1564 01:01:07,830 --> 01:01:09,929 which leads to the question I want to ask 1565 01:01:09,930 --> 01:01:11,999 right now or within a 1566 01:01:12,000 --> 01:01:12,969 year she announced it. 1567 01:01:12,970 --> 01:01:15,629 We were doing a lot of discussion on it 1568 01:01:15,630 --> 01:01:18,029 terminology and taxonomy, 1569 01:01:18,030 --> 01:01:19,649 and I was wondering if you had any 1570 01:01:19,650 --> 01:01:21,779 pointers or if there was a list of things 1571 01:01:21,780 --> 01:01:23,729 that we could possibly learn from to 1572 01:01:23,730 --> 01:01:24,730 collaborate with. 1573 01:01:25,710 --> 01:01:27,059 So thank you very much for the talk. 1574 01:01:27,060 --> 01:01:28,439 Thank you. 1575 01:01:28,440 --> 01:01:30,659 From the top of my head. But maybe talk 1576 01:01:30,660 --> 01:01:31,860 later in. I think about it. 1577 01:01:33,220 --> 01:01:34,539 Listen. 1578 01:01:34,540 --> 01:01:36,190 Yeah. Well, just the short question. 1579 01:01:38,290 --> 01:01:39,849 OK. Come on. 1580 01:01:39,850 --> 01:01:41,939 There's just too much identity could be 1581 01:01:41,940 --> 01:01:44,199 a for privacy, but 1582 01:01:44,200 --> 01:01:46,269 you're creating, I think, a class of 1583 01:01:46,270 --> 01:01:47,919 hunter mentioned who don't have an 1584 01:01:47,920 --> 01:01:49,899 identity and don't get to get an identity 1585 01:01:49,900 --> 01:01:51,549 card, they are almost out at. 1586 01:01:51,550 --> 01:01:53,529 Some citizen analysis will not give 1587 01:01:53,530 --> 01:01:55,509 Social Security numbers to Bulgarians or 1588 01:01:55,510 --> 01:01:57,759 Romanians who don't have decent housing, 1589 01:01:57,760 --> 01:01:59,389 so they won't be allowed to pay taxes. 1590 01:01:59,390 --> 01:02:01,149 Yes, strangely. 1591 01:02:01,150 --> 01:02:02,559 Have you comment on that? 1592 01:02:02,560 --> 01:02:04,629 Well, of course, the 1593 01:02:04,630 --> 01:02:07,419 like every identity infrastructure, 1594 01:02:07,420 --> 01:02:09,879 if it's paper based or digitally, 1595 01:02:09,880 --> 01:02:12,639 is a system that differentiates 1596 01:02:12,640 --> 01:02:14,799 between people who are part of 1597 01:02:14,800 --> 01:02:17,259 the system and people who are outside. 1598 01:02:17,260 --> 01:02:19,359 And in the context of paper based 1599 01:02:19,360 --> 01:02:21,159 identities, there's this notional sop up 1600 01:02:21,160 --> 01:02:23,949 here of people without paper identities. 1601 01:02:23,950 --> 01:02:24,950 They 1602 01:02:27,760 --> 01:02:30,399 foolishly admit refugees. 1603 01:02:30,400 --> 01:02:31,400 Thank you 1604 01:02:32,920 --> 01:02:34,989 who have a hard time living their 1605 01:02:34,990 --> 01:02:37,389 lives and managing because 1606 01:02:37,390 --> 01:02:39,730 they are without papers and. 1607 01:02:41,550 --> 01:02:44,729 What some or saw signature? 1608 01:02:44,730 --> 01:02:46,769 Well, if you want to call it would mean a 1609 01:02:46,770 --> 01:02:48,709 digital context. 1610 01:02:48,710 --> 01:02:51,119 It's interesting and 1611 01:02:51,120 --> 01:02:53,069 also very scary question we need to think 1612 01:02:53,070 --> 01:02:54,070 about. 1613 01:02:56,200 --> 01:02:58,449 OK, thank you. So give them a last warm 1614 01:02:58,450 --> 01:02:59,450 applause.