I asked Scott David from K&L Gates to share his answer to Why should attorneys attend IIW?
The Internet Identity Workshop (the “IIW”) offers attorneys an opportunity to be involved first hand in discussions with representatives of companies, government entities and community groups working to develop an “identity” layer for the internet (and related networked data and information systems).
The identity layer can help to provide legal “scaffolding” for the exponentially growing, and increasingly valuable, data and information “pile” that does not currently enjoy the benefits of a comprehensive legal structure.
In order to further normalize and regularize the trillions of identity/attribute-dependent interactions that occur daily (aggregating email, social networking, search, and voice communications) across multiple platforms, in different industries and different legal jurisdictions, the development of standardized technology tools and legal rules is critical to the development of systems that handle information for the three main user groups. These include those stakeholders in commercial markets, social communities and political governance structures that use networked information
IIW is one place that the discussion is taking place among technologists, policy and management folks and attorneys; working together to build data/identity infrastructure to serve these emerging needs.
Why is an identity layer important to lawyers?
Even though “identity” is not taught as a separate subject in law school, and law firms don’t yet maintain “identity law” groups, the identity of individuals, legal persons (such as corporations, LLCs, etc.) and their representatives, and property (both tangible and intangible) is tightly bound up with nearly every concept in law. Examples include the obvious “signature” issues, but also a host of other evidence issues, liability issues, ownership and possession issues, legal capacity, civil liberties, legal duties and a variety of other issues.
Issues of “identity” are sufficiently important that formalized legal processes and documentation protocols have been developed over centuries to memorialize and document “identity” for traditional, offline interactions and commercial transactions.
What has changed?
The internet mediates interactions and commercial transactions between remote parties by carrying data that provides relevant information that has value to such parties in those settings. Participants in such interactions and commercial transactions rely on the veracity, reliability and predictability of that online intermediation as a substitute for the traditional cues (including formal legal identity processes) upon which they have come to depend, and around which they have structured their respective commercial, governmental and social practices, but which are not available “online.”
The quality of the online intermediation offered by the combined efforts of the technology, and the individuals and the institutions that “host” online interactions has legal implications for both the interaction participants and for the online “inter-mediators.”
What is missing?
Unfortunately, there is currently no comprehensive, internet-scale set of standardized rules and laws to give users and providers of online data “inter-mediation” services guidance as to their respective duties relating to the handling of data and information. The reason for the “gap” is that, due to networking and processing advances, data and information (including “personal information” and other identity-related information) has very rapidly become significantly more valuable throughout the economy
Groups typically create formal laws to address transactions in things that they value (monetary and otherwise). The pace of technology change (and in particular those technologies that enable the networking of devices that collect and process data) has created a situation where a increasingly valuable asset, networked data, has value, but its users (including both service providers and individual and business users) suffer the consequences of an underdeveloped legal structure for managing that resource.
The role of law in managing commonly-used data resources
Because the resource is broadly networked, it is available to a variety of different users, each of which desires to access the resource for typically legal and appropriate purposes. Sometimes, however, different users’ interests can come into conflict. In these situations it can be helpful (and is likely necessary) to establish formal legal rules to document the balancing and resolution of the parties’ respective interests. This documentation can “normalize” the use of the resource to the benefit of all users.
From the legal perspective, the current challenges of “privacy,” “security,” and “un certain liability” can all be viewed as symptoms of an under-developed legal structure for data and information. Those symptoms can be alleviated by developing the legal structure through standard contracts and supportive laws to structure mutual, enforceable legal rights and duties.
Communities, Markets, and Governance Structures are three names for “network effect”
The under-developed legal structure reflects a classic “pre-market” situation. The underdeveloped markets include related markets for data, data rights and data transfer (communication) services. The development of the “market” is not just about commercialization, it is more broadly about standardizing the rules of “exchange and transfer” of data, which will help to address the needs of users in the social and governmental contexts as well.
The legal structures for the “market” are, of course, not entirely underdeveloped. There is a robust advertising market that relies on the data resource. In addition, laws in several jurisdictions establish certain duties for data handlers and online transaction “inter-mediators,” which affect the manner in which selected stakeholders in those markets handle data.
Importantly, these initial areas of greater development demonstrate the potential value of networked data. In addition, the monetization of that value (currently through advertising and other uses) helps to fund innovation and, much like advertising on network television, pays for the “programming;” which in the case of the internet is a host of no-additional charge services.
Notwithstanding the mature state of existing markets, none of the legal structures currently in place (whether contractual or statutory) has been directed toward offering comprehensive solutions that balance the interests of all parties involved in those transactions into a sustainable, reliable, predictable and interoperable data infrastructure.
What are the benefits of standardized legal infrastructure
Standardized, normalized, reliable identity functionality will offer greater certainty to internet stakeholders whether they are using the common pooled information resource for commercial purposes in markets, in social setting with online communities or in political contexts with online governance structures.
Once that reliable identity layer is established, it can support the identification and authorization aspects of a variety of online and offline transactions that depend on the internet. In this way, it can serve as the scalable, interoperable, infrastructure; a virtual “information infrastructure” for the exponentially increasing “pile” of intangible assets currently referred to as “data.”
Is the identity layer just about individuals?
The identity layer can function to provide certainty about the identity of other individuals, entities and even things that are increasingly connected to one another online. Businesses, governments and individuals depend on reliable, predictable methods to confirm identity. The issue arises in any context where an agency or other representative relationship is present (including employment settings, fiduciary arrangements, trusts, financial transactions, etc.). A very substantial part of both transactional, litigation and regulatory practices are dependent on how systems support and document identity. Identity issues are relevant in the construction and enforcement of legal duties, the evaluation of breaches, issues of causation and ultimate liability for damages.
The “un-conference” format
The attendee-guided format, while initially unfamiliar to those used to standard “classroom” CLEs, has the advantage of allowing the “experts” in attendance from various fields to work together to dynamically set the agenda based on the latest developments affecting the area. Discussions are often influenced by industry news released during the meetings.
The open format helps to expose attendees to issues and solutions from various related sub-fields of legal, policy, management and technology. That broad exposure typically provides attendees with greater insight into solutions for the challenges that they face back at the office and more energized to explore the legal implications of this burgeoning market. Most attendees watch their in-box for the invitation to the next IIW.