Trust – a Tale of Two Worlds – part 3.

by | Jun 27, 2017 | IDI

Trust frameworks.

Enter the trust framework – the digital version of a social contract.

The trust framework is an online document that publishes the tools and rules together with an assessment and enforcement infrastructure that operationalizes them. In most cases the document serves as a new type of contract that legally binds the members of the trust community to the policies. In this fashion, a trust framework operates on a much higher level than site-specific privacy policies or TOS (terms-of-service)”as described in my previous post. At the core of any framework is the concept of identity.

The American Bar Association (ABA) defines a trust framework as follows:

A Trust Framework is the governance structure for a specific identity system consisting of:

  • the Technical and Operational Specifications that have been developed –
    • to define requirements for the proper operation of the identity system (i.e., so that it works),
    • to define the roles and operational responsibilities of participants, and
    • to provide adequate assurance regarding the accuracy, integrity, privacy and security of its processes and data (i.e., so that it is trustworthy); and
  • the Legal Rules that govern the identity system and that —
    • regulate the content of the Technical and Operational Specifications,
    • make the Technical and Operational Specifications legally binding on and enforceable against the participants, and
    • define and govern the legal rights, responsibilities, and liabilities of the participants of the identity system.

Several have been produced covering social, government, health, and financial exchanges within specific networks.  I previously contributed to the Respect Trust Framework http://oixnet.org/registry/respect-network/ where the conditions of network participation are defined. It is written in terms of equal peers not users and applications and every member of the network agrees to comply with the framework. The trust framework is a digital form of social contract that can be enforced for every transaction that occurs in the network.

But the trust framework outlines technical and operational specifications and legal rules, not how trust can be quantified.  The next post starts that effort.