Privacy-Respecting Identity for Artists and Musicians

Interesting new survey of a variety of current decentralized ID architectures / experiments: [Who Watches the Watchmen?
A Review of Subjective Approaches for Sybil-resistance in Proof of
Personhood Protocols] (https://arxiv.org/ftp/arxiv/papers/2008/2008.05300.pdf)

Intuitively, I think I’m attracted to BrightID’s community participation model.

Personally I have a desire for multiple pseudonyms with varying degrees of identifiability depending on virtual location (community) and function. (Multiple votes would be inappropriate in many governance applications, for example… Although perhaps with fractionalization of a vote across pseudonyms…?)

Anyway, seemed like a tasty survey of current work. Well cited.

1 Like

Some nice correspondence there with what we are proposing and pitching right now as one of our use cases - a ‘Know Your Co-Operator’ ritual to issue a verifiable credential… the metaphor being a ‘badge’ which you hold safely in your own digital pocket, or choose to wear proudly on your shirt when you wander from community to community. If someone says ‘prove it’ you always can, selectively and securely disclosing only what you need to. You can use a device with biometrics (that NEVER leave the device) to do the strong, passwordless authentication say for your unique voting role or persona.

Here’s the 500 word pitch:

Company Presentation

Resonate - https://resonate.is/ - is an ethical music streaming co-operative. Open source and fair-trade, it’s a place where artists, active listeners, curators, and developers govern the community as voting members. Membership is free and non-exclusive for artists and labels that share tracks. 2000 artists and 13000 member/listeners who want to Play Fair.

Problem – use case scenario

Online community is the biggest digital global use case and responds to fundamental human needs. Most use is centralised, some is decentralised, organised in peer-to-peer ‘circles’. Post-covid-19 there has been a surge in online ‘community’ values and greater visibility of cooperatives as a business model (1.2Bn members of co-ops globally). However, platforms for community solutions are fragmented and not inter-operable. Simple, privacy-respecting protocols for trusted transactions between the islands of community identity have taken a back seat. It’s even harder to know who to trust or how to transact…. without going back to ‘the government’ …or the big players… as an overall root of trust.

Solution and Value Proposition

Open Source Community Credentials provide a community-friendly transparent recognition, award and governance of verifiable credentials as simple 'badges. We will provide the platform for the ‘Know Your Co-Operator’ equivalent of KYC for co-op social trust without reliance on centralised providers. Co-operators will exercise pragmatic, easily understandable control over presentation of their identity attributes. We’ll use the idea of the ‘wallet’ (kept in your pocket) and the ‘badge’ (worn on your shirt) as simple metaphors.

Targeted market segments / Targeted customers / Positioning in the value chain

  1. The music streaming co-operative ecosystem for Resonate, where membership, music purchase, music copyrighting and gig ticketing scenarios demand better authentication and digital proof of credentials.
  2. Co-operative network values support the sharing of cost and risk for KYCO. This is in contrast with the competitive nature of the financial services marketplace, where competing SSI KYC solutions struggle to monetise and grow to scale, despite the obvious benefit of collective action to combat ID fraud.
  3. We’re providing a ‘plugin’ solution product, initially for Discourse, the biggest of the community software platforms (over 343m page views/month), reaching out to its active developer community and beyond that to other open source forum software.

UVP compared to competition

Simplicity of the badge/wallet metaphor and on making the solution more ‘human understandable’ and usable than more technical wallet processes. As easy to create, display and issue ‘badges’ representing VC’s as it is to move them from the wallet in your pocket to your shirt and vice versa. Use them in simple, human-centric business processes configured in the forum software / workflows or manual processes. KYCO, is a unique proposition in the co-operative community.

Business Model

Resonate member growth and revenue attracted by a privacy-respecting, anti-surveillance capitalism identity model, plus further indirect revenue from:

  1. Consultancy revenues for Resonate and its partners in deploying the plugin
  2. Creation of a monetised Know Your Co-Operator (KYCO) credential issue and verification service. An alternative to financial services KYC, which emphasises credit history rather than co-operative contribution.
  3. Reduction of identity risk associated with artist payment claims, confidential reporting / GDPR, co-operative voting, event ticketing (and possible service fees for ticketing etc)
1 Like

The subtle point here is that for privacy in our digital communities it’s important to focus on presenting the minimum amount of information - ‘credentials’ - that we need to transact with others, and to get used to controlling that ourselves, and not leaving it to, say, Facebook to be our identity provider.

In the co-op voting example above, all the coop needs to know about ‘you’ for the voting is ‘is a member’ and not ‘who you are’. To get into the gig you should prove you have paid and maybe that you are not a minor. You might offer more, but you should be asked, and can decline.

In our communities we will have ‘issuers’ … who perhaps run some sort of reliable welcome ritual, with fact checking and also to make sure it’s a really you before issuing the credential. People can selectively disclose only what is necessary to ‘verifiers’ of those creds who need proof of some fact (their ‘policy’) before they allow you in or to get something that is yours (and not someone else’s). If we make it easy, with ‘badges’ and wallets and free of some of the jargon we might succeed.

IMHO we need to be be wary of ‘creating a digital identity’ with a number until we have the tech worked out properly. Fortunately, with a pragmatic approach we can do this with just the wallets and the badges and a bit of crypto - not necessarily a blockchain :slight_smile:

See this nice article by Dave Birch which makes the point much better https://www.forbes.com/sites/davidbirch/2020/09/08/trust-me-im-a-doctor-on-linkedin/#3c53cdea6c1e

1 Like

Here’s a PDF ’ Flyer’ for where we are on Community Credentials: https://drive.google.com/file/d/1ZQal36JMwiZzbQ9fjXjfV_zOhT4K52Qc/view?usp=sharing

1 Like

@Nick_M, this document should also be an announcement, or a featured post! It’s really great stuff, and I feel most folks may not notice it in this thread (although it should certainly be here as well)

@Nick_M’s new video presentation about Resonate’s Community Credentials project!

Resonate is working with the EU to create a ground-breaking Co-operative Privacy and Trust system for digital dignity.

1 Like

Thanks @Hakanto! The hackathon seemed to go ok for us… It was a pretty brutal timed and judged ‘Dragon’s Den’ process for the business part, and a timed and judged demo too. Angus joined to help out at the demo. I had to create a lot of deliverables and plans to get to this stage. Let’s hope the effort is all worth it and we get through to the next stage, and the funding that will bring!

We have met up with some other great teams in the process and we hope to continue working with them afterwards, whatever the result!

1 Like

!!HOT NEWS!! We won again… through to the next stage! We will receive the €15K towards the cost of our participation so far and another €50k potential grant towards the completion of the the next stage.

Nick

3 Likes

Having just joined the commmunity forum (thanks hakanto!) I’m excited to see resonate working on this!

I used to work on a similar eu funded project exploring use of attribute
Based crypto for Barcelona city councils digital democracy platform Decidim (mainly doing policy and research stuff )

I’m sure you’re already onto this but there’s some good open source projects that might be worth checking out who were linked to that project

IRMA is an open source digital wallet developed in the Netherlands.
https://privacybydesign.foundation/irma-e

There’s a coop in Amsterdam (ethical neighbourhood social network) who managed to integrate it as a login option. They’re called https://gebiedonline.nl/

DECODE is also open source and has a credential issuing system which is more decentralised. It uses some pretty sophisticated tech but I’ve not seen many further uses of it since the petitions app pilot. My understanding is the technical partners - dyne.org - are now working on implementing the tech as part of the ledgerproject.eu programme (theyre one of the partners leading it)
https://github.com/DECODEproject

Again sorry if you knew all this but if any of it is useful / you want to reach out to any of the projects let me know and I’ll see if I can dig out a contact. t

4 Likes

Wow, Theo, this stuff is incredible! I’m sure @Nick_M, the co-op secretary, will have something to say! The work you’ve done with Decidim is especially interesting to me. Platform co-operatives need to strategize for the logistics of being democratic global internet-based platforms. It’s a new frontier! Projects like Decidim seem essential to learn from as we brainstorm together to build democratic tools and processes into Resonate.

1 Like

Hey welcome TheoB!

Great to have you with us! And thanks for the links. Great to hear you were involved in the Decidim project. Good work there. Also thanks for the other links too. I have seen background on these before - in fact we also applied to LEDGER previously - and we all seem to be part of the Next Generation Internet ‘family’ and values!

Our Community Credentials projects is, strictly speaking, ‘agnostic’ on the type of wallet/holder issuer and verifier technology that we use, providing it’s web standards-based and broadly inter-operable in the longer term. Having said that, most SSI and Verifiable Credentials technology is still pretty new, and projects and vendors are constantly jockeying for position. We need to be practical and adopt something that is simple, useable and fit for purpose for this initial very simple application of W3C standard verifiable credentials for our community. We think that working software, ‘out there’ with our own ecosystem and community is the best way to get the initial solution and tech platform right, focusing on making it easy and intuitive.

Having said that, there are some hugely worthwhile and ambitious plans in projects like DECODE which will provide for universal decentralised issue of credentials, with discovery and revocation and all the good stuff you need to manage decentralised ‘persistence’ of credentials. When a clear ‘winner’ for that global infrastructure and interoperability has emerged, we will move to intercept it, because we’re focused on the ‘layer above’ - the UX and the human experience, the uses and the economics of this.

The great thing is that eSSIF-Lab has a nice ‘layer cake’ approach to this, and we’re part of the icing! We are in with 14 other teams, some of whom are hard at work down in what is sometimes more like a messy trifle than a lovely layered sponge with jam in it :slight_smile: Our initial SSI technology platform partner is Prof David Chadwick of the University of Kent and co-author of the W3C Verifiable Credentials standards. We’re using those, in a simple way, between issuers and verifiers and making it as easy as possible for folks to create and prove their badges, without heavyweight or complex key management… we will use the FIDO2 standards there to help. In the longer term we might align with DECODE, Sovrin, Microsoft ION, Jolocom, Hyperledger Indy/Aries, Polkadot, Cosmos or any other of the wider spectrum of blockchain-ledger related identity ‘toolkits’ but right now, what we are creating is so simple that we don’t yet need to. Of course we will remain global identity / DID ‘ledger-ready’ for when it is needed.

Meanwhile, here is our press release
…and here is more information on the wallet / issuer / verifier part of the solution, thanks to our partner David.

1 Like

Hi nick / hakanto.

Sounds like a great plan, particularly on the UX and economics. You call it the ‘simple’ part but it’s the most important!. One of key challenges DECODE faced was the friction in getting people to use the wallet. Either it took too long or difficult to sign up, or the tech was too buggy (partly because there’s so much complex stuff going on in the backend). In retrospect (imho) there was too much focus on the tech and not enough on why or how people might want to use it. That’s why I love the idea of integrating into Discourse.

I hope this isn’t too controversial but I reckon blockchain is a bit of a red herring in all this. there are still so many questions about politics/governance that need to be answered before we know which protocols are going to be reliable and trustworthy in the long run. Sovrin seems to have thought deeply about this. Agree with you, best approach is to wait and see how things develop.

Anyway thanks so much for taking time to describe everything. Can’t wait to see how things develop!.

3 Likes

@TheoB Yes, I couldn’t agree more!

Making it simple is the hardest part!

We need to get the wallet tech right so we are starting with the simplest, focused on obtaing, holding and presenting verifiable credentials. In the forum, we will try make it easy to understand and use them… The wallet and badge metaphor. For login we will give people the option to try it and use a wallet as an alternative for passwordless login insread of, or alongside our co-op ecosystem ID service (federated, OIDC protocol). It’s just an option. We will collect feedback until we get it right, but this won’t work for everyone.
Human communities are beautiful and complex systems.

We don’t use blockchain as part of the solution, but we are open to it where it makes sense. Perhaps that might be for long term storage of transaction log hashes, where both immutability and public transparency are important? It’s not suitable for storing personal identity information and does not compare with conventional database performance. It is a small part of more complex globally decentralised identity systems such as Sovrin… but it has not been without a few troubles there.

I hope that human governance of the tech choices, and an open, standards-based approach will help us to make the right choice.

Sovrin governance has done a great job on the taxonomy and glossary around decentralised identity - around delegation and custody for example - so it’s a great resource to draw on. We work with DIF eSSIF-lab and other orgs trying to give control of their identity information back to its citizens.

It would be great if you could spare a little time to steer and guide us @TheoB ! We have some user research interviews coming up and it would be great to discuss this with you.

2 Likes

Hi All! Quick update on Community Credentials for last month:

  • stakeholder interviews going well, combined with great feedback for Resonate from our survey on music streaming for the parliamentary inquiry
  • good progress with the design concept (exciting new ‘digital handshake’ feature!) but…
  • we need to catch up on technical docs and code, and we have a big dependency on core Resonate work on the userAPI
  • we delivered our draft business case deck and had a grilling session from a couple of the coaches in the programme. Just had some nice feedback from one of them:

Hello Nick, Following our talk last week, I wanted to share with you this startup: https://collective.world/ More people are embracing the collective business model. Your vision for Resonate makes sense.

I’m not sure about that link though… I think at Resonate we have a much stronger co-operative, creative community offer! …I guess the point is that even the venture caps are noticing that the world is changing.

1 Like

This is a fantastic idea! There is so much funding out there that is not going into the music industry only because it is not well pitched or people simply won’t realize about how much potential for research and innovation there is!

1 Like

How interesting! I just listened to this podcast on SSI this morning just before I read your post:

1 Like

This is important. Re: tech documentation - Can we outline the volunteer requirements (per task template) to plug people into this work?

URGENT HELP NEEDED: TOMORROW 1800CET is the deadline for our monthly progress report on our Community Credentials stakeholder interviews.

Here is the interview template: If anyone has held an interview with anyone about Community Credentials, has their own views they would like to record… or even just had a conversation with someone about this … and would be willing to put something down in a few brief notes it would be really helpful!

The interview ‘script’ is here

We need at least 5 interviews this month

If we miss the deadline or have content that is too sketchy, then we’ll be marked down… and we need points to help us qualify for the next round of funding!

ANY feedback on the concept and its use in Resonate Community and Beyond would be VERY helpful.

Responses in this thread, or notes made and sent separately as a message, or answers to the questions in a copy of the questionnaire doc would be really great!

Thanks!

Nick

1 Like

I was able to complete the last round of the survey, and it wasn’t hard at all!

For anyone who is interested in helping out, but may need some clarification though, feel free to reach out to me or @Nick_M if you have questions. Thanks!

1 Like

UPDATE!
We are entering round 3 of the competitive bid. We have done really well to get this far and our community credentials product is looking good! We’re working on a demo video and storyboard for an exciting use of our new credentials system, showing how they can be used
to community help independent artists and small local venues get back on the road to recovery after the devastation of the covid pandemic.

The story goes like this:

A community roadmap for post-covid economic and social recovery for independent music and artists:

  • Independent artists encourage their local community listeners to join the Resonate community;
  • Local venue and music store teams also join the Community and build relationships with the artists and listeners to build future potential audiences;
  • Listeners encouraged to play and ‘buy now’ and receive digital receipts from Resonate so that artist income is boosted in short term;
  • Artists recognise loyal fans and friends they know by awarding badges and credentials;
  • Artists recognise (/ verify) the badges / receipts to admit existing and new fans to artists’ fan circle in the Community;
  • Artists put on live streams or other digital immersive events for their supporters, with access granted on verifying a credential;
  • Artists, local venues and fans collaborate and plan events in circle discussions;
  • Local covid certificate issuers join the ecosystem. working with local health and safety regulators. Community forum provides guidance and news;
  • Artists and venues issue covid-certified digital gig entry tickets using CC ticket credential issuer;
  • Covid-risk managed events begin, with credential check at door;
  • Long term relationship established between Artists, Community Venues, Listeners and Resonate.

How does that sound?

4 Likes