The Open Digital Trust Initiative of the IIF together with the Open ID Foundation has finalized Principles for Digital Trust Networks, identifying at a high level the ‘rules of the road’ that Digital Trust Networks should adopt in order to incentivize a high level of digital trust, user centricity and low cost, while ensuring that these networks are economically viable and the role of Verification Service Provider is adequately rewarded and realistically protected from a liability perspective.
The broad vision is for Digital Trust Networks to comprise a set of participants, including both Users (who are also individual Data Subjects for individual data protection purposes in many cases), Verification Service Providers and Relying Parties. There is also scope for other types of intermediaries to be defined by the Network rules.
Digital Trust Networks are anticipated to have associated Governance Arrangements, which should adhere to certain minimum principles, and may be separate legal entities. The Governance Arrangements will have responsibility for setting out Liability Rules, and other rules and requirements, to be complied with by Network Participants. The IIF does not propose to police the Principles, or award or allocate trust marks; however, other parties involved in Networks might consider offering these services.
A draft of these Principles was publicly released for comment on February 8, 2021, and comments received from commenters have been taken into account in finalizing the Principles. The IIF thanks commenters for their input.
The IIF has co-published the Global Assured Identity Network (GAIN) White Paper. These Principles are intended to be a framework for many possible digital trust networks, including centralized, federated, and decentralized models, including the GAIN as one example.