The Windhover Principles for Digital Identity, Trust, and Data

Self-Sovereign Identity and Control of Personal Data:

Individuals and groups should have control of their digital personal identities and personal data.

In today’s digital world, we communicate, share and transact digitally over the Internet. Individuals who make use of the internet for these purposes should have control over their digital identities and personal data ensuring trust in our communications, and the integrity of the data we share and transact with.

Individuals, not social networks, governments, or corporations, should control their identity credentials and personal data. Control of one’s identity credential and personal data means that a person should have unfettered access to their persona data, and the ability to prevent unauthorized private access, and to verify attributes of their personal identity profile.

Systems should be designed so that duly authorized entities that rely upon individual identity credentials and attributes shall have requisite access to such data and credentials with verifiable proof of authorized permission in order to enforce norms, contracts, regulations and agreements to avoid identified harms and malicious activities. We support the collaborative open source development of systems that embed these governance and enforcement principles.

Transparent Enforcement and Effective Lite Governance:

Enhancing / improving personal privacy while allowing for effective governance and accommodation of legitimate auditing and enforcement needs.

As noted above, these Windhover Principles enable identity, trust, and data technologies to provide effective methods for the transparent and proportionate access and verification of identity data to address legitimate governance and enforcement concerns. That enforcement entities acting on the basis of transparent and verifiable approvals, can access though specific and limited APIs identifying personal data.

Insuring Trust and Privacy:

An effective identity system continuously furthers trust, security, accountability and privacy.

Protecting privacy and fostering trust are foundational Windhover Principles that support a fully functional identity system designed to collect and analyze data in a network in which identities are continuously and independently authenticated. These core principles are intended to foster development of more trustworthy, effective, and profitable services and offerings and reduce the risks and costs of fraud and other abuses.

Open Source Collaboration:

An inclusive open source methodology to build systems that embody these Principles.

Supporters of the Windhover Principles agree to cooperate to build systems that deliver these requirements, participate in Living Labs for development, and to ultimately provide strong technical product solutions that interoperate to meet these challenges.