The ABA Legal Task Force has undertaken two key projects to address these challenges. The first is to identify the legal issues and risks that must be addressed in a federated identity management system. These legal risks can come from a variety of sources, including statutes and regulations, common law, applicable standards, contractual obligations, and self-imposed obligations. They vary depending on the jurisdictions involved, further complicating the operation of a cross-border identity management system -- but until they are fully known and understood, they cannot be addressed.Is this a good thing? Is it ever a good thing when the lawyers get involved? As long as I am not paying the bill I guess it's okay. Good luck guys!
A second key project undertaken by the ABA Legal Task Force will be to consider what legal frameworks might work best for addressing and controlling these legal obligations and risks. This will involve identifying and evaluating structures for contractual relationships among the various roles in an identity system. It will also include analysis of various contractual approaches that define the rights and obligations of each role, recognize the requirements of applicable law, allocate the risks among the roles, and provide an appropriate enforcement mechanism.
1 day ago