SPECIAL NOTICE: Public Review Period for Data Protection Regulation Revisions to the Sovrin Governance Framework

The Sovrin Foundation is conducting a 30 day public review of the following proposed revisions to the Sovrin Governance Framework (SGF). These documents reflect changes to the SGF that will enable participants in Sovrin infrastructure to comply with Data Protection Regulations such as the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). For more information please see this Sovrin Foundation blog post.

New Controlled Documents

  1. Sovrin Steward Data Processing Addendum (DPA)
  2. Sovrin Steward Technical and Organizational Measures (TOMs)
  3. Sovrin Transaction Endorser DPA
  4. Sovrin Transaction Endorser TOMs

Revised Controlled Documents

  1. Sovrin Transaction Endorser Agreement
  2. Sovrin Transaction Author Agreement
  3. Sovrin Ledger Access Policies
  4. Sovrin Glossary Revisions

The SGF requires a 30 day public review period for any proposed changes. The Sovrin Board of Trustees voted at its meeting today (28 August 2019) to begin a public review that will extend until its next meeting on 25 September 2019.

To provide feedback on any of the above documents, click the links above. Each document is a Google doc where anyone can add comments or make suggestions. If you are not able to access a Google doc, please email matt dot norton at the Sovrin Foundation (sovrin.org) to request a PDF copy. Please be judicious when you post—many hours have gone into these documents, and all comments or suggestions will be reviewed by SGFWG members and/or Sovrin Foundation counsel, so we appreciate thoughtful and deliberate contributions.

Please note that the Sovrin Foundation is a non-profit public trust organization, so any contributions become part of the Sovrin public trust. We are happy to provide acknowledgement of valuable contributions.


Overview

The Sovrin Governance Framework is the legal foundation of the Sovrin Network as a global public utility for self-sovereign identity. It is developed by the Sovrin Governance Framework Working Group(SGFWG), currently chaired by Sovrin trustee Drummond Reed. Each new version is approved by the Sovrin Foundation Board of Trustees(BoT) to become the official set of governance documents for the operation of the Sovrin Ledger and the Sovrin Network.

The first version, the Sovrin Provisional Trust Framework, was approved by the Sovrin BoT on 28 June 2017 and has been operational since the launch of the Sovrin Provisional Network on 31 July 2017. The second version, now called the Sovrin Governance Framework V2, was approved by the Sovrin BoT on 27 March 2019.

Composition of the Sovrin Governance Framework V2

The document architecture of the Sovrin Governance Framework V2 (SGF V2) is shown below:

 

The primary documents in the SGF V2 include:

  1. The Sovrin Governance Framework Master Document(PDF). The “constitution” of the Sovrin Network, this document defines the purpose, core principles, and core policies, and also references all other documents in the SGF V2, including all the Controlled Documents listed in Appendix A.
  2. The Sovrin Glossary(Linkable Version). A comprehensive glossary of almost 250 terms used throughout all the SGF V2 documents and all of Sovrin infrastructure, plus eight appendices that provide in-depth explanations of core groups of terms. Also available in a PDF Version.
  3. The Sovrin Trust Assurance Framework (PDF) This document defines criteria and processes for assessing conformance of different Sovrin actors to the policies of the Sovrin Governance Framework.

The SGF V2 also includes three legal agreements:

  1. The Sovrin Steward Agreement(PDF)between the Sovrin Foundation and a Sovrin steward.
  2. The Transaction Author Agreement(PDF)between the Sovrin Foundation and any person or organization initiating a write transaction to the Sovrin Ledger.
  3. The Transaction Endorser Agreement(PDF)between the Sovrin Foundation and any organization requiring permissioned write access to the Sovrin Ledger.

Lastly, six Controlled Documents containing policies managed by specific subgroups within the Sovrin Foundation:

  1. Sovrin Governing Body Policies (PDF)—the governance policies that apply to all Sovrin Governing Bodies.
  2. Sovrin Ledger Access Policies (PDF)—governing reading and writing to the Sovrin Ledger and processing Sovrin Ledger Transaction Data.
  3. Sovrin Steward Business Policies (PDF)—governing qualification, application, activation, operation, suspension, and termination of Sovrin stewards.
  4. Sovrin Steward Technical Policies (PDF)—governing the security, node operation, node selection, and reporting requirements for Sovrin stewards.
  5. Sovrin Economic Policies (PDF)—governing economic incentives, fees, and regulatory compliance.
  6. Sovrin Trust Mark Policies (PDF)—governing use of the Sovrin Trust Mark by stewards, agencies, and developers.

See Appendix A of the SGF Master Document (PDF) for a list of additional specifications referenced by the SGF.

Lastly, the SGFWG is currently developing a white paper, Introduction to the Sovrin Governance Framework V2, that will provide an introductory overview of the SGF and the decentralized trust model enabled by self-sovereign identity. Look for an announcement of this white paper in July 2019.

Public Comment on the Sovrin Governance Framework

All Sovrin Governance Framework documents are open to public review and comment. Every official approved PDF version above includes a link to a living community version listed at the bottom of this page. These are hosted as Google docs where anyone can add comments or make suggestions.

Please be judicious when you post—hundreds of hours have gone into these documents, and all comments or suggestions will be reviewed by SGFWG members, so we appreciate thoughtful and deliberate contributions.

Please note that the Sovrin Foundation is a non-profit public trust organization, so any contributions become part of the Sovrin public trust. We are happy to provide acknowledgement of valuable contributions.

Participation in the Sovrin Governance Framework Working Group

The SGFWG is always open to new participants. There is no membership requirement other than a genuine interest in decentralized governance for a global public utility for self-sovereign identity. Background in technical, legal, or business policy development is a bonus.

The SGFWG is currently focusing its work on four Task Forces:

  1. The Domain-Specific Governance Frameworks (DSGF) Task Force is working with governance authorities around the world who are developing their own specialized governance frameworks based on the SGF.
  2. The Guardianship Task Force is exploring the powerful new concept of digital guardianship that is enabled through the combination of SSI technology and SSI governance frameworks.
  3. The SSI and IoT Task Force is focused on the intersection of SSI (the “Internet of People and Organizations”) and Internet of Things technology, standards, and infrastructure.
  4. The Business of SSI Task Force is exploring the new business models enabled by SSI, both at the infrastructure and application layers.

Please visit any of the Task Force home pages linked above or the Sovrin Governance Framework Working Group meeting page or contact us directly if you would like to contribute to this work.

Living Community Versions of all SGF V2 Documents

All SGF V2 documents are also available for public comment via a Google doc. Just follow any of the links below.

Primary Documents

  1. Sovrin Governance Framework Master Document
  2. Sovrin Glossary
  3. The Sovrin Trust Assurance Framework

Legal Agreements

  1. Sovrin Steward Agreement
  2. Transaction Author Agreement
  3. Transaction Endorser Agreement

Controlled Documents

  1. Sovrin Governing Bodies
  2. Sovrin Governing Body Policies
  3. Sovrin Ledger Access Policies
  4. Sovrin Ledger Transaction Data
  5. Sovrin Steward Business Policies
  6. Sovrin Steward Technical Policies
  7. Sovrin Economic Policies
  8. Sovrin Trust Mark Policies