Skip to main content

2025-10-31 1055 AEDT

Oct 31, 2025

UN CEFACT GTR - AEST / PST

Invited Jo Spencer Alina Nica Gales Steve Capell John Phillips

Attachments UN CEFACT GTR - AEST / PST

Meeting records Transcript Recording

Summary

John Phillips, Mark Lazar (0PN), Ann Dao, and Sankarshan participated in the meeting about the UN/CEFACT Global Trust Registry (GTR) project, which operates under open-source and royalty-free rules and is transitioning to the UNICC GitLab space. John Phillips summarized previous discussions on the need for trustworthy, local authority-validated data, the governance and roadmap of the Global Registry Information Directory (GRID), and ongoing consolidation of legal content, including eligibility requirements and the legal significance of the Digital Identity Anchor (DIA) by Alina. John Phillips detailed the framework for pilots in Canada, India, potentially the Netherlands, and Spain, confirming the intentional pressure-testing of the DIA specification, which is moving towards being technology agnostic, and clarified that the GRID would serve as an authoritative source for registrar information rather than replicating register contents. The participants discussed the GRID's logical model, the distinction between "registar" and "register," and the project's focus on organizational identity, with Mark Lazar proposing to present their Universal Digital Transparency Model, which focuses on the data controller, at the next meeting.

Details

Notes Length: Standard

  • Project Overview and Rules John Phillips welcomed attendees to the UN/CEFACT Global Trust Registry project meeting, which was structured to accommodate West Coast USA participation. They reiterated the project's intellectual property rules, emphasizing an open-source and royalty-free intent. The agenda included a review of the previous meeting and a discussion of ongoing actions (00:00:00).

  • Yesterday's Meeting Summary John Phillips summarized the prior day's meeting, noting that Hans Hoover had presented on Google Maps' business presentation, showing a business identifier linked to a street view. The discussion focused on the necessity of trustworthy underlying data, which should ideally be validated by local authorities, as third parties like Google generally avoid the legal liability of verifying such data's correctness (00:00:58).

  • Previous Meeting Themes and Varied Discussions John Phillips observed that due to varied participants across the two meetings held two weeks prior, the conversations differed slightly even with similar content. Discussions included the governance, operations, and roadmap for the Global Registry Information Directory (GRID), as well as financial implications and future scope (00:01:56).

  • Ongoing Actions and Legal Content Consolidation John Phillips reported they are working with Alina to consolidate the extensive legal content, including eligibility requirements and the legal significance of the digital identity anchor, into the final recommendations for the UN/CEFACT plenary in July. They mentioned that Alina has produced significant work on the digital identity anchor legal requirements, which are pending availability in the Google doc space (00:02:59).

  • Pilot Framework Development and Technology Architecture John Phillips outlined current actions, including sharing the framework for pilots. The current known pilot participants include Canada, India, potentially the Netherlands, and Spain, with efforts to include Australia. Sankarshan is working on technology architecture specifics and is seeking input from John Phillips, Alina, and Joe Spencer (00:03:59).

  • Pilot Objectives and Scope John Phillips clarified the two main objectives for the pilots: to explore and demonstrate the concepts, which includes finding weaknesses and suggesting improvements. The pilots are explicitly designed to test ideas and concepts, not just to prove they work (00:07:45). Pilots are encouraged to define their own use cases, and they must consider the expected socio-economic benefits, such as reducing fraud or improving efficiency (00:11:05).

  • Two Types of Pilots: GRID and DIA John Phillips detailed two substantive types of pilots (00:07:45). A GRID pilot would focus on the process by which an authoritative registrar, such as the Spanish registrar, registers with and manages its information within the GRID. A Digital Identity Anchor (DIA) pilot involves actors like an authoritative registrar, a supply chain participant (seller) issuing a DIA, and a buyer verifying it (00:08:43).

  • Hybrid Pilot Model and Constraints A hybrid model combining both GRID registration and DIA issuance is possible, ideally involving multiple registrars and use cases (00:09:59). John Phillips noted that pilots should use non-operational or dummy data (00:12:55). Sankarshan raised the point that the pilots, particularly those with higher complexity, would require more hands-on guidance to ensure their design and success metrics are well-defined (00:14:01).

  • Intentional Pressure Testing of the DIA Spec John Phillips confirmed to Sankarshan that the pilots are consciously expected to pressure test the DIA specification, which is a deliberate goal, not an inadvertent one. They explained that the DIA spec is moving towards being technology agnostic, referencing a DID method generally, and then defining recognized methods like 'did web' and potentially 'did webph' in a separate part of the specification (00:16:00).

  • Decision on Project Naming John Phillips confirmed that the project would retain the name Global Trust Registry (GTR), despite some recognizing that it might not perfectly describe the scope and potential complexities of the term "trust". They reasoned that they are now accustomed to the project having one name while recommending a system (GRID) with a different name, and the UN/CEFACT Secretariat supported not changing the project name at this time (00:18:08).

  • Logical Model for GRID and Explainer Development John Phillips presented a logical model for the GRID using a Draw.io diagram, acknowledging its complexity and the need for clear explanation (00:19:06). The model is built on the axiom that legal trade occurs between participants registered in nation states, and that nation states recognize authoritative registrars for specific types of registrations (00:20:59).

  • GRID Design and Data Scope The GRID model distinguishes between a "registar" (the authority) and a "register" (the data created by the authority). John Phillips emphasized that the GRID does not intend to replicate the contents of any registrar's register, recognizing that registrars may have business models involving fees for registration or data access (00:23:27). The exchanges in the supply chain model involve products, documentation, and value exchange, the latter potentially including bartering (00:24:39).

  • The Need for a Trustworthy Source of Registrar Information John Phillips highlighted that the primary challenge necessitating the GRID is determining the authoritative source for registrar information, especially given the ease of creating fake documentation (00:27:47). The GRID's purpose is to identify the "who is the registar for what items in which countries" (00:28:51).

  • Logical Model Implementation and Decentralization The logical model, though implying a centralized view, does not dictate a centralized implementation; it allows for decentralized or distributed architectural solutions. John Phillips stressed that the GRID must avoid being in the loop for every verification, as this would lead to excessive transaction volume (00:29:54).

  • Transitioning to the UNICC GitLab Space John Phillips announced the project is moving its content from Google Drive and the unreliable UN/CEFACT Collaborative Environment (CUE) to the UNICC GitLab space (00:31:18). This move is intended to leverage UN hosting, strong version control, and markdown documentation, though it requires collaborators to obtain a separate UNICC login (00:34:19).

  • Status of Potential Pilots and Current Interest Ann Dao inquired about the progress with potential pilots (00:37:26). John Phillips confirmed interest from Canada (specifically British Columbia), Spain (who have agreed to run a pilot), the Indian delegation, and a group working with the Dutch Chamber of Commerce (00:38:32). They noted the need to maintain pressure to convert this interest into concrete action (00:39:25).

  • Accessibility of GRID Data In response to Ann Dao's question, John Phillips stated their view that the GRID itself should be open unless otherwise necessary, providing publicly available but currently hard-to-find information about authoritative registrars (00:40:46). They clarified that the GRID would not dictate whether a registrar's own data (e.g., who owns what land) is publicly accessible or fee-based (00:41:46).

  • Commercial Opportunities and Diversity John Phillips characterized the GRID as a "map" that reflects the diversity in digital implementations across countries, which creates a commercial opportunity for others to provide services that universally resolve identifier questions from various registrars (00:43:10). They noted the humble ambition is to get the current simple, achievable, yet valuable concept approved by the plenary in July 2026, which would then trigger the design and build phase (00:44:09).

  • Focus on Data Transparency and Control Mark Lazar (0PN) supported the project's progress, emphasizing the importance of transparency regarding the data controller, registrar, and the international transfer of data (00:45:10). Mark Lazar connected this to historical demands for transparency and the legal infrastructure provided by the Convention 108+ and the concept of an 'anchor' notice and consent receipt, effectively a controller registry (00:46:18).

  • Organizational vs. Personal Identity John Phillips and Mark Lazar discussed the project's focus on organizational identifiers first, acknowledging that people are ultimately involved in company registrations (00:47:57). Mark Lazar proposed a model focused on the organizational ID (controller ID) and a human delegate, which aligns with organizational privacy responsibilities (00:49:23).

  • Mark Lazar's Proposal for Next Meeting Mark Lazar offered to present their Universal Digital Transparency Model, which focuses on the data controller and uses ISO standards, at the next meeting (00:51:55) (00:53:52). The model emphasizes giving individuals a notice receipt (a credential) and avoiding user IDs by routing requests through the controller, enabling concepts like dynamic lawful access and real-time interception (00:50:41) (00:53:52).

  • Legal Requirements and Data Distribution John Phillips shared the draft of the Digital Identity Anchor legal requirements, which includes discussion on the legal significance of the credential and informed consent (00:52:58). They also pointed out that the UNP spec handles data distribution by making it available via a linked data model, rather than directly shipping it to participants (00:56:00).

Suggested next steps

  • John Phillips will consolidate Alina's legal content (eligibility requirements, legal significance of the digital identity anchor, and governance frameworks) into documents for the UNCC effect plenary.

  • John Phillips will convert Alina's Microsoft Word attachment containing the digital identity anchor legal requirements into a Google Doc format.

  • John Phillips will move project content, including the Google Meet recording, from the Google space into the GitLab environment and create meeting notes as markdown.

  • John Phillips will create other types of explainers for the logical model of the global registar information directory with a gradual build process.

  • 0PN will present the digital transparency glassbox governance model and digital identification and attribute governance for AI models at the next meeting.

  • The group will explore GitLab and request a UNICC login for accessing the project content.