Kantara Initiative is out with a new version of its user data access specs
The newest guidelines for software makers update ways for sharing personal data between individuals and through Internet of Things devices.
While the upcoming General Data Protection Regulation (GDPR) is the largest and best-known effort to guard personal data, it’s not the first.
Founded in 2009 and based in Wakefield, Massachusetts, the Kantara Initiative is one of the other efforts. It’s a non-profit global consortium of about 70 companies that is designed to improve the trustworthy use of identity and personal data through specifications for software makers.
Toward that aim, the Initiative has recently released version 2.0 of its User-Managed Access (UMA) tech specs, replacing the 1.0 version approved in 2013. It is intended to provide a protocol for how an individual’s personal data can be accessed, wherever it lives.
Executive Director Colin Wallis told me that the new version simplifies the previous protocol and aligns it more closely with OAuth than version 1.0 did. OAuth, or Open Authorization, is an open standard for authorization to personal data, such as granting a website access to the list of your friends on Facebook without entering your login credentials.