Skip to main content

This page has been translated using TexTra by NICT. Please note that the translation may not be completely accurate.
If you find any mistranslations, we appreciate your feedback on the "Request form for improving the automatic translation ".

Promotion of DX Sub-Working Group that secured Trust (6th)

Overview

  • Date and Time: Friday, February 25, 2022 (2022) from 3:00 pm to 4:45 pm
  • Location: Online
  • Agenda:
    1. Opening
    2. Proceedings
      1. Explanation of Secretariat Materials (Secretariat)
      2. Presentation from Members, etc.
        • Kazuya Miyamura (PwC Aarata Limited Liability Auditing Act)
      3. Free discussion
    3. Adjournment

Materials

References

Relevant policies

Summary of proceedings

Date

From 3:00 p.m. to 4:44 p.m. on Friday, February 25, 2022 (2022)

Location

Held online

Attendees

Members

  • Hiroshi Ota (Partner, Nishimura & Asahi)
  • Natsuhiko Sakimura (Senior Researcher, Tokyo Digital Ideas Co., Ltd.)
  • Kazue Sako (Professor, Department of Information Science and Engineering, School of Basic Science and Engineering, Waseda University)
  • Satoru Tezuka (Professor, Faculty of Environmental Information, Keio University) [Senior Researcher]
  • Soshi Hamaguchi (Senior Staff Member, Keio University SFC Research Institute)
  • Tatsuya Hayashi (Director of LocationMind Co., Ltd.)
  • Hiroshi Miyauchi (Attorney, Miyauchi & Mizumachi IT Law Office)
  • Kazuya Miyamura (Partner, PwC Arata LLC)
  • Makoto Takamura (Counselor to the Director-General of cybersecurity, Ministry of Internal Affairs and Communications)
  • Hiromasa Kiyo (Senior Assistant, Commercial Affairs Division, Civil Affairs Bureau, Ministry of Justice) *
  • Shuji Okuda (Director of the cybersecurity Division, Commercial Information Policy Bureau, Ministry of Economy, Trade and Industry) *

Observer

  • Satoru Ijichi (Executive Director of the time business Accreditation Center, Information and Communication security Division, The Japanese Telecommunications Association)
  • Takayuki Idaka (Special Advisor for medical care Information Technology, Research development Promotion Division, Ministry of Health, Labor and Welfare Health Policy Bureau) * Attendance by proxy
  • Daishu Ohta (Chairman of the External Affairs Department of the Digital Trust Council)
  • Hirohisa Ogawa (Chairman of the Steering Committee of the Nippon Trust Technology Council and Senior Researcher, Cyber security Strategic Group, Digital Innovation Division, Mitsubishi Research Institute, Inc.)
  • Mikio Ogawa (Executive Director of Administration and Settlement Systems Department, Japanese Bankers Association)
  • Tetsuro Okuno (Deputy Director of the General Affairs Division, Ministry of Health, Labor and Welfare Pharmaceutical and Environmental Health Bureau) * Attendance by proxy
  • Seiji Kaneko (Director of the General Affairs Division, Pharmaceutical Affairs and Environmental Health Bureau, Ministry of Health, Labor and Welfare) * Attendance by proxy
  • KOMATSU Hiroaki (Partner, Tokyo IT Audit Department, KPMG AZSA LLC)
  • Hajime Sato I (Executive Director of the Policy Department of the New Economy Federation)
  • Sato Tatewaki (Cloud-based Electronic Signature Service Council Secretariat)
  • Koichi Shibata (Executive Director in charge of DX Service Planning Department and Chairman of the Planning and Operation Subcommittee of the Trust Service Promotion Forum, Seiko Solutions Corporation)
  • Kenichiro Shimai (Deputy Director of medical care Information Technology Promotion Office, Research and development Promotion Division, Ministry of Health, Labor and Welfare Health Policy Bureau) * Attendance by proxy
  • SHIMAOKA Masamoto (Senior Researcher, IS Research Institute, SECOM CO., LTD.)
  • Kikuzo Sodeyama (Director of SKJ Sogo Tax Accountant Office)
  • Hajime Toyoshima Kiyoshi (DigitalBCG Japan Managing Director)
  • Yuji Nakasu (Vice President of Government Affairs, SAP Japan Co., Ltd.)
  • NAKATAKE Hiroshi (Representative of Global Legal Entity Identifier Foundation (GLEIF) Japan Office)
  • Akira Nishiyama (Special Member of the Electronic Certification Bureau Conference (Representative of Future Trust Lab))
  • Eiji Nozaki (Director of the General Affairs Division, Supervisory Bureau, Financial Services Agency
  • Akihide Higo (Project Owner, Digital Identity Verification Project Team, Incubation Lab, Digital Architecture and Design Center (DADC), Information-Technology Promotion Agency (IPA))
  • Tomoaki Misawa (Partner, PwC Arata LLC)
  • YAMAUCHI Toru (Managing Director of the Association for the Promotion of Information Economy and Society and Director of the Digital Trust Evaluation Center)
  • WAKAMEDA Mitsuo (Senior Researcher, Data Strategy WG, Planning Committee, Digital Economy Promotion Committee, Japan Business Federation)

Digital Agency (Secretariat)

  • Group Manager of Digital social common function Group Masanori Kusunoki, Group Deputy Manager of Shusaku Indo Group, etc.

Minutes

  • The Secretariat explained Material 1 "Explanatory Materials for the Secretariat."
  • A presentation was made by experts on Material 2, "Subjects and Scopes Related to Data Trust, and Image of Issue Reorganization."
  • In the open discussion, the following remarks were mainly made.
    • In Exhibit 2, I have mapped (1) (Issue regarding the reliability of individual transaction data itself (content)), (2) (Issue on the user organization side), and (3) (Issue in secondary use of data for judgment, simulation, AI, etc.), and have written the scope of Trust services in this sub-working group in the center. Which part of Trust services should I start from?
    • The part corresponding to (1) is also covered to a certain extent in Issue corresponding to (2). It is easy to digitalization here, so you can do it right away. For those that need to create new processes and services, data completeness and accuracy are important. It is difficult to do it separately by hand or to have users vouch for it individually. Unless use cases considers the sharing and secondary use of data between corporations, it is not possible to promote how and to what extent the company can distribute the data it has as a corporation under the provisions of the contract. Therefore, it is necessary to do what can be done after securing the data in Trust.
    • With regard to (1), when considering whether and how to guarantee the reliability, the creator of the transaction data, the goods and people involved in the process of creation, the attribution information of the organization, the approval of the person in charge in the organization, and the holding of public qualifications are required, and the recipient accepts the risk by validation the attribution information of the person, organization, and device linked to the data.
      In conducting safety tests, the term "uncertainty" is used instead of "accuracy" for the accuracy of the data of the measuring instrument used for the test. It is guaranteed through calibration that the uncertainty is within a sufficient range. If this is to be realized in the digital world, one can think of a form in which the measuring instrument is linked to the calibrator by attribute information such as when and by whom the measuring instrument has been calibrated, and whether the person who performed the calibration is an accredited organization. Finally, the trust of the data is guaranteed by the set of attribute information of the device, person, and organization related to the data. From that perspective, the area surrounded by the dotted square in Material 2 was the current eIDAS1.0, but in Europe, the frame of this square is moving to the left. In eIDAS2.0, the limit of the guarantee of trust has been to link the data to the existence of natural persons and juridical persons, etc. However, since the creation of a new Trust service called attribute authentication, it has become possible to provide attribute information such as whether the person is qualified, has a financial background, and is linked to what kind of corporation within the scope of the Trust service. Regarding the accuracy of the data, this square is gradually expanding as we consider that the data is trusted by the set of attribute information and the chronological link.
    • The review meeting has finally entered the final stage, and what will be output now is an important timing. Nearly 20 years have passed since the establishment of the Electronic Signatures in Global and National Commerce Act, and e-seals and time stamps must be thoroughly implemented in practice. On the other hand, the position in the system is delicate. In aiming to appropriately utilize the latest technology in a domain where technological progress is very rapid, the Trust required when considering not only the reliability of the DFFT anchor but also the Trust, including the content of the date, has considerably expanded in scope compared to 20 years ago. I would like you to consider how to realize the Trust of the entire system or society.
    • It is better not to include content in the Trust service. The Trust service guarantees the procedural aspects, and the authenticity of the content should be assumed by the base registry. For example, the certified mail only shows when and where it was delivered, and it does not guarantee the accuracy of the content. The Trust service is like a certified mail. For example, the identification is performed by the certificate authority when the E-Certificate is issued, but it is sufficient to confirm that it is listed in the base registry. When the internal processing and the content of the device are secured in the Trust, it is necessary to develop standards for each industry, service, and device, and it is better not to include content in the Trust service because it will not be a common authentication service.
      Trust services are used to prove a fact to third parties. In the current Electronic Signatures in Global and National Commerce Act, when electronic signatures corresponding to the first stage of the so-called "two stage presumption" actually exist, how electronic signatures and the processing of electronic signatures, which is called by law, can be derived from them, and what roles E-Certificate will play in that case, are not sufficiently organized. There is still work to be done regarding e-seals and time stamps. It is necessary to consider the effectiveness of each Trust service from the meaning of proving to third parties.
      When considering the use cases of Trust services, it is questionable to focus on GtoB. For example, Article 228, Paragraph 4 of the Code of Civil Procedure and Article 3 of the Electronic Signatures in Global and National Commerce Act exclude official documents, so use cases is questionable. Electronic transactions are widely used in society, and services are expected to expand in the future. When finding the concept of Trust services, it is necessary to consider mainly BtoB and BtoC use cases.
    • It is necessary to identify the use cases in which many SMEs are involved and to consider the Trust services necessary for it. Even in data exchange between public authorities, if the Trust service is used and the personal and corporate data held in public authorities A is used in public authorities B on a once-only basis, etc., we believe that it is possible to ensure transparency in a legally guaranteed manner by using the Trust service, such as when, by which public authorities, and for what purpose it was used.
    • Regarding Trust in the formulation of the Issue Service Assurance Level, the Trust Service Assurance Level has not been agreed upon among the members. However, there may be various ways of involvement as a country regarding the roles of the country and the highest level of the Trust Service Assurance Level. If the equivalent of the certified certification business in the Electronic Signatures in Global and National Commerce Act is assumed at the highest level, it is essential to position the transservice as an important digital infrastructure in Japan and to involve the country in the governance of the framework. There may be a model in which the formulation of standards and the auditing itself are performed by the private sector, or the operation of the framework itself is also performed by the private sector. For example, if the approval of the specifications, the approval of the auditing organization, and the framework itself are operated by the private sector, the country should be involved in the final decision making such as the approval of the framework.
    • In the digital principles, in order to realize the automated principles, it is necessary to deepen the discussion on how to secure Trust where there is no human intervention. If the content of the content is not secured by the Trust service, it will be difficult to draw a line between the service and the content.
    • At this point, it is too much to consolidate the reliability of data through national systems. Now, the market is at the stage of trial and error in the midst of technological progress. Regarding the idea that "the government may not be able to maintain the latest specifications and ensure a system for auditing," it is possible to audit. On the other hand, it is as pointed out that there are cases where it is difficult to maintain the latest specifications. For example, in Electronic Signatures in Global and National Commerce Act, the old standard is still cited for the standard of IC cards that store secret keys, and it is difficult to keep the specifications up-to-date like this. In order to solve such a problem, when the Telecommunications Business Act added domain name telecommunications services as services of telecommunications carriers and specified the technical standards for DNS server operators, the person who originally determined the international standard was an NPO established in a foreign country called ICANN, and it was difficult to cite the standard in ministerial ordinances and public notices. Therefore, a special provision was made that "telecommunications carriers that provide domain name telecommunications services must maintain their facilities so as to conform to the international standard." By doing so, it is logically possible to make them conform to the latest international standard.
    • Regarding use cases in IAL, the issuance of My Number Card can be said to be at a level higher than IAL3 because local government employees, that is, qualified persons, issue the My Number Card after confirming it face-to-face and confirming the identity to the utmost. As a result, if you have a and can confirm that the My Number Card is genuine, and if you confirm that the face photo matches the person face-to-face, or if you have a signature using the E-Certificate of My Number Card, it may be equivalent to IAL3. Because the issuance of My Number Card verifies the identity at a level higher than IAL-3, it may be possible to make everything electronic, as in the case of "Maebashi ID," where an electronic signature using My Number Card is used instead of the identity verification, for example, in places other than the issuance of My Number Card. Then, the main issue is whether or not the photograph of the person and the image of the person in real time are really necessary. If the collation of the photograph and the real-time image is unnecessary, it may be possible to confirm that it is E-Certificate of My Number Card without using a special application, and if you can enter the password, it may be possible to confirm the identity by the property and knowledge.
    • With regard to the establishment of the Trust Service Assurance Level, even members of the Committee are divided in terms of who is supposed to use this level and how it will be used. If this is clarified, I think we can discuss what kind of level it should be.
    • With regard to the requirements required of digitalization, laws have been enacted on the premise that four pieces of information will be used for identity verification on a paper basis. However, even this method is risky, and there are some cases in which information submitted by individuals for identity verification is misused by the in-house crime of the party to which the information is submitted. If a digitalization is made, the risk may be increased. On the other hand, by digitizing the information using the My Number, the uniqueness of the person and the uniqueness of the corporation can be secured without technically disclosing the address. We would like to request that the four pieces of information that were essential before the digitalization and the description of the address and name in the document in law be reviewed mainly in Digital Agency, and that the privacy risk can be eliminated.
    • We should aim for a situation in which users can choose several Trust services rather than a situation in which they are forced to use a specific Trust service. At that time, it is good for users to be able to use the fact that the Trust service itself is a Trust work. It is good for users to be able to use technology and to be able to think that this is a Trust work. validation
    • At present, the contents discussed in this sub-working group have spread. Since they should be secured based on the standard of Trust Service Assurance Level, not only the current security but also future security should be secured not only for machines and people but also for things related to goods. In the future, we must consider the issue of Trust over time. Therefore, when considering Trust services and Trust Assurance Level, it is very important to leave room for expansion if they are expanded to such things in the future. However, I am afraid that the discussion will not be settled as a whole unless we first solidify the discussion on the current security. From that perspective, I do not think that the content authenticity is absolutely guaranteed for things in the world other than the base registry in terms of how much Trust to seek. Since Trust is based on people's trust, Japan is a country under the rule of law, and the end result is what will happen if we go to the court. The current Japanese Code of Civil Procedure basically regulates only the authenticity of establishment, and the content authenticity is certified by a judge based on various indirect evidence. Therefore, when considering Trust services, if we try to discuss Trust services in a form that includes Issue in the case of secondary use of data for judgment, simulation, AI, etc., it will be too vast. In that sense, at this stage, it may be good to focus on the procedural aspect and focus on what kind of thing can be said at what point in time the person or organization has done it.
    • We are currently discussing Trust Assurance Levels in an abstract manner, but if we take up individual use cases such as electronic contract platforms, driver's license applications, and passport applications, discuss how much technology and business level should be available to be equivalent to TAL2 or TAL3, and set a baseline for each, it will be much easier for private sector companies and the general public to grasp the image, and we will use specific Trust services to move all transactions to the digital world. In this way, social digitalization will proceed.
    • Considering the purpose of Promotion of DX of this sub-working group, the spread of Trust services should be promoted. For SMEs, low costs and a sense of security and safety are the points of spread. Earlier, there was an opinion that GtoB is good for use cases. For security and safety, it is important that the government is doing it. In terms of promoting spread, use cases of GtoB cannot be excluded.
    • The recipient will eventually decide whether it is worth believing. It is not that you can believe it because it is labeled as the highest level. I think it is good for public authorities to force you to accept it because it is a level 3, but there are various difficulties in private sector.
    • Regarding the requirements for Trust services, it is important that continuous validation is performed. Continuous testing and Continuous Authentication such as automatic testing is always performed, any person can make a validation, and a log is always taken and can be viewed should be included in the requirements.
    • Earlier, you said that the scope is diverging, but rather, it is breaking down what is currently being discussed. For example, electronic signatures have properties that guarantee the authenticity and non-falsification of paper, properties that estimate the authenticity of the issuer, such as signatures, names, and seals, properties that paper can be found if it is falsified, properties that depend on the stability of the paper itself, and properties that the validation can be relatively large even after time has elapsed. We tend to discuss these properties together when they enter the world of IT. The Trust of the three properties I just mentioned eventually comes down to the problem of key management, and it comes down to how to guarantee the validation of the key, whether the key is revoked, and how to discover it. Therefore, we are talking about the requirements for Trust services, but I think we are talking about the validation of the key and the management of the key from various aspects.
    • Regarding TAL, while saying that such requirements are necessary at the top level, it is a problem that the level is divided only by who has certified it. Most things in the world do not need to satisfy such technical requirements. In the same way as I said that IAL should be made higher than IAL3, I am concerned that it will be strange if most things in TAL do not send a message that TAL0, which is lower in level, is fine. For example, even in AAL0, the level is quite high, such as having a door key. In terms of certainty, most things must send a strong message that a looser TAL can be set. Based on the premise that all people must have My Number Card, we must not be in a world where people are asked to sign their electronic signatures in My Number Card for everything.
    • Even though it is called IAL, in essence, the attributes that must be confirmed differ depending on the service. Since Identity is a set of attributes, the attributes that must be confirmed as a service must be decided first. There are many services where only key ownership and key control need to be confirmed at what level they have been confirmed. It is necessary to pay attention to such things. In many services in the world, such things are almost acceptable even if they are not cared for. If it is suddenly felt that only high-level things are allowed, there is a strong possibility that it will not spread, so it is necessary to pay sufficient attention to this. It is also necessary to warn against writing that gives the impression that it will be judged only by who did it.
    • At the very least, we need to decide on the scope that we are discussing in this sub-working group. We will limit it to the second layer, and in addition, we will include guarantees related to attributes. In addition to the square area in the middle of Material 2, we will express our agreement to include attributes.
    • Regarding the requirements that Trust service providers should have, a draft of Provisions on the Use and Cross-border Recognition of Identity Management and Trust Services has been published in relation to UNCITRAL, and this has been discussed at UNCITRAL for a long time, but it is expected that this will become a model law in the future. In this draft, Article 23 lists the requirements for judging the reliability of Trust services. Many of the requirements for judging the reliability of Trust services in UNCITRAL are related to organization requirements and auditing requirements, such as business rules, policies, international standards, procedures, industry standards, hardware and software security, financial and human resources, as well as auditing by independent parties, statements on reliability by supervisory parties and authorized parties, etc. The elements such as those mentioned in Article 23 of the UNCITRAL draft should be discussed with this in mind, because they should appear in relation to the reliability of Trust service providers when Trust services are mutually certified internationally in due course.
    • Trust has both aspects of content authenticity and procedural authenticity. Regarding content authenticity, the scope of this sub-working group will be very wide and will depend on the application in a sense. Once the scope of procedural authenticity is seen in this sub-working group, it will be a discussion of the methodology of how to consider it in what order. In that, while considering use cases such as electronic contracts, driver's license card, and passports, if we are to drop it to a specific place, we will look at the assurance level. And from there, we will look at the standards. I think we will take steps. It will be until June of this review meeting, and it will be difficult to complete all of them. I would like the Secretariat to organize the scope of this sub-working group, how to proceed in the future, and the schedule.
    • Whether or not to deal with the authenticity of data itself is a considerably difficult discussion. Since this sub-working group plays the part of "T (Trust)" of Digital Agency in DFFT, it is necessary to show a certain answer to that. Originally, this conference focused on use cases. In the real world of use cases, Trust is not realized only by detailed technical standards, but trust is secured in the content and in the communication based on the context. Then, it is not difficult or easy to see the content, but it comes down to the question of whether it is easier to realize Trust if everything is decided firmly in order to realize Trust, or if there are things that are easier to do if we step into the content. In fact, when we look at the application, it is necessary to consider how to come to terms with the fact that data integrity is realized in society in various scopes. It is important for experts to work out the technology properly, but in order to make it acceptable to society, it is important to discuss it with the involvement of consumers and businesses, as pointed out by various quarters.
      Over the past 20 years, we have been doing various things, and the e-Authentication Initiative at the time of e-Japan and the Electronic Signatures in Global and National Commerce Act Guidelines for Online Procedures in 2010 were rather close to the NISTSP800-63 in the U.S. In the sense that we are starting from the bottom up, in terms of the position of the country, it happened to be a U.S. - style approach. On the other hand, there is also a method of developing regulations as in Europe. Each has various aspects, and it has been done based on necessity in different backgrounds, so it is time for eID to think about what the country must do while catching up with the discussion of the draft of SP800-63-4, how the EU's Qualified signature is used, what Digital Agency is thinking about in the Digital Identity wallet of AS 2.0. Since we have been discussing a wide range of matters in a very short period of time, it is difficult to make detailed standards by June. However, even though we have issued a Priority plan at the end of the year since the start of Digital Agency, we are hoping to lay down a rail that will serve as a guideline for five or ten years. We would like to ask for your continued support.
  • The secretariat explained that the meeting materials will be published on the Digital Agency website later, that additional opinions and questions will be communicated to the secretariat and used as a reference for future operations, and that the minutes of the meeting will be published after the members confirm the content.
  • The secretariat explained that the next meeting of the sub-working group is scheduled to be held online from 3:00 p.m. on Tuesday, March 22, 2022 (2022).

End