Let’s talk about digital identity with Joni Brennan, President of DIACC (Digital ID & Authentication Council of Canada).

In episode 6, Oscar talks to Joni about Canada’s strategic collaboration for securing identity that builds economic ‘good growth’. They also discuss Joni’s journey to joining the identity space, challenges for digital identity from a Canadian point of view, and DIACC’s vision for the future.

[Scroll down for transcript]

Find out more about DIACC at diacc.ca or follow it on Twitter @mydiacc.

Joni BrennanJoni Brennan is President of the Digital ID & Authentication Council of Canada (DIACC).  Building on over 15 years of hands on experience in Identity Access Management innovation, adoption, and industry standards development, Joni helps the DIACC to fulfill its vision delivering the resources needed to establish a digital identity ecosystem that accelerates the digital economy, grows Canada’s GDP and benefits all Canadians.  Joni builds diplomatic and impactful collaborative relationships and formalizes strategic partnerships. She has participated in international committees from organizations including: OECD ITAC, ISOC, IEEE, OASIS, ISO, and ITU-T.

Before joining DIACC Joni was Kantara Initiative‘s Executive Director driving programs for business, legal, and technology interoperability to connect entities and individuals in a more trustworthy environment. Joni lead Kantara Initiative as the United States premiere trust framework provider delivering value to multiple industry sectors. Joni helped to ensure that Kantara Initiative program is aligned with multiple eGovernment strategies from economic regions including: Canada, New Zealand, Sweden, and the United Kingdom.

Joni Brennan previously served as the first-ever IEEE-SA Technology Evangelist for Internet Identity and Trust focusing on issues of governance, policy, and technology development that touch digital Identity, personally identifiable information, and trust services.

When not connecting the digital identity world for the better Joni can be found skiing in beautiful British Columbia, Canada. She can also be found playing flute or synthesizers in future thinking musical collaborations.

Follow Joni on Twitter @jonibrennan.

We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!

 

Subscribe to
Let's Talk About Digital Identity

Or subscribe with your favorite app by using the address below

 

[Podcast transcript]

Let’s talk about digital identity. The podcast connecting identity and business. I am your host, Oscar Santolalla.

Oscar Santolalla: Hello and thank you for joining. Today we will talk about Canada, Canada’s strategic collaboration for securing identity and build economic good growth. And for that, we have a very special guest who is Joni Brennan.

Joni Brennan is President of the Digital ID & Authentication Council of Canada (DIACC). Building on over 15 years of hands-on experience in Identity and Access Management innovation, adoption, and industry standards development, Joni helps the DIACC to fulfil its vision delivering the resources needed to establish a digital identity ecosystem that accelerates the digital economy, grows Canada’s GDP and benefits all Canadians.

Joni builds diplomatic and impactful collaborative relationships and formalises strategic partnerships. She has participated in international committees from organisations including OECD ITAC, ISOC, IEEE, OASIS, ISO, and ITU-T.

Before joining DIACC, Joni was Kantara Initiative’s Executive Director driving programmes for business, legal, and technology interoperability to connect entities and individuals in a more trustworthy environment. Joni led Kantara Initiative as the United States premiere trust framework provider delivering value to multiple industry sectors. Joni helped to ensure that Kantara Initiative Program is aligned with multiple eGovernment strategies from economic regions including Canada, New Zealand, Sweden, and the United Kingdom.

Joni Brennan previously served as the first-ever IEEE-SA Technology Evangelist for Internet Identity and Trust focusing on issues of governance, policy, and technology development that touches digital identity, personally identifiable information, and trust services.

When not connecting the digital identity world for the better, Joni can be found skiing in beautiful British Columbia. She can also be found playing flute or synthesizers in future thinking musical collaborations.

Hello Joni.

Joni Brennan: Hello Oscar. Thank you for having me today.

Oscar: It is great talking with you Joni. Yes, I’m really excited to hear more about what you are doing in DIACC. So let’s talk about digital identity. And I read a bit about yourself and it’s truly impressive, what you have been doing and you are doing now. But I would like to hear more how everything started, how you joined this world of digital identity.

Joni: Well, thank you so much for having me in the podcast, Oscar. It’s really – it’s an honour to be part of this series so thank you. And about kind of how I began in the identity space and the industry, it was really when I was in university. My university was in – at Rutgers in New Jersey in the US and the university was located directly next door to the IEEE. So the engineering society.

This was quite fortuitous and so it was part of our learning in university. We learned a lot about standards and what standards mean and how important they are for the world that we live in. Kind of the invisible work that helps to make the technology work together and helps us to have a better and safer experience. So we learned a lot about standards and from there, I started to have an internship at the IEEE and particularly inside of the IEEE, there was an organisation that was focused on software and technology standards that had to move faster than the hardware standards had moved in the past. So as we know, software moves much faster than hardware. So there was an entire organisation that was focused on this particular kind of faster-moving standards.

In that group, there was one organisation that was called the “Liberty Alliance”. I was working for a number of organisations but particularly the Liberty Alliance caught my attention because it was focused on standards for identity. And in the world of standards, of course there’s a lot of technology and math and engineering and one thing that’s all very different about standards that had to do with identity was that the human element was very visible.

So you could see right away how these particular standards, while they have all of the qualities from an academic and from an engineering perspective of other standards, they’re also slightly different in that they are attaching to a concept of what we’ll call identity which is very human and very personal.

So that work specifically with the organisation, with the Liberty Alliance, I found it to be very interesting. So I spent more and more time supporting that organisation and then from there was kind of fully embedded into the identity standards world where much of the early work to develop SAML was happening and really kind of a formative space around identity federation. Kind of the first views on identity federation and how that landscape may shape out.

So that’s – it was really a journey, a focus on standards, and then that led me into the identity space and the identity space has been so intriguing and so challenging. However has so much opportunity that it’s a space that I have stayed in from that point forward. So I stayed with Liberty Alliance and then with Kantara Initiative and now we’re focusing specifically here on the Canadian ecosystem and then kind of the Canadian solutions and how they intersect with the culture and the practices and the governance of what we see here in Canada.

So my career has primarily – actually my entire career has been in standards development with not for profit organisations and for me that has been a wonderful experience and has enabled me to have the opportunity to work with different orders of governments, different governments from different countries, as well as different sectors within industry, whether that is the technology sector, strategy and services providers, risk management, information technology, telecommunications, financial sector.

So I’ve really been blessed in the sense that by working in the standards, you’re really working in the middle or at the front of the action in terms of innovation.

So I’ve been very lucky to be able to work with so many different kinds of companies and organisations who may have different priorities. However, they all share typically some common goals in terms of wanting to move a better way to solve identity challenges and take advantage of opportunities with security and privacy and good usability for all. So that has been great.

Oscar: So you started when you were a student at university. So it’s quite an early entry into this world of digital identity.

Joni: Uh-huh, yes.

Oscar: So you studied electronic engineering I guess.

Joni: I studied information technology and informatics. And so my study was specifically at a time – it was the first time that that study was offered at a university. Prior to that – that particular study had to be specifically at a technical school and also it was a field of study that was created very specifically to have people who could connect the language and the experience of engineers to the language and the experience of sales or marketing or – so really there was a need in the workforce for people who could kind of speak both sides of the equation. They could speak from an engineering perspective but also from a policy and marketing perspective as well.

So kind of a connector with a little bit of study in each of those fields, so that I’m able to have basic understanding of what’s happening in each of those fields and then enable the different parties from those fields to connect and better communicate with each other and work together.

Oscar: Yeah, very interesting and as you said, you started studying in the United States and then at some point, you were working with many organisations there and then you moved to Canada and now you’re in Canada leading DIACC.

If you could tell me what are the main challenges in digital identity you see and let’s try to focus a bit from a Canadian point of view, what would you say?

Joni: Yeah, yeah, definitely. I think that some of the main challenges that we see here in Canada regarding digital identity, I think there is actually a lot of commonality with some of the challenges that we see also in other places in the world.

So what we see here in Canada for example, the legal root of your identity, you have 14 possibilities inside of Canada. So the legal root for your identity comes from the provinces, the province that you were born in or it can come from the federal government if you’re an immigrant.

So there are 13 provinces and territories and then one federal government. So we have 14 different possibilities of where your identity can originate from in Canada. So if you think about it that way, we’re kind of like a – maybe a mini European Union. Maybe not quite the range of established cultures but it is a small federation and the governance of Canada is formed through what we call confederation. So basically Canada exists as a country because these 13 provinces and territories agreed to cooperate with each other. So it’s a federation and an identity is established through this federation.

And so for example, it is the responsibility of the provinces to report to the federal government that you exist, that you’ve been born. So inside of our government, our different governments of – you know, in that case for example, the federal government is actually a relying party, your relying party to the provinces and again if you’re an immigrant, that is your origination in the federal government.

So we have that. That’s kind of the groundwork here in Canada and so we have some of the same, I think, challenges as other places may as well and I think primarily, the area of challenge that we focus on as well as the opportunity is how do we identify what are the best capabilities in terms of identity of the public sector. And how do we identify what are the best capabilities of the private sector. And how do we help the public sector and the private sector to speak to each other, to understand their priorities, to work together, to actually solve identity through the eyes of a federation, through the eyes of a village.

How do we enable those different partners to work together? So I think that that challenge is something that’s kind of common around the world that I hear. You know, that’s a common challenge everywhere. And in terms of other challenges, we also have challenges in terms of bringing more of the consumers of identity, the beneficiaries of identity.

So what I mean by that are bringing more of those types of voices into the development. So what I mean by that is typically it’s very challenging to get diversity of relying parties participating or sharing their views, those who would consume identity, those who would benefit from it.

They’re not necessarily the same organisations that necessarily should be sitting at the table to decide how the interoperability works. But they are the ones at the end of the day who should be benefitting from the work that we’re doing.

So it’s also a challenge to get those voices into the room and so that’s something that we’re working on as well. I think that common challenges as well are around also liability models and also funding in business models.

So for example, some of these technologies that – and some of the models that are coming forward have the potential to be very disruptive. So understanding what business models will look like as the ecosystem moves forward, what kinds of jobs can and will be created and what is the right entry point for different types of organisations. So those types of understandings I think kind of what – where disruption may lead and how we can be prepared for that and take advantage of that disruption.

So I think those are challenges that we see here in Canada. We have some benefits. We are – while we’re the second largest land mass country, the population is quite reasonable, so roughly 38 million people. A large percent of those 38 million people are within – are very close to the US border. So most of the people are kind of in certain regions, meaning that we also have to make sure that the solutions that we have can actually get out to the very far, remote areas too. They should be beneficiaries. But that said, we do have a – kind of a reasonable number of people that we’re working with and a reasonable number of organisations. Remember, you know, 14 different roots. That’s a reasonable number to work with.

So we still have work to do continually to ensure that we’re connecting across those different 14 roots of identity as well as across the different private sector industries here within Canada.

So I think that those challenges are Canadian. I think that they’re also universal. I think maybe something that we see here in Canada and I don’t know if this is something we see in other countries, but sometimes we see people who are kind of looking outward to see if someone else may have the answer to solving identity.

So there’s a lot of kind of outward-looking in terms of what’s happening and so one thing I like to remind people as well is that we all learn when we look outward. So that’s an important piece of the – of how we move forward.

This said, we have many great opportunities here in Canada that are being developed and are being worked on. So we sometimes remind people it’s important to look out and learn what’s happening around the world. It’s also to focus inward as well and we can do both of those things at the same time and remember what pieces we have and how we can work better together.

So I think those are some – just some challenges. Maybe some unique but I think in fact have quite a bit of commonality with identity initiatives around the world as well.

Oscar: Yeah, sure. Some of these challenges you mentioned are elsewhere and yeah, the one that caught my attention was the – yeah, it’s the second biggest country in the world. It’s a really big country. It’s split in 13 regions you said and plus there’s the federal government. That’s of course very, very challenging, very interesting how – I would like to hear more how you are solving these challenges and that – one question is that DIACC is independent from these 13 regions or federal government or it’s part of the federal government or is independent?

Joni: Yeah, very good question. So a little bit about the DIACC. When the global financial crash happened, 2008, 2009, there was a – inside of Canada, the Minister of Finance called for a review of Canada’s payment system to make sure that the payment system was robust and secure and could withstand ideally the type of crash that was happening in 2008, 2009.

They created what was called an Electronic Payments Task Force. This task force had members of it from the public sector and from the private sector. The task force made a number of recommendations and one of those recommendations a number of years later, one of those recommendations was that Canada needed a digital identity and authentication framework as part of an underpinning for our payment network.

Now of course we need a digital identification and authentication scheme for almost every industry and every sector, whether you’re looking at healthcare, government or payments or otherwise. So this was a very important finding and that finding was really the seed for the creation of DIACC.

One of the other recommendations in this report was that Canada needed a self-governing body to develop that framework and to bring the public sector and the private sector together to develop that framework.

So that recommendation led to the formation of the DIACC. So the DIACC is an independent not for profit organisation. It has the benefit of members who are from the federal government, who are from provincial governments as well as different industries across Canada as well as entities, businesses and organisations who are not Canadian.

So we are I would say not – we are not – we are independent from government and we are representative of the intersection between the government needs and the private sector needs, the government capabilities and the private sector capabilities.

So we represent both the public and the private sector as an independent not for profit association.

Oscar: And so DIACC also does – for instance with specification standards right?

Joni: Correct. So we are developing what we are calling the Pan-Canadian Trust Framework and this is – the trust framework is actually a collection of industry standards and best practices. Largely this collection of industry standards and best practices is what I would call – it is a framework and it is specifying certain processes and certain practices in the context of technology specification. Largely this framework points out to existing technology specifications.

So for example the framework could point to FIDO or it could point to OpenID Connect. So we are not at this time developing a technical specification. Rather we’re developing a framework that helps to define how to put the pieces together, which kinds of technologies are better for which types of risk profiles and gives that kind of guidance, so yeah.

Oscar: So for instance, you gave this example that Pan-Canadian Trust Framework – so this framework is – when you have it ready is – the fact that DIACC is independent means that the federal government is going to adopt it or how is that?

Joni: So we have a phrase that we use inside of DIACC and that phrase is that we are a “willing coalition” and so what that means is that those who find the value in the Pan-Canadian Trust Framework will be those that adopt the Pan-Canadian Trust Framework. So there is no forcing factor to say one must adopt the Pan-Canadian Trust Framework.

Rather those entities that are invested in interoperability and believe that the public and the private sector should be interoperable together, it’s a willing coalition of adopters.

So the framework is authoritative of those who will adopt it. Now the sad part of the reason for having members that are a diversity of membership from the public and the private sector is that by having their insights and their requirements and their guidance and their views, our vision is that they will adopt this framework, whether they are in the government or whether they are in the private sector.

Oscar: Excellent. And what else about DIACC? What is right now the vision of DIACC if you see not only the present, what you’re doing now, but what comes in the future for Canada?

Joni: Yeah. So the vision of DIACC and if you will – and, you know, from the last question. In the last question, we talked a little bit about how did DIACC begin and we talked about the beginnings where – around reviewing the payment system and in the context of the global financial crash.

So DIACC, because it comes from this origin, this history, our vision is actually an economic vision. Our vision is for economic opportunity, economic growth and so we are an economic growth, economic opportunity vision organisation that believes that the way that we will grow the economy is through interoperability of identity solutions and services.

So I think that makes DIACC a little bit unique. Perhaps others are starting to adopt that same kind of economic approach, which we applaud. Also to give an idea here, you know, our formation, we’re approximately five years old now.

In the last year in January, there was a McKinsey and Company study that – in January of this year – that identified approximately three to six percent growth of GDP that could be realised by addressing the identity challenges and opportunities.

So in Canadian terms, three to six percent growth of GDP looks like between $57 billion and $114 billion that can come back into the Canadian economy.

So our vision is to bring those funds back to the Canadian economy, create jobs, create opportunities and enable small businesses, whether they’re in the large urban city centres or the more quiet rural landscapes of Canada to be able to take advantage of the global digital economy and evolve the opportunities within.

So what we see coming forward in our vision, we will continue to develop and deliver the Pan-Canadian Trust Framework. We do so with many public reviews that people from all around the world are encouraged to participate in.

And so we want to ensure that we have global interoperability as well. Our vision is to deliver the framework. Our vision is to instantiate a scalable certification program that is tailored to meet the needs of the market and provide value to the market, and our vision is to continue to educate and help to build the workforce that Canada needs to fulfil, needs with regard to an identity professional’s – the demand for identity professionals and so we see also creating that path from the student in the classroom to the next job. That’s in our vision as far as our next – from now until our five-year goals, our five-year plan.

Oscar: Sure, sounds good. And as you said is – is it’s unique is the way that DIACC has this vision focused on economic growth and I believe it’s a good incentive for both businesses and like regional governments because everybody wants growth.

Joni: That’s right, that’s right. The economic focus I say sometimes it’s the North Star. The economic focus is the thing that is important for everyone whether you’re in the public sector or the private sector. And what we want to make sure is that that growth and opportunity can get to every Canadian and so we think that would make the impact that will grow the economy by that three to six percent from that McKinsey and Co. study.

Oscar: Can you now tell us a bit of the main achievements so far you mentioned already? You know, the Pan-Canadian Trust Framework. Can you mention some other projects, some achievements?

Joni: Yeah. So in terms of achievements, I mean I will be a bit humble. But I would say – I would like to say that the fact that we have a digital identity forum in Canada where the public and the private sector come together, the fact that we have a DIACC, I think that that’s a – that’s one achievement. So I think we benefit from that achievement from the – and then in terms of other achievements, moving the Pan-Canadian Trust Framework forward. We’ve been publishing and releasing drafts out for the world to comment on for the last year.

We have in our roadmap to continue to release more drafts through December and then we will continue to release and iterate those drafts through June of 2020. So in our vision, we should have our full stack available, our full framework available in a well-vetted form by June of 2020.

In terms of the ecosystem in Canada and some of the work that the collaborative of DIACC has done has helped to support or has been built upon, I think a big achievement here in Canada that actually predates DIACC would be the British Columbia Service Card. This is actually a smart card that enables a British Columbian to – it’s a provincial identity that enables a British Columbian to have one card where they keep both their driving credential as well as their healthcare credential into one card. Those credentials are cryptographically separated.

I think the achievement there with the BC Service Card, the card itself is exciting. But actually it’s the policy work and the linkages inside of government that were done behind the scenes that are very exciting, that position British Columbia to be ready to issue a claim or a credential that does not have to be a card. It could be in the phone or a network.

So that’s an achievement. I would say there was an initial proof of concept within DIACC to focus on – to understand if blockchain technology could provide a more efficient path forward for corporate registries. So one of the things in our view in DIACC, we’re looking at the verification of people but also of the verification of organisations, entities, corporations.

So the proof of concept that we worked with British Columbia and IBM at the time in the DIACC has actually led to the instantiation of a service called the “Org Book” which is the British Columbia’s version of their corporate registry that they’re doing in the – with the blockchain approach. So that – I think that’s an exciting piece of the puzzle for the corporate side of the work.

Another achievement here in Canada that has been, I would say, supported by the collaboration, however it’s not a DIACC-specific achievement though, I would say it’s the Verified.Me network. So part of – which is comprised of many of our DIACC members and their own consortia. So Verified.Me is a network that also uses Hyperledger Fabric and has the participation of the major banks and is working to grow out with some participation as well from insurance providers and ideally moving forward to potentially public sector credentials as well.

So this is a network for identity that is a built-in Canada solution that focuses on kind of the Canadian ecosystem, I would say, but has application outside of the Canadian ecosystem for interoperability around the world.

So some of those achievements are purely DIACC achievements while others are achievements of our members that I think are inspirational and something that we can look toward and conceptually again because the players who are moving these achievements forward are contributing into the Pan-Canadian Trust Framework, the vision is that the framework will build and the value and those systems and those solutions will be the initial adopters of the Pan-Canadian Trust Framework.

So there’s a lot of exciting movements and we know that there’s going to be more to come.

Oscar: Yeah, I can see that. For instance this digital card that is from British Columbia. Tell me a bit more what a citizen can do with that card.

Joni: Yeah. So that card is getting more adoption. They’ve in fact now instantiated a mobile application where that card – you could – that card can be loaded into. The usage on the card – I would say the official usage on the card at this point is for some exciting use cases like grants for education. So use cases that are focused in on what kinds of benefits I can access from the British Columbia government.

One thing that we are very excited in Canada to see is how can that card be used in use cases that cross sectors. So would we be able to load that credential into another network and present that card let’s say for what we call ‘age of consent’ to purchase liquor? Will we be able to soon use the digital representation of that card which has the data minimised, so, you know, it doesn’t need to have your address or things of that nature? Will we be able to also use that card in in-person scenarios to get discounts at movie theatres or to board a plane or to enter a bar? So there are some interesting – there’s progress with the usage of that card to access services. You can use that card today to visit the doctor.

So there’s progress in terms of where that card is actually used today inside the government, citizen’s government use cases, and what we’re very interested in the DIACC now is where can we see the value of that card extend out to be used in the private sector. And I was speaking with one of the leaders to help to instantiate that card – I think it was probably around the 2006, 2007 timeframe – and one of the things that they were talking about was that the card was always envisioned to be able to be used the way that a driver’s license is used but used digitally. So what that means is that even though we know that a driver’s license is not – it’s not an identity card, we also know that a driver’s license is continually presented as an identity card. And anytime we’re in person, they ask for a government-issued ID, we show them our driver’s license.

So there’s this mismatch in policy that exists where a driver’s license is not an identity card but it’s accepted and asked for as an identity card all the time.

So we know that this BC Service Card, the vision was that it would be able to be used just the way that a driver’s license would be used and that means out in the economy as well. So in DIACC, we’re very interested in how that kind of next journey will be made and how that digital credential that has the confidence that governments have the capability to offer, how that card will then be used in scenarios where I might want to present it digitally to a bank or to some trusted provider or potentially for something like Airbnb and house sharing, things of that nature.

So that’s where the next level of exploration is and we’re working to put some proofs of concept together, particularly to explore and learn fast and understand what that means in real time.

This is an area we know that we have seen some other regions around the world doing very interesting work around mobile driver’s license and where that’s being accepted and where that’s being used and definitely in the Scandinavian countries are also quite advanced in that space. So of course we’re looking out to many places around the world as to what we can learn and what lessons we can bring back and then apply and adjust for our governance and culture here in Canada.

Oscar: Sure, sure. But also I can see many good, interesting applications with that. You mentioned more than once in this interview that DIACC makes collaborations with – outside Canada and so I would like to know what – if you can give some example, a bit more concrete, and especially telling us what is the benefit of an entity from outside Canada to participate in DIACC projects.

Joni: Yeah. We’re very interested in collaborations that are also outside of Canada. So we’ve not yet released, but one of the collaborations that we were working on was understanding if – through the DIACC is understanding if a Canadian bank could accept a digital identity from another country.

Oscar: Right.

Joni: So we  should soon release some materials about that, that we’re working through. Some of the things that we found was there was some issues in regulation where they’re calling for a Canadian digital identity when you get in the digital space. However, in the physical world, it’s good enough to provide a passport from another country.

So we’re finding some areas where the regulations are being interpreted in a way that may be prohibitive. So we found that to be very interesting and we should have some information to share there soon.

One of the collaborations that we’re very proud of as well is we have been working with the Department of Homeland Security Science and Technology Directorate and particularly Anil John in that space, understanding where and how we have common agendas from our perspective here in Canada as well as their perspective in the US.

So we had a number of projects that were funded that were able to gain funding through a collaboration of the DIACC and the Department of Homeland Security Science and Technology Directorate and those projects included some directed funding through that DHS Program to help explore and better understand the landscape of distributed ledger technology and identity systems that would use distributed ledger technologies and blockchain.

We were also able to fund – and those papers are available in www.diacc.ca. We’re also very pleased that a project could be funded to explore alternatives to KBA and KBV and that project funded a comprehensive study on kind of what those alternatives can look like and what some of the business models and opportunities can look like around them.

So in the case of the distributed ledger technology and understanding privacy and identity and those types of networks, the organisation that was funded through this program was SecureKey so that was exciting. That was before the launch of the Verified.Me service and then the project that was funded through that program as well was developed by a collaboration of two DIACC members, one being Digidentity and the other being the ID Crowd. So Digidentity is a Netherlands-based company and ID Crowd is based in the UK.

So through this programme, we’re able to identify shared commonalities in terms of agenda and then also to enable connectors to paths for funding, to enable those organisations to further develop and to more importantly I think – or just as importantly – to share their findings with the world. So we’re all able to benefit.

So that’s – so one of the agenda items that we have moving forward for this year is looking for more opportunities with connecting more organisations with more opportunities, who are interested to help drive roadmaps of small to medium-sized organisations and start-ups and help to fund and invest in the next solutions that will come out to address the needs around digital identity.

So we’re very interested in identifying other organisations who would like to direct funding or who would like to be kind of at the frontline of seeing where start-ups are going and helping to influence those roadmaps.

So we want to kind of do – help with some matchmaking of funding opportunities and organisations that need some funding to move to the next round.

Oscar: Wow, so many projects. Wow.

Joni: Yeah.

Oscar: I was wondering, how many people work in DIACC?

Joni: DIACC is a small and mighty organisation similar to Canada, smaller population that punches above its weight or we try to at least. So in any case, we have a team of about 10 and then we have a – that team expands and they may deploy different resources to different specific projects, so yeah, yeah. We can be between – anywhere between 10 and 15 or 20, depending on kind of – which projects we’re working on and who we have helping to support us.

Oscar: Wow, quite impressive. I would like to ask a final question – if you can give us, to anybody, a practical tip, how we can protect our digital identity?

Joni: Yeah, definitely. I have two thoughts here. So – and I don’t want to cheat. I know it’s one tip but I would say first of all, I use a password vault, a password manager that goes across my phone and my laptop and my tablet. So I find that – I don’t believe that the password manager is the ultimate solution. But I do believe that it’s a solution that anyone can implement today.

And I would say specifically if you do decide to implement a password manager, I would also recommend sharing access with that, one that can share access, whether it’s your husband or a family member, your partner because having that, not only the ability to manage your own passwords – I probably have over 500 of them – but also if there’s ever an emergency having someone else to be able to access those passwords will be something that I think you will be glad that you did if you find yourself in that situation.

So I think that’s very, very important. And then more broadly, while this industry is working to make the space better from a systematic level, I would also just like to encourage people to just think of it more before they click, before they post.

I would suspect that people listening to this podcast actually do think quite a bit. But if you are participating in social media or being asked to take a quiz or something shows up that looks fun, just think a little bit before you actually participate in that activity about what data they may be trying to take from you or how they might use that data and is that worth the participation in that quiz or that game online. So just try to think before you post and before you click. So get a password manager and be thoughtful and mindful about your behaviour and what you’re sharing on the internet.

Oscar: Yeah, excellent, excellent tips. Thanks a lot Joni for this fascinating interview and finally tell us how we can find more information about DIACC on the net or to find more about yourself.

Joni: Yeah, thank you so much Oscar. As I’ve said, it has been a real pleasure to speak with you today. Thank you for the invitation and the opportunity to share and to learn from your questions.

To learn more about DIACC, you can visit diacc.ca. You can find us there and you can also find us on Twitter, @mydiacc.

Oscar: OK, perfect. Again Joni, it was a pleasure talking with you and all the best.

Joni: Yeah, all the best. Thank you so much and good luck on the rest of your podcast series. I can’t wait to listen. Cheers!

Thanks for listening. Let’s Talk About Digital Identity is produced by Ubisecure. Be sure to subscribe and visit ubisecure.com/podcast to join the conversation and access the show notes. You can also follow us on Twitter @ubisecure or find us on LinkedIn. Until next time.

[End of transcript]