Personal Digital Agent

October 2023

Problems

• US: FTC vs. Amazon
• Bundling of Search and Logistics - drives up cost for vendors
• Most-favored-pricing clauses drive up cost for customers
• EU: Payment Services Directive PSD-2
• Opens interface between payment services and banks
• Increased competition for both payment services and banks
• EU: Digital Services Act
• Customer lock-in and lack of transparency and customer agency
• Very Large Online Platforms (VLOP) and Very Large Online Search Engines (VLOSE)
• India: Aadhaar, UPI, India Stack, beckn protocol
• Avoid US / EU style platform oligopolies
• Support essential digital tools as a public good (Aadhaar, India Stack)
• Enable customers and vendors to choose their agents (UPI, beckn protocol)

​

​

Goals

​

• My agent is interoperable by vendors and service providers.
• I can switch the community that hosts my agent anytime.
• Most of my agent’s policies, including personal AI, are portable across communities

Opening Up the Bundling of Unrelated Services

Role of a Personal Digital Agent

Personal Digital Agent

• Self-Sovereign
• Semi-autonomous
• Supported
• Hosted (self-hosted option for pure self-sovereignty)
• Intelligent (adaptable, learning, context-aware, conversational)
• Payment-capable
• General across all types of vendors, service providers and jurisdictions
• Accepted by most service providers and resource servers
• Standardized
• Fair
• Cost-effective
• Secure

Scope of a Standard for a Personal Digital Agent

• Separate the choice of Authorization Server from Resource Server
• IETF GNAP - mostly done - multiple implementations available
• Standardize Request Presentation and Authorization Tokens
• IETF GNAP - mostly done - multiple implementations available
• Extend typical “second authentication factor” to support a personal agent
• A Service Endpoint that points to GNAP Authorization Server
• Promote adoption of private, accountable, and convenient mobile user agents
• Enable access to a Personal Digital Agent as a human right
• Reduce cost and complexity through competitive hosting as a commodity
• Support self-sovereign as well as hosted agents
• Support self-sovereign communities of users as the Universal Human Right of Freedom of Association and Assembly
• Scope of the Authorization Server Policy Management Interface
• Access to policy registries
• Access to Generative AI and Large Language Models

Host

(Community or Self-hosted)

​

​

​

​

GNAP

Resource Server

(Vendor)

​

​

​

​

​

Customer’s User Agent

Authorization Server

Policy Registry

First - Register, Specify Personal Agent,

Establish Authentication Credentials

​

​

​

​

Requesting Party’s

GNAP Client

User Agent

​

​

​

​

Anytime

1 - Request

2 - Token

3 - Token (Choose a particular token capability standard)

4 - Access

GNAP

Authorization Server

​

​

Anytime - Change Host

Bold: Scope of proposed new IETF standard

Steps toward a Personal Digital Agent Standard

• 2015-on: Kantara UMA 2 Protocol Standard
• OAuth-based
• “Open World” Authorization Server
• 2020-on: IETF GNAP Protocol Standard
• Not OAuth-based
• Open world user request state machine
• 2022: W3C Verifiable Credentials Data Model Standard
• Validation and Verification as a commodity service
• Supports open world, decentralized, and self-sovereign flows
• 2023: Personal Digital Agent Discussion Group
• Define the scope of a vendor standard for interoperable personal agents
• Excellent vendor and customer experience without platform lock-in
• https://docs.google.com/document/d/19GU6L1QxaVsIfm9iBKg9T2qV9y0zttRmtlQuPireMMU/edit
• 2024: IETF Standard Workgroup Established

Join our Signal Group

Invite link and meeting notes at:

https://docs.google.com/document/d/19GU6L1QxaVsIfm9iBKg9T2qV9y0zttRmtlQuPireMMU/edit

Suggest vendors and implementers to participate.

agropper@healthurl.com

Thank you.