No, Wanting to Share Your Data Doesn't Make You Weird - UMA Will Protect You

Seen on Twitter last week:




This isn’t a weird sentiment at all -- and OAuth helps some -- but unfortunately OAuth doesn’t specialize in consumer-driven data sharing. Businesses are leaving data-sharing opportunities on the table. But to take advantage of those opportunities, they’ll need a different standard, User-Managed Access (UMA), the OAuth-based Kantara Initiative standard for adding “Share” functionality to services, apps, and devices. It gives a web user a unified control point for authorizing who, when, and what can get access to their online personal data.


The standards effort that produced UMA V1.0 is moving into an exciting new phase this week, and ForgeRock is thrilled to be part of it. A companion to the UMA Work Group, called the UMA Developer Resources Work Group (UMA Dev WG for short), is launching at Kantara with the goal of developing open-source implementation toolkits. The UMA standard has already received support from major government and healthcare organizations such as the Government of New Zealand and Philips.


Why is this activity valuable? According to recent Pew Research, 91 percent of Americans agree or strongly agree that consumers have lost control over collection and use of their personal information. ForgeRock’s OpenUMA support within our ForgeRock Identity Platform™ is designed to help empower customers and citizens to manage their own digital privacy.  Protocol ecosystems thrive when all the stakeholders can reduce the costs of beginning to communicate -- and they can become more secure when open-source software can be inspected and vetted by many eyeballs. To attract app developers and deployers to the benefits of UMA, we think it’s a great idea to eliminate the difficulty of UMA-enabling those apps -- UMAfying them, if you will.


We invite all interested parties to check out the group wiki and join us on the group! As a bonus, check out our recent ForgeRock webinar on our forthcoming OpenUMA product, our press release, and our open-source OpenUMA project.

Who Is Eve Maler?

Who’s Eve? Well, she is definitely no stranger to the identity industry having worked with companies like Forrester Research, PayPal, and Sun Microsystems over the last 17-plus years. Today she kicks it as the VP of Innovation and Emerging Technology at ForgeRock, tasked with driving privacy and consent innovation in the Office of the CTO. In true ForgeRock fashion, she enjoys singing bluesy-funky rock 'n' roll in her free time. You might catch her on stage once in a while!

Recent Posts:

7 Simple Steps to Modernize Your Legacy IAM

Are you being asked to reduce your growing Identity & Access Management (IAM) costs? Are you being asked to support new business initiatives like Digital Transformation, Bring Your Own Device (BYOD), and other borderless workplace initiatives?

Prevent Data Breaches: Identity Logs and Machine Learning

An identity platform like ForgeRock sits right in the heart of an enterprise, with a view of all apps, identities, devices, and resources attempting to connect with each other.

Privacy and Access Management: Insights from Michael Chertoff

Former DHS Secretary Michael Chertoff Talks About Privacy and Access Management at Gartner’s US Security & Risk Summit

On Tuesday morning at the Gartner Security & Risk Management Summit in National Harbor, Maryland, former DHS Secretary Michael Chertoff sat