Governance
The Centrality of Governance
Governance is absolutely central to realizing the aims of the Trustless Computing Association (TCA) and its planned IT security standards-setting and certification body, the Trustless Computing Certification Body (TCCB) and Seevik Net.
The quality of the TCCB governance is the only reason to believe that TCCB will reliably evolve and implement the Trustless Computing Paradigms, the binding high-level principles that will guide TCCB detailed standards-setting and certifications.
Achieving the ultra-high levels of security pursued by TCCB-certified IT systems is ultimately not a technical problem but a governance one. Governance is "where the buck stops": the ultimate point of failure and the source of all present and future trustworthiness, actual and perceived, of TCCB-certified IT and AI services and devices.
In fact, the Trustless Computing Paradigms uniquely re-conceptualize cybersecurity as a governance problem, as the by-product of the intrinsic resilience, citizen-accountability, and competency of the organizational and cyber-social processes that are critically involved in the entire lifecycle, including the funding sources.
The TCA statute prescribes that its governance will evolve in 3 Phases, prescribing that TCA will rename itself to TCCB when a specific funding target is reached, as described below. Such governance model derives from the work of dozens of experts, advisors and technical partners of three Trustless Computing R&D initiatives, and the contributions of speakers of 11 editions of the Free and Safe in Cyberspace conference series.
Phase 1 - Current Governance
Currently, the Trustless Computing Association is a Swiss association, according to article 60 of the Swiss Civil Code. Originally established as “Open Media Cluster” in 2013 as an Italian association, on May 25th, 2021, it formally transferred its headquarters to Switzerland in the Canton of Geneva, during the 8th Edition of our Free and Safe in Cyberspace. Its are in headquarters in Rue Fendt 1, 1201 Genève, Switzerland.
According to the current Statute (pdf) and the original Founders’ Meeting (pdf) minutes, the decision-making power of the association currently resides in its General Assembly and Board of Directors, both of which include three members, each with equal vote, and guided by its Steering, Scientific and Governance Advisory Boards.
Phase 2 - Permanent Governance
Within three months at least 7 globally diverse-nations will have agreed to join as governance partners of the TCCB, the TCA name will be changed to Trustless Computing Certification Body, and the governance will give way to a new permanent governance suitable to achieve the TCCB goals: a new intergovernmental governance structure aimed to maximizing democratic accountability, citizen participation, global representativity, technical competency and resilience from pressure of single nation states or blocks, as detailed below:
The TCCB Assembly
Decision making power will reside in the TCCB and Seevik Net General Assembly, except that it the Assembly will not be able to impede any nation to join on equal terms, starting 12 month after the initial founding states have joined. The General Assembly will be composed up of 75-85 members, to be compensated at 200% of their going market rate according to their expertise and profile, for the time they'll be required to serve. The composition of such Assembly - subject to revision will be divided as follows:
30%: Globally-diverse nations and inter-governmental organizations.
We are selecting no more than 7 globally-diverse nations and 5 neutral INGOs (e.g. consumer, industry or human rights orgs) or IGOs (e.g. the EU, UN agencies, Arab League, and African Union) to join as founding governance partners to give final shape to the governance of the Trustless Computing Certification Body and its Paradigms.
The global-representativity of participating nations will be maximized via the initial selection of nations and IGOs, and by weighting of the voting to maximize global-representativity in respect to political regimes, continents, population size, religion and other key determinants.
Voting will be per country, except it will be weighted according to a to-be-determined coefficients based on population size, GDP per capita, and other metrics, as will be membership fees.
Special terms apply to the current global cybersecurity superpowers, USA, China and Israel - if and when they’ll join - in so far as they will have, for the first 2 years, 50% higher decision-making power than other countries with similar metrics. Why? Simply because of the need to find “realpolitik” compromise to get an ambitious workable global cooperation agreement in place in domains that are highly sensitive for national security.
15%: Global Random-sampled Citizens’ Assembly.
Global citizens will be selected, and their vote weighted, such that via scientific methods it will maximize global representativity of all major differentiating human factors, such as gender, race, religion, political orientation, and it will be further weighted by 20% according to the size of the members’ nations population.
Their selection and review will greatly minimize their risk of being subject to corruption, threat, or blackmail by powerful entities. (Logistic and scientific collaboration will the sought with the Global Citizens’ Assembly for COP26, and Stanford University Center for Deliberative Democracy)
15%: Global Random-sampled Former Parliamentarians’ Assembly.
Members from all nations will be able to join and will need to be globally representative. The selection of such members will minimize their risk of being subject to corruption, threat, or blackmail by powerful entities.
Members’ vote will be weighted via scientific methods to maximize global representativity of all major differentiating human factors, such as gender, race, religion, political orientation, and it will be further weighted by 20% according to the size of the members’ nations population, and by 20% on the relative “democratic effectiveness” of their parliamentary elections.
Members will be selected half from defense, interior, or intelligence oversight committees, and another half from privacy and civil rights committees. (Logistic and scientific collaboration will the sought with the Climate Parliament and Parliamentarians for Global Action)
15%: Scientific & Ethical Advisory Board. Initially composed of Trustless Computing Association scientific advisory board, with some addition and removals. Chosen according to technical proficiency, proven record of altruism and ethical stands, and resiliency from external legal and illegal pressures (blackmail, bribes, etc).
7%: End-user industry associations or human rights NGOs, such as IT security industry associations, SME associations, consumer associations,
7%: Organizational and Individuals Users, excluding nations, which are already represented above.
6%: Critical Technologies Partners, partner firms specialized in targeted open high-assurance battle-tested low-level IT systems and components, especially Sel4 and Risc-V and a specific sub-set of their derivatives.
Rationale for Approximating Global-Representativity
To achieve its aims, TCCB governance has from its origins, sought to maximize democratic accountability, competency, and resiliency from nations’ pressures. Consequently, for its nation-member component, it should maximize global representativity in respect to population size, political regimes, religion. Some hard choices and balancing will need to be done, as no perfect solution exists.
Which nations should be allowed to participate to the TCCB governance? How should their decision-making be weighted? Firstly, we tackle such an issue by reserving 30% of decision-making to global citizens themselves. Plus another 30% of former parliamentarians should be mostly free from pressures from their nations’ executives.
Some hard choices and balancing will need to be done to ensure over time and during the constituent process of TCCB, a maximization of global democratic representativity, in addition to competence and resiliency from powerful nations’ pressure.
How are we to weigh the voting of a country like China - with 1.5 billion citizens and widely considered a dictatorship, technically an “authoritarian electoral single-party social democracy”, and self-defined “socialist democracy” - or Israel - with only 6 million citizens and outsized cyber and geopolitical power due to historical and capabilities of its culture?
Key to our TCCB and Seevik Net mission is to create a global digital public sphere for all World citizens, and not merely a transnational one limited within “western or liberal” democracies, because it wants to be a means by which citizens within and across nations, and geopolitical blocks, communicate securely and safely, on the basis of the principles of liberty and democracy. We want to contribute to structural democratic global cooperation, via democratic global or open widely-transnational empowered global federal governance systems, which is the only way humanity can hope to successfully tackle the global challenges of climate change, nuclear and digital disruption.
Also, limiting the governance to a single military/intelligence alliance would reduce the trustworthiness of TCCB even to the citizens of such alliance because in times of global crisis nations and blocks tend to fall prey to the “not on my watch syndrome” and trample on civil rights, which in turn degenerates democracy, and then also national security.
So therefore TCCB strives for a most “democratic” governance model, also in its representation of nations, while also being globally representative, and acting as a means to unite and not divide the World citizens, peoples and cultures.
Also, nations tend to claim unequivocal high-ground of democracy, self-defining their models “liberal democracy” (US) or “socialist democracy” (China), or just democracy (EU). We'll take a neutral, fact-based approach to such claims.
Although the initial governance of the Trustless Computing Certification Body (TCCB) does not necessarily require direct nation-state participation - as it relies on random sampled global citizens and parliamentarian - it highly welcomes it to increase even more its actual and perceived democratic accountability, and to ensure it will most efficiently take into consideration global public safety in its decisions.
TCCB Cloud, TCCB Jury, and TCCB Judicial Board
Nations that choose to join TCCB governance, with its benefits and obligations - and nations where a TCCB-certified Cloud locates one of its hosting rooms - are guaranteed the ability to submit a lawful access request to the TCCB or to a local TCCB Provider, which will be handled according to the TCCB Cloud process, which is summarized here below:
If the request is by the national government, locally where one of the redundant hosting rooms of the TCCB Cloud is located - or by a foreign government, whose request is appropriated by such government - the request will be vetted in their due process (not in the evidence) by a TCCB Jury, a jury made of 5 or more random-sampled citizens and 2 random-sampled parliamentarians of local national jurisdiction, which will act as both citizen-jury and citizen-witnesses. Every 3 months, 15 are sampled and instructed. When the need arises 10 are randomly called, as soon as 5 arrive, the process can begin.
If the request is from a foreign government, then such request will be vetted by a TCCB Judicial Board, made of 15 recognized experts in international law, civil rights, and public security, who have been elected or appointed to high offices, such as a leading international court, the highest court of a large democratic nation. Deliberation will happen remotely using TCCB-compliant devices. If approved, such Board instructs the TCCB Jury as to what data should be conceded to the requesting public authority. The Board decision will assess the “legitimacy” for each request by evaluating the furnished and autonomously-acquired evidence to determine to what extent the request complies with the national legislation where TCCB is based (Switzerland currently), and it maximizes:
Compliance to and promotion of international civil rights and civil rights norms.
Promotion of international security and safety.
Complies to laws and constitutions of the jurisdiction of the requester and the target.
Democratic Deliberative Discourse Areas
Discussions within the organs will self-manage according to the state-of-the-art online Citizens’ Assembly methods (e.g. Deliberative Society Process), by which members will self-educate on the matter of deliberation, invite experts, and then deliberate on it. Translation will be provided of all key text in all participants’ languages, and of all in the 5 most common languages, and simultaneous translation will be offered to all for simultaneous voice or video remote sessions.
Members of all TCCB Assembly and the other organs will rely on a TCCB-certified digital infrastructure for deliberative discussion, information sharing, socializing and voting, that offers the highest integrity, and in some cases highest confidentiality. To radically reduce the risk of integrity compromisation, all voting by TCCB organs will be via “open ballot” (i.e. non-secret).
All members of such organs will utilize a TCCB Cloud service, a TCCB-certified iOS/Android mobile app, and will also be provided with a TCCB-compliant client device to engage in confidential discussions, especially critical for the discussions performed by the TCCB Judicial Board, which has to handle sensitive investigation evidence and information, whose leakage could cause grave national security or public security harm.
Socio-technical and Governance Diagram for TCCB and Seevik Net
Phase 3
Within 3 months have passed since a real-life scenario continuous deployment (or “go-to-market”) of at least 2000 human end-users of TCCB-compliant IT services, then the following governance changes will become permanent:
The share of Assembly governance of Citizens’ Assembly and TCCB Individual Users is proportionately increased on a quarterly basis by 10%, up to a 60% increase, as the number of users increases to 20.000. The decision-making power of the other entities is decreased accordingly.
The Seevik Net Statute becomes operational to govern the human communications sphere created by TCCB-compliant IT. Seevik Net is a digital human communication sphere created by the mandatory interoperability of TCCB client devices, TCCB client device apps, TCCB-certified mobile apps for iOS and Android stores, and TCCB Clouds. TCCB Users will be able to submit, like, rate, and comment content, create groups - as well as submit new apps - creating de-facto a social computing platform.
Such new social computing platform will be governed by the TCCB statute, and its annex Seevik Net Statute, aimed at ensuring the creation of the first ultra-secure and ultra-democratic social computing platform, by reconciling, balancing, and maximizing democratic and civic values such as privacy, freedom of speech, freedom of assembly, crime prevention, public safety, and promoting, and strive for an information and communication sphere constituting a fair and resilient free market of ideas, based on scientific evidence and rational reasoning.