The word ‘control’  in  UCD implies that the user plays an active part in the process of  transferring data from one party to another, and thus can stop the transfer by declining to play that part.  For example, an individual controls whether to take a bank note from their wallet and hand it over to […]


‘Consent’ means simply that an individual agrees that data can be transferred between parties but plays no other part in the process. In payment systems, for example, an individual  consents to a merchant taking payment by direct debit (by completing a direct debit mandate). Consent is best understood by contrast with ‘Control’, defined elsewhere in […]

Is UCD the same as ‘Self-Sovereign-Identity (SSI)’ ?

Yes and no. SSI is a term used by some companies to describe software that enables  (i) organisations to issue one or more ‘verified credentials’ to an individual; and (ii) the individual to control who should see such credentials.   Here the term ‘ verified credential’ means much the same as what UCDx calls ‘trustworthy […]

Attribute / claim / credential

An attribute is simply a piece of data about – or belonging to –  an individual, such as age, hair colour, legal identity, height, qualifications, vouchers, money, a visa for travel etc. Attributes can be more or less closely tied to a particular identity. For example, a travel visa is generally tied to an identity, […]