The Interledger Community 🌱: Stephanie Perrin

Developing a privacy and human rights framework for use in ILP projects— ILF Ambassador Final Report

Stephanie Perrin — Thu, 15 Jan 2026 20:10:55 +0000

Project Update

Why would we need a privacy and human rights framework at the Interledger Foundation? Isn't the protocol itself private and secure?
This is about money, isn't it, not personal information?
Shouldn't the developers and implementers of fintech solutions be the ones developing privacy policy, not the ILF?
Do privacy and human rights have anything to do with financial inclusion?

These are basic questions that I started with in November 2023, when I first proposed this project. I understand the field a whole lot better than I did when I started in March 2024, but I don't think I will ever be an expert. Financial systems are complicated. So are human rights; I think I understand those a lot better. And in the complex world we are building in Fintech, tech experts and policy experts will need to work together if we are going to stop the growing gap between the rich and the poor, the powerful and the disenfranchised. Tech doesn't solve everything, policy must follow and adapt in order to ensure human rights.

I started out by promising a 15 page report, a template for privacy and human rights impact assessments, and outreach to both disenfranchised groups like temporary foreign workers, and members of the data protection oversight community....privacy commissioners and academics. This was pretty ambitious, and it is clear now that it will take years to develop better practices in this field, and educate disenfranchised communities. However, I think I have made good progress in producing some materials that will help the community understand these issues.

Progress on Objectives, Key Activities

During the first term of my ambassadorship I explored all work I could find on data protection related to Fintech.I consulted with the Council of Europe officials working on data protection, and attended the Computers, Privacy and Data Protection conference in Brussels to discuss progress in this field with acadmics, experts, and data protection officials. While there certainly had been concerns voiced by data protection authorities, it was clear that Fintech was not the focus of activity at the moment, despite the fact that it has been moving forward at a great pace, and it is recognized that it will have a profound effect on human rights and financial inclusion if not done properly. In my second term, I continued exploring what has been published on everything from stablecoins to central digital currencies and wallets. However, it was very clear that it would be premature to reach out to data protection authorities before ILF has a working demonstration of an implementation, and an applied framework of data protection and human rights protection.

What to we need to get there? I think we need training on the issues and a greater focus on the protection needs and how to actually do the risk assessments necessary to gauge potential harms. Accordingly, I switched directions and developed training modules on privacy as it has developed in law and policy, how to do a Privacy Impact Assessment or PIA, how to do a Human Rights Impact Assessment or HRIA, and how to understand the Know your customer and Anti Money Laundering (AML)requirements that have developed over the past 25 years. This project in itself required quite a bit of research. These AML requirements represent a significant risk for low income or racialized users of Fintech systems. Demands for intrusive identity verification can have negative impacts on marginalized communities.

Furthermore, if people in domestic environments are moving from a cash-based market system to electronic systems, it is important that we analyze the privacy risks inherent in the technology. This broadens the potential scope of privacy impact assessments substantially, and it brings up complex issues of controllership versus the role of processor. It became clear that in any instantiation of the ILP, a number of existing systems, such as a cellular network, a device (phone or payment processor), or a provider of AML identity checking services would introduce any number of privacy and human rights impacts to users. These devices and networks are usually outside the control of implementers and the ILF.

It became clear early on that one cannot assume a common understanding of the terms used in data protection, nor those in the Fintech industry. Accordingly, I focused on producing a glossary that would provide terms, acronyms, meanings, and the provenance of those usages. This is, in my opinion, necessary groundwork before we do outreach to either vulnerable groups or data commissioners.
I have kept the templates for PIAs and HRIAs fairly high level, because I need to test this proposed approach and framework with an actual working wallet that is in the field and impacting people. Without a real life workshop where we can speak with the stakeholders, explore the impact of local law and all the technologies used in the system, we are conducting a merely theoretical exercise.

What impact does the project have on your perception of digital financial inclusion?

There are many different projects going on at the ILF to seek engagement of disenfranchised communities or groups (women and girls, children, black and indigenous people, marginalized language groups, BIPOC and LGBTQIA communities, temporary foreign workers, the elderly, disabled individuals...the list is long). Each of these communities could benefit from a structured risk assessment of the privacy and human rights impacts of proposed financial inclusion efforts. I hope that the work I have done will be of interest to the folks working on these projects, and that we can engage in more detailed work on impact assessment.

Communications and Marketing

I did not spend the money on publications that I had originally forecasted in my budget. Education materials that I prepared need to be assessed and approved as part of ILF's ongoing work on education prior to publication and distribution. As discussed above, it is premature, in my opinion, to reach out to the data protection oversight community until we have mastered a few workshops on impact assessment, so that we are clear about risks and legal implications. I hope that ILF will be interested in engaging further on PIAs.
I continue to discuss all new developments with my privacy network, and follow all the relevant entities who might be examining Fintech developments. This includes the data protection commissioners, key privacy scholars, the CPDP conference, US regulatory developments, the central bank community, FATF and the AML community, and developments in Fintech.

I presented a briefing on the work at the ILF monthly community forum on June 12, 2025. Slides are available for those interested.

What’s Next?

As indicated above, I think training and workshops would be very beneficial to the ILF community to broaden their thinking on data protection issues, and prepare them for successful instantiations that respect legal and human rights obligations.

Community Support

I have very much appreciated all the help that I have received from members of the community who have been willing to explain the technological and policy questions that I have encountered over my ambassadorship. People have been very generous with their time, and have found others to answer questions to which they did not have answers. This has helped me to compile even more questions that need answering, and I will be engaging with the community to help solve some of those issues. Please send me questions, this is how we can learn together!

Additional Comments

Relevant Links/Resources (optional)

Stephanie Perrin -ILF Progress report: Describing the path of personal data in Interledger applications

Stephanie Perrin — Thu, 01 Aug 2024 16:13:04 +0000

This is my interim report on my ambassadorship. The introduction to my project on drafting a privacy framework for the implementation of the ILP was posted here.

My project has been progressing, but growing in complexity. I imagine I am not alone in experiencing this phenomenon, given how new the application of the protocol is, but it has been frustrating and discouraging despite lots of research and discussions. I am actually further ahead in terms of the drafting of my final report than expected in my proposed timeline, but somewhat overwhelmed by the difficulties in nailing down an accurate data flow map. Here is my problem.
I am trying to draft a model privacy framework for implementing the ILF protocol and training materials for those unused to thinking about privacy best practices. I have had lots of success discussing the issues with privacy experts, but I have had no luck finding precedent. Not enough current financial payment systems publish information about their dataflows.

Herein lies the heart of the problem: in order to come up with a privacy policy and risk assessment you need an accurate personal data map, showing who collects, uses, and shares personal data, and with whom. You need to understand and verify the purposes for collection, use and disclosure, and figure out the risk inherent in sharing with other parties. Particularly in jurisdictions governed by the GDPR, you need to know who is the data controller and who are the data processors. I have yet to find a clear exposition of how this works in international payment flows, which is rather astonishing when you think about it.

I am hoping to demonstrate how this would work with three hypothetical use cases:
• A transborder funds transfer from a temporary foreign worker back home to family
• A purchase of a good or service or bill payment
• A micropayment

Because of the lack of transparency about existing payment systems, I am having difficulty mapping this. First, to appreciate how much better an ILP solution is, we need to have facts about how bad current payments systems are. Those facts are hard to establish and cite reliably. Secondly, absent a clear explanation of how ILP applications work and who the data processing actors are, I am not well able to get an opinion from a regulator about whether my framework actually represents best practice. We are not giving legal advice here, but we are trying to propose sound privacy and human rights practices, and curb unnecessary data trafficking. I have not been able to find any information about Court cases where the protection has been deemed inadequate, but I am still working on that.

Nevertheless, I have detoured past this roadblock and continued working on the framework and the analysis of acceptable purposes, uses, and sharing. It is much more theoretical than I had hoped, at this point. All examples and experiences welcome; if anyone would care to share how they achieved compliance with, for instance, the GDPR, I would love to speak with you. I have developed a questionnaire for implementers, to prompt their thinking on compliance. I am starting to develop my powerpoint training materials, and will be sharing with the community for feedback as to whether they are useful, get the facts straight, and help them think about better human rights compliance.

I reported on my trip to the Computers, privacy and Data Protection conference in Brussels May 22-24 here.
This was one of my key projected activities, during which I discussed my work with a number of privacy experts and scholars.

I will follow up with those individuals once the materials are final. I have also committed to compiling a list of individuals and organizations who might be interested in the final framework. I have compiled a list of contacts in the privacy field who might be interested in the protocol and how an application of it might optimally achieve privacy compliance; I have not completed that work and will be adding to it during September as the academic calendar permits.

There is interest in what we are doing, but unfortunately I had no luck in turning up reference documents. The Berlin group, a committee of mostly data protection agencies who are interested in working on common positions on technology, has released their paper on Digital central bank currencies. You can read it here.
This provides valuable insights into their thinking on new digital payments, but I hope they will move on to examine digital payments specifically.

The next phase of my project will be to reach out to organizations that work with or represent the elderly and temporary foreign workers. Both groups are vulnerable as they interface with modern payment systems, and both may need information about how to protect their privacy and what they should reasonably expect in terms of personal information collection and disclosure. I plan to have this done in August as projected and report on my findings in the final report.

I requested a no-fee extension in April because I caught a terrible cold that slowed me down, so my report is currently due by the end of October.

With respect to the impact of my project, I think everyone stands to benefit from improved privacy in banking, and everyone stands to benefit from increased awareness of what is actually happening now. My projected focus was on the elderly and on temporary foreign workers, two groups who send a lot of money to their families and who are frequently vulnerable and insufficiently aware of technology risks. I cannot promise to deliver a full, accurate picture of where data is currently going, who is sharing, how it is affecting the risk analysis of individuals, etc., but I am optimistic I will be able to interest people in taking a closer look at what instruments they are using to pay bills and transfer cash. We live in an age of fatalism about privacy, but we need not throw in the towel. We are looking for improvement in awareness and activism here. I have noted the gaps in public information about payment systems as I have worked on this research project, and I will certainly include suggestions for some public awareness papers and reading lists in my final report. It is not actually a bad thing to come up with more questions than answers when embarking on a privacy project like this, so I will be reporting on those questions.

I have not invested time in marketing and will not do so until I have some approved maps and scenarios developed in the final report. I have discussed the issues and problems with several experts, and I asked many questions at the CPDP conference. Most of my outreach at this point has been personal contact through my privacy, civil society and Internet governance networks. I continue to seek any guidance and examples that the technical community can provide to help me finalize the materials. I look forward to sharing the training materials within the community to get some feedback as to their helpfulness during the next two months.

I have committed to printing final reports and mailing them to various experts in the field, in order to promote the acceptance of the framework, and pique interest in the use of the ILF protocol. That work will take place during the next two months, once I finalize my graphics and examples. I also committed to offering training sessions for anyone in the community who is interested in the data protection aspects and requirements when using the protocol and setting up payment systems. Those sessions will be scheduled once the materials are finalized and approved. It is important to remember that innovators must seek their own legal advice when setting up systems, but hopefully the framework will prompt them to put the focus on privacy and human rights, and guide the legal team they hire to focus on best practice, not data maximization.

I am a complete newcomer to the field of fintech, and I find it bewildering! I am truly grateful to this community for helping me to understand how the various players and pieces fit together! If you need help with privacy or know your customer rules, please reach out to me, I would be happy to discuss and am very interested in what you think is needed in terms of educational materials. If you can help me iron out the data maps for how the data flows from the customers through to all the parts of the payment paths, bless you! Please contact me, I can even switch or add to my use cases at this point, the more the merrier as long as I can get facts about who actually controls the customer interface and data collection.

Stephanie Perrin
info@digitaldiscretion.ca

What do Privacy Experts say about privacy in digital payment systems?

Stephanie Perrin — Thu, 18 Jul 2024 14:36:50 +0000

This is a trip report on my attendance at the Computers, Privacy and Data Protection Conference in Brussels, Belgium May 21-24. My ambassadorship involves the development of a privacy best practice framework for the instantiation of the ILP, which ILF can recommend to all innovators, and perhaps require from those they fund. It is important that this open source technology be viewed as ethical and respecting of human rights and data protection best practices, whether or not it is being used in jurisdictions or content areas that are subject to privacy legislation.
Arguably the foremost privacy conference in Europe is the Computers, Privacy and Data Protection Conference (CPDP, https://www.cpdpconferences.org/) so I wanted to attend this year to meet with representatives of the data protection community, whether from academic, regulatory, or civil society groups. The theme this year, unsurprisingly, was Artificial Intelligence (AI)....most sessions were on this topic in some form or other. This did not matter much to me since my purpose for attending was to socialize the problem that I am researching and find out who is knowledgeable about, interested in, or researching into open payment systems. Unfortunately, I did not discover a treasure trove of existing policy, but there is definitely interest and I made some good contacts to get in touch with those who are working on the issues.
Those who are interested can check out the recorded sessions here:
https://www.youtube.com/@CPDPConferences/videos
Here are a few of the highlights of my chats.
• I had arranged to meet with the Secretary of the Council of Europe Data Protection Unit. They have just produced privacy guidance on complying with Know Your Customer regulations, which I am incorporating into the best practice framework (https://rm.coe.int/t-pd-2021-8rev8-aml-cft-guidelines-en-final- 2772-7823-8984-1/1680abdb4d). We discussed various venues to introduce data protection authorities to the topic of open payment system privacy issues, which civil society groups might be active in this area, other multilateral organizations that could be looking at regulation, and the activities current within the EU.
• I met a number of academic colleagues, and from them got contacts of academics who are writing on this matter with a privacy lens. I have a visit to my university library planned to run some of these leads to ground for my report. A reading list would be a useful item to add to my project, since there is a dearth of information available.
• I spoke to a couple of well-placed and respected US privacy lawyers, who expressed great reservations about any legal framework or best practice framework that was not the work of expert financial data privacy lawyers. I must emphasize that any framework I develop will be recommendations for best practice, not legal advice. Data protection law will not apply to Interledger itself in these instances, either as a body subject to law or as their recommended best practices being construed as legal advice. However, Interledger must take its liability issues very seriously. I am not a lawyer, the report will emphasize compliance with law. All regulatory requirements vary from place to place but we will stress that they have to be respected. Frankly though, given the inadequacy of current privacy law in protecting individuals with respect to their financial affairs, we are trying to promote a higher standard of human rights, ethical and nondiscriminatory behaviour, and fair pricing.
• There were not many civil society folks present, possibly representing the dismal state of funding at the moment. I spoke to a few and came up with a couple of leads as to who is actually looking into payment schemes and privacy.
• I asked just about everybody I encountered if they had seen a good summary of the costs, fees, any analysis of the dynamic pricing that seems to occur in some of the large payment processes (eg. Paypal, Western Union) but did not come up with a good source of information. If anyone knows where such a price and profit breakdown exists, please contact me.
• On the opening night of the conference, during awards for work in AI presented by the Center for AI and Digital Policy (https://www.caidp.org/) we heard and saw a wonderful presentation by artist Vladan Joler who works on visualizing in 3D the dataflow of personal information/AI. I highly recommend having a look at his work, https://futureeverything.org/profile/vladan-joler/, nothing is as complete as the presentation he gave us, which was enormous, but the map of AI listed on this site gives you some idea of his work. I have found that visualizing the dataflows in payment systems is very challenging, I wish he would draw a map of open payment systems next!
I am happy to chat with anyone who is interested in what I observed at this conference. I think it was well worth attending. A conference book will eventually be forthcoming, but not before my ambassadorship ends.
Stephanie Perrin stephanie@digitaldiscretion.ca

Stephanie Perrin: Ambassador developing a best practice privacy framework for using the Interledger Protocol

Stephanie Perrin — Thu, 25 Apr 2024 21:04:32 +0000

I am delighted to join the Ambassadors at Interledger to work on a project to encourage the protection of personal information when introducing the Interledger protocol in payment systems. We don’t have a lot of privacy built into current payment systems, and we don’t have a lot of control over how an open-source protocol is used. It seems important then that we make it crystal clear what can be done, how future payment systems can ensure that we pay less to move our money around, both in currency and in our personal information.

I have worked in the privacy field for over forty years, internationally and on domestic legislation, and most recently at the Internet Corporation for Assigned Names and Numbers (ICANN) as a representative of civil society, working for better protection of WHOIS information.

I also have been working recently on Artificial Intelligence and best practices, so it is a leap for me to switch to banking and payment systems, although a welcome challenge. My goal is to develop a set of best practices or policies for protecting privacy in the integration of the protocol in a variety of payment systems, with sample use cases and a training toolkit for developers.

Given the general lack of understanding in the public about what actually goes in current payment systems, let alone the new ones being developed, my first challenge will be explaining what exists now… all help from this community is gratefully accepted! Next is to set realistic expectations, based on scholarly research and review of the work that data commissioners have done to apply privacy law to the banking and payment systems.

We aim to do better, but what does better mean? How can we audit what is happening in payment systems, how do we integrate our privacy expectations with other necessary banking standards that may or may not have been developed in compliance with the fundamental rights of the individual? I will publish a report on findings, with a model privacy impact assessment framework, and a human rights impact assessment.

This promises to be a challenge for a six month assignment. I also aim to interview the representatives of certain vulnerable communities, focusing on the elderly and temporary foreign workers, both of whom send money across borders to a great extent, and not always in circumstances that work to their advantage. What are their complaints? How is their personal information being managed now, and is there a history of complaints and successful appeals in the case of breaches or abuse? What further policy needs to be developed?

Given the length of time I have worked in this field, I am reaching out to a wide variety of friends and experts in the field of privacy to get advice on the application of privacy law and standards.

I look forward to working with this community to seek advice on how this technology works for people, and what our goals should be.