NSTIC proposed Bylaws for NIST, with substantial annotations.

1. NSTIC STEERING GROUP: NIST July 2012 DRAFT BYLAWS with AUGUST 2012 JBC EDITS
Type-set version with line numbers, corrections and comments.
Note, this analysis has multiple annotations and amendments that may not be needed at the initial Steering Group meetings.
For a simpler version, see the ASCII file "NSTICdraftBylawsJuly2012.txt" at Slideshare (http://www.slideshare.net/JamieXML/nstic-
draft-bylaws-july-2012) or Google Docs (http://j.mp/MVwfNC)
See end of document for production information.
• [Square brackets] and struckthrough text indicate proposed changes.
• <Angle brackets> include this editor's unofficial cross-references, and <**type of amendment>. «Double angle
brackets» indicate unofficial augmented section numbers, where paragraphs had no identifying number.
• {Curly brackets} indicate original NIST footnotes, with added hyperlinks and some abbreviations.
• "Quote marks and underscoring" have been added to term definitions, where originally missing.
1 DRAFT BY-LAWS FOR THE IDENTITY ECOSYSTEM STEERING GROUP
2 «Preface» The Identity Ecosystem Steering Group By-laws ("By-laws") describe the roles, responsibilities,
3 policies, and procedures that govern the operation of the Identity Ecosystem Steering Group ("Steering Group").
4 The By-laws shall be consistent with the Identity Ecosystem Steering Group Charter ("Charter"), which provides
5 the high-level perspective of scope, purpose, and organization. {NIST fn1: For a complete understanding of …
6 Steering Group’s structure these By-laws should be read in conjunction with the Charter.} ¶ As stated in the
7 Charter, the primary activities of the Steering Group shall be to:
8 * Adopt and establish standards for the Identity Ecosystem Framework
9 * Develop and maintain policies for the Identity Ecosystem Framework
10 * Develop and maintain processes for the accreditation of Identity Ecosystem Entities
11 * Develop and maintain Identity Ecosystem oOperating procedures <**See Charter sec. 1.2.4.> <**A:Typo.>
12 «0.» Terms.
13 <** Annot.> <"At-Large Delegates": the Management Council Delegates defined in Section 2.2.2.2.>
14 <** Annot.> <"Bylaws": as defined in the Preface above.>
15 <** Annot.> <"Charter": as defined in the Preface above.>
16 «0.1» "Consensus": The absence of sustained objection when a Quorum has been achieved. {*}
17 <** Annot.> <"Guiding Principles": as defined in Section 1.3 of the Charter.>
18 <** Annot.> <"Identity Ecosystem": as defined in Section 1 of the Charter.>
19 «0.2» Identity Ecosystem Management Council ("Management Council"): Provides guidance to the Plenary
20 on the broad objectives envisioned by the NSTIC; produces, prioritizes and monitors progress of Steering Group
21 work plans; provides necessary resources, and ensure that Steering Group work activities adhere to the NSTIC
22 Guiding Principles and Goals; and ratifies policy and standards recommendations approved by the Plenary.
23 <** See sec. 2.2.>
24 «0.3» Identity Ecosystem Plenary ("Plenary"): Reviews and recommends technical standards for adoption,
25 establishes and maintains the procedures/policies for governing the Identity Ecosystem, develops and
26 establishes accountability measures to promote broad adherence to these procedures, and facilitates the
27 ongoing operation of the Steering Group. Open to all members of the Steering Group. <** See sec. 2.1.>
28 «0.4» Identity Ecosystem Steering Group ("Steering Group"): The overall Identity Ecosystem governance
29 structure which consists of the Management Council and the Plenary. The responsibilities, mission, and activities
30 of the Steering Group are defined in these By-laws and in the Charter.

2. 31 «0.5» "Individual": Any person who does not represent or act on behalf of a Member Organization in any
32 formal or informal capacity within the Steering Group.
33 <** Annot.> <"Initial Interim Period": as defined in Section 11.>
34 <** Annot.> <"Individual Member": as defined in Section 0.9.>
35 <** Annot.> <"Management Council": as defined in Section 0.2. ** See sec. 2.2.>
36 «0.6» "Management Council Chair": This officer provides general leadership to the Management Council;
37 oversees votes, and directs the meetings of the Management Council. <** See sec. 2.2.4.1.>
38 «0.7» "Management Council Delegates": Persons elected to represent each of the 14 Stakeholder Groups
39 on the Management Council [plus] . There are an additional two At-Large Delegates. <**B: Rule hygiene.>
40 «0.8» "Management Council Vice-Chair": This officer shall assist the Steering Group in maintaining
41 alignment with NSTIC objectives and the NSTIC Guiding Principles. This position shall be filled by the Director of
42 the NPO. <** See sec. 2.2.4.2.>
43 «0.9» "Member": Any organization ("Member Organization") or individual ("Individual Member") that signs the
44 Membership Agreement.
45 «0.10» "Member Associates": Employees and associates of Member Organizations who participate in the
46 Standing Committees and Working Groups of the Plenary. All Member Associates shall be listed in the
47 Membership Agreement and shall comply with the same obligations as the Member Organization under the
48 Membership Agreement.
49 <** Annot.> <"Member Organization": as defined in Section 0.9.>
50 <** Annot.> <"Member Representative": any Participating Member Representative or Observing Member Representative.>
51 <** Annot.> <"Membership Agreement": as defined in Section 1.5.>
52 <** Annot.> <"NSTIC": the National Strategy for Trusted Identities in Cyberspace, as defined in Section 1 of the Charter.>
53 <** Annot.> <"NPO": the NSTIC National Program Office, as defined in Section 1 of the Charter.>
54 «0.11» "Observing Member": Members that do not meet the criteria for Participating Members, but that wish
55 to maintain a formal and ongoing presence in the Steering Group. Observing Members may still contribute to the
56 work of the Plenary, its Standing Committees, and/or Working Groups, but they shall not be permitted to vote in
57 Plenary proceedings.
58 «0.12» "Observing Member Representative": The person [designated]selected by each Observing Member
59 [in its executed]to execute the Steering Group Membership Agreement and maintain currency of Member
60 Associates. <**C: Immediate; Contract issues.>
61 «0.13» "Ombudsman": This officer serves to support equitable representation of all stakeholders and
62 individual participants in the Identity Ecosystem and upholds the NSTIC Guiding Principles. <** See sec.
63 2.2.4.3.>
64 «0.14» "Organization": A commercial, governmental, or other separately constituted legal entity and, when
65 applicable, its parent company or organizations, its subsidiaries, affiliations, divisions, committees, and working
66 groups.
67 «0.15» "Participating Member": Members who actively participate in the Steering Group and the work of the
68 Plenary, its Standing Committees, and/or Working Groups. Participating Members shall have a vote in Plenary-
69 wide proceedings and in the elections of officers and delegates.
70 «0.16» "Participating Member Representative": The person [designated] selected by each Participating
71 Member [in its executed]to execute the Steering Group Membership Agreement, maintain currency of Member
72 Associates, and represent the Membership organization in Plenary-wide votes. <**C: Immediate; Contract
73 issues.> <** But see sec. 11.>

3. 74 <** Annot.> <"Plenary": as defined in Section 0.3.>
75 «0.17» "Plenary Chair": This officer provides direction for actions, manages meetings, supervises
76 votes/elections, and provides general leadership in the Plenary. <** See sec. 2.1.2.>
77 <** Annot.> <"Plenary Supermajority": as defined in Section 2.2.5.1.>
78 «0.18» "Quorum": A quorum of the Plenary is defined as greater than fifty percent of Participating Members
79 and shall be sufficient for the transaction of business. [A quorum of the Management Council is defined as
80 greater than fifty percent of Management Council Delegates and shall be sufficient for the transaction of
81 business.] <**D: Rule hygiene, Overcentralization>.)
82 <** Annot.> <"Recommendation Supermajority": as defined in Section 5.3.2.2.>
83 «0.19» "Secretariat": Provides administrative and material support to the Steering Group. <** See sec.2.3.>
84 «0.20» "Standing Committees": Committees responsible for addressing and coordinating the ongoing and/or
85 permanent activities that occur within the Plenary. <** See sec. 2.1.4.>
86 <** Annot.> <"Stakeholder Group": as defined in Section 1.3.1.>
87 <** Annot.> <"Stakeholder Group Delegate": as defined in Section 2.2.2.1.>
88 <** Annot.> <"Steering Group": as defined in the Preface above.>
89 «0.21» "Unaffiliated Individual": Any Individual Member who chooses not to self-select into one of the other
90 Stakeholder Groups. Unaffiliated Individuals shall not represent the interests or act on behalf of a Member
91 Organizations or Stakeholder Group.
92 «0.22» "Working Groups": Temporary/ad hoc groups that conduct the work necessary for standards adoption
93 and policy development/implementation as needed. <** See sec. 2.1.4.>
94 1. Membership.
95 Membership in the Steering Group shall be open and the extent of participation shall be dependent on the
96 members. Membership in the Steering Group shall be open to organizations and individuals (members) that
97 have an interest in the development and administration of the Identity Ecosystem. Membership classifications,
98 participation levels and member categories are described in the sections that follow. ¶ A member is defined as
99 any organization or individual that signs the Membership Agreement.
100 1.1. Membership Classifications. There are two classifications of membership – Member Organizations
101 and individuals. A person representing or acting on behalf of a Member Organization in any formal or informal
102 capacity within the Steering Group are considered part of that organization and cannot be considered an
103 Individual Member.
104 1.1.1. Member Organizations. An organization shall be permitted to join the Steering Group as any one of
105 the Stakeholder Groups with the exception of Unaffiliated Individuals. (See section 1.3, Stakeholder Group
106 Affiliation.) An organization shall be defined as a commercial, governmental, or other separately constituted
107 legal entity and, when applicable, its parent company or organizations, its subsidiaries, affiliations, divisions,
108 committees, and working groups. Divisions, subsidiaries, committees of organizations, etc. are part of their
109 parent organizations and are not considered separate organizations for Steering Group membership purposes.
110 1.1.2. Individuals. An individual shall be permitted to join the Steering Group as an Unaffiliated Individual
111 (See section 1.1.2.1, Unaffiliated Individuals) or as a member of one of the other Stakeholder Groups. (See
112 section 1.3, Stakeholder Group Affiliation.) An individual shall be defined as any person who does not represent
113 or act on behalf of a Member Organization in any formal or informal capacity within the Steering Group.
114 1.1.2.1. Unaffiliated Individuals. Unaffiliated Individuals shall be any Individual Member who chooses not
115 to self-select into one of the other Stakeholder Groups. (See section 1.3, Stakeholder Group Affiliation.)
116 Unaffiliated Individuals shall not represent the interests or act on behalf of a Member Organizations or
117 Stakeholder Group.

4. 118 1.2. Participation Levels. A member shall participate in the Plenary as either a Participating Member or an
119 Observing Member.
120 1.2.1. Participating Members. Participating Members shall be members that actively participate in the
121 Steering Group and the work of the Plenary, Standing Committees, and/or Working Groups. Participating
122 Members shall have a vote in Plenary-wide proceedings and in the elections of officers and delegates. ¶ The
123 requirements for qualification as a Participating Member are defined in section 1.4, Member Rights and
124 Responsibilities. <But see sec. 11.1.>
125 1.2.2. Observing Members. Observing Members shall be members that do not meet the criteria for
126 Participating Members, but that wish to maintain a formal and ongoing presence in the Steering Group.
127 Observing Members may contribute to the work of the Plenary, its Standing Committees, and/or Working
128 Groups, but shall not be permitted to vote in Plenary-wide proceedings and in the elections of officers and
129 delegates. ¶ The requirements for qualification as an Observing Member are defined in section 1.4, Member
130 Rights and Responsibilities.
131 1.2.3. Member Representatives. Each Member Organization shall designate one person as its official
132 Member Representative. Each Member Organization shall determine its own process for selecting its Member
133 Representative. Each Member Organization is authorized to designate alternate Member Representatives in the
134 event a primary Member Representative is unable to attend a meeting. Member Representatives shall be
135 responsible for acting on behalf of the Membership Organization[,] for executing the Membership Agreement and
136 maintaining currency of Member Associates. ¶ Individual Members shall be considered their own Member
137 Representative. No person shall represent more than one Member Organization. <** E: Typo.>
138 1.2.3.1. Participating Member Representatives. Member Representatives of Participating Members shall
139 be referred to as Participating Member Representatives. <** See definition in sec. 0.16.> Participating Member
140 Representatives shall be responsible for casting votes in the Plenary.
141 1.2.3.2. Observing Member Representatives. Member Representatives of Observing Members shall be
142 referred to as Observing Member Representatives. <** See definition in sec. 0.12.>
143 1.2.4. Member Associates. Each Member Organization may have multiple employees or associates from
144 its organization who participate in the Standing Committees and Working Groups of the Plenary. All Member
145 Associates shall be listed in the Membership Agreement and shall comply with the same obligations as the
146 Member Organization under the Membership Agreement.
147 1.3. Stakeholder Group Affiliation. Each Member shall self-select into the Stakeholder Group that they
148 consider best represents its roles or interests in the Identity Ecosystem. Affiliation into these Stakeholder Groups
149 shall be used for the purposes of electing delegates to the Management Council. Member Representatives and
150 Member Associates shall be affiliated with the Stakeholder Group selected by their respective Member
151 Organization. Individual Members shall have the option to self-identify into any of the 14 Stakeholder Groups,
152 including Unaffiliated Individuals. (See section 1.3.1, Stakeholder Groups.)
153 1.3.1. Stakeholder Groups. Members shall choose to affiliate with one of the following Stakeholder Groups.
154 For detailed descriptions of the Stakeholder Groups see the Charter. {NIST fn2: Charter sec.3.2.2, Stakeholder
155 Groups: http://j.mp/NSTICchtr#_Toc330932484.}
156 «1.3.1.» 1. Privacy & Civil Liberties
157 «1.3.1.» 2. Usability & Human Factors
158 «1.3.1.» 3. Consumer Advocates
159 «1.3.1.» 4. U.S. Federal Government
160 «1.3.1.» 5. U.S. State, Local, Tribal, and Territorial Government
161 «1.3.1.» 6. Research, Development, Education & Innovation
162 «1.3.1.» 7. Identity & Attribute Providers

5. 163 «1.3.1.» 8. Interoperability
164 «1.3.1.» 9. Information Technology (IT) Infrastructure
165 «1.3.1.» 10. Regulated Industries
166 «1.3.1.» 11. Small Business & Entrepreneurs
167 «1.3.1.» 12. Security
168 «1.3.1.» 13. Relying Parties
169 «1.3.1.» 14. Unaffiliated Individuals
170 1.3.2. Additional Stakeholder Groups. The Steering Group may add, remove, or modify Stakeholder
171 Groups at any time, as necessary [, by amending these By-laws]. <**F: Rule hygiene.>
172 1.4. Member Rights and Responsibilities. Rights and responsibilities of Participating and Observing
173 Members are described in the sections that follow.
174 1.4.1. Rights of Members. Members shall have the right to:
175 «1.4.1.» a. Serve as members for as long as they meet the requirements of membership defined in
176 section 1.4.2, Responsibilities of Members.
177 «1.4.1.» b. Submit proposed requirements for the Identity Ecosystem Framework.
178 «1.4.1.» c. Participate in the Plenary process and establish the overall direction of the Plenary through
179 active participation in Working Groups, Standing Committees, or other organizational teams established as
180 needed to address specific issues.
181 «1.4.1.» d. Participate in the consensus decision-making process.
182 1.4.2. Responsibilities of Members. Members shall have the responsibility to:
183 «1.4.2.» a. Abide by the Membership Agreement and comply with the Charter and these By-laws.
184 1.4.3. Additional Rights and Responsibilities of Participating Members. Participating Members shall have
185 the right to:
186 «1.4.3.» a. Vote in Steering Group elections in accordance with these By-laws.
187 «1.4.3.» b. Vote on proposed Plenary standards, policies, and procedures in accordance with these By-
188 laws.
189 «1.4.3.» c. Stand for nomination for Management Council Delegate, At-Large Delegate, and Plenary
190 and Management Council Chair positions.
191 «1.4.3.1.» Participating Members shall have the responsibility to:
192 «1.4.3.1.» a. Participate in Plenary meetings. (See section 5.3.2. Qualifications for Voting Privilege and
193 Restoration.)
194 «1.4.3.1.» b. Review Plenary documents.
195 «1.4.3.1.» c. Ensure that their attendance is accurately recorded by the Secretariat.
196 1.5. Membership Agreement. To become a member, the Member Representative shall complete and
197 execute the Steering Group Membership Agreement. ¶ The completed and executed Membership Agreement
198 shall be sent to the Secretariat who shall collect and record the Membership Agreements. [The form of
199 Membership Agreement and any amendments thereto shall be approved by the Plenary,] A Member
200 Organization may designate someone other than an employee to represent its organization. {NIST fn3: At the

6. 201 initial meeting of the Steering Group a draft Membership Agreement shall be finalized for ratification.}
202 <**G: Immediate; Contract issues.>
203 1.6. Changes in Membership Status. Changes in a member’s status are described in the sections that
204 follow.
205 1.6.1. Withdrawal of Membership. Members may voluntarily withdraw from the Steering Group at any time
206 by stating their intention in writing to the Secretariat.
207 1.6.2. Termination of Membership. The Management Council may terminate a membership as a result of a
208 material violation of the By-laws.
209 1.6.3. Administrative Modification of Membership. Any change in legal status of members shall result in the
210 appropriate modification of their membership by the Secretariat. ¶ Situations that may result in the modification
211 of membership include, but are not limited to:
212 «1.6.3.» a. Dissolution of a Member Organization.
213 «1.6.3.» b. Acquisition of Member Organization by another Member Organization.
214 «1.6.3.» c. Change in employment status or affiliation of an individual.
215 2. Steering Group Structure & Responsibilities.
216 The Steering Group shall consist of two bodies: the Plenary and the Management Council. The Steering Group
217 shall also have a Secretariat serving as its administrative arm. The roles and responsibilities of each component
218 are described in the sections that follow.
219 2.1. Identity Ecosystem Plenary. The Plenary shall be responsible for reviewing and recommending
220 technical standards for adoption, establishing and maintaining the procedures and policies for governing the
221 Identity Ecosystem, developing and establishing accountability measures to promote broad adherence to these
222 procedures, and facilitating the ongoing operation of the Steering Group. The Plenary shall provide for the
223 Plenary Chair, Working Groups and Standing Committees. The roles, responsibilities and participation
224 requirements of each component are described in the sections that follow.
225 2.1.1. Plenary Membership. The Plenary shall be open to all Steering Group members.
226 2.1.2. Plenary Chair. The Plenary shall be led by the Plenary Chair. The role of the Plenary Chair is
227 defined in the Charter. {NIST fn4: Charter, sec.2.1, Plenary Chair: http://j.mp/NSTICchtr#_Toc330932477.}
228 2.1.2.1. Election. With the exception of the initial election, nominees for this position shall be approved
229 by the Nominations Committee. The Plenary Chair shall be elected by the Participating Members within the
230 Plenary in accordance with section 3, General Elections.
231 2.1.2.2. Duties. The Plenary Chair is responsible for the overall management of the Plenary, including
232 the Standing Committees and Working Groups. In fulfilling this role, the Plenary Chair shall act in a purely
233 neutral capacity, divesting him- or her-self of any organizational or technical position.
234 «2.1.2.2.» a. Guide the Secretariat in carrying out its duties and responsibilities as they pertain to the
235 Plenary.
236 «2.1.2.2.» b. Guide the consensus processes in the Plenary, ensuring that all points of view, to include
237 minority views, are adequately expressed and understood by all present.
238 «2.1.2.2.» c. Ensure that all information and decisions are clearly and effectively communicated.
239 «2.1.2.2.» d. Coordinate with the Management Council and ensure that the policy and strategic goals
240 of the Steering Group are being met.
241 «2.1.2.2.» e. Foster an open and amiable atmosphere at Plenary meetings.

7. 242 «2.1.2.2.» f. Assist in the resolution of any appeal against a Plenary decision.
243 2.1.2.3. Term of Service. The Plenary Chair shall serve a [one]two-year term. <**H:
244 Overcentralization.> The Plenary Chair may serve no more than two terms consecutively but may serve any
245 number of non-consecutive terms. If the Chair is unable to complete his or her term of office, the Plenary shall
246 elect a successor in accordance with section 3, General Elections. <But see sec. 11.3.>
247 2.1.2.4. Authority. The Plenary Chair shall have authority to table or terminate discussion, call for
248 affirmation of consensus, mediate with dissenting parties, and commit or recommit a matter to committee for
249 further action. In the event the Plenary Chair is also a Member Representative, he or she may not continue to
250 act as Member Representative.
251 2.1.3. Plenary Responsibilities. The specific responsibilities of the Plenary are described in the sections
252 that follow.
253 2.1.3.1. General Responsibilities. The Plenary shall:
254 «2.1.3.1.» a. Facilitate the timely review, recommendation and adoption of standards related to the
255 development and governance of the Identity Ecosystem.
256 «2.1.3.1.» b. Develop and maintain work products and governing documents to include:
257 «2.1.3.1.b.» i. A framework for testing and certifying Identity Ecosystem components.
258 «2.1.3.1.b.» ii. The Identity Ecosystem Framework, as described in the NSTIC.
259 «2.1.3.1.b.» iii. Other work products and governing documents deemed necessary to establish and
260 maintain the Identity Ecosystem and to promote its adoption.
261 «2.1.3.1.» c. Recommend creation or dissolution of Standing Committees and Working Groups to
262 perform the Plenary’s work.
263 «2.1.3.1.» d. Develop and establish accountability measures for the Plenary and its components.
264 «2.1.3.1.» e. Facilitate the ongoing operation of the Steering Group.
265 «2.1.3.1.» f. Perform all other acts [as provided under these By-laws or otherwise] necessary and
266 appropriate to the conduct of the Plenary’s activities and achievement of the Plenary’s goals. <**I: Rule
267 hygiene.>
268 2.1.3.2. Conducting & Participating in Elections. The Plenary shall be responsible for electing
269 Management Council Delegates, At-Large Delegates, and Plenary and Management Council Chairs in
270 accordance with section 3, General Elections.
271 2.1.4. Plenary Standing Committees and Working Groups. The roles of the Plenary Standing Committees
272 and Working Groups are defined in the Charter. {NIST fn5: Charter, Secs. 2.1.2, Plenary Standing
273 Committees: http://j.mp/NSTICchtr#_Toc330932478 and 2.1.3, Plenary Working Groups:
274 http://j.mp/NSTICchtr#_Toc330932479}
275 2.1.4.1. Administration. Standing Committees may be proposed by the Plenary or the Management
276 Council and shall be officially established by the Management Council. Standing Committees and Working
277 Groups shall create their own charters, which shall be [circulated for comment to the Participating Members and
278 then ]approved by the Management Council. <**J: Immediate; Overcentralization.> Charters shall, at a
279 minimum[,] outline the missions, operations, decision making procedures, and leadership selection processes.
280 <**K: Typo.> All charters will support the NSTIC Guiding Principles and the Steering Group operating principles.
281 {NIST fn6: Charter, Secs. 1.3, Adherence to the NSTIC Guiding Principles:
282 http://j.mp/NSTICchtr#_Toc330932466 and 1.4, Operating Principles: http://j.mp/NSTICchtr#_Toc330932467.}

8. 283 2.1.4.2. Working Groups. Participation in and meetings of the Plenary Working Groups shall be open to
284 all members.
285 <** Annotation: the Charter names five Standing Committees: the Policy Coord. Comm., the Standards Coord. Comm.,
286 The Accreditation Coord. Comm., the Privacy Coord. Comm. and the Nominations Comm.>
287 2.1.4.3. Standing Committees. Standing Committee Charters shall also outline participation
288 requirements[, and shall be open to all Members unless otherwise provided in their approved charter].
289 <**L: Overcentralization.>
290 <** Annotation: the Charter names three Working Groups: the Usability and Accessibility WG, the Security WG, and
291 the Internationalization Coord. WG.>
292 2.2. Identity Ecosystem Management Council. The Management Council shall be comprised of the
293 Management Council Delegates, the Management Council Chair, the Vice Chair, and the Ombudsman. Their
294 roles and responsibilities are described in the sections that follow. The Management Council shall provide
295 guidance to the Plenary on the broad objectives envisioned by the NSTIC, produce workplans to prioritize work
296 items and monitor progress, and ensure that Steering Group work activities align with the NSTIC Guiding
297 Principles. The Management Council shall ratify policy and standards recommendations <**M: Rule hygiene.>
298 approved by the Plenary[, subject to the procedures set forth in these By-laws]. <**N: Overcentralization.> The
299 Management Council shall also be responsible for managing the Steering Group’s resources and procuring
300 services once the Steering Group is self-sustaining.
301 2.2.1 Management Council Participation. The Management Council shall be open to all Participating
302 Members through the election process prescribed in section 2.2.3, Mgmt. Council Delegate Selection Process.
303 [Stakeholder Group] Management Council Delegates and At-Large Delegates shall attend Management Council
304 meetings and shall have the right to vote on Management Council matters. <**B: Rule hygiene.>
305 2.2.2. Management Council Delegates. The Management Council shall be composed of 16 voting
306 delegates including 14 delegates who are elected from the Stakeholder Groups and two At-Large Delegates.
307 2.2.2.1. Stakeholder Group Delegates. There shall be 14 Management Council Delegates elected from
308 the Stakeholder Groups in accordance with section 2.2.3.1, Stakeholder Group Delegates.
309 2.2.2.2. At-Large Delegates. There shall be two At-Large Management Council Delegates elected in
310 accordance with section 2.2.3.2, At-Large Delegates.
311 2.2.3. Management Council Delegate Selection Process. The management council selection processes is
312 described in the sections that follow.
313 2.2.3.1. Stakeholder Group Delegates. Stakeholder Group Delegates shall be selected through an
314 election held among the Participating Members within each Stakeholder Group in accordance with
315 section 3, General Elections.
316 2.2.3.2. At-Large Delegates. At-Large Delegates shall be selected through an election held among the
317 Participating Members within the Plenary. All Participating Members may vote for candidates being elected for
318 At-Large Delegate positions in accordance with section 3, General Elections.
319 2.2.3.3. Delegate Selection Criteria. The Stakeholder Group Delegates and At-Large Delegates shall
320 be selected in accordance with the criteria detailed in the Charter. {NIST fn7: Charter, sec.3.2.1, Delegate
321 Selection Criteria: http://j.mp/NSTICchtr#_Toc330932483.}
322 2.2.3.4. Management Council Delegate Term of Office. The terms of Management Council Delegates
323 shall be as follows:
324 «2.2.3.4.» 1. Management Council Delegates shall serve two-year terms. <But see sec. 11.3.> <And
325 see last sentence of this section.>
326 «2.2.3.4.» 2. There are no term limits for delegates.

9. 327 In the first term of office following the initial interim period – where all delegates shall serve for a period of
328 six months (see Section 11, Initial Interim Period) – one-half of Stakeholder Group Delegates and one At-Large
329 Delegate shall serve a one-year term.
330 2.2.3.5. Mid-Term Vacancies. Mid-term vacancies may occur due to a Management Council Delegate
331 voluntarily relinquishing their position or a change in a member’s status according to section 1.6, Change in
332 Member Status. ¶ Should a delegate become unable to fulfill their commitment, they shall be expected to
333 vacate their seat. Once vacated, a replacement must be chosen by election at the earliest reasonable
334 opportunity in accordance with section 3, General Elections. Vacancies shall not affect the ability to make
335 decisions.
336 2.2.4. Management Council Officers. The Management Council Officers shall include the Chair, Vice-
337 Chair, and Ombudsman. The selection processes, terms, and responsibilities are described in the sections that
338 follow.
339 2.2.4.1. Management Council Chair. The selection process, duties, and term of office are described in
340 the sections that follow. For details on the role of the Management Council Chair see the Charter. {NIST fn8:
341 Charter, sec.3.1, Mgmt. Council Composition: http://j.mp/NSTICchtr#_Toc330932481.}
342 2.2.4.1.1. Selection Process. Nominees for this position shall be approved by the Nominations
343 Committee. The Management Council Chair shall be selected by Participating Members in the Plenary in
344 accordance with section 3, General Elections.
345 2.2.4.1.2. Duties. The Management Council Chair shall be responsible for the overall management
346 of the Management Council. The Chair shall:
347 «2.2.4.1.2.» a. Act in a purely neutral capacity, divesting him or her of any organizational or
348 technical position in Management Council activities.
349 «2.2.4.1.2.» b. Guide the Secretariat in carrying out its duties and responsibilities as they pertain to
350 the Management Council.
351 «2.2.4.1.2.» c. Guide the consensus process in the Management Council.
352 «2.2.4.1.2.» d. Preside over meetings and oversee votes of the Management Council.
353 «2.2.4.1.2.» e. Ensure that all decisions are clear and made available in written form to the
354 Secretariat.
355 «2.2.4.1.2.» f. Coordinate with the Plenary Chair as necessary to ensure that Steering Group
356 strategic and policy goals are being met.
357 «2.2.4.1.2.» g. Act as the lead spokesperson for the Management Council between meetings.
358 «2.2.4.1.2.» h. Assist in the resolution of an appeal against a Management Council decision.
359 2.2.4.1.3. Term of Office. The term of the Management Council Chair shall be [one year]three years,
360 with no restriction on the number of consecutive terms. <**O: Overcentralization.> <But see sec. 11.3.>
361 2.2.4.2. Management Council Vice-Chair. The duties and term of office of the Management Council Vice-
362 Chair are described in the sections that follow. For details on the role of the Management Council Vice-Chair see
363 the Charter. {NIST fn9: Charter, sec.3.1, Mgmt. Council Composition: http://j.mp/NSTICchtr#_Toc330932481.}
364 2.2.4.2.1. Duties. The Management Council Vice-Chair shall:
365 «2.2.4.2.1.» a. Promote Identity Ecosystem stakeholder involvement and engagement.
366 «2.2.4.2.1.» b. Build consensus on policy frameworks necessary to achieve the vision.
367 «2.2.4.2.1.» c. Actively participate within and across relevant public and private sector forums.

10. 368 «2.2.4.2.1.» d. Assess progress against the goals, objectives, and milestones of the NSTIC.
369 2.2.4.2.2. Term of Office. As an ex-officio position on the Management Council, the Vice Chair
370 position may be held without limit.
371 2.2.4.3. Ombudsman. The selection criteria, duties, term of office and authority of the Ombudsman are
372 described in the sections that follow. For the role of the Ombudsman see the Charter. {NIST fn10: Charter,
373 Sec. 3.1, Mgmt. Council Composition: http://j.mp/NSTICchtr#_Toc330932481.}
374 2.2.4.3.1. Selection. The role of the Ombudsman shall be provided by the Secretariat. The
375 Management Council shall establish criteria for the selection of the Ombudsman. The Ombudsman shall:
376 «2.2.4.3.1.» a. Be independent from Steering Group members and Stakeholder Groups.
377 «2.2.4.3.1.» b. Be capable of maintaining objectivity in the execution of all duties and
378 responsibilities.
379 «2.2.4.3.1.» c. Have strong communication, interpersonal, and problem solving skills.
380 «2.2.4.3.1.» d. Have experience in complaint resolution and investigation.
381 2.2.4.3.2. Duties. The Ombudsman shall:
382 «2.2.4.3.2.» e. Uphold the NSTIC Steering Group Charter, By-laws, and Operating Principles.
383 «2.2.4.3.2.» f. Facilitate balanced representation within the Steering Group.
384 «2.2.4.3.2.» g. Develop and implement complaint and issue resolution policies and procedures for
385 the Steering Group [and for the Ombudsman's office, including for the transparency of issue resolution activity,
386 and any procedures necessary to preserve appropriate privacy concerns of parties to a resolved issue].
387 <**P: Openness.>
388 «2.2.4.3.2.» h. Investigate and assist in the resolution of issues and complaints associated with
389 Steering Group processes.
390 «2.2.4.3.2.» i. Report on Ombudsman activities to the Management Council [, and publish written
391 records of all issue resolutions identifying the issues in detail, made available to all Members]. <**Q: Openness.>
392 «2.2.4.3.2.» j. Maintain and safeguard records of all Ombudsman activities.
393 «2.2.4.3.2.» k. Provide information on Ombudsman activities, policies, procedures, and processes
394 to the general public including, but not limited to, periodic reports outlining disputes, complaints,
395 recommendations, resolutions and final dispositions.
396 2.2.4.3.3. Authority. The Ombudsman shall have the authority to:
397 «2.2.4.3.3.» a. Attend all Steering Group meetings and functions.
398 «2.2.4.3.3.» b. Conduct investigations and fact finding into complaints and issues arising
399 from Steering Group proceedings.
400 «2.2.4.3.3.» c. Make recommendations and assist in the resolution, mitigation, and
401 prevention of issues and complaints.
402 2.2.4.3.4. Steering Group Responsibilities. All members of the Steering Groups shall cooperate with
403 the Ombudsman in the execution of his or her duties. Appropriate Steering Group leadership shall record and
404 [publicly]publically report all actions taken pursuant to Ombudsman recommendations. {**} <**R: Typo.>
405 2.2.4.3.5. Term of Office. [The Ombudsman serves at the pleasure of the Secretariat.]There are no
406 term limits for the Ombudsman. {*} <**S: Rule hygiene.>

11. 407 2.2.5. Management Council Responsibilities. The Management Council shall provide guidance to the
408 Plenary on the broad perspectives envisioned by the NSTIC and ensure that Steering Group work activities
409 adhere to the NSTIC Guiding Principles. The Management Council shall ratify policy and standards
410 recommendations approved by the Plenary. The Steering Group shall be initiated with the support of the Federal
411 Government. Following the initiation period, the Steering Group shall transition to a self-sustaining organization.
412 The Management Council shall be responsible for managing the Steering Group’s resources and procuring
413 services once the Steering Group is self-sustaining.
414 2.2.5.1. Administrative Activities. The Management Council shall perform administrative duties to
415 facilitate the operations of the Steering Group. The Management Council shall:
416 «2.2.5.1.» a. Approve and prioritize work programs and action plans.
417 «2.2.5.1.» b. Manage the resources necessary to execute work programs and action plans and to
418 operate the Plenary.
419 «2.2.5.1.» c. Ratify recommendations from the Steering Group for the standards, policies, and other
420 components of the Identity Ecosystem Framework.
421 «2.2.5.1.» d. Approve charters of the Standing Committees and Working Groups.
422 «2.2.5.1.» e. Maintain and update Steering Group organizational policies and procedures including
423 Charter, By-laws, Membership Agreement, and intellectual property rights policies.
424 «2.2.5.1.» f. Manage marketing and public relations activities.
425 [2.2.6. Initial approval of Charter and By-laws. Notwithstanding the foregoing, the Plenary may adopt
426 amendments to the Charter and these By-Laws without the ratification or approval of the Management Council
427 for the first 180 days after the initial approval of those documents by the Plenary. However, the Management
428 Council may make recommendations to the Plenary with respect to any such proposals.] <** X: Immediate;
429 Overcentralization.>
430 [2.2.7. Management Council Ratification and Inaction.
431 2.2.7.1. If, 90 days after the approval by the Plenary of a recommendation for standards, policies or
432 other components of the Identity Ecosystem Framework, the Management Council (a) declines to ratify it, or
433 (b) fails to approve or reject that recommendation, or (c) ratifies it with changes not approved by the Plenary,
434 then, at its next meeting, the Plenary may vote to finalize the recommendation in its originally approved form,
435 without requiring or permitting further action from the Management Council. In order to be effective, that Plenary
436 vote must be reached by Consensus, or, failing consensus, by the positive vote of 66% of those Participating
437 Members voting in that vote, plus one vote (a "Plenary Supermajority").
438 2.2.7.2. If, 90 days after the delivery in writing to the Management Council of a proposed amendment to
439 the Charter or these By-laws, or a proposed committee or working group charter or amendment thereto, the
440 Management Council (a) rejects it, or (b) fails to approve or reject the proposal, or (c) approves it with changes
441 not agreed by the proposer, then, at its next meeting, the Plenary may vote to ratify and finalize the proposal in
442 its originally delivered form, without requiring or permitting further action from the Management Council. In order
443 to be effective, that Plenary vote must be reached by Consensus, or, failing consensus, by the positive vote of a
444 Plenary Supermajority.] <** T: Overcentralization.>
445 2.3. Secretariat. The Secretariat shall serve as the administrative body of the Steering Group and promote
446 alignment of the Steering Group’s operations with the NSTIC Guiding Principles. The role and responsibilities of
447 the Secretariat are described in the sections that follow.
448 2.3.1. Selection of Secretariat. The Secretariat shall initially be provided by the NSTIC National Program
449 Office. At such time that the Steering Group becomes self-sustaining, the Management Council shall be
450 responsible for acquiring secretariat services support.
451 2.3.2. Secretariat Responsibilities. The Secretariat shall act in a neutral capacity, divesting itself of any
452 technical or other point of view. The Secretariat is responsible for ensuring that these By-laws and the decisions

12. 453 of the Steering Group are followed. The Secretariat is responsible for facilitating, monitoring, reporting, and
454 ensuring active progress of the Steering Group work to conclusion. The Secretariat shall:
455 «2.3.2.» a. Distribute Steering Group documents and process received comments and input.
456 «2.3.2.» b. Assist the Steering Group leadership in establishing work priorities, agendas, target dates
457 and other management activities as needed.
458 «2.3.2.» c. Record and make available all decisions of the Steering Group for confirmation, and prepare
459 reports for the Steering Group as requested.
460 «2.3.2.» d. Support the Steering Group’s efforts to ensure alignment with the NSTIC Guiding Principles
461 and operating principles.
462 «2.3.2.» e. Enable timely and public distribution of Steering Group products and information; including,
463 but not limited to, maintenance of the Steering Group Website.
464 «2.3.2.» f. Provide the resources and personnel for the Ombudsman position.
465 «2.3.2.» g. Take and record attendance at Plenary meetings.
466 «2.3.2.» h. During the initial election of delegates and officers, the Secretariat shall satisfy the
467 requirements outlined for the Nominations Committee in section 3, General Elections. Once the Nominations
468 Committee is fully established the Secretariat will no longer be required to fill this role.
469 2.4. Transparency & Dissemination of Information. The Steering Group shall conduct all operations and
470 administrative actions in an open and transparent manner.
471 2.4.1. Open Meetings. Where ever possible, meetings of the Steering Group [and its committees and
472 working groups] shall be open for public attendance. Electronic tools and mechanisms shall be made available to
473 enable remote attendance and participation. <** U: Openness.>
474 2.4.2. Publication of Operations. Essential information about Steering Group activities shall be made
475 publicly available through the Steering Group’s website.
476 2.4.3. Material Distribution. The Steering Group shall distribute the results of its activities through the
477 Steering Group website. The website shall include all Plenary deliverables. This includes, but is not limited to,
478 documents, conference presentations, meeting minutes, and publications.
479 3. General Elections
480 The processes for the electing Management Council Delegates, Plenary Chair and Management Council Chair
481 are described in the sections that follow.
482 3.1. General Requirements. The general requirements for the election process are:
483 «3.3.» 1. Only Participating Members of a Stakeholder Group may vote for Management Council Delegate
484 candidates being elected from that Stakeholder Group.
485 «3.3.» 2. Only Participating Members may vote for At-Large Management Council Delegates, the Plenary
486 Chair, and the Management Council Chair.
487 3.2. Election Process. The election process is described in the sections that follow.
488 3.2.1. Call for Candidates When one or more seats become available, the Nominations Committee shall
489 hold a call for candidates as follows:
490 «3.2.1.» a. For Management Council Delegate vacancies, the request shall indicate the number of seats
491 to be filled and provide guidance on specific candidate attributes that may be needed to fulfill requirements for
492 skills, experience, and cross-industry representation.

13. 493 «3.2.1.» b. For the Plenary Chair and Management Council Chair positions, the request shall be made
494 up to three months prior, but not less than one month prior, to the end of terms of the Plenary Chair or
495 Management Council Chair.
496 «3.2.1.» c. If no candidate is slated at the end of the evaluation process, the Management Council Chair
497 may request the Nominations Committee to initiate another call for candidates.
498 «3.2.1.» d. The Secretariat shall hold the initial call for Management Council candidates.
499 3.2.2. Submission of Candidate Recommendations. The process for the submission of candidate
500 recommendations is as follows:
501 «3.2.2.» 1. For Plenary Chair, Management Council Chair, and Management Council At-Large Delegate
502 positions, any member may submit recommendations for vacancies.
503 «3.2.2.» 2. For Management Council Stakeholder Group Delegate positions, any member affiliated with
504 the Stakeholder Group for which there is a vacancy may submit recommendations.
505 3.2.3. Candidate Evaluations. The Nominations Committee shall evaluate nominations in accordance with
506 eligibility criteria established for each open position. <But see sec. 2.3.2.h.> These criteria include:
507 «3.2.3.» a. Members may hold only one leadership position within the Steering Group. Leadership
508 positions include:
509 «3.2.3.a.» i. Management Council Delegate (Stakeholder Group and At-Large)
510 «3.2.3.a.» ii. Management Council Chair
511 «3.2.3.a.» iii. Plenary Chair
512 «3.2.3.» b. The nominee must confirm his or her willingness to be a candidate for the position.
513 «3.2.3.» c. Selection criteria for Management Council Delegates in the Charter. {NIST fn11: Charter,
514 sec.3.2.1, Delegate Selection Criteria: http://j.mp/NSTICchtr#_Toc330932483.}
515 «3.2.3.» d. The nominee must be a Participating Member.
516 «3.2.3.» e. Additional criteria to determine the eligibility of candidates for the positions of Plenary Chair
517 and Management Council Chair include:
518 «3.2.3.e.» i. Breadth of experience.
519 «3.2.3.e.» ii. Contributions to the identity management community.
520 «3.2.3.e.» iii. Demonstrated ability to effectively lead a significant organization or organization’s board.
521 3.2.4. Preparation of a Slate. The Nominations Committee shall develop a slate of all eligible candidates
522 from the candidate nominations received during the call for candidates corresponding to the requirements for
523 vacant seats. Candidates shall only appear once per slate [, except for the initial Steering Group elections].
524 <**V: Rule hygiene.>
525 3.2.5. Confirmation and Approval for Slate of Candidates. The process for confirming and approving the
526 slate of candidates is as follows.
527 «3.2.5.» a. The slate of eligible candidates and their qualifications shall be presented by the Nominations
528 Committee before the sitting Management Council.
529 «3.2.5.» b. Except for the nominations for the initial Management Council, the sitting Management
530 Council shall review and ratify the slate.
531 «3.2.5.» c. Cause for rejection shall be clearly documented so that the Nominations Committee may
532 propose a new slate or a partial slate.

14. 533 3.2.6. Voting for Candidates. The process for voting for candidates is as follows:
534 «3.2.6.» a. The Secretariat shall prepare ballots for each election and distribute sample ballots
535 no less than 15 days prior to an election.
536 «3.2.6.» b. The Secretariat shall administer the vote, tally the ballots, and report the results.
537 «3.2.6.» c. For elected positions a simple majority vote shall decide the winner. In the event that
538 there is no majority the candidates with the two highest vote counts shall participate in a run-off.
539 «3.2.6.» d. In the event of an election tie, another ballot that includes only the tied candidates
540 shall be conducted in a timely fashion.
541 4. Meetings
542 The Steering Group meeting requirements are described in the sections that follow.
543 4.1. Meetings Requirements & Procedures. Except as otherwise noted, the Plenary and Management
544 Council, and all Working Groups and Standing Committees shall conduct meetings as follows:
545 «4.1.» a. Meetings shall be presided over by the respective chair.
546 «4.1.» b. Attendance shall be recorded for all meetings.
547 «4.1.» c. At the start of every meeting, participants shall review the intellectual property disclosure policy
548 and activities that violate anti-trust law.
549 «4.1.» d. The Plenary and Management Council each shall hold face-to-face meetings at least two times
550 per year. Provisions shall be made to allow for members to attend via remote electronic mechanisms.
551 «4.1.» e. There shall be no defined maximum limit on the number of meetings that can be convened. The
552 scheduling of meetings shall be left to the discretion of the Steering Group body that calls the meeting.
553 «4.1.» f. Minutes shall be recorded for all meetings.
554 «4.1.» g. Draft meeting minutes shall be distributed or otherwise made available to the members in
555 attendance for comment and shall be revised accordingly. Approved minutes shall be made publicly available as
556 soon as practicable after meetings.
557 4.2. Meeting Administration. The sections that follow describe administrative requirements for Steering
558 Group meetings.
559 4.2.1. Prior Notice of Meetings. Announcements of full Plenary and Management Council meetings must
560 be made no fewer than 30 days in advance by email notice to members, delegates, and officers and posted on
561 the Steering Group website. Meetings of Standing Committees and Working Groups should be announced as
562 far in advance as practicable.
563 4.2.2. Meeting Agenda. An agenda shall be included in the meeting notice and shall include the date and
564 time for the meeting, the meeting’s subject matter, relevant recommendations of the Working Groups and
565 Standing Committees, web links to any related working papers, anticipated votes, member contributions, and
566 other relevant and useful materials. Plenary contributions shall be posted on the Steering Group website at least
567 15 business days in advance.
568 4.2.3. Attendance. Attendance at Plenary meetings is an obligation of Participating Members. The
569 Secretariat shall record the presence of each member at each Plenary meeting. It shall be the responsibility of
570 members to make their attendance at meetings known to the Secretariat.

15. 571 5. Decision Making.
572 The decision making procedures for the Steering Group are described in the sections that follow.
573 5.1. Quorum. A Quorum of the Plenary is defined as greater than fifty percent of Participating Members and
574 shall be sufficient for the transaction of business.
575 5.2. Consensus. The Steering Group shall seek to reach its decisions through a consensus process that
576 emphasizes due diligence and cooperation. When no consensus can be reached in a timely manner, the
577 decision shall be reached by voting as defined in section 5.3, Voting.
578 5.2.1. Consensus Process The following procedures shall be used in the consensus process:
579 «5.2.1.» a. A quorum is required to reach consensus.
580 «5.2.1.» b. The chair of the respective body shall act as the facilitator of the consensus process.
581 «5.2.1.» c. Items that require decisions shall be clearly presented with all available research and
582 information by the individual, Working Group, or standing committee responsible for the proposal.
583 «5.2.1.» d. The proposal shall be discussed and debated by those in attendance and any
584 amendments or modifications to the proposal shall be presented.
585 «5.2.1.» e. A call for objections shall be made to all members.
586 «5.2.1.» f. The absence of sustained objection shall be considered consensus.
587 «5.2.1.» g. Sustained objections which cannot be resolved through continued discussion will
588 result in the motion being moved to a vote or tabled for modification. (See section 5.3.1 Matters for
589 Voting.)
590 «5.2.1.» h. All members of the Steering Group shall be allowed to participate in the consensus
591 decision-making process.
592 5.3. Voting. The requirements and processes for voting within the Steering Group bodies are described in
593 the sections that follow.
594 5.3.1. Matters for Voting. Any matters that are not able to be resolved through the consensus process
595 may be voted upon by the Participating Members of the Plenary.
596 5.3.2. Qualifications for Voting Privilege and Restoration. Any Participating Member who is absent for two
597 consecutive Plenary meetings shall forfeit the privilege of voting on Plenary matters. Participating Members who
598 lose voting privileges shall maintain all the rights and responsibilities of Observing Members. ¶ A Participating
599 Member whose voting privileges are suspended shall have voting privileges restored upon attendance at two
600 consecutive meetings. Restoration of voting privileges begins after determination of quorum at the second
601 consecutive meeting attended. ¶ All Participating Members attending the first two meetings shall be eligible to
602 vote at those meetings. Thereafter, the provisions of [this Section]these By-laws shall take effect. <**W: Rule
603 hygiene.>
604 5.3.3. Voting Process. The voting process is described in the sections that follow.
605 5.3.3.1. Voting Procedures. Voting percentages shall be calculated in terms of the number of “yes” and
606 “no” votes cast. ¶ A record of voting on all measures requiring a vote shall be maintained by the Secretariat.
607 Participating Members may choose to qualify their votes with comments for the record.
608 5.3.3.2. Requirements for Approval. An affirmative vote of seventy-five percent [of those voting (a
609 "Recommendation Supermajority") , in a quorate meeting or ballot,] shall be required to pass technical
610 recommendation measures. Technical measures are those that deal with standards, procedures, policies, for the
611 identity ecosystem framework. ¶ An affirmative vote of a simple majority [of those voting, in a quorate meeting
612 or ballot,] shall be required to pass administrative measures. Administrative are those that deal with the internal
613 operations of the identity ecosystem steering group. <**Y: Rule hygiene.>

16. 614 6. Intellectual Property Policy.
615 The Steering Group policy related to Intellectual Property is based on the following principles.
616 «6.0.1.» The Steering Group shall function in an open working environment. The Steering Group and its
617 members shall not accept any documentary or oral disclosure of proprietary information from any member as a
618 part of the conduct of business. In addition, no information of a secret or proprietary nature shall be made
619 available as official documents, and no such documents (or documents marked as such) will be made official
620 documents or forwarded to the membership.
621 «6.0.2.» All proprietary information which may nonetheless be publicly disclosed by any participant during
622 any meeting shall be deemed to have been disclosed on a non-confidential basis, without any restrictions on use
623 by anyone, except that no valid copyright or invention right shall be deemed to have been waived by such
624 disclosure.
625 «6.0.3.» There may be Steering Group proceedings (e.g., accreditations process) that will require separate
626 or specific intellectual property requirements or non-disclosure statements.
627 6.1. Steering Group Patent Policy - Inclusion of Patents in Steering Group Products. Some Steering
628 Group products may include the use of an essential patent claim if technical reasons justify this approach. If the
629 Steering Group receives a notice that a proposed or an approved Steering Group product may require the use of
630 such a patent claim, the procedures in the following sections will be followed.
631 6.1.1. Statement from patent holder. The Steering Group will request from the patent holder or a party
632 authorized to make assurances on its behalf, in written or electronic form an assurance that a license to such
633 essential patent claim(s) will be made available to applicants desiring to utilize the license for the purpose of
634 implementing the Steering Group product either:
635 «6.1.1.» a. On a non-discriminatory basis and under reasonable terms and conditions; or
636 «6.1.1.» b. Without compensation and under reasonable terms and conditions that are demonstrably
637 free of any unfair discrimination.
638 If the patent holder or party authorized to make assurances on its behalf does not agree to these terms,
639 then this decision will be documented clearly. As it may pose risks to the implementation of the Identity
640 Ecosystem, this decision will be seriously considered by the Steering Group in any related activity or vote.
641 6.1.2. Record of statement. A record of the patent holder’s statement will be retained in the Steering
642 Group files and posted on-line.
643 6.1.3. Notice. When the Steering Group receives from a patent holder the assurance set forth in 6.1.1
644 above, the expected result will include a note substantially as follows:
645 NOTE – The user’s attention is called to the possibility that compliance with this expected result may require use
646 of an invention covered by patent rights. By publication of Steering Group expected results, no position is taken
647 with respect to the validity of any such claim(s) or of any patent rights in connection therewith. If a patent holder
648 has filed a statement of willingness to grant a license under section 6.1.1, details may be obtained from the
649 patent holder.
650 6.1.4. Responsibility for identifying patents. The Steering Group is not responsible for identifying patents
651 for which a license may be required for use of a Steering Group expected result or for conducting inquiries into
652 the legal validity or scope of those patents that are brought to their attention.
653 6.2. Copyrights. Copyright in materials produced prior to Membership in the Steering Group remains the
654 property of the copyright owner. However, copyrighted materials offered for incorporation into Steering Group
655 outputs must be made available on a royalty-free basis. ¶ Standards developers whose standards are
656 referenced in Steering Group outputs retain copyright ownership and control of the standards themselves.

17. 657 7. Conflict of Interest.
658 Members shall anticipate any situation in which a conflict of interest may arise and shall bring these concerns
659 before the Steering Group and the Secretariat for resolution. Steering Group members must be sensitive to
660 conflict of interest issues; however, being a member of the Steering Group should not disadvantage an individual
661 or their organizations. ¶ Members may present arguments and evidence of a conflict of interest to the
662 Management Council and the Secretariat. ¶ In the event a Participating Member Representative has a conflict
663 of interest on a particular vote or discussion and the Member Organization does not, the Member Organization
664 may designate a different Member Representative for the purposes of participating in the particular vote or
665 discussion.
666 8. Non-Liability.
667 Members, delegates, and officers shall not be liable for the debts, liabilities, or other obligations of the Steering
668 Group.
669 9. Charter and By-laws Ratification & Amendments.
670 Ratification of the initial Charter and By-laws [, and any amendments offered for 180 days afterwards,] shall be
671 accomplished by simple majority vote of [those] Participating Member Representatives [voting at a quorate
672 meeting]. <**X: Immediate; Overcentralization> ¶ Any subsequent amendments to the Charter or By-laws shall
673 be accomplished by a [Consensus, or, failing consensus, a Plenary Supermajority (66% of those Participating
674 Members voting in that vote, plus one vote),] super majority vote (75%) of the Participating Member
675 Representatives following a review and approval of the proposed amendment by the Management Council [,
676 subject to Section 2.2.5]. <**Z: Overcentralization.>
677 10. Severability.
678 If any part of these By-laws shall be determined to be invalid, illegal or unenforceable, the validity, legality and
679 enforceability of the remaining provisions shall not be affected.
680 11. Initial Interim Period.
681 Due to the need to quickly initiate a new organization, the provisions of this section define an initial interim period
682 for the Steering Group. The provisions of this section shall be in effect for an initial interim period of 90 days from
683 the date of ratification of these By-laws. All By-laws shall be in effect upon ratification except as specified in this
684 section. After the initial 90-day period, the provisions of this section will no longer be in effect.
685 11.1. Participating and Interim Members. An organization or individual shall be permitted to join the
686 Steering Group by executing the Membership Agreement as a Participating Member or by expressing the intent
687 to join as an Interim Member. Interim Members shall have the same rights and responsibilities as Participating
688 Members. Interim Members shall execute the Membership Agreement no later than the end of the initial interim
689 period in order to remain members.
690 11.1.1. Member Representatives. Each Interim Member shall designate a Member Representative in
691 accordance with section 1.2.3 of these By-laws.
692 11.1.2. Stakeholder Group Affiliation. Each Interim Member shall self-select into the Stakeholder Group
693 that they consider best represents its roles or interests in the Identity Ecosystem.
694 11.2. Elections. The Secretariat shall assume all responsibilities of the Nominations Committee for the initial
695 Steering Group elections. The Secretariat shall prepare and distribute candidate slates and ballots for initial
696 Steering Group elections as far in advance as practicable.
697 11.3. Officer and Delegate Terms of Service. The initial terms of service for the Management Council Chair,
698 Plenary Chair, and Management Council Delegates elected during the initial interim period shall be 6-months.
699 END OF DRAFT BYLAWS

18. PRODUCTION INFORMATION
This is file "NSTICdraftBylawsAugust2012comments.pdf". There is a related ASCII document "NSTICdraftBylawsJuly2012.txt".
The normative February 2012 NIST Draft Charter (PDF) is here : http://www.nist.gov/nstic/reports/SG_Draft_Charter.pdf
Mirrored Charter, with internal cites (HTML): http://j.mp/NSTICchtr >
http://www.nstic.us/wp-content/uploads/2012/07/Charter-Final.htm
The normative July 2012 NIST v2 Draft Bylaws (PDF) is here: http://www.nist.gov/nstic/reports/Discussion_Draft_By-laws_V2.pdf
Mirrored Bylaws, with internal cites (HTML): http://j.mp/NSTICjulybylaws >
http://www.nstic.us/wp-content/uploads/2012/07/Draft_By-laws_Revised.htm
The source text for this document and its ASCII sister version is the www.nstic.us mirror of the NIST v.2 draft Bylaws. This text reflects
the July 2012 draft's substantive content, but is marked [like this to show change proposals]. The ASCII text was cleaned up as to
format, but not content, to allow for editing and regular-expression searches.
jamie.clark@oasis-open.org
700 PROPOSED AMENDMENTS REFLECTED IN THIS DOCUMENT: NON-NORMATIVE
701 General comment: The proposed rules should allow reconsideration of these issues, in six months, so these
702 proposals distinguish the few changes that may be immediately advisable. Only the five "IMMEDIATE" proposals are
703 reflected in the ASCII version of this document. See also the proposed amendments to the Charter.
704 Types of amendments:
705 IMMEDIATE (5): C, G, J, V, X.
706 Typos (4): A, E, K, R
707 Rule hygiene / logic (4): B, D, F, I, M, S, U, V, W, Y.
708 Contract issues (2): C, G.
709 Overcentralization (9): D, H, J, L, N, O, T, X, Z.
710 Openness (3): P, Q, U.
711 A. Class of amendment: Typo. Later.
712 Place: Line 11. <Preface.>
713 Edit: Decapitalize "Operating."
714 Reason: Punctuation. The next word "procedure" is lower-case. There does not appear to be a defined term,
715 though the meaning of this phrase may need attention later.
716 B. Class of amendment: Rule hygiene. Later.
717 Place: Lines 39 + 300. Secs. <0.7> + 2.2.1.
718 Edit: In <0.7>, Replace the first period and the phrase "There are an additional" with the new word "plus", and in
719 2.2.1, replace the words "Management Council" with the words "Stakeholder Group."
720 Reason: Corrects ambivalence in the draft on whether "Management Council Delegate" means only the 14
721 elected by stakeholder Groups, or all 16 voting members.
722 C. Class of amendment: IMMEDIATE; Contract issues.
723 Place: Lines 60 + 72: Secs. <0.12> + <0.16>.
724 Edit: In each section, replace the word "selected" with the new word "designated," and replace the phrase "to
725 execute" with the new phrase "in its executed."
726 Reason: Membership agreement enforceability. The person who signs for the Organizational Member, and thus
727 may bind the entity legally, may or may not be their primary "representative" in NSTIC.
728 D. Class of amendment: Rule hygiene, overcentralization. Later.
729 Place: Line 81. Sec. <0.18>.
730 Edit: Add the sentence: "A quorum of the Management Council is defined as greater than fifty percent of
731 Management Council Delegates and shall be sufficient for the transaction of business."
732 Reason: There is no quorum requirement for the MC otherwise. Without one, a handful can meet and do
733 anything. Untidy.

19. 734 E. Class of amendment: Typo. Later.
735 Place: Line 137, Sec. 1.2.3.
736 Edit: Insert a comma before the words "for executing".
737 Reason: Grammar; makes clear that there are three duties. Note, having the Representatives sign the
738 membership agreement themselves, whether or not they are an enforceable binding organizational signature,
739 probably is a good idea, and at a minimum is harmless.
740 F. Class of amendment: Rule hygiene. Later
741 Place: Line 173, sec. 1.3.2.
742 Edit: Add the words "by amending these By-laws" at the end of the sentence.
743 Reason: When ground rules (like stakeholder classes) are changed, they should be documented somewhere
744 clearly, like the By-laws. Otherwise it is not clear here how a change would be made. Significant because the
745 balance in NIST's suggested 14 classes may be the subject of proposed amendments later. A similar
746 amendment has been proposed to the Charter.
747 G. Class of amendment: IMMEDIATE; Contract issues.
748 Place: Line 200. Sec. 1.5.
749 Edit: Add this sentence after the second sentence: "The form of Membership Agreement and any amendments
750 thereto shall be approved by the Plenary."
751 Reason: Membership agreement enforceability, and stability. It should be clear how the MA is approved, and
752 changes are made. The Steering Group should assume that the uniformity of content of the MA is important to
753 participants, and changes should be made sparingly. Section 11 will help with that issue, at first.
754 H. Class of amendment: Overcentralization. Later.
755 Place: Line 245. Sec. 2.1.2.3.
756 Edit: Replace the word "two" with the new word "one."
757 Reason: The best check on officers is to allow the Plenary to re-elect them, or not. Antidemocratic. Two years is
758 the life of this project's first phase, and probably too long. Note, this election happens 6 months from now.
759 I. Class of amendment: Rule hygiene. Later.
760 Place: Line 267. Sec. 2.1.3.1.f.
761 Edit: Add the words "as provided under these By-laws or otherwise" after the phrase "all other acts".
762 Reason: Resolves ambiguity about whether a power listed in the Bylaws is excluded if not enumerated in this
763 section.
764 J. Class of amendment: IMMEDIATE; Overcentralization.
765 Place: Line 279. Section 2.1.4.1.
766 Edit: Add "circulated for comment to the Participating Members and then" before the words "approved by the
767 Management Council".
768 Reason: NIST's draft gives too much unchecked power to the 16-voter Management Council to override the
769 entire membership. In this case, committee charters and charter changes should be seen by the members
770 before approval. A similar amendment has been proposed to the Charter.
771 K. Class of amendment: Typo. Later.
772 Place: Line 280, Sec. 2.1.4.1.
773 Edit: Insert a comma after the phrase "at a minimum">.
774 Reason: Grammar.
775 L. Class of amendment: Overcentralization. Later.
776 Place: Line 288, sec. 2.1.4.3.
777 Edit: Insert ", and shall be open to all Members unless otherwise provided in their approved charter" at the end
778 of the sentence.
779 Reason: While standing committee charters may have voting participation limitations for balance reasons, those
780 should be made clear in the charter, and the committees should be open to all if the charter does not provide
781 otherwise. (Also, the Charter's general openness principles apply to observers.)

20. 782 M. Class of amendment: Rule hygiene. Later.
783 Place: Line 295, sec. 2.2.
784 Edit: Delete the words "policy and standards".
785 Reason: The apparent intent of this rule was to have the MC ratify the official recommendation outputs of the
786 Plenary. Policies and standards are only two of the 3+ classes of named outputs; for example, accreditation
787 guidelines were omitted.
788 N. Class of amendment: Overcentralization.
789 Place: Line 296, sec. 2.2.
790 Edit: Insert "subject to the procedures set forth in these By-laws" at the end of the fourth sentence.
791 Reason: The MC's ability to override anything and everything the Plenary does may be limited by other
792 provisions of the Bylaws. That's true whether or not other amendments are made, but some specific
793 amendments on that topic also are proposed below.
794 O. Class of amendment: Overcentralization. Later.
795 Place: Line 357, Sec. 2.1.2.3.
796 Edit: Replace the words "three years" with the new words "one year."
797 Reason: The best check on officers is to allow the Plenary to re-elect them, or not. Antidemocratic. Three years
798 is well past the life of this project's first phase, and probably too long. Note, this election happens 6 months
799 from now.
800 P. Class of amendment: Openness. Later.
801 Place: Line 383. Sec. 2.4.3.2.g.
802 Edit: Add the phrase "and for the Ombudsman's office, including for the transparency of issue resolution
803 activity, and any procedures necessary to preserve appropriate privacy concerns of parties to a resolved issue"
804 at the end of the first sentence.
805 Reason: Brings the activities of the Ombudsman's office within the general principles of the project. Permits
806 appropriate exceptions for privacy reasons.
807 Q. Class of amendment: Openness. Later.
808 Place: Line 384. Sec. 2.4.3.2.i.
809 Edit: Add the phrase ", and publish written records of all issue resolutions identifying the issues in detail, made
810 available to the Members." at the end of the first sentence.
811 Reason: Brings the activities of the Ombudsman's office within the general principles of the project. Less of a
812 dark hole, that way.
813 R. Class of amendment: Typo. Later.
814 Place: Line 402. Section 2.2.4.3.4.
815 Edit: Change "publically" to "publicly."
816 Reason: Use same spelling for word throughout rule documents. (Both versions appear in Charter as well.
817 Proposed correction also offered there.)
818 S. Class of amendment: Rule hygiene. Later.
819 Place: Line 403. Sec. 2.2.4.3.5.
820 Edit: Replace sentence with: "The Ombudsman serves at the pleasure of the Secretariat".
821 Reason: Clearer. Removes some questions about MC rights.

21. 822 T. Class of amendment: Overcentralization. Later.
823 Place: Line 428, sec. 2.2.7 (new).
824 Edit: Add the following:
825 "2.2.7. Management Council Ratification and Inaction.
826 2.2.7.1. If, 90 days after the approval by the Plenary of a recommendation for standards, policies or other
827 components of the Identity Ecosystem Framework, the Management Council (a) declines to ratify it, or (b) fails to
828 approve or reject that recommendation, or (c) ratifies it with changes not approved by the Plenary, then, at its
829 next meeting, the Plenary may vote to finalize the recommendation in its originally approved form, without
830 requiring or permitting further action from the Management Committee. In order to be effective, that Plenary vote
831 must be reached by Consensus, or, failing consensus, by the positive vote of 66% of those Participating
832 Members voting in that vote, plus one vote (a "Plenary Supermajority").
833 2.2.7.2. If, 90 days after the delivery in writing to the Management Council of a proposed amendment to the
834 Charter or these Bylaws, or a proposed committee or working group charter or amendment thereto, the
835 Management Council (a) rejects it, or (b) fails to approve or reject the proposal, or (c) approves it with changes
836 not agreed by the proposer, then, at its next meeting, the Plenary may vote to ratify and finalize the proposal in
837 its originally delivered form, without requiring or permitting further action from the Management Council. In order
838 to be effective, that Plenary vote must be reached by Consensus, or, failing consensus, by the positive vote of a
839 Plenary Supermajority."
840 Reason: The largest group of stakeholders ultimately is the voice of the ecosystem. Permitting approved work
841 to be sidetracked or delayed without limit by a smaller committee probably is unwise. Antidemocratic. This is
842 related to Amendment Z.
843 U. Class of amendment: Rule hygiene, openness. Later.
844 Place: Line 469. sec. 2.4.1.
845 Edit: Add the words "and its committees and working groups" after the phrase "Steering Group".
846 Reason: Clarity. Removes ambiguity in the draft on whether this requirement applies to all of the committees
847 and groups.
848 V. Class of amendment: IMMEDIATE; Rule hygiene.
849 Place: Line 521. sec. 3.2.4.
850 Edit: Add the phrase: ", except for the initial Steering Group elections", at the end of the last sentence.
851 Reason: While I'm not sure it's advisable, the current election process *is* allowing candidates to double up.
852 It's probably better if we amend this rule so that we are not breaking it. Otherwise, reject the amendment, and fix
853 the slate.
854 W. Class of amendment: Rule hygiene. Later.
855 Place: Line 600, sec. 5.3.2.
856 Edit: Replace the words "these By-Laws" with "this Section".
857 Reason: Removes the ambiguity so that the sentence only suspends the two-meetings-in-a-row rule of this
858 Section, for the first few meetings, as opposed to suspending the entire By-Laws.
859 X. Class of amendment: IMMEDIATE; Overcentralization.
860 Place: Lines 423, 668 and 671. Secs. 2.2.6 (new) and 9.
861 Edit: Add new section 2.2.6 as follows:
862 "2.2.6. Initial approval of Charter and By-laws. Notwithstanding the foregoing, the Plenary may adopt
863 amendments to the Charter and these By-Laws without the ratification or approval of the Management Council
864 for the first 180 days after the initial approval of those documents by the Plenary. However, the Management
865 Council may make recommendations to the Plenary with respect to any such proposals.",
866 and in sec. 9, add the phrase ", and any amendments offered for 180 days afterwards," after the words "initial
867 Charter and By-laws"; and add the word "those", after "simple majority vote"; and add the words "voting at a
868 quorate meeting" at the end of the first sentence.
869 Reason: This should give us some time to work on the document's fine points before it's locked down with a
870 supermajority. Better than a push to re-write the whole thing right now.

22. 871 Y. Class of amendment: Rule hygiene. Later.
872 Place: Lines 606 + 609. sec. 5.3.3.2.
873 Edit: Add, after the phrase "seventy-five percent", the phrase "of those voting (a "Recommendation
874 Supermajority"), in a quorate meeting or ballot," and add, after the phrase "simple majority", the phrase "of those
875 voting, in a quorate meeting or ballot,"
876 Reason: Clarity on applying the percentage and imposing a quorum requirement.
877 Z. Class of amendment: Overcentralization. Later.
878 Place: Lines 664 + 667. sec. 9.
879 Edit: Add, replacing the words "super majority votes (75%) of the Participating Member Representatives", the
880 new phrase: "[Consensus, or, failing consensus, a Plenary Supermajority (66% of those Participating Members
881 voting in that vote, plus one vote)," and add at the end of the last sentence the phrase ", subject to Section
882 2.2.5".
883 Reason: Bring the defined consensus process back into this clause, and impose a reachable voting
884 requirement. The NIST draft's suggestion of an absolute 75% vote of all voting members -- present or not --
885 would be a severe obstacle to any later changes, even though a review is expected in 6 months, in connection
886 with the interim turnover elections provided under section 11. Antidemocratic. This is related to Amendment T.