By Dirk van Rooy (EC) and Kai Rannenberg (JWG)

By Thierry Nabeth (INSEAD)
The objective of this presentation is not to bring the answer to the ultimate question ‘what is identity?’, - an almost impossible undertaking given the complexity and the constant evolution of the subject - but rather to present, more like on a journey, different angles that can be used to define this concept, in particular in the context of the Information Society. Starting first at describing how this conceptualisation can be conducted in the traditional way of theorisation well known by the academics, this chapter then indicates how less formal approaches such as narratives can be used to help to understand the concept. It also introduces how the new ‘social tools’ originating from the Web 2.0 can be used to stir the intelligence of experts from different horizons so as to generated a meaningful and practical understanding of the subject. The second part of the presentation is used to illustrate how each of these approaches have been operationalised by presenting a series of models and scenarios presenting different perspectives and issues that are relevant to the subject, and a collaborative Web 2.0 knowledge infrastructure that was used in FIDIS to facilitate the conceptualisation of identity by a group of experts.

By David-Olivier Jaquet-Chiffelle (VIP)
What is a virtual person? What is it used for? What is its added value?
Virtual persons sometimes describe avatars and new forms of identities in online games. They also appear in other contexts; some authors use them in the legal domain. Within FIDIS, the concept of virtual person has been extended in order to better describe and understand new forms of identities in the Information Society in relation to rights, duties, obligations and responsibilities.
Virtual persons, as other virtual entities, exist in the virtual world, the collection of all (abstract) entities, which are or have been the product of the mind or imagination. The virtual world –not to be confused with the digital world– allows a unified description of many identity-related concepts that are usually defined separately without taking into consideration their similarities: avatars, pseudonyms, categories, profiles, legal persons, etc.
The legal system has a long experience of using abstract entities to define rules, categories, etc., in order to associate legal rights, obligations, and responsibilities to persons that can be considered instances of these abstract entities in specific situations. The model developed within FIDIS intentionally uses a similar construction.
In this presentation, after having explained the model, we apply it to pseudonyms. Then we explore the concept of virtual persons from a legal perspective. Eventually, we introduce trust in the light of virtual persons.

By Martin Meints (ICPP)
This presentation deals with research results achieved in the context of the FIDIS project dealing with cryptographic techniques, biometrics and identity management aspects of protocols. Relevant data protection and security risks in common implementations are presented and analysed. As a use case to show these risks the electronic passport (epass) is used. Attack scenarios discussed in the literature are qualitatively evaluated using the Attack-Tree approach introduced by Bruce Schneier. The presentation concludes with recommendations concerning future eIDs in general and the epass in particular.

By Mark Gasson (Reading)
The domain of ‘identity’ is fast evolving, something that is to a large degree driven by the evolution of technology. As such, the emphasis of this Work Package is on ‘emerging technologies’, i.e. those technologies or applications of technology which have not yet reached commercial critical-mass, but may in the future prove to have a significant impact in the identity field. This interdisciplinary work builds upon the solid foundation of earlier FIDIS research, but, in order firmly to embrace the ‘F’ of FIDIS, looks with a degree of reasonable speculation beyond those areas previously explored by FIDIS deliverables.
One specific area of interest is that of ICT implants. The increasing commercialisation and growing potential of human ICT implants has generated debate over the ethical, legal and social aspects of the technology, its products and application. Here we will discuss the security and privacy implications of human ICT implants that are used both in a medical context and for authentication and identification purposes, that can hold or transmit personal data, and which could ultimately be used for human enhancement.
We will also discuss a study which has pulled together the various threads of FIDIS such as profiling, biometrics, location based services, RFID and ICT implants by implementing a global tracking system which collates and processes location data in order to draw behavioural profiles of the users.

By Denis Royer (JWG)
While identity management systems for the Internet are debated intensively, identity management in mobile applications has grown silently over the last 17 years. Technologies, such as the still-growing Global System for Mobile Communication (GSM) with its Subscriber Identity Module (SIM) identification infrastructure, are foundations for many new mobile identity management related applications and services. This includes location-based services (LBS), offering customised and convenient services to users (e.g., friend finder applications) and new revenue opportunities for service providers (e.g., location-based advertising).
However, even though the opportunities seem to be endless and technology manageable, challenges arise when looking at advanced aspects of mobility and identity such as privacy, regulation, the socio-cultural aspects, and the economic impacts. To this regard, the interdisciplinary nature of mobility and identity is imminent and needs to be explored further. By learning from the diverse field of challenges, new mobile communication systems can be created, allowing for more privacy-preserving service provision and a more transparent handling of mobile identities.

By Ruth Halperin (LSE)
Establishing interoperable systems is a complex operation that goes far beyond the technical interconnectedness of databases and systems. Interoperability emerges from the need to communicate data across different domains for a specific purpose. Transferring the data may represent a technical challenge because of different protocols, standards, formats and so forth. However, the most difficult challenge lies in reconciling and aligning the purpose, use and other changes consequent on transferring that data. Changes in data ownership and custodianship have an effect on power structures, roles and responsibilities and on risk. In the first part of this chapter our aim is to develop an understanding of the term ‘interoperability’ as it currently applies to the area of identity management. We propose a three-fold conception of interoperability in IdMS, involving technical, but also formal-policy, legal and regulatory components, as well as informal-behavioural and cultural aspects. Having noted the official EU/government agenda as regards interoperable IdMS, the second part of the chapter is concerned with the perspective of other important stakeholders on the same topic. First, the views of experts from private and public sectors across Europe are presented. Following this, the perceptions and attitudes of EU citizens towards interoperable IdMS are discussed. Together, the findings presented point to the crucial challenges and implications associated with the sharing of personal data in the provision of eGovernment, eHealth and related services.

By Mireille Hildebrandt (VUB)
During the FIDIS project, Work Package 7 on Profiling has developed a cross-disciplinary perspective on profiling practices and technologies. Some of the most critical challenges for ‘the future of identity in information society’ must be located in the domain of automated profiling practices. Profiling technologies enable the construction and application of group profiles used for targeted advertising, anti-money laundering, actuarial justice, etc. Though automated profiling seems to provide the only viable answer for the increasing information overload and though it seems to be a promising tool for the selection of relevant and useful information, its invisible nature and pervasive character may affect core principles of democracy and the rule of law, especially privacy, autonomy and non-discrimination. Starting with an analysis and inventory of profiling practices, mayor attention has been given to profiling as the enabling technology of the vision of Ambient Intelligence. In response to these challenges detected we have suggested novel types of protection next to the existing data protection regimes. Instead of focusing on the protection of personal data, these novel tools focus on the protection against invisible or unjustified profiling. Instead of focusing on law and technology as separate instruments, we have suggested the integration of legal protection into the technological infrastructure that affords profiling. This has been presented as a vision of Ambient Law, complementing the vision of Ambient Intelligence. Special attention has been given to the idea of transparency tools that should enable European citizens to check how their behaviours match with the profiles ‘owned’ and applied by data controllers and how this may affect their everyday life. That should allow a citizen to decide which of their data they want to hide, when and in which context. Instead of focusing only on data minimisation, we advocate a complementory focus on minimisation of the knowledge asymmetry, brought about by profiling practices.

By Bert-Jaap Koops (TILT)
With the ever increasing importance of identity and identity management in the information society, identity-related crime is also on the rise. Combating crimes like identity theft and identity fraud is a key challenge for policy makers. This presentation aims at contributing to addressing that challenge. It summarizes the findings of five years of FIDIS research on identity-related crime. The typology developed by the FIDIS network is given of the various forms of identity-related crime: identity fraud (including identity ‘theft’), unlawful identity obstruction, and unlawful identity restoration. Next, an overview is presentated of relevant socio-economic, cultural, technical, and legal aspects of identity-related crime, including potential countermeasures. The presentation concludes with lessons for policy and research that can be drawn from the five years of FIDIS research in the area of identity-related crime.

By Zeno Geradts (NFI)
Within forensic science, identifying perpetrators is one of the key functions of forensic science, and given the increasing importance of identity management, identity forensics is a major field of study in the information society, which has many links with the other work packages of FIDIS. The term forensic, as used in this presentation, refers to information that is used in court or other dispute resolution procedures as evidence. Such information can be extracted from identification management systems. This evidence can be very strong, however some limitations are apparent. For example, one should always investigate if identity change has been committed. In this presentation, we will focus on the forensic aspects of identification systems, biometric identification, forensic profiling, use of images for identification, such as images of faces, and of course the legal implications of these developments. We have conducted several experiments with a wide range of biometric equipment to forge the biometric features, and in many cases it was possible. The use of forensic profiling is not used as much as was expected, since there are many limitations on the use of finding profiles of suspects within raw data from different sources. Concerning images, limitations exist with facial images, either due to compression and aging, where it is more difficult to identify a person. Also with images possibilities exist to link a camera with an image. Open source software has been developed for FIDIS to examine these images, FIDIS PRNU Compare, which can be downloaded from  sourceforge.net. It is a computationally expensive way of linking images, and tests have been conducted with Youtube. Since many new developments appear in this field, it is necessary to update the legislation regularly in order to protect the privacy of the citizens, and also to have possibilities to use the data in severe cases for solving crimes.

By Vashek Matyas (MU)
Work package 13 started with an overview/classification of technologies enhancing privacy, with a major focus on anonymity systems. Special attention was paid to the (possible) elimination of identity information and impact oft his. Then an overview of existing approaches (most often theoretical tools) for modelling relations of identity related information was provided, which brought a critical review of the models, comparisons of their potential, and review of their applicability for measurement or quantitative expression of (the level of) privacy. Applicability of selected models in real-world scenarios was then investigated.
This work package also involved two events co-organized by FIDIS. Firstly, the2006 Privacy Summer Course, organized in Leuven in August 2006 in four days in coordination with the IPICS Summer Course 2006, and with the attendance of students from all over the Europe. Secondly, it was the Fourth International Summer School organized jointly by the FIDIS Network of Excellence in cooperation with IFIP WG 9.2, 9.6/11.7, 11.6 and sponsored by Microsoft Research - The Future of Identity in the Information Society - Challenges for Privacy and Security.
Last but not least, this work package included two experiments aiming to assess the valuation of two aspects of privacy – location privacy and communication/social network privacy. Outcomes of these two experiments shall also be presented.

By Maike Gilliot (Alu-FR)
he current mainstream approach for users to protect their privacy is to control the disclosure of their personal data, thus minimizing the risks of privacy violations such as unwanted data disclosure and profiling. To this end, Privacy Enhancing Technologies (PETs) provide anonymity on the application and network layers, support pseudonyms, and help users to disclose their personal data in a controlled manner using, e.g., identity management systems.
However, today’s electronic services (such as in the eHealth or the eGovernment sectors) require more and more personal data, which needs to be shared between partners. Thus, the current approach based on controlled data disclosure needs to be extended with mechanisms controlling how data is used once it has been released (“usage control”).
Within the FIDIS Work Package 14 on “Privacy in Business Processes”, we analyzed privacy threats in business processes and investigated on organisational means and technical mechanisms for privacy protection. The DREISAM protocol we present was developed within WP 14. It extends current identity management systems allowing users to delegate access rights to their personal data in a privacy preserving way. In cases where violations cannot be prevented, a reliable mechanism to detect violations after the fact is necessary. To this end, we have developed a new logging mechanism, providing a secure and tamper evident logfile.

By Kai Rannenberg, Denis Royer, and André Deuker (all JWG)