You are here: Resources > Deliverables > Privacy and legal-social content > 

Privacy and the legal-social content of identity

D13.1: Identity and impact of privacy enhancing technologie

This document is a report on technologies that enhance privacy from the technological point of view. We examined neither policy-based solutions nor law, we provide a review of technologies available.

[PDF Download] [ Read Online ]

 

D13.1 Addendum: Identity and impact of privacy enhancing technologies

This document is an addendum to our report on technologies that enhance
privacy from the technological point of view, and where we provided a review
of technologies available.

 

 

[PDF Download]

D13.3: Study on ID number policies

The objective of this deliverable is to present a view on the sensible use of theidentification numbers, especially in the public domain. The question ofwhether proper use can be achieved by a single global identifier or multipleidentifiers will be answered.In this deliverable several FIDIS partners investigate different aspects of IDnumbers, such as the history of the use of identification documents, the legalframework, the sociological theoretical aspects and the possible use of IDnumbers in the technique of profiling. Thus the investigations presented in thisreport provide a sound basis for determining the risks and opportunities in usingID numbers, especially the area of e-government.Country reports illustrate the choices made of using either a single globalidentifier or multiple identities. The report shows how the ID number can beput to good use while at the same time not unduly harming the privacy interestsof the individual.

[ PDF Download ] [ Read Online ]

D13.6 Privacy modelling and identity

This document critically reviews existing approaches (most common theoretical
tools) for modelling relations of identity related information and also some
related aspects of their applicability for measurement or quantitative expression
of (the level of) privacy.

 

[ PDF Download ] [ Read Online ]

D13.7: Workshop Privacy

The workshop examined and extended the findings of D13.6 (Privacy modelling
and identity), and thus provided a better insight into a possibly critical ability for
the future - to express the level of protection/state of identity related
information. This will be further studied in D13.8 and D 13.9.

 

[ PDF Download ] [ Read Online ]

D13.8: Applicability of privacy models

In the present deliverable, we focus on the applicability of privacy models and
review as well as illustrate the applicability of models from Deliverable D13.6
using a real-world example. Besides, we show some shortcomings of the
approaches presented in D13.6 and include the aspects of combination of
information and of misinformation, i.e., information which (partly) cannot to
some extend and for some reason be verified by an adversary, hence approaches
which may potentially be of major influence in the computation of a measure of
anonymity.

 

[PDF Download]

D14.1: Workshop on Privacy in Business Processes

This workshop was the kick-off meeting for WP14 and aimed at coordinating the work on the deliverables D14.2 and D14.3 and to present the corresponding contributions of their participants. One external speaker from the EU-project "Privacy and Identity Management for Europe" (PRIME) presented PRIME’ approach for privacy in business processes. The workshop on privacy in business processes was held on September 11th and 12th, 2006,during the FIDIS 1st Research Event in Budapest, Hungary. The agenda, presentations andminutes can be found at  http://internal.fidis.net/workpackage-main/wp14/.

[ PDF Download ] [ Read Online ]

D14.2: Study on Privacy in Business Processes by Identity Management

Privacy is not only a concern of customers. Service providers also fear privacy violations as a main hurdle for the acceptance of personalised services. Furthermore, the protection of privacy is an interest of service providers who take on customer relationship management activities of several service providers. They manage customers’ profiles, e.g. in loyalty programs and ehealth scenarios with electronic patient records, and offer the service of aggregation. If it is possible to link profiles of a customer without the need of such service providers, latter would not benefit from their aggregation service. Three case studies show privacy threats in business processes with personalised services.


The objective of this study is to identify privacy threats in business processes with personalised services, to suggest process models for modelling privacyaware business processes and to derive security requirements for user-centric identity management in order to preserve privacy.

The scenarios and use cases presented in this study are recommended for nontechnical readers, whereas the analysis of user-centric identity management protocols and approaches for identity management extensions are recommended for technical readers.

[ PDF Download ] [ Read Online ]

D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes

The European Directives 95/46/EC and 2002/58/EC demand the consent of
users for a purpose-based processing of their data. In practice, users give their
consent to the privacy statements of service providers, if they want to use
personalised services. Since current privacy enhancing technologies focus on the disclosure of personal data and not on their usage, users are not able to verify whether service providers follow their privacy statement. It follows that users have to trust service providers that they enforce the rules of their privacy
statement.

The objective of this deliverable is to investigate on Trusted Computing whether
it is suitable to realise a trust model where service providers are able to show
users that they have enforced the agreed rules. The motive for choosing Trusted Computing is that Trusted Computing provides a tamper-resistant foundation for identifying an information system’s configuration and so to identify if specific services, e.g. for monitoring the usage of personal data, are used.

Approaches for using Trusted Computing in order to support the enforcement of
privacy policies are presented. This deliverable proposes a modification of the
specification by the Trusted Computing Group and a monitor for observing the
usage of personal data.

[PDF Download]

D14.4: Workshop on “From Data Economy to Secure

This workshop was the kick-off meeting for the WP14 work on privacy
evidences as an instrument for enforcing privacy policies after the disclosure of
personal data. It aimed at coordinating the work on the deliverables D14.5 and
D14.6 and to present the corresponding contributions of their participants.
This workshop was held on September 11th, 2007, at the FIDIS 2nd Research
Event in Athens, Greece. The agenda, presentations and minutes are available
on the internal FIDIS pages of WP14.

[  PDF Download ]