Identification versus anonymity in e-government

Table of Contents 

Executive summary    8

Executive Summary 

Government needs information to govern. Particularly in direct relations with citizens, they need information from citizens in order to do their job. In many of these situations, governments want to know exactly which citizen they are dealing with, and hence, they require identification. This identification desire is strengthened by the development of personalisation and customised public service provision. Technology is a prime facilitator of this process, allowing for increasing possibilities, in an ever wider variety and depth, of government-citizen interaction.  

The research question addressed in this report is: Does the identity knowledge of the government grow through the development of e-government? ‘Identity knowledge’ is the collection of descriptive information that is connectable to an individual; it is a bipolar continuum with identifiability at one end and anonymity at the other, which can be assessed by Marx’ five concentric circles of identity information (core, unique, sensitive, private, and individual information). The identity knowledge capacity of governments (i.e., the amount of data, the centralisation of those data, the speed of information flows, and the number of points of contact between government and citizen) is another concept that can be used in answering this research question.

In this report, we have tried to give a first, tentative answer by analysing various case studies. These have been selected to illustrate the broad range of e-government and public services in Europe: different sectors, small-scale to large-scale, across a range of technological measures, in four European countries. Some cases are descriptive of current, concrete processes, while others focus more on analysing more abstract problems in public service provision and how technology can be used to overcome these. The scope of this study does not allow for a systematic, comparative approach; rather, a heuristic combination of cases is used to provide a caleidoscopic view of anonymity and identification in eGovernment. Future research with a more systematic approach is needed in order to offer a more complete and firmer answer.  

The conclusions in the case studies are that, first, new technologies change the identification process in the Netherlands; in one case, this led to a small increase in the identity knowledge capacity of the government, in another case not. Second, in Germany, the transition from paper-based to electronic signatures leads to a small increase in identity knowledge, since signature certificates include data like the citizen registration number and date of birth, and pseudonymous certificates are not allowed for citizens to use in official government procedures. Third, in Belgium, the identity management infrastructure for e-government under construction focuses on interoperability and efficient information management, with a single global identifier to identify all citizens across several contexts; although use of this number is regulated by law and and the Privacy Commission, significant opportunities are created for increasing the knowledge capacity of the government in future. Fourth, in Switzerland, anonymisation of medical statistical data shows that technology can facilitate non-identifiability of patients while still allowing the same patient to be followed through different treatments in time and space. Linkability can be effected without identifiability, through cryptography-generated pseudonyms.

The tentative answer to the research question that can be given on the basis of this limited collection of case studies, is that citizens indeed become more known by the government when digital identification technologies are applied in the process of public service provision, if only moderately so. The knowledge capacity of governments grows in the transition from paper-based to electronic communications, although currently only to a minor extent. The identity knowledge increases with some more personal data of citizens, such as birth date or a photograph. There may be some cause for concern in this from the piont of view of data protection, but we should not exaggerate the threat to privacy that this poses. This is a tentative conclusion, which more systematic future research in this area could try and refine or adapt.  

This seems only part of the answer, however. What also emerges from the case studies, is that identification infrastructures are slowly being built, often centring on single and global identifying numbers, rather than sector-specific numbers, which facilitate data mining and profiling, even if this occurs infrequently today. Given the tendency of governments to call citizens ‘customers’ and to stress personalisation, which encompasses a ‘natural’ desire for identification and increased identity knowledge in order to improve ‘customisation’, it should be researched to what extent these technological possibilities will be exploited by governments for public service provision in the near future. Part of this future research should also be the study of technological and organisational means to counterbalance the increased identity knowledge of governments, such as anonymisation techniques, credentials, and smart pseudonym systems. Privacy-friendly identity management in e-government is not likely to happen by itself, but is definitely worth exploring and stimulating by further research.