You are here: Resources > FIDIS Deliverables > Forensic Implications > D5.4: Anonymity in electronic government: a case-study analysis of governments? identity knowledge > 
Paper-based and electronic signatures  Identification versus anonymity in e-government
APPROACHES FOR PRIVACY ENHANCEMENT
 Limitations of the described approaches

 

Approaches for privacy enhancement

To improve the implementation of data protection principles in the context of electronic signatures, two approaches are discussed aiming at reduction of linkability of certificates: 

  1. Use of context-specific digital credentials instead of one “general purpose” certificate. This could be done e.g., by issuing a specific signed pseudonymous certificate or digital credential in general that includes only necessary information in the context of the signature and that uses a number that is not repeated for other certificates and thus is not linkable. In this context the certificate authority also takes over the role as identity provider, acting as a trusted third party.  

  2. Use of pseudonymous signatures. In this concept, which is also supported by the European Signature Directive 1999/93/EC (Gasson, Meints, Warwick 2005: 33), for one physical person, different key pairs and correspondingly different pseudonymous certificates can be used. This approach limits linkability to those signatures in which the same pseudonymous certificate has been used.

In both cases, it is possible to uncover the physical person behind the pseudonymous certificate and credential by the certificate authority when this is needed and legal (e.g., in cases of criminal investigations). There are other approaches where the physical person behind a pseudonym is not identified, but where still legitimate claims can be covered and/or misuse can be prevented (Pfitzmann, Hansen 2006). 

 

Paper-based and electronic signatures  fidis-wp5.del5.4-anonymity-egov_01.sxw  Limitations of the described approaches
20 / 45