Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- D5.1: A survey on legislation on ID theft in the EU and….
- D5.2: ID Fraud Workshop.
- D5.2b: ID-related Crime: Towards a Common Ground for Interdisciplinary Research.
- D5.2c: Identity related crime in the world of films.
- D5.3: A Multidisciplinary Article on Identity-related Crime.
- D5.4: Anonymity in electronic government: a case-study analysis of governments? identity knowledge.
- D6.1: Forensic Implications of Identity Management Systems.
- D6.5/D6.6: Second thematic Workshop forensic implications.
- D6.7b: Workshop on Forensic Profiling.
- D6.7c: Forensic Profiling.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
Conclusion
When transiting from paper documents and traditional signatures to digital documents and electronic signatures, linkability and the control thereof become an important issue. In contrast to paper-based documents, when there is a security leak, potentially a multitude of transactions in which an electronic signature was used can be observed and tracked by unauthorised parties, depending on the technical infrastructure and the security concept used. As the certificates for electronic signatures can be used as identifiers, linking different transactions can be done automatically and very fastly. In contrast, getting access to and scanning, analysing, and linking various paper documents requires much more effort.
So far, two approaches have been developed to prevent or at least to limit linkability: (a) the use of context-specific digital credentials and (b) the use of pseudonymous electronic signatures. Today, both approaches fall short in the context of eGovernmental services, as legal grounds and the technical infrastructure currently are not prepared for effective implementation.
The result is that the potential identity knowledge of governments is increasing in the transition to an electronic authentication environment. The government can link signed electronic documents much more easily than it could in a paper environment, and this easy linking of multiple signed electronic documents allows the creation of new knowledge, in the same way that data mining of digitised databases allows the discovery of knowledge that was hitherto hidden in practically unlinkable paper-based databases.
It is a missed opportunity that the German government has not fostered the privacy-enhancing use of pseudonymous signatures in eGovernment services in order to keep stable its level of identity knowledge. Moreover, the fact that the prohibition of pseudonymous certificates in the eGovernment context seems to hamper German citizens to acquire a pseudonymous certificate for non-public use implies that also the identity knowledge of private parties may be enhanced, which is contrary to the spirit of the Electronic Signature Directive.
23 / 45 |