You are here: Resources > FIDIS Deliverables > HighTechID > D3.6: Study on ID Documents > 

D3.6: Study on ID Documents

Interoperability Aspects  Title:
 Mergence of eID, Interoperability and Privacy


Value and Use of Privacy Enhancement Technologies in eIDs

Privacy Enhancing Technologies (PETs) offer the possibility to ensure trust between users, increase security aspects and ultimately make an eID solution lawful in the first place. Pfitzmann and Hansen (2006) describe PETs as being able to limit as much as possible the release of personal data, whereas for that released, ensure as much unlinkability as possible. Though, several Information Systems researchers point out that any technological construct can be compromised (Brooks 1997) or might result in a failure (Markus and Robey 1988). Bearing in mind these limitations it will never be possible to achieve total unlinkability. Pfitzmann and Hansen (2006) suggest that the user should be empowered to decide on the release of data and on the degree of linkage of one’s personal data within the boundaries of legal regulations, i.e., in an advanced setting the privacy enhancing application design should also consider the support of “user-controlled linkage” as well as “user-controlled release”. An application is designed in a privacy enhancing identity management enabling way if neither the pattern of sending/receiving messages nor the attributes given to entities (e.g., organisations, computers, humans) entail more linkability than is firmly necessary to attain the purposes of the application. Generally speaking, there are two concepts of privacy enhancement technologies (1) centralised eID database solutions and (2) decentralised or federated eID database solutions (Leitold 2005). 

Technically supported identity management has to empower the user to recognise different kinds of communication or social situations and to assess them with regards to their functionality, relevance, and their security/privacy risk in order to take adequate action (Engberg 2005). Generally, the identity management solutions (IMS) should assist the user in managing one’s partial identities, meaning that different pseudonyms with associated data sets can be used according to different roles in which the user is acting and pursuant to different communication partners (Pfitzmann, Hansen 2004). A privacy enhancing IMS makes the flow of personal data explicit and gives its user a larger degree of control. The guiding principle is “notice and choice”, based on a high level of data minimisation, and can be summarised as “user-controlled linkage” of personal data (Engberg 2005, Pfitzmann, Hansen 2006).



Interoperability Aspects  fidis-wp3-del3.6.study_on_id_documents_03.sxw  Mergence of eID, Interoperability and Privacy
Denis Royer 14 / 56