D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication

Title: PROTOCOLS FOR NETWORK COMMUNICATION

The number of protocols which are currently used in networks such as the Internet is enormous. Below we have selected a small sample of them. The selection was done in a way such that each layer of the Internet Protocol Model is represented by at least one protocol, but focussing on the most relevant Internet related protocols.

For each protocol we first briefly introduce its basic purpose and functionality. Thereafter we look at personal or identifying information, analyse the protocol’s possible threats to privacy and data protection and discuss possibilities to circumvent them. The following criteria for elaborating privacy effects are taken into account: 

1. Identifiers and their uniqueness; 

2. Personal data being disclosed; 

3. Linkability: identifiability and profiling; 

4. Possibility of avoidance or circumvention of information disclosure. 

These criteria are the baseline for the analysis of the selected protocols performed in this chapter. Note that in general we do this analysis by looking only at the protocol concerned –not at the protocols involved in lower layers. So when discussing protocols at a certain layer, we assume that all lower layers will not reveal or provide any identifying information. Of course when designing privacy-enhancing technologies and applications one has to consider carefully all layers involved (see also the FIDIS Deliverable D12.3 “A Holistic Privacy Framework for RFID” (Fischer-Hübner, Hedbom 2007)). Nevertheless in some cases we explicitly give advice and examples of how the identifying information or personal data provided at different protocol layers work together resulting in a much powerful threat to privacy compared to the simple sum of the threats arising form each layer.