You are here: Resources > FIDIS Deliverables > Identity of Identity > D2.2: Set of use cases and scenarios > 

D2.2: Set of use cases and scenarios

Scenarios and a Story on Identity, Anonymity and Pseudonymity, ICPP  Title:
 Story: Anonymity services on the Internet




Using the Internet in a traditional way leads to many entries in a lot of log files e.g. at the ISP, proxies and servers. The stored information comprises the IP address, time of login and logout, cookies, headers sent by the used web browser etc. In many cases the storage of these log files is in accordance with the Directive 95/46/EC, for example when the data is needed for accounting purposes. Thus, partial identities (i.e. personal data relating to the user) are stored at least for a certain time and can technically be processed without an additional agreement and the control of the person to whom they belong.

More in particular, three situations occur today: a) There is no agreement at all, the personal data are copied and used without compliance with data protection law: The data subject is not informed that his personal data are processed, does not know for what purposes the personal data are processed and of course did not give consent to process his personal data. b) There are general terms and conditions in a disclaimer that describe which personal data are processed for which purposes, but the data subject does not read these terms and conditions so that we have a hypothetical situation which does not always is in line with what is called the reasonable expectation of privacy of the user. Whereas situation a) is an illegal situation, situation b) is a legal situation which can be subject to critics. c) Even if the user is informed that his personal data are used for certain purposes (like profiling, transfer to third parties) and even if the user has read the general terms and conditions, he is often confronted with a de facto monopolistic situation in which he can not refuse the use of the data conform the general terms and conditions because, if he refuses, access to the goods and services on the website (or in the ambient intelligence environment) are denied …

These three situations all indicate that the steps described hereafter, should take into account an improvement of the actual situation and therefore, should take into account compliance with the regulatory framework (such as the Data Protection Directive 95/46 and the Privacy and Electronic Communications Directive 2002/58). 

Furthermore, the linkability of those log file entries can lead to quite accurate profiles of the person that has used the Internet. On most websites the user loses a lot of functionality by trying to deny the storage of partial identities (i.e. personal data), e.g., via deactivating cookies or java-script in his web browser.  

Looking at the physical world, anonymity in many facets of life is a basic right used every day and mostly by instinct. One example for that type of instinctive use of anonymity is a typical purchase: going into a shop, taking the desired goods and paying them with cash. As long as the money is real, the buyer is not asked for his name by the shop staff. The buyer stays anonymous and decides not to actively disclose identifying data.

Of course, in real life, people also want to have access to ones real identity under specific circumstances, e.g. in the case of criminal activities (theft, no payment, money laundering, …). In other words: Anonymity in the physical world seems to be no problem for commercial and social communications, but people however will like to have a possibility to revoke this (partial) anonymity if necessary.

We can see that we are de facto confronted with technologies and applications that do always not give the possibility to fully anonymously transact with digital interfaces. The obligatory digital identity card which is being introduced today in Belgium, the use of electronic money, biometrics and other technologies make it very difficult to communicate anonymously. This right to anonymity, which will be described in a further chapter on the basis of examples of actual case law, is in fact at the core of privacy and ICT discussions. Therefore, new models and business cases in ICT and Identity Management often accept the importance of revocable anonymity, indicating that also in a digital world a (technologically) revocable anonymity should be required. 


The same purchase on the Internet leads to a lot of traces in databases of the ISP, the web shop, the bank and / or the operator of the payment system. The buyer leaves data related to his person to be able to perform the purchase and wouldnt know (at least in most cases) which data is taken, stored and how it is further used. The balance between the security of access to goods and services on the one hand and the security of access to the identity of the user on the other hand seems very difficult to achieve.


Scenarios and a Story on Identity, Anonymity and Pseudonymity, ICPP  fidis-wp2-del2.2.Cases_stories_and_Scenario_04.sxw  Story: Anonymity services on the Internet
8 / 69