D11.1: Collection of Topics and Clusters of Mobility and Identity – Towards a Taxonomy of Mobility and Identity

Title: SCENARIO 2: MOBILE CRAFTSWOMAN

In the second scenario Alice is working as a craftswoman with fixed working hours per day. Within one working day she is doing different small jobs at different places. She uses a mobile phone for professional purposes (in addition to her private one) in her working hours only to report to her employer and to get new jobs via phone when the old ones are finished. In addition, her employer uses the phone to contact her for internal control and planning purposes, i.e. how far she has got with her current job. (In addition, he carries out regular control visits at the various sites of her work.) 

Figure : Identity of Alice in the craftswoman scenario (scenario 2)

An additional partial identity, the number of her cell-phone used for her work, is added to her identity in this scenario. In contrast to her own phone the communicational policy of her professional phone and the workflows in which it is to be used are controlled by her employer. In this case it is used in a restricted way for working purposes and in her working hours only. In addition within the management process of her work related partial identity the location plays an important role though the collection and transfer of the location data is not performed technically. In this context we can speak of management of mobile identities (see chapter ).

Mobile communication is used as one instrument among others to apply a strict control to Alice’s work. The resulting, almost non-existing, amount of autonomy certainly affects other partial identities used in the same communicational context in a negative way. For example, her reputation within the enterprise she is employed at and towards the customers of this enterprise may be affected (“Ah, Alice again – she has to be supervised closely.”).  

The resulting identity of Alice is shown in which now comprises also a work cell-phone.

In the third scenario Alice is working as a collaborator in an ICT project. She works flexible and in some cases long hours and often stays at different places overnight. Her employer equipped her with a smartphone and allowed her to use it for private communication and contacts as well (which of course she has to pay for). Consequently Alice decided to give up using two mobile phones – she now only uses her professional smartphone.

The smartphone is also used to access certain services of her employer via web browser using an encrypted virtual private network tunnel (VPN tunnel) through the internet. Private and professional data stored on that device are encrypted; a root key to decrypt the data storage on the device is controlled by her employer. In addition private and professional data is stored on a central server as well under control of the employer (where they are not encrypted).

Within her area of work she has high flexibility and autonomy, but also responsibility for the results of the ICT project she is working on. Her employer follows a policy of open communication with his customers. As a result her mobile phone number is published on the internet and she is urged to answer the phone at any time in case customers call her. In turn her employer offers an extra payment (for example with a flat rate) for customer requests Alice answers when she is not working.

In this case the changes in identity are much more intense compared to the two prior scenarios. Highly flexible working hours in combination with the communicational policy of her employer lead to a change of borderlines of communicational contexts in which identifiers are used. In addition the control over those identifiers and the related communicational policies by Alice has diminished. When sitting in a restaurant with Bob having a romantic dinner she has to answer the phone when a customer of her employer is calling. This clearly has the potential to spoil the evening.

Offering the use of the official phone for private communication her employer increases the control on her private communication. He could possibly check her phone call numbers. Furthermore, her private entries in the phonebook are stored on the employer’s central server where they are not encrypted with a key under control of Alice. Violation of data protection legislation by her employer may possibly have a negative impact for example on her reputation within the enterprise she is employed at, for example in cases where information about private dates leak out. This puts a light on possible challenges to implement data protection legislation when mobile communication is introduced in an employment context. 

Figure : Identity of Alice in the collaboration scenario (scenario 3)

In addition, the combined professional and private data under control of her employer may be attractive for identity thieves. If the security of the central server (where data in this scenario is not encrypted) is insufficient and data from Alice is stolen, potentially severe trouble for Alice in both her professional as well as her private life may result, e.g. by abusing her data for stalking or fraud. In addition to the need to revoke and change (partial) identities, personal communicational contexts - for example with customers or friends - often suffer as well. Restoration of these communicational contexts, damaged by identity fraud, may need time and may cause additional costs. In contrast to scenario 2 this may be more harmful because private communicational contexts are affected as well. 

The resulting identity of Alice is shown in now showing only one cell-phone to be used both for work and private life.