D11.1: Collection of Topics and Clusters of Mobility and Identity – Towards a Taxonomy of Mobility and Identity

Title: MANAGEMENT OF IDENTITIES

Firstly, mobile identity management can refer to the management of identities through the use of mobile devices. Here the fact that identity management is possible by means of mobile devices is stressed, not the management of mobile identities.

According to Josang et al. identity management is the “process of representing and recognising entities as digital identities in computer networks.” (Josang et al., 2005, p. 1). Mobile technologies do not always disclose location data (Bennet, Crowe, 2005, p. 9, also Clarke 2003). Therefore it makes sense to state that mobile technologies which used for identity management do not necessarily regard mobile identities.

From the point of view of the end users, people can use mobile computing devices to facilitate their social interactions and their communications in a trusted and secured environment. We have to be aware that identity management systems (IMS) are at the same time “the keeper of (…) personal electronic information” and “the channel through which individuals communicate, interact, transact, share reputations and create trust relationships with people, businesses, and devices.” (Roussos, Peterson, Patel, 2003, pp. 3-5). There is a possibility that the individual - independent of his or her mobility – uses mobile devices to manage social interactions in life, rather than managing mobility as such. In fact, Roussos et al. define identity management as “the operations performed to support the lifecycle of the digital identity.” (Roussos, Peterson, Patel, 2003, p. 5). These operations are attempts to manage communication via the messages one sends or receives with mobile computing devices. So the management of identities through mobile devices stresses the importance of using mobile devices for one’s identity management.  This has implications to one’s ipse identity - whether the person is mobile or not.

There are several reasons that support this position. First of all, we have to be aware of the fact that mobile technologies are used by individuals to regulate social interaction inside specific but interdependent figurations. In this sense, a person manages his identity in relation to his social interactions. Arguments can be found in the paper of Lasen: “The use of mobile phones depends on stable social infrastructures. (…) They are a tool for collaborative interaction in the local.” (Lasen, 2002, pp. 37-40). This stresses the importance of mobile devices towards the ipse identity aspirations, rather than towards enhancing mobility (Lasen, 2002, pp. 37-40). Fortuniati (Fortunati, 2001) shares Lasen’s opinion, who claims that: “the force of attraction of the device was beyond the constraints of mobile work or those of residential mobility” and “there was not a correlation between the mobility of the users and the use of the mobile phone.” (Lasen, 2002, p. 34).

From the point of view of the architects of identity management systems, especially related to the type 3 IMS, it must be ensured that the applications on mobile devices include Privacy Enhancing Technologies (PET) so that the end user can actually trust that he or she controls the data flows of the mobile devices used for identity management. As Hansen et al. (Hansen et al., 2004) suggest, privacy enhancing identity systems should be able to realise aspects such as:

• ‘User controlled linkage of personal data’ 

• ‘Data minimisation’ 

• ‘Awareness of data being disclosed’  

• ‘Sufficient usability towards the user’.