D11.1: Collection of Topics and Clusters of Mobility and Identity – Towards a Taxonomy of Mobility and Identity

Title: MANAGEMENT OF MOBILE IDENTITIES

Secondly the concept of mobile identity management can refer to the management of mobile identities. Here we stress the fact that the identities are mobile identities.

In FIDIS deliverable “D3.3: Study on mobile identity management” mobile identity management is described as “a special case of identity management where location data is taken into account” (Müller et al., 2005, p. 78). This definition further distinguishes between the perspectives of the end user and the perspective at the organisational level. The definition stipulates: “it comprises both the perspective of the subject whose partial identities are concerned, e.g., offering mechanisms to decide when and what location data is used and transmitted to whom and the perspective of the mobile identity (management) provider who operates the system and may process the subject’s data.” (Müller et al., 2005, p. 78).

From the point of view of the end user, the management of mobile identity means that the end user uses computing devices to send or receive messages in which location information plays a major role In this case, the mobile computing device provides possibilities to use location based personalised profiles in interactions with others. Identity management related to Location Based Services also fall under this category. These uses create competing demands for identity management: from the point of view of the system provider, mobile identity management means that service providers must provide secured and trusted facilities to the end user, while at the same time these service providers must enable the capture of the location data: “it is used to … follow the user from device to device, location to location and context to context.” (Roussos, Peterson, Patel, 2003, p. 3).

To work out these competing demands we will use the ‘enacted view’ of Roussos et al. These authors approach “mobile business as an open-ended socio-technical production: a mass of particular actions taken as individuals and groups make their own uses of technologies. The result may be dynamic, unpredictable and strongly mediated by the idiosyncrasies, needs, and preferences of individuals and groups.” (Roussos, Peterson, Patel, 2003, p. 3). The enacted view is to be embraced because it escapes technocratic determinism. It is a ‘paradigm’ which has a fortiori an eye for the social construction by which these mobile identity technologies are implemented and evaluated. The enacted view will provide better insights into the usability of devices and the trust in consumer–service-provider relations. Therefore we have to make sure that we build in various ‘success factors’ to succeed in creating user friendly identity management systems that can enhance trust between consumer and service provider. Indeed, system features in relation to the ipse identity type are reflected in this enacted view of identity management systems, as it accentuates aspects such as the ‘locality’, ‘reciprocity’ and ‘understanding’ principle.

Towards the locality principle, the enacted view argues that there must be at least a “balance between respect for the consumer‘s identities and the advantages of the ‘open and ubiquitous mobile businesses.” (Roussos, Peterson, Patel, 2003, pp. 27-28). The locality principle thus entails that the user must be able to differentiate between the different partial identities one has taken up in various contexts. Furthermore, though personalised services can profit from the exchange of data between different commercial partners, this may lead to unwanted loss of trust by the consumers.

The second principle, reciprocity, deals with the “informational (a)symmetry’ between consumers and providers. This too is a necessary trade–off: ‘a consumer may find profiling useful since it allows a personalised service to be offered but, on the other hand, it may be uncomfortable if the relationship is asymmetrical with regard to control and access to information. At the very least, the consumer should be remunerated for the informational asymmetry either directly or indirectly in a fair and acceptable to both parties way.” (Roussos, Peterson, Patel, 2003, p. 29). In this sense the principle of reciprocity entails that people must know what data is collected about them, by who and what the benefits and risks of the data accumulation can be. Because the collected data can be used for profiling purposes, the authors feel that not only privacy concerns are important, but they refer also to the fact that the link to identity building must be acknowledged

Concerning the third principle, understanding, Roussos et al, claim that “the perception of identity of the seller affects directly the perceived risk of the transaction, the willingness of the buyer to transact with the particular seller and last but not the least the price paid.” (Roussos, Peterson, Patel, 2003, p. 30). In this sense the principle of understanding entails that both consumers and providers should be able to understand each other ‘identities’. This is the case because, “when this did not occur in the ubiquitous commerce scenario the consequence was that it created a threat for the balance of family structure.” (Roussos, Peterson, Patel, 2003, p. 30).