Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- D13.1: Identity and impact of privacy enhancing technologie.
- D13.1 Addendum: Identity and impact of privacy enhancing technologies.
- D13.3: Study on ID number policies.
- D13.6 Privacy modelling and identity.
- D13.7: Workshop Privacy.
- D14.1: Workshop on Privacy in Business Processes.
- D14.2: Study on Privacy in Business Processes by Identity Management.
- D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes.
- D14.4: Workshop on “From Data Economy to Secure.
- D16.3: Towards requirements for privacy-friendly identity management in eGovernment.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
Executive Summary
Note: This section is mandatory for all deliverable and should help to get an overview of the topics covered in the document.
The objective of WP14 is the identification and description of privacy requirements for identity management relating to the disclosure of identifying personal data and the use of credentials as access rights on services in business processes. Service providers process identifying data of their users for example for individualizing services and to get access to services as a proxy of their users. By the directives 95/46/EC and 2002/58/EC, the European Commission has defined privacy principles in order to regulate the processing of identifying personal data. Identity management empowers users as long as they disclose their identifying personal data and credentials to service providers. For information chains as found in multi-staged business processes, identity management leads to a big-brother phenomenon. Users have to trust service providers to process personal data of their users according to their privacy policy.
Based on privacy as informational self-determination, privacy threats are identified in business processes by the reference scenario “loyalty programme”. The reference scenario is used as an orientation for the partners in WP14. Undesired profiling is in particular investigated by case studies. The investigation of profiling makes a difference between collection of customers’ data by service providers of which customers are not aware and in externally stored customers’ profiles, while delegation access rights to some of these profiles is made possible The starting point of WP14 is the workshop “Privacy in Business Processes” (D14.1).
Sven Wohlgemuth | 2 / 7 |