Privacy Protection Goals and Their Implications for eID Systems

Zwingelberg, Harald; Hansen, Marit

doi:10.1007/978-3-642-31668-5_19

Cited by 26 publications

(26 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…33 Federated architectures were developed to function without need of global identifiers (or transfer of identifiers across organisations) [28]. Perhaps the Government Digital Service intended for a different MS at every SP, in which case there is no risk of the described behaviour.…”

Section: Pseudonymity Under Idapmentioning

confidence: 99%

“…Roßnagel et al in [33] examine the new criteria set by Privacy by Design principles, namely unlinkability, transparency and intervenability which will be mentioned in the analysis of Gov.UK Verify below. Privacy by Design derives from Cavoukian's work on the Laws of Identity [11].…”

mentioning

confidence: 99%

“…The record contains a pseudonym and the MDS. The MDS, in other words, is 33 See also [4] where the authors conclude that persistent pseudonyms and visibility of attributes (non-selective disclosure) could lead to user impersonation by the CH, should the CH become compromised. 34 including the Framework Agreement and the Identity Assurance Principles 35 eIDAS art 3 §1 36 According to IR 2015/1501 the minimum dataset is comprised of at least First and Last Name(s), date of birth and UID.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Identity assurance in the UK

Tsakalakis

O’Hara

Stalla-Bourdillon

2016

Proceedings of the 8th ACM Conference on Web Science

View full text Add to dashboard Cite

The UK Government has been designing a new Electronic Identity Management (eIDM) system that, once rolled-out, will take over how citizens authenticate against online public services. This system, Gov.UK Verify, has been promoted as a state-of-the-art privacy-preserving system, tailored to meet the requirements of UK citizens and is the first eIDM interoperability in which the government does not act as an identity provider itself, delegating the provision of identity to competing third parties. According to the recently enacted EU eIDAS Regulation, member states can allow their citizens to transact with foreign services by notifying their national eID scheme. Once a scheme is notified, all other member states are obligated to incorporate it into their electronic identification procedures. The UK Government is contemplating at the moment whether it would be beneficial to notify. This article examines Gov.UK Verify 's compliance with the requirements set forth by the Regulation and the impact on privacy and data protection. It then explores potential interoperability issues with other national eID schemes, using the German nPA, an eIDM based on national identity cards, as a reference point. The article highlights areas of attention, should the UK decide to notify Gov.UK Verify. It also contributes to relevant literature of privacy-preserving eID management by offering policy and technical recommendations for compliance with the new Regulation and an evaluation of interoperability under eIDAS between systems of different architecture.

show abstract

Section: Pseudonymity Under Idapmentioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

Identity assurance in the UK

Tsakalakis

O’Hara

Stalla-Bourdillon

2016

Proceedings of the 8th ACM Conference on Web Science

View full text Add to dashboard Cite

show abstract

“…However, this process may be supported by certificates that communication partners (the "relying parties") can get from a trusted party after having assessed the necessity for the attributes for the specified purpose. For the German eID card, this is done to allow selective disclosure of attributes such as information about the age or the domicile, and to distinguish between usage under pseudonym or by giving the real name [27].…”

Section: User-controlled Managing Of One's Identitiesmentioning

confidence: 99%

Data Protection by Default in Identity-Related Applications

Hansen

2013

Policies and Research in Identity Management

Self Cite

View full text Add to dashboard Cite

Abstract. "Privacy by default" is being discussed as one important principle for ICT system design. This principle has been taken up as "data protection by default" in the proposal for a European Data Protection Regulation published in 2012. However, it is debated what this principle should mean in practice.In this text, we analyze the relation to "security by default" and "privacy by design" and discuss different possible interpretations of the "data protection by default" principle. After presenting general considerations on how to choose and implement appropriate default settings, we exemplarily describe recommendations for typical identity-related application scenarios such as social network sites, user tracking on the web and user-controlled management of one's identities. Both the general and the scenario-based elaborations provide guidance for developers as well as evaluators.

show abstract

“…Roßnagel et al in [46] examine the new criteria set by Privacy by Design principles, namely unlinkability, transparency and intervenability which will be mentioned in the analysis of Gov.UK Verify below. Privacy by Design derives from Cavoukian's work on the Laws of Identity [13].…”

mentioning

confidence: 99%

Identity Assurance in the UK: technical implementation and legal implications under eIDAS

Tsakalakis

Stalla-Bourdillon

O’Hara

2017

JWS

View full text Add to dashboard Cite

Gov.UK Verify, the new Electronic Identity (eID) Management system of the UK Government, has been promoted as a state-of-the-art privacy-preserving system, designed around demands for better privacy and control, and is the first eID system in which the government delegates the provision of identity to competing private third parties. Under the EU eIDAS, Member States can allow their citizens to transact with foreign services by notifying their national eID systems. Once a system is notified, all other Member States are obligated to incorporate it into their electronic identification procedures. The paper offers a discussion of Gov.UK Verify's compliance with eIDAS as well as Gov.UK Verify's potential legal equivalence to EU systems under eIDAS as a third-country legal framework after Brexit. To this end it examines the requirements set forth by eIDAS for national eID systems, classifies these requirements in relation to their ratio legis and organises them into five sets. The paper proposes a more thorough framework than the current regime to decide on legal equivalence and attempts a first application in the case of Gov.UK Verify. It then assesses Gov.UK Verify's compliance against the aforementioned set of requirements and the impact of the system's design on privacy and data protection. The article contributes to relevant literature of privacy-preserving eID management by offering policy and technical recommendations for compliance with the new Regulation and an evaluation of interoperability under eIDAS between systems of different architecture. It is also, to our knowledge, the first exploration of the future of eID management in the UK after a potential exit from the European Union.

show abstract

Privacy Protection Goals and Their Implications for eID Systems

Cited by 26 publications

References 13 publications

Identity assurance in the UK

Identity assurance in the UK

Data Protection by Default in Identity-Related Applications

Identity Assurance in the UK: technical implementation and legal implications under eIDAS

Contact Info

Product

Resources

About