Marrying Transparency Tools with User-Controlled Identity Management

User-controlled identity management systems assist individuals in managing their private sphere. An individual’s privacy can be supported by transparency on processing of personal data. After giving an overview on transparency properties as well as its relation to privacy and data protection regulation, this text introduces different transparency tools: Prior to an interaction, information on the interacting party should be made transparent. During the interaction, privacy policies have to be communicated. Afterwards, users should be helped in exercising their privacy rights such as, among others, the right to access own personal data. In addition information on security and privacy incidents provides complementary data for the user’s perception of the level of privacy. Although transparency tools alone are no panacea for maintaining the private sphere, the combination of transparency tools and user-controlled identity management systems yields viable functionality to empower users to protect their privacy.

[1]  Robert Boguslaw,et al.  Privacy and Freedom , 1968 .

[2]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[3]  D. Brin The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? , 1998 .

[4]  D. Bainbridge Data protection , 2000 .

[5]  Daniela Gerd tom Markotten,et al.  Usability meets security - the Identity-Manager as your personal security assistant for the Internet , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[6]  Sebastian Clauß,et al.  Identity management and its support of multilateral security , 2001, Comput. Networks.

[7]  Charles D. Raab,et al.  Laws, PETs and Other Technologies for Privacy Protection , 2001, J. Inf. Law Technol..

[8]  Michael Waidner,et al.  Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data , 2002, Privacy Enhancing Technologies.

[9]  Wolfgang Wörndl,et al.  Privatheit bei dezentraler Verwaltung von Benutzerprofilen , 2003 .

[10]  Siani Pearson,et al.  Towards accountable management of identity and privacy: sticky policies and enforceable tracing services , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[11]  Sebastian Clauß,et al.  Datenschutzfreundliches Identitätsmanagement , 2003, Datenschutz und Datensicherheit.

[12]  Marit Hansen,et al.  Privacy-enhancing identity management , 2004, Inf. Secur. Tech. Rep..

[13]  C. Andersson,et al.  Trust in PRIME , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[14]  A. Jøsang,et al.  User Centric Identity Management , 2005 .

[15]  Lars Brückner,et al.  MozPETs - a privacy enhanced Web Browser , 2005, PST.

[16]  M. Rundle International Personal Data Protection and Digital Identity Management Tools , 2006 .

[17]  Mayuram S. Krishnan,et al.  The Personalization Privacy Paradox: An Empirical Evaluation of Information Transparency and the Willingness to be Profiled Online for Personalization , 2006, MIS Q..

[18]  M. Hildebrandt,et al.  A vision of ambient law , 2007 .

[19]  John Sören Pettersson,et al.  Outlining “Data Track”: Privacy-friendly Data Maintenance for End-users , 2007 .

[20]  Simone Fischer Hübner,et al.  HCI Designs for Privacy-Enhancing Identity Management , 2007 .

[21]  A Coulson,et al.  Data Protection , 2018, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..