The German National Digital ID and it�s Exemplarity for Other Countries
In the digital age more and more trust-based transactions are conducted online. This poses great risks in terms of safety, the authenticity and the responsible use of data. Again and again, sensitive data gets lost, fake identities appear and digitally stored personal data is used by third parties without the consent of their owners. The introduction of digital identity documents should solve these problems. The idea is to transfer the traditionally high security of these documents in “analog life” to the digital level. The additional use of certified identity providers who should vouch for individual attributes like name, date of birth or home address should also tighten security and the users should also have the opportunity to select specific data that seems to fit their necessities best for several use cases and opportunities like online banking or credit applications. The citizen is about to regain sovereignty over his digital identity.
These were the main reasons for the German government to introduce the new German National ID that is available for German citizens since November 1, 2010. The project I´d like to present is officially funded by the State of Berlin, Germany to develop use cases and attribute aggregation scenarios for the German National ID which means every new use case beyond simple identification and e-mail signature, two basic features available with the ID card from the beginning. There are three main questions that should be discussed:
1. The first topic of this project was the identification of privacy enhancing regulation elements and technologies, so how about surveillance, abuse and theft of personal data from the ID and the totally new idea of attribute networks that offer users control over several individual attributes like name or date of birth via cloud computing?
2. What is the Status Quo in judicial, technical and social questions regarding privacy and surveillance? What are the pros and cons for this ID card regarding privacy and surveillance potential? How should other developers, scientists and users deal with this triad of challenges? What about different judicial, cultural and social contexts in other countries?
3. The major element of this project is user control. How can user control persist, even in other environments, jurisdictions and ID card related projects or tools nobody has even though about? Are the basic ideas of this user control element portable and future-proof? Or do we need to think about user control with every new use case or at least ID card introduced in other countries?
The presentation should present state of the art research results consolidated within the last two years with a dual scope: on the one hand focused on basic research and on the other hand application-oriented. Due to the nature of this project the results will definitely influence the German ID discussion and the introduction of new use cases and tools within the next few years, so the predicted impact of this project should be rather high.
Consumer and Citizen Identities: Government Issued or Trust Frameworks?
Governments everywhere issue passports and other offline identities, to be used to identify to governments and businesses. For the online world this however differs per country. Two approaches however are popular: government issued eID’s and market issued eID within a government regulated trust frameworks. This presentation presents use cases from different European countries and the USA, discusses how they fit in these models, and how successful they are. Based on these use cases, success factors are derived for national eID solutions. These success factors were input to a Dutch project consortium project called cidSafe to study the feasibility of a Dutch trust framework for consumer-2-business identity for, initially, the financial sector. The outcome and lessons learned for this project are presented, including the importance of involvement of banks, business model challenges, branding issues, privacy and the role of government.