Privacy Protection and Electronic Identity Management
- Privacy Enhancing Technologies
- Electronic Identity Management Infrastructure
- Policy and Legislation Background
- Events
- Further Reading
Privacy Enhancing Technologies
While innovative information and communication services are constantly improving people's lives and generating growth throughout Europe's economy, they can also bring about new privacy risks. Privacy Enhancing Technologies (PETs) can mitigate them by helping people better protect their privacy and personal data online.
The European Commission points out in its Communication on Promoting Data Protection by Privacy Enhancing Technologies (from May, 2007 - get the Communication and the press pack here), that risks such as identity theft, discriminatory profiling, continuous surveillance and fraud are increasingly undermining the consumer's privacy online because people cannot yet fully control or protect their privacy when using ICTs.
As their name suggests, PETs aim to protect privacy by making it more difficult to breach users' privacy, and allowing users to detect such breaches more easily. The overall goal is to increase consumer confidence and security online, thereby safeguarding the further development of trustworthy Information Society. The European Commission is supporting European academics and industrialists in developing the technologies by research, and removing obstacles to the wider deployment of technologies.
Research
The European Commission funds European research in this field under the Seventh Framework Programme for RTD (FP7, 2007-2013), - ICT Theme - see Secure, dependable and trusted Infrastructures.Two examples of research projects in the field of privacy enhancing technologies are:
- PRIMELIFE: bringing Sustainable Privacy and Identity Management to Future Networks and Services.
- PICOS: Privacy and Identity Management for Community Services.
In the past years and under the Sixth Research Framework Programme (FP6, 2002-2006), the European Commission has also funded research projects dealing with privacy enhancing technologies: see ICT for Trust and Security. Some examples of such projects include:
- PRIME: developing solutions for solutions on privacy-enhancing identity management. PRIME received the 2008 HP-IAPP Award in the category ‘Privacy Innovation Technology’.
- FIDIS: developing new ways for dealing with identities, including so-called user-controlled virtual identities, embodying concepts such as pseudonymity, anonymity and strong identification as required by circumstances.
Technology Deployment
Many obstacles and opportunities exist for new technologies to reach the market and make a difference. To overcome them the Commission launched the ICT Policy Support Programme ('ICT-PSP') that aims at stimulating innovation and competitiveness through increasing the use of ICTs by citizens, governments and businesses.
The ICT-PSP Workprogramme 2007 included a theme on privacy protection infrastructures. Following a call for proposals, the PrivacyOS thematic network project was selected and launched with Commission funding on 1 June 2008. PrivacyOS is dealing with privacy protection infrastructures. The fact-sheet of this project is available here.
The ICT PSP Workprogramme 2008 included a theme on Trusted Information Infrastructures and Biometrics Technologies (see Objective 3.2). Further information will become available soon.
The ICT PSP Workprogramme 2009 includes a theme on European infrastructure for secure information management (see Objective 7.1). The third call for proposals is open until 2 June 2009.
Electronic Identity Management Infrastructure
The European Commission in its Communication (March, 2009 -A Strategy for ICT R&D and Innovation in Europe: Raising the Game – get the Communication, the press pack and the Staff Working Paper here) proposes a strategy to establish Europe's industrial and technology leadership in information and communication technologies (ICT), to make Europe more attractive for ICT investments and skills, and to ensure that its economy and society benefit fully from ICT developments.
To speed up the achievement of specific societal goals, the European Commission is considering how to support a set of focused projects of significant scale and duration that cut across the innovation cycle to develop modern pan-European service infrastructures. Among the examples is an electronic identity management (eID) infrastructure, as the basis for trustworthy services in e-government and e-commerce. Today, a plethora of solutions result in fragmentation, closed solutions and lack of user control and transparency. FP6 and ongoing FP7 projects and CIP pilots constitute important steps towards an EU-wide project to implement an effective eID infrastructure, for example
- FIDIS, PRIME, PRIMELIFE, PICOS (see above)
- TURBINE: Trusted revocable biometric identity management based on innovative developments of cryptography and fingerprint biometrics.
- ACTIBIO: User authentication using activity related and soft biometrics.
- MOBIO: bi-modal biometric authentication technologies for portable devices.
- SWIFT: user centric identity management for federated telecommunications.
Policy and Legislation Background
The Charter of Fundamental Rights of the European Union recognises the right to the protection of personal data (Article 8). This fundamental right is embedded in the European legal framework on the protection of personal data, consisting mainly of:
- the Data Protection Directive - harmonised across Europe to remove obstacles to cross-frontier flows of personal data while ensuring high levels of protection (see also: the First Report on its implementation).
- the ePrivacy Directive, part of the Electronic Communications regulatory framework.
Events
Please visit the Trust and Security events page here.
Further Reading
Further reading on those topics can be found in the Publication section.
This page is maintained by: Tamas Kolossa