a) To study the concept of identity in the future by: studying the security and privacy requirements of commercially available Identity management Systems; establishing and animating a network of experts, eventually contributing to a Network of Excellence and/or Integrated Project elaborating a prospective study on the technological, social, economic and legal impact of privacy and security requirements for the citizen;
b) To analyse the requirements for training and skills in the area of cyber- security and their employment impacts by: Specifying the kinds and levels of skills needed, considering that fraud, crime and new technologies are crucial factors in shaping future skills requirements Producing a picture of educational policies in the area of cyber-security in Europe Assessing existing training and education systems as to the future needs previously identified Elaborating foreseen employment impacts;
c) To conduct prospective analysis and validation of the concept of virtual residence by: Holding a workshop (experts from the Identity network) to define the concept of virtual residence Analysing prospectively the citizen's online privacy sphere Conducting a study on foreseen vulnerabilities of future Domestic networks. Anticipated milestones and schedule Identify and monitor technological trends via technology maps and scenarios (by March 2003). Analyse the implications (risks and opportunities) of these trends (by June 2003). Engage the ESTO network and other network partners to develop reference methods and/or validate results (June - November 2003). Translate the results for communication to the policy maker (December 2003).
a) Report on Identity Management Systems (Summer 2003). Report considering the socio-economic and regulatory/legal implications of the concept of identity in the future;
b) Workshop with key experts to identify and evaluate cyber security skills and training future needs in the business, public services and health environment domains and assess their impact on employment. Interim report on the needs. Comparative report on the courses/degrees on IT security (2003);
c) Prospective analysis on the concept of virtual residence (final report during 2003).
Summary of the Action:
Considering the role of the citizen in a European Information Society, the action will examine how to balance the need for managing the citizen's security while respecting his privacy. This includes three aspects:
a) ways through which he establishes, maintains and presents his identity in a virtual environment;
b) ways through which the surrounding domestic network accommodates his needs as well as;
c) the skills and training requirements that are imposed on him. Accordingly, three lines of action have been identified: To study the privacy and security requirements of current and future Identity Management Systems.
To analyse the imposed skills and training requirements in the area of cyber-security and their employment implications. To analyse prospectively and to validate the concept of virtual residence. Rationale The European Union aims to provide a safe environment for public and private enterprises to transact business deals, while striving to defend its citizen's and consumer's rights. More specifically the eEurope 2005 action plan proposes guidelines towards an inclusive, dynamic, competitive and secure knowledge based economy, placing emphasis on cyber-security. Cyber-security includes the technical, regulatory and policy means to establish and maintain citizen - consumer confidence in electronic communications, transactions and interactions.
The EU data protection Directives 95/46/EC and 97/66/EC, the Council of Europe Convention on Cybercrime, the European Commission Communication on "Creating a safer Information Society" and the Council resolution on network and information security are some examples of cyber- security policy activities already in progress. DG JRC is currently supporting DG INFSO policy activities related to cyber- security, particularly in the area of privacy and identity. Reliable and unbiased support is needed, in order to alleviate risks, including fraud, counterfeiting and identity theft, while balancing the increasing public concerns over invasions of privacy. Due to the rapidly evolving technology framework as well as its complexity, there is need for multi-disciplinary research activities with a European focus. The DG JRC, because of its independence from national or commercial interests, its past competence in the area as well as its proximity to the policy making Commission services is well placed to support the appropriate Commission services. The overall objective is to conduct a prospective analysis of the privacy and security requirements of currently available and future Identity Management Systems.