|
Based on your IP address, your paper is being delivered by:
|
 |
 |
 |
 |
 |
New York, USA
Processing request.
|
Illinois, USA
Processing request.
|
Brussels, Belgium
Processing request.
|
Seoul, Korea
Processing request.
|
California, USA
Processing request.
|
If you have any problems downloading this paper,
please click on another Download Location above, or
File name: SSRN-id999695. ; Size: 159K
|
|
Secure User Identification Without Privacy Erosion
Stefan Brands
McGill University
University of Ottawa Law & Technology Journal, Vol. 3, No. 1, 2006
Abstract:
Individuals are increasingly confronted with requests to identify themselves when accessing services provided by government organizations, companies, and other service providers. At the same time, traditional transaction mechanisms are increasingly being replaced by electronic mechanisms that underneath their hood automatically capture and record globally unique identifiers. Taken together, these interrelated trends are currently eroding the privacy and security of individuals in a manner unimaginable just a few decades ago. Privacy activists are facing an increasingly hopeless battle against new privacy-invasive identification initiatives: the cost of computerized identification systems is rapidly going down, their accuracy and efficiency is improving all the time, much of the required data communication infrastructure is now in place, forgery of non-electronic user credentials is getting easier all the time, and data sharing imperatives have gone up dramatically. This paper argues that the privacy vs. identification debate should be moved into less polarized territory. Contrary to popular misbelief, identification and privacy are not opposite interests that need to be balanced: the same technological advances that threaten to annihilate privacy can be exploited to save privacy in an electronic age. The aim of this paper is to clarify that premise on the basis of a careful analysis of the concept of user identification itself. Following an examination of user identifiers and its purposes, I classify identification technologies in a manner that enables their privacy and security implications to be clearly articulated and contrasted. I also include an overview of a modern privacy-preserving approach to user identification.
Number of Pages in PDF File: 19
Keywords: identification, privacy, security, data sharing, authentication, cryptography
Accepted Paper Series
Download This Paper
Date posted: July 12, 2007
Suggested CitationBrands, Stefan, Secure User Identification Without Privacy Erosion. University of Ottawa Law & Technology Journal, Vol. 3, No. 1, 2006. Available at SSRN: http://ssrn.com/abstract=999695
|
| Feedback to SSRN (Beta) |
|
|
|
|
|
|
