Abstract
User control in identity management is beset with a number of problems, as outlined in this paper. It is argued that akin to traditional contexts, greater user control will result in greater user liability, which is demonstrated with the help of digital and non-digital examples. In this context, there is a critical need for greater user empowerment. This could be achieved in two ways–first, facilitating user awareness of identity management technologies, their scope and effects and second, through the implementation of proposed control-liability notices.
Chapter PDF
Similar content being viewed by others
Keywords
References
Bhargav-Spantzely, A., Camenisch, J., Gross, T., Sommer, D.: User centricity: A Taxonomy and Open Issues. In: DIM 2006, Proceedings of the Second ACM Workshop on Digital Identity Management, pp. 1–10 (2006)
Cameron, K.: The Seven Laws of Identity, December 5 (2005), http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf
Sun Microsystems, Identity Management Solutions: Overview, http://www.sun.com/software/products/identity/ (As at January 5, 2009)
OpenID.Net, What is OpenID, http://openid.net/what/ (As at January 5, 2009)
Higgins: Open Source Identity Framework, The Eclipse Foundation, http://www.eclipse.org/higgins/index.php (As at January 5, 2009)
Hansen, M.: Marrying Transparency Tools with User-controlled Identity Management,” The Future of Identity in the Information Society. In: Fischer-Hubner, S., Duquenoy, P., Zucatto, A., Martucci, L. (eds.) Proceedings of the 3rd IFIP WG 9.2, 9.6/11.6, 11.7/FIDIS International Summer School, Karlstad, Sweden, August 2007, pp. 199–222. Springer, Heidelberg (2008)
Edwards, L., Brown, I.: Data Control and Social Networking: Irreconcilable Ideas? In: Matwyshyn, A. (ed.) Harboring Data: Information Security, Law and the Corporation. Stanford University Press (2009), http://ssrn.com/abstract=1148732
Dhamija, R., Dusseault, L.: The Seven Flaws of Identity Management: Usability and Security Challenges. IEEE Security & Privacy 6(2), 24–29 (2008), http://ieeexplore.ieee.org/iel5/8013/4489835/04489846.pdf?isnumber=4489835&prod=JNL&arnumber=4489846&arnumber=4489846&arSt=24&ared=29&arAuthor=Dhamija%2C+R.%3B+Dusseault%2C+L ; Gotterbarn, D.: Informatics and Professional Responsibility. Science and Engineering Ethics 7.2, 221–230 (2001)
Viacom International Inc., v YouTube Inc., YouTube LLC and Google Inc., Case 1:07-cv-02103-LLS, March 13 (2007), http://docs.justia.com/cases/federal/district-courts/new-york/nysdce/1:2007cv02103/302164/1/
British Telecommunications plc, Comprehensive Identity Management: Balancing Cost, Risk and Convenience in Identity Management , White Paper, p 7 (2007), http://www.btglobalservices.com/business/global/en/docs/whitepapers/22872_Identity_Mgmt_wp_en.pdf
National Computing Centre, Beware fake anti-virus programs, Industry News (Winter 2008), http://www.nccmembership.co.uk/pooled/articles/BF_WEBART/view.asp?Q=BF_WEBART_308688
Acquisti, A., Grossklags, J.: Privacy and Rationality in Decision Making. IEEE Security & Privacy 3(1), 26–33 (2005)
Erasmus, D.: The Praise of Folly, 1514
Laurie, B.: OpenID: Phishing Heaven, p. 187, January 19 (2007), http://www.links.org/? ; Leyden, J.: How Poor Crypto Housekeeping Left OpenID Open to Abuse, The Register, August 13 (2008)
Schneier, B.: Secrets and Lies: Digital Security in a Networked World, p. xi (2000)
Eap, T., Hatala, M., Gašević, D.: Enabling User Control with Personal Identity Management. In: 2007 IEEE International Conference on Services Computing, SCC 2007, pp. 60–67 (2007)
Joinson, A., Paine, C.: Self-disclosure, privacy and the Internet. In: Joinson, A., et al. (eds.) The Oxford Handbook of Internet Psychology, ch. 16, pp. 237–252 at 248–249. Oxford University Press, Oxford
Lyon, D.: Surveillance Studies: An Overview. Polity, Malden (2007)
Post, R.: Three Concepts of Privacy. 89 George. L J., 2087 (2001)
Heisenberg, D., Fandel, M.-H.: Projecting EU Regimes Abroad: The EU Data Protection Directive as Global Standard. Paper presented at the Annual Meeting of the American Political Science Association, Boston Marriott Copley Place, Sheraton Boston & Hynes Convention Center, Boston, Massachusetts, August 28 (2002), http://www.allacademic.com/meta/p65517_index.html
De Boni, M., Prigmore, M.: Cultural Aspects of Internet Privacy. In: Proceedings of the UKAIS Conference, Leeds (2002), http://www.leedsmet.ac.uk/ies/comp/staff/deboni/papers/Cultural_Aspects_of_Internet_Privacy.pdf ; Ruiz, B.: Privacy in Telecommunications: A European and an American Approach, p 40. Martinus Nijhoff Publishers (1997)
Privacy International, The 2007 International Privacy Ranking, December 28 (2007), http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-559597
UK House of Commons Home Affairs Committee, A Surveillance Society? Fifth Report of Session 2007-2008, Volume I, Report, together with formal minutes, published on June 8, 2008 by authority of the House of Commons London, The Stationery Office Limited, http://www.publications.parliament.uk/pa/cm200708/cmselect/cmhaff/58/58i.pdf
Wu, T.: Application-Centered Internet Analysis. 85 Va. L. Rev. 1163, 1203–1204 (1999); see also Goldsmith, J., Wu, T.: Who Controls the Internet? Illusions of a Borderless World, p.123 (2006)
Ohm, P.: The Myth Of The Superuser: Fear, Risk, And Harm Online, U. of Colorado Law Legal Studies Research Paper, No. 07-14, http://Ssrn.Com/Abstract=967372
Sherwin, E.: Infelicitous Sex. Legal Theory 2, 209–231 at p 229 (1996)
Westen, P.: Introduction at p 307, and Chapter 8. The Confusions of Consent, 309–336 in The Logic of Consent: The Diversity and Deceptiveness of Consent as a Defense to Criminal Conduct (2004)
Samson v Aitchison [1912] AC 844; 82 LJPC 1; 107 LT 106; 28 TLR 559
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data
Grey, T., et al.: US and EU Authorities Review Privacy Threats on Social Networking Sites: Part 2. ITLT 16 5 (7) (May 1, 2008); Wong, R.: Social Networking: Anybody is a Data Controller!, Working Paper, Revised Version (October 2008), http://ssrn.com/abstract=1271668
European Court of Human Rights, Judgment of 6 November 2003, Case C-101/01
Metro-Goldwyn-Mayer Studios Inc. v Grokster, Ltd. (04-480) 545 U.S. 913 (2005) 380 F.3d 1154
Metro-Goldwyn-Mayer Studios Inc. v Grokster, Ltd., as above
EFF, RIAA v. The People: Four Years Later (August 2007), http://w2.eff.org/IP/P2P/riaa_at_four.pdf ; Reuters, 459 European P2P users sued, October 7 (2004), http://www.afterdawn.com/news/archive/5675.cfm ; J Borland, RIAA sues 261 file swappers, CNET News.com, September 8 (2003), http://news.com.com/2100-1023_3-5072564.html ; Engel, J.: Music Industry Targets CMU, The Saginaw News, April 16 (2007) (quoting the RIAA as filing 18,000 lawsuits)
The Financial Times Limited v The Blackstone Group LP et al., US District Court Southern District of New York, Case Number 1:2009cv00783, Filed on January 28 (2009)
Poppleton v Trustees of the Portsmouth Youth Activities Committee [2008] EWCA Civ 646
Cameron, K.: The Seven Laws of Identity, Version 2, August 18 (2008), http://www.identityblog.com/?p=1007
R v Spurge [1961] 2 All ER 688
Burns v Bidder [1996] 3 All ER 29
Privacy Awareness Not Backed up by Behaviour, Survey Finds. Out-Law News, August 13 (2008), http://www.out-law.com/page-9345
Council Of Europe, http://www.coe.int/t/e/legal_affairs/legal_co-operation/data_protection/Data_Protection_Day_default.asp
Opinion on More Harmonised Information Provisions, WP 100, November 25 (2004), http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2004/wp100_en.pdf and Appendices: http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2004/wp100a_en.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Rodrigues, R. (2009). User Control Problems and Taking User Empowerment Further. In: Matyáš, V., Fischer-Hübner, S., Cvrček, D., Švenda, P. (eds) The Future of Identity in the Information Society. Privacy and Identity 2008. IFIP Advances in Information and Communication Technology, vol 298. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03315-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-03315-5_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03314-8
Online ISBN: 978-3-642-03315-5
eBook Packages: Computer ScienceComputer Science (R0)