Skip to main content

“Identity Management by Design” with a Technical Mediator Under the GDPR

  • Conference paper
  • First Online:
Privacy and Identity Management (Privacy and Identity 2020)

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 619))

Included in the following conference series:

  • 653 Accesses

Abstract

The Charter of Fundamental Rights of the European Union (CFR) and the GDPR refer to the protection of personal data and personal identities. In the General Data Protection Regulation (GDPR) the term of personal data contains the protection of the physical, physiological, genetic, psychological, economic, cultural and social identities, Art. 4 para. 1 GDPR. This legal definition introduces the understanding of “identity” in a pluralistic sense. Thus, the notion of pluralistic and dynamic identities should be translated in a “privacy by design” mechanism. This notion of pluralistic identities would mirror a differentiated protection for personal identities based the right of informational self-determination, Art. 7, 8 CFR. Thus, the data subject should be enabled to develop the personal identity in an online-context in the same manner as it is done in an offline-context. This includes the opportunity for the data subject to control personal identities in their static “Idem-part” such as the name and their dynamic “Ipse-part” realized by the behavior (based on the philosophical theory by Ricœur). These parts of the personal identity should be visualized with a “dashboard” that allows the data subject to control and manage the personal identities. This “dashboard” should include an impartial technical mediator that embodies an effective, non-discriminatory and structured process. Such a technical mediator should be specified in an “identity management by design” mechanism based on Art. 25 GDPR in order to achieve an effective privacy protection in the era of Big Data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Acquisti, A.: Privacy in electronic commerce and the economics of immediate gratification. In: Proceedings of the 5th ACM conference on Electronic commerce, pp. 21–29. ACM (2004)

    Google Scholar 

  2. Axelrod, R.: The Evolution of Cooperation. Basic Books, New York (2006)

    Google Scholar 

  3. Barnett, J., Treleaven, P.: Algorithmic dispute resolution—the automation of professional dispute resolution using AI and blockchain technologies. Comput. J. 61, 399–408 (2017)

    Article  MathSciNet  Google Scholar 

  4. Ben-Shahar, O.: The myth of the ‘opportunity to read’ in contract law. In: ERCL, pp. 1–28 (2009)

    Google Scholar 

  5. Bernsdorff, N., Borowsky, M.: Die Charta der Grundrechte der Europäischen Union – Handreichungen und Sitzungsprotokolle, Baden-Baden (2002)

    Google Scholar 

  6. Directive 2008/52/EC of the European Parliament and of the Council of 21 May 2008 on certain aspects of mediation in civil and commercial matters (2008)

    Google Scholar 

  7. Dürig, M., Fischer, M.: Cybersicherheit in Kritischen Infrastrukturen. Datenschutz und Datensicherheit - DuD 42(4), 209–213 (2018). https://doi.org/10.1007/s11623-018-0909-1

    Article  Google Scholar 

  8. Eidenmüller, H.: Ökonomische und spieltheoretische Grundlagen von Verhandlung/Mediation. In: Breidenbach/Henssler (Hrsg.), Mediation für Juristen, pp. 31–55 (1997)

    Google Scholar 

  9. Erikson, E.H.: Identität und Lebenszyklus – Drei Aufsätze, vol. 27, pp. 150. Auflage, Berlin (2015)

    Google Scholar 

  10. Fogg, B.J.: Computers as persuasive social actors. In: Persuasive Technology: Using Computers to Change What We Think and Do, vol. 94, pp. 89–120 (2003)

    Google Scholar 

  11. Glasl, F.: Konfliktmanagement – Ein Handbuch für Führungskräfte, Beraterinnen und Berater, vol. 12, p. 236. Auflage, Bern (2020)

    Google Scholar 

  12. Fuster, G.G.: The Emergence of Personal Data Protection as a Fundamental Right of the EU, Cham, Heidelberg, pp. 256, 266–271 (2014)

    Google Scholar 

  13. Hermstrüwer, Y.: Informationelle Selbstgefährdung – zur rechtsfunktionalen, spieltheoretischen und empirischen Rationalität der datenschutzrechtlichen Einwilligung und des Rechts auf informationelle Selbstbestimmung, München, p. 158 (2016)

    Google Scholar 

  14. Hildebrandt, M.: Smart technologies and the end(s) of law – novel entanglements of law and technology, Cheltenham, USA (2015)

    Google Scholar 

  15. Hildebrandt, M.: Profiling and AmI. In: Rannenberg, K., Royer, D., Deuker, A. (eds.) The Future of Identity in the Information Society. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01820-6_7

  16. Hornung, G.: Die digitale Identität – Rechtsprobleme von Chipkartenausweisen: Digitaler Personalausweis, elektronische Gesundheitskarte. JobCard-Verfahren, Baden-Baden (2005)

    Google Scholar 

  17. Jarass, H.D.: Kommentar, Charta der Grundrechte der EU, München, Art. 7 GRC (2016)

    Google Scholar 

  18. Keupp, H.: Identitätskonstruktionen – Das Patchwork der Identitäten in der Spätmoderne, Reinbek bei Hamburg, vol. 215, pp. 99–103 (1999)

    Google Scholar 

  19. Kieck, A.: Der Schutz individueller Identität als verfassungsrechtliche Aufgabe – Am Beispiel des geschlechtlichen Personenstands, Berlin (2019)

    Google Scholar 

  20. Koops, E., De Vries, K., Hildebrandt, M.: D7.14b: idem-identity and ipse-identity in profiling practices, FIDIS report 21, pp. 28–33, April 2009

    Google Scholar 

  21. Korsgaard, C.M.: Self-constitution – agency, identity, and integrity, Oxford, pp. 35–37 (2009)

    Google Scholar 

  22. Lippmann, E.: Identität im Zeitalter des Chamäleons – Flexibel sein und Farbe bekennen, 2. Auflage, Göttingen/Bristol (2014)

    Book  Google Scholar 

  23. Luhmann, N.: Legitimation durch Verfahren, 10. Auflage, Frankfurt am Main (2017)

    Google Scholar 

  24. Marsch, N.: Das europäische Datenschutzgrundrecht, Tübingen, vol. 209, p. 77 (2018)

    Google Scholar 

  25. Maschmann. In: Kühling, Buchner (Hrsg.) Kommentar, DS-GVO, BDSG, München, Art. 88 DSGVO, pp. 14–16 (2018)

    Google Scholar 

  26. Nissenbaum: Privacy as contextual integrity, Wash. L. Rev., p. 119 (2004)

    Google Scholar 

  27. Pretschner, A., Walter, T.: Negotiation of usage control policies - simply the best? In: Third International Conference on Availability, Reliability and Security, pp. 1135–1136. IEEE (2008)

    Google Scholar 

  28. Raschke, P., Küpper, A., Drozd, O., Kirrane, S.: Designing a GDPR-compliant and usable privacy dashboard. In: Hansen, M., Kosta, E., Nai-Fovino, I., Fischer-Hübner, S. (eds.) Privacy and Identity Management. The Smart Revolution. Privacy and Identity 2017. IFIP AICT, vol. 526, pp. 221–236. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-92925-5_14

  29. Rasmusen, E.: Games and Information – An Introduction to Game Theory, 4th edn., pp 182–185. Oxford Press, Malden (2009)

    Google Scholar 

  30. Regulation (EU) No 524/2013 of the European Parliament and the Council of 21 May 2013 on online dispute resolution for consumer disputes (2013)

    Google Scholar 

  31. Ricœur, P.: Oneself as Another. Chicago Press, Chicago (1994)

    Google Scholar 

  32. Schelling, T.C.: The Strategy of Conflict. Oxford Press, Oxford (1969)

    Google Scholar 

  33. Spindler, G.: Persönlichkeitsschutz im Internet - Anforderungen und Grenzen einer Regulierung – Gutachten F zum 69. Deutschen Juristentag. In: Verhandlungen des 69, p. 212. Deutschen Juristentages, München (2012)

    Google Scholar 

  34. The Guardian. www.theguardian.com/news/series/cambridge-analytica-files. Accessed 08 Jan 2020

  35. Turkle, S.: Leben im Netz – Identität in Zeiten des Internet, Reinbek bei Hamburg (1999)

    Google Scholar 

  36. Watzlawick, P., Beavin, J.H., Jackson, D.D.: Menschliche Kommunikation – Formen, Störungen, Paradoxien, 13. Auflage, Bern (2016)

    Google Scholar 

  37. Windley, P.J.: Digital identity – unmasking identity management architecture (IMA), Beijing (2005)

    Google Scholar 

  38. Zander, T., Steinbrück, A., Birnstill, P.: Game-theoretical model on the GDPR – market for lemons? In: JIPITEC, p. 200 (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Anne Steinbrück .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2021 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Steinbrück, A. (2021). “Identity Management by Design” with a Technical Mediator Under the GDPR. In: Friedewald, M., Schiffner, S., Krenn, S. (eds) Privacy and Identity Management. Privacy and Identity 2020. IFIP Advances in Information and Communication Technology, vol 619. Springer, Cham. https://doi.org/10.1007/978-3-030-72465-8_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-72465-8_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-72464-1

  • Online ISBN: 978-3-030-72465-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics