Building Privacy into the Infrastructure: Towards a New Identity Management Architecture

University of Miami School of Law Legal Studies Research Paper Series Pub Date : 2016-05-23 DOI:10.2139/SSRN.2740719

A. Froomkin

{"title":"Building Privacy into the Infrastructure: Towards a New Identity Management Architecture","authors":"A. Froomkin","doi":"10.2139/SSRN.2740719","DOIUrl":null,"url":null,"abstract":"We are at risk of becoming digitally transparent to both government and the private sector. As it is increasingly obvious that US law is not going to prevent the destruction of personal privacy, we urgently need better privacy tools, baked into the way we do transactions. A partial, but significant, privacy enhancement would be a new Identity Management Architecture (IMA) enabling multiple privacy-protective transaction-empowered digital personae per user. Each persona (or ‘nym if you prefer) would have the ability to communicate, and at least a limited ability to transact, in a manner that would not be linkable, or least very difficult to link, to the real identity of the user. By using a variety of personae for online transactions, reading, and communication, users would defeat — or at least vastly reduce the effectiveness — of commercial and perhaps also governmental profiling.The problem is that an IMA that enables privacy enhanced personae is most unlikely to reach wide acceptance unless it is designed in a manner that makes it easy to use. It will not receive US governmental acceptance unless it also reduces the extent to which the personae can be used to break laws and evade contractual obligations. This paper thus discusses the legal and political considerations that might inform a requirements document for such an IMA with special reference to US law and likely US government reaction. It includes a survey of laws that parties engaging in or enabling anonymous or pseudonymous transactions should consider, and concludes with discussion of several critical design decisions including transnational credentials, the possibility of identity escrow for transactional personae, and speculation as to how personae might fare in the marketplace.The timeliness of this proposal is demonstrated by David Chaum’s recent announcement of new privacy protocol, PrivaTegrity, that contains most of the features needed to engineer a privacy-enhanced IMA that might be acceptable to law enforcement. The need for some action, whether based on PrivaTegrity or otherwise, is very great — so critical that it may time to accept the previously unthinkable, and accept some form of identity escrow as part of the IMA.","PeriodicalId":136236,"journal":{"name":"University of Miami School of Law Legal Studies Research Paper Series","volume":"114 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"University of Miami School of Law Legal Studies Research Paper Series","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2139/SSRN.2740719","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

We are at risk of becoming digitally transparent to both government and the private sector. As it is increasingly obvious that US law is not going to prevent the destruction of personal privacy, we urgently need better privacy tools, baked into the way we do transactions. A partial, but significant, privacy enhancement would be a new Identity Management Architecture (IMA) enabling multiple privacy-protective transaction-empowered digital personae per user. Each persona (or ‘nym if you prefer) would have the ability to communicate, and at least a limited ability to transact, in a manner that would not be linkable, or least very difficult to link, to the real identity of the user. By using a variety of personae for online transactions, reading, and communication, users would defeat — or at least vastly reduce the effectiveness — of commercial and perhaps also governmental profiling.The problem is that an IMA that enables privacy enhanced personae is most unlikely to reach wide acceptance unless it is designed in a manner that makes it easy to use. It will not receive US governmental acceptance unless it also reduces the extent to which the personae can be used to break laws and evade contractual obligations. This paper thus discusses the legal and political considerations that might inform a requirements document for such an IMA with special reference to US law and likely US government reaction. It includes a survey of laws that parties engaging in or enabling anonymous or pseudonymous transactions should consider, and concludes with discussion of several critical design decisions including transnational credentials, the possibility of identity escrow for transactional personae, and speculation as to how personae might fare in the marketplace.The timeliness of this proposal is demonstrated by David Chaum’s recent announcement of new privacy protocol, PrivaTegrity, that contains most of the features needed to engineer a privacy-enhanced IMA that might be acceptable to law enforcement. The need for some action, whether based on PrivaTegrity or otherwise, is very great — so critical that it may time to accept the previously unthinkable, and accept some form of identity escrow as part of the IMA.

查看原文本刊更多论文

在基础设施中构建隐私:迈向新的身份管理体系结构

我们面临着对政府和私营部门都变得数字化透明的风险。越来越明显的是，美国法律无法阻止对个人隐私的破坏，我们迫切需要更好的隐私工具，融入我们的交易方式。部分但重要的隐私增强将是一个新的身份管理体系结构(IMA)，为每个用户启用多个保护隐私的事务授权数字人物。每个角色(或者“化名”，如果你喜欢的话)都有交流的能力，并且至少有有限的交易能力，以一种不可链接的方式，或者至少很难链接到用户的真实身份。通过使用各种各样的角色进行在线交易、阅读和交流，用户将击败——或者至少大大降低有效性——商业和政府的形象。问题是，除非以易于使用的方式进行设计，否则支持隐私增强角色的IMA最不可能得到广泛接受。它不会得到美国政府的认可，除非它也能减少当事人被用来违反法律和逃避合同义务的程度。因此，本文讨论了法律和政治方面的考虑，这些考虑可能会为这种IMA的需求文档提供信息，并特别参考美国法律和可能的美国政府反应。它包括对参与或允许匿名或假名交易的各方应考虑的法律的调查，并以几个关键设计决策的讨论结束，包括跨国凭证，交易人物身份托管的可能性，以及关于人物在市场中如何发展的猜测。David Chaum最近宣布了新的隐私协议PrivaTegrity，该协议包含了设计一个可能被执法部门接受的隐私增强IMA所需的大部分功能，这证明了该提案的及时性。我们非常需要采取一些行动，无论是基于PrivaTegrity还是其他，这是非常重要的，以至于可能是时候接受以前不可想象的，并接受某种形式的身份托管作为IMA的一部分。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

University of Miami School of Law Legal Studies Research Paper Series

自引率

0.00%

发文量