Over the last two decades, privacy has been fading away. Some people have even stated: You have zero privacy -get over it! As privacy researchers, we are not willing to accept this statement. Therefore, we analyze the causes for this fading away of privacy, and develop a set of approaches to preserve or even regain privacy. We argue that Privacy 3.0 should be a combination of (1) Data minimization, (2) User control of personal information disclosure, and (3) Contextual integrity. Data minimization is one of the main motivations for the development of privacy-enhancing technologies, which aim to limit collection and processing of personal data by data controllers. User control of personal information disclosure supports users in deciding which personal information is released to whom and in which situation. Contextual integrity provides a new quality of privacy by making the original context in which particular personal data have been generated easily accessible to all entities that are aware of that particular personal data.Zusammenfassung In den letzten zwei Jahrzehnten nahm das Gefühl von Privatheit im Internet bei den Benutzern immer mehr ab. Manche konstatierten sogar: Es gibt keine Privatheit -findet Euch damit ab! In diesem Artikel analysieren wir die Gründe hierfür und beschreiben synergetische Ansätze zur Erhaltung bzw. sogar Rückgewinnung von Datenschutz und Privatheit. Aus unserer Sicht sollte Privatheit 3.0 einem dreistufigen Ansatz folgen: (1) Datenminimierung, (2) Nutzerkontrolle und (3) Kontextuelle Integrität. Datenminimierung war und ist eine der treibenden Motivationen für die Entwicklung Privatheit fördernder Technik, die die Begrenzung von Datensammlung und Datenverarbeitung zum Ziel hat. Mit Hilfe der Nutzerkontrolle werden die Nutzer bei der Entscheidungsfindung unterstützt, welche persönlichen Daten sie wem und in welcher Situation zugänglich machen. Die Durchsetzung von Kontextueller Integrität hebt den Datenschutz auf eine qualitativ neue Stufe, indem der originale Kontext, in welchem persönliche Daten erstellt wurden, all den Entitäten, die Kenntnis von diesen persönlichen Daten haben, zugreifbar gemacht werden.
Access control is necessary to prevent illegal accesses to shared resources. Within eLearning, access control is required in order to protect provided contents and services as well as user data. Usually, access rights are assigned to users of a system. However, in a system that applies Privacy-Enhancing Identity Management (PIM) common approaches cannot be directly utilized since users do not act under fix login names. Within this paper, we want to discuss how protection of contents as well as of user data can be realized in such an environment. The context of our work is the eLearning application BluES'n 1 which additionally aims at providing users a flexible working environment. All functionality needed for realizing access control is provided by a PIM-aware platform which is currently developed within the European project PRIME 2 .
The design of identity management preserving an individual's privacy must not stop at supporting the user in managing her/his present identities. Instead, since any kind of privacy intrusion may have implications on the individual's future life, it is necessary that we identify and understand the issues related to longterm aspects of privacyenhancing identity management. Only that way, according solutions can be developed, which enable users to control the disclosure of their personal data throughout their whole lives, comprising past, present, and future. This paper will give a general overview about concepts supporting privacy-enhancing identity management. Further, it introduces the reader to the problem field of privacy management by means of privacy-enhancing identity management during various stages of life as well as in various areas of life. Statements about required mechanisms will be given as well as directions regarding the three most important aspects to consider when managing one's identities: communication infrastructure as well as selection of communication partners and tools.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.