ALBERT

Beschreibung:    The Web 2.0, with online social technologies such as social networking services, blogs, wikis, or microbloging, has brought the vision of the Internet as a social landscape in which people are engaged in a multitude of social activities. This editorial of the special issue ‘Social Web and Identity’ discusses the importance of identity in the context of the Social Web, introducing the different papers of this special issue and the different aspects associated to these online identities. The topics covered in this issue include how people define their identity in blogs and what is the articulation between online and offline identities in these systems. It also presents an article studying the privacy issues in online social networks and more specifically how these risks are perceived and how people can control their identity in this context. The next article compares privacy in two different categories of social systems (social network and collaborative workspace). Finally, another article discusses to what extent the current legislation, such the data protection regulations directive 95/46/EC, is providing the right instrument for dealing with privacy issues. Content Type Journal Article Pages 1-5 DOI 10.1007/s12394-009-0029-z Authors Thierry Nabeth, INSEAD Bvd de Constance 77305 Fontainebleau Cedex France Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 2 Journal Issue Volume 2, Number 1

Beschreibung:    Current advances in connectivity, sensor technology, computing power and the development of complex algorithms for processing health-related data are paving the way for the delivery of innovative long-term health care services in the future. Such technological developments will, in particular, assist the elderly and infirm to live independently, at home, for much longer periods. The home is, in fact, becoming a locus for health care innovation that may in the future compete with the hospital. However, along with these advances come valid privacy and security questions arising from the fact that the data collected and transmitted through these technologies could also allow for individual monitoring as well as unauthorized access to critical diagnostic and other health data. Content Type Journal Article Pages 363-378 DOI 10.1007/s12394-010-0054-y Authors Ann Cavoukian, Information and Privacy Commissioner Toronto Ontario Canada Angus Fisher, Intel Corporation Santa Clara CA USA Scott Killen, GE Healthcare Little Chalfont Buckinghamshire United Kingdom David A. Hoffman, Intel Corporation Santa Clara CA USA Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 2

Beschreibung:    Pervasive, easy-to-use privacy services are keys to enabling users to maintain control of their private data in the online environment. This paper proposes (1) an online privacy lifecycle from the user perspective that drives and categorizes the development of these services, (2) a layered platform design solution for online privacy, (3) the evolution of the PeCAN (Personal Context Agent Networking) architecture to a platform for pervasively providing multiple contexts for user privacy preferences and online informational privacy services, and (4) use of platform network effects for increasing wide-scale user adoption of privacy services. One implication of this paper’s concepts is that platform-mediated networks, which are reportedly the vehicles for most of the revenue earned by 60 of the world’s largest companies, and other platforms that commonly host millions of users, will not have to individually reinvent and manage sophisticated user services for privacy protection since universal privacy platforms can be layered on them in future. Content Type Journal Article Pages 319-341 DOI 10.1007/s12394-010-0057-8 Authors Dawn N. Jutla, Saint Mary’s University Department of Finance, Information Systems, and Management Science, Sobey School of Business Halifax NS Canada Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 2

Beschreibung:    Morgan et al. ( 2009 ) examine the notion of corporate citizenship and suggest that for it to be effective companies need to minimize harm and maximize benefits through its activities and, in so doing, take account of and be responsive to a full range of stakeholders. Specifically, they call for a “next generation” approach to corporate citizenship that embeds structures, systems, processes and policies into and across the company’s value chain. We take this notion of corporate citizenship and apply it to Privacy by Design concepts in a value chain model. Privacy by Design is comprised of Seven Foundational Principles (Cavoukian 2009 ), and as we develop the Privacy by Design Value Chain, those principles are incorporated. First, we examine the primary activities in the value chain and consider each of these seven principles, and then we extend the analysis to the support activities. Finally, we consider privacy implications and the challenges to be faced in supply chain and federated environments. Designing privacy into the value chain model is a practical, business view of organizational and privacy issues. This puts privacy where it belongs in an organization—everywhere personal information exists. We conclude that further research is needed to consider the internal stakeholders’ communications among the various departments within an organization with the goal of better communications and shared values, and we believe the value chain approach helps to further this research agenda. Also, federated environments necessitate that organizations can “trust” their third parties providers. Research and case studies are needed regarding how these organizations can create value and competitive advantages by voluntarily providing their customers with privacy practice compliance reports. For the most part, the future is bright for the protection of personal information because solutions, not problems are being proposed, researched, developed and implemented. Content Type Journal Article Pages 295-318 DOI 10.1007/s12394-010-0059-6 Authors Julie Smith David, Arizona State University The Privacy by Design Research Lab, W.P. Carey School of Business Tempe AZ USA Marilyn Prosch, Arizona State University The Privacy by Design Research Lab, W.P. Carey School of Business Tempe AZ USA Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 2

Beschreibung: Privacy by design: the definitive workshop. A foreword by Ann Cavoukian, Ph.D Content Type Journal Article Pages 247-251 DOI 10.1007/s12394-010-0062-y Authors Ann Cavoukian, Information & Privacy Commissioner Ontario Canada Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 2

Beschreibung:    This paper introduces the objectives and basic approach of a collaborative comparative research project on the introduction of national electronic Identity Management Systems (eIDMS) in Member States of the European Union. Altogether eight country case studies have been produced in two waves by researchers in the respective countries, which will be presented in the following articles in this special issue. The studies adopt a common conceptual framework and use the same terminology, which will be presented in this introduction, just as the reasoning for the selection of the particular countries under investigation. The conceptual framework combines elements of actor centred institutionalism with path analysis, looking for path continuation, change or creation in the transition from the previous IDMS to an electronic one and explaining this as choices of actors in certain contexts. Information on the reasons for these choices in the first four cases has been collected from in depth interviews with key actors and in the four other cases from official documents. As the subject of this research is the transition of national identity management systems only countries have been included in which a national ID and a civil registry already exist before the introduction of the electronic elements, thus excluding the UK. Content Type Journal Article Pages 5-26 DOI 10.1007/s12394-010-0052-0 Authors Herbert Kubicek, University of Bremen Applied Computer Science Institute for Information Management Bremen (ifib) Bremen Germany Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 1

Beschreibung:    Built-in privacy has for too long been neglected by regulators. They have concentrated on reacting to violations of rules. Even imposing severe fines will however not address the basic issue that preventative privacy protection is much more meaningful. The paper discusses this in the context of the International Working Group on Data Protection in Telecommunications (“Berlin Group”) which has published numerous recommendations on privacy-compliant design of technical innovations. Social network services, road pricing schemes, and the distribution of digital media content have figured prominently in the group’s latest working papers. More recently, a judgment of the European Court of Human Rights has thrown light on weaknesses in the protection of patients’ data in hospitals that requires urgent action by designers of IT systems. Built-in privacy is no magic button, no panacea, but it has turned out to be a necessary condition for meaningful privacy protection. Content Type Journal Article Pages 257-265 DOI 10.1007/s12394-010-0045-z Authors Alexander Dix, Berlin Commissioner for Data Protection and Freedom of Information Berlin Germany Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 2

Beschreibung:    The 2003 blackout in the northern and eastern U.S. and Canada which caused a $6 billion loss in economic revenue is one of many indicators that the current electrical grid is outdated. Not only must the grid become more reliable, it must also become more efficient, reduce its impact on the environment, incorporate alternative energy sources, allow for more consumer choices, and ensure cyber security. In effect, it must become “smart.” Significant investments in the billions of dollars are being made to lay the infrastructure of the future Smart Grid. However, the authors argue that we must take great care not to sacrifice consumer privacy amidst an atmosphere of unbridled enthusiasm for electricity reform. Information proliferation, lax controls and insufficient oversight of this information could lead to unprecedented invasions of consumer privacy. Smart meters and smart appliances will constitute a data explosion of intimate details of daily life, and it is not yet clear who will have access to this information beyond a person’s utility provider. The authors of this paper urge the adoption of Dr. Ann Cavoukian’s conceptual model ‘SmartPrivacy’ to prevent potential invasions of privacy while ensuring full functionality of the Smart Grid. SmartPrivacy represents a broad arsenal of protections, encapsulating everything necessary to ensure that all of the personal information held by an organization is appropriately managed. These include: Privacy by Design; law, regulation and independent oversight; accountability and transparency; market forces, education and awareness; audit and control; data security; and fair information practices. Each of these elements is important, but the concept of Privacy by Design represents its sine qua non. When applying SmartPrivacy to the Smart Grid, not only will the grid be able to, for example, become increasingly resistant to attack and natural disasters—it will be able to do so while also becoming increasingly resistant to data leakage and breaches of personal information. The authors conclude that SmartPrivacy must be built into the Smart Grid during its current nascent stage, allowing for both consumer control of electricity consumption and consumer control of their personal information, which must go hand in hand. Doing so will ensure that consumer confidence and trust is gained, and that their participation in the Smart Grid contributes to the vision of creating a more efficient and environmentally friendly electrical grid, as well as one that is protective of privacy. This will result in a positive-sum outcome, where both environmental efficiency and privacy can coexist. Content Type Journal Article Pages 275-294 DOI 10.1007/s12394-010-0046-y Authors Ann Cavoukian, Information and Privacy Commissioner Toronto Ontario Canada Jules Polonetsky, Future of Privacy Forum Washington DC USA Christopher Wolf, Future of Privacy Forum Washington DC USA Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 2

Beschreibung:    An introductory message from Peter Hustinx, European Data Protection Supervisor, delivered at Privacy by Design: The Definitive Workshop. This presentation looks back at the origins of Privacy by Design, notably the publication of the first report on “Privacy Enhancing Technologies” by a joint team of the Information and Privacy Commissioner of Ontario, Canada and the Dutch Data Protection Authority in 1995. It looks ahead and adresses the question of how the promises of these concepts could be delivered in practice. Content Type Journal Article Pages 253-255 DOI 10.1007/s12394-010-0061-z Authors Peter Hustinx, Brussels Belgium Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 2

Beschreibung:    The focus of this article is to explain why there is still no qualified digital signature in Denmark as defined by the EU eSignatures Directive nor any other nationwide eID even though Denmark had an early start in eGovernment, and a high level of “e-readiness” compared to other nations. Laying out the technological, organizational and legal dimensions of eID in Denmark, and comparing these with a number of other European countries made it possible to explain this paradox. Thus, the three main reasons for the special route development has taken in Denmark seems to be concerns over privacy, lack of intergovernmental coordination and lack of cooperation between public and private sector. However, with the recent tender on digital signatures won by the PBS and the roll-out of the NemID it seems that Denmark will finally—after twenty years of delay—have an eID which can be widely used in the public as well as the private sector. Content Type Journal Article Pages 155-174 DOI 10.1007/s12394-010-0056-9 Authors Jens Villiam Hoff, University of Copenhagen Department of Political Science Øster Farimagsgade 5 1353 Copenhagen K Denmark Frederik Villiam Hoff, University of Copenhagen Department of Political Science Øster Farimagsgade 5 1353 Copenhagen K Denmark Journal Identity in the Information Society Online ISSN 1876-0678 Journal Volume Volume 3 Journal Issue Volume 3, Number 1