18 research outputs found
Forensically ready digital identity management systems, issues of digital identity life cycle and context of usage
Collecting necessary digital and network forensics to prove the identity of an individual who is responsible for a crime, or suspected of a malicious attack, or has used a device during an incident, with minimum doubt to the court or other legitimate organisations based on the digital forensic investigation model is one of the most important legal and security issues of digital identity management systems (DIMSs). Without a good understanding and identification of the most important parameters of DIMS based on the digital forensic investigation model, it is not possible to do digital forensic investigation and provide required evidence. Therefore, the main goal of this paper is to identify and prioritise DIMS parameters by considering a user’s digital identity lifecycle, the contexts of usage challenges, and constraints that should be considered in a digital forensic readiness model
Final
The present report reviews the fundamental right to privacy and data protection which shall be assured to individuals and the Directive 95/46/EC which provides more detailed rules on how to establish protection in the case of biometric data processing. The present framework does not seem apt to cope with all issues and problems raised by biometric applications. The limited recent case law of the European Court of Human Rights and the Court of Justice sheds some light on some relevant issues, but does not answer all questions. The report provides an analysis of the use of biometric data and the applicable current legal framework in six countries. The research demonstrates that in various countries, position is taken against the central storage of biometric data because of the various additional risks such storage entails. Furthermore, some countries stress the risks of the use of biometric characteristics which leave traces (such as e.g., fingerprint, face, voice…). In general, controllers of biometric applications receive limited clear guidance as to how implement biometric applications. Because of conflicting approaches, general recommendations are made in this report with regard to the regulation of central storage of biometric data and various other aspects, including the need for transparency of biometric systems
Revisiting the legal regulation of digital identity in the light of global implementation and local difference
This thesis aims to address a vital gap that has emerged in the digital identity regulatory
discourse: how can the legal regulation of digital identity mirror the global nature of digital
identity and be compatible with national local difference?
Digital identity, or the digital representation of an individual, is a complex concept, which
manifests in myriad forms (e.g. authenticators, claims, data or information, identifiers,
presence, relationship representations and reputation) and natures. As such, it engages a
gamut of legal domains ranging from criminal law, constitutional law, human rights law, law
of identity schemes, contract law, intellectual property law, tort law and data protection law.
Digital identity is global and local in its nature, influence and effects. Yet, the digital identity
regulatory discourse has primarily developed in and focussed on the digitally advanced
West, leaving out countries like India which are developing strong digital presences, with
their own digital identity perceptions and needs. This situation is adverse to the sustained
future of digital identity. Thus, the contribution of this thesis lies in filling this gap and
preparing the ground for a dialogue between different countries with different national
agendas through building international and local awareness of how similarities and
differences operate in respect of digital identity, its regulation and providing a modest
solution to help preserve the global and local dimensions of digital identity and its
regulation.
To this end, the thesis carried out comparative legal research on the legal regulation of
digital identity using the UK and India as base jurisdictions. The original hypothesis was that
that immense differences in the legal regulation of digital identity between the comparator
countries would emerge. Yet, though differences were evident, considerable degrees of
similarity also emerged, not just on the superficial level of mere identity of rules, but also in
legal practice, in large part attributable to India’s penchant for legal transplants.
While the transplantation of Western law did not result in a full-scale rejection of the
transplanted laws in relation to digital identity in India, there are indications of anomalies
caused by the imposition of Western cultural norms through law on an Indian society ill
prepared for it. Thus there has resulted a tension between the local and the global, the
indigenous and the externally imposed. The challenge is thus to resolve this, taking into
account, on the one hand the need to maintain the global nature and relevance of digital
identity and the other, the need to accommodate and be responsive to local differences.
The thesis proposes a tentative solution called the tri-elemental framework (TeF) which
draws from the Indian philosophical and legal concept of dharma (and its elements of Sad
Achara, Vyavahara and Prayaschitta) and learns from the most universally relevant digital
identity proposal, De Hert’s right to identity. The solution provides one way in which the law
regulating digital identity, whatever its nature, can be made sense of and acquire cultural
meaning appropriate to local contexts