Identity crisis: Global challenges of identity protection in a networked world

Modern identity is valuable, multi-functional and complex. Today we typically manage multiple versions of self, made visible in digital trails distributed widely across offline and online spaces. Yet, technology-mediated identity leads us into crisis. Enduring accessibility to greater and growing personal details online, alongside increases in both computing power and data linkage techniques, fuel fears of identity exploitation. Will it be stolen? Who controls it? Are others aggregating or analysing our identities to infer new data about us without our knowledge or consent? New challenges present themselves globally around these fears, as manifested by concerns over massive online data breaches and automated identification technologies, which also highlight the conundrum faced by governments about how to safeguard individuals' interests on the Web while striking a fair balance with wider public interests. This paper reflects upon some of these problems as part of the inter-disciplinary, transatlantic ‘SuperIdentity’ project investigating links between cyber and real-world identifiers. To meet the crisis, we explore the relationship between identity and digitisation from the perspective of policy and law. We conclude that traditional models of identity protection need supplementing with new ways of thinking, including pioneering ‘technical-legal’ initiatives that are sensitive to the different risks that threaten our digital identity integrity. Only by re-conceiving identity dynamically to appreciate the increasing capabilities for connectivity between different aspects of our identity across the cyber and the physical domains, will policy and law be able to keep up with and address the challenges that lie ahead in our progressively networked world.     

The 2013 CLSR-LSPI seminar on electronic identity: The global challenge – Presented at the 8th International Conference on Legal,Security and Privacy issues in IT Law (LSPI) November 11–15, 2013, Tilleke & Gibbins International Ltd., Bangkok,Thailand

We are the middle of a global identity crisis. New notions of identity are made possible in the online world where people eagerly share their personal data and leave ‘digital footprints’. Multiple, partial identities emerge distributed across cyberspace divorced from the physical person. The representation of personal characteristics in data sets, together with developing technologies and systems for identity management, in turn change how we are identified. Trustworthy means of electronic identification is now a key issue for business, governments and individuals in the fight against online identity crime. Yet, along with the increasing economic value of digital identity, there are also risks of identity misuse by organisations that mine large data sets for commercial purposes and in some cases by governments. Data proliferation and the non-transparency of processing practices make it impossible for the individual to track and police their use. Potential risks encompass not only threats to our privacy, but also knowledge-engineering that can falsify digital profiles attributed to us with harmful consequences. This panel session will address some of the big challenges around identity in the digital age and what they mean for policy and law (its regulation and protection). Questions for discussion include: What does identity mean today? What types of legal solutions are fit for purpose to protect modern identity interests? What rights, obligations and responsibilities should be associated with our digital identities? Should identity management be regulated and who should be held liable and for what? What should be the role of private and public sectors in identity assurance schemes? What are the global drivers of identity policies? How can due process be ensured where automated technologies affect the rights and concerns of citizens? How can individuals be more empowered to control their identity data and give informed consent to its use? How are biometrics and location-tracking devices used in body surveillance changing the identity landscape?     

Digital identity – From emergent legal concept to new reality

Over the past decade, digital identity has gone from a largely unrecognized emergent legal concept to something that is now well known, but still not fully understood. Most individuals now know that they have a digital identity but its legal nature, its transactional functions, and its implications now and for the future, are not generally well understood.This article tracks the emergence of digital identity from the time it was recognized as a new legal and commercial concept to the present time; and outlines its impact and significance for individuals, governments, the private sector and even what is means to be a nation and a citizen in the digital era. The author recounts her experience in recognizing the implications of digital identity in 2006 to its current importance and the implications of future evolutions including an international digital identity, the groundwork for which is being laid now.     

Identity and its verification

The European Commission's eJustice Strategy seems to contemplate that all lawyers will be issued with an ‘identity card’ card, perhaps intended to include a key for making digital signatures. The Council of Bars and Law Societies of Europe (CCBE) is proposing to introduce such a card. The purpose of this article is to clarify what ‘identity’ is and what is involved in verifying it, and to offer some general observations about identity cards. Although written with the eJustice proposals in mind, nevertheless the purpose of this article is to address the topic in its widest sense, which means it affects identity and its verification, whatever the circumstances.     

社会认同复杂性与认同管理策略探析

社会认同论作为群体间行为的解释理论是群体关系研究中最有影响的理论.由于群体地位的差异,当某一群体在认知、情感上产生对所属群体身份不承认或疏离和自卑时便产生了社会认同威胁.为应对威胁和困境,社会认同管理策略旨在通过不同的策略手段以期获得积极的社会认同,提高个体和群体自尊.社会认同复杂性与管理策略的研究有助于加强我国转型期各群体之间的和谐共生,消减个体认同的困境,促进社会不同群体之间的融入与和谐.     

Delegation and digital mandates: Legal requirements and security objectives

Now that more and more legal transactions are being performed online, it is increasingly necessary to enable integration of legal mandates within identity and information management systems. The purpose of this article is to outline the legal framework surrounding delegation and to identify basic requirements for any technical application which seeks to provide recognition to legal mandates and delegation processes. Special consideration is also given to the legal implications in situations where a (presumed) mandate holder acts without or outside his authority. Based on these considerations, this article attempts to outline an approach which can significantly reduce the potential risks for both mandate issuers and relying service providers.     

从身份到契约——高校教师主体地位的错位和复归

从身份到契约的转变是现代社会人的主体地位实现的核心要素,也是国家治理从人治走向法治的重要标志。在计划经济条件下,高校对教师实行身份管理,而身份管理的最大弊端表现为被管理者对管理者的人身依附和不平等,忽略了教师的主体自在性和主观能动性。实行契约化管理并实现管理关系法治化、双方关系的法权化是中国高校新一轮内部管理体制改革的必然走向。     

Addressing identity crime in crime management information systems: Definitions,classification, and empirics

Identity fraud as a term and concept in its formative stages was often presumed to be identity theft and visa versa. However, identity theft is caused by the identities (or tokens) of individuals or organisations being stolen is an enabling precursor to identity fraud. The boundaries of identity fraud and identity theft are now better defined. The absence of specific identity crime legislation could be a cause of perpetrators not classified as breaching identity crimes but under other specific entrenched law such as benefit fraud, or credit card fraud. This metrics overlap can cause bias in crime management information systems. This study uses a multi-method approach where data was collected in both a quantitative and qualitative manner. These approaches are used as a lens for defining different classes of online identity crimes in a crime management (IS) security context. In doing so, we contribute to a deeper understanding of identity crime by specifically examining its hierarchical classes and definitions; to aid clearer structure in crime management IS. We seek to answer the questions: should current law around identity fraud continue to be reinforced and measures introduced to prevent identity crime; should laws be amended; or should new identity crime laws be constructed? We conclude and recommend a solution incorporating elements of all three.     

An identity‐based understanding of intergroup conflict

As conflict has at its basis a contest of ideas, values or resources between two or more groups, a comprehensive understanding of intergroup conflict must take into account the psychological processes that make groups and group behavior meaningful. Because individuals value and internalize identities relevant to their social, geographic, economic, historical and political positions, any devaluation, loss or imposed change to one of those identities is likely to be particularly threatening. The Social Identity Approach formulates an understanding of how these identity‐based motivations interact with social structures to predict intergroup conflict. Importantly, it also provides an explanation of how procedural justice mechanisms can be utilized to guide conflicting interests to common cooperative goals that can be accepted and pursued. By having representation and participation of relevant actors in the development of a shared identity, as is this case when nation states are formed or re‐created, threat is reduced, legitimacy built and the basis for positive intergroup relations created.     

I have a Facebook account,therefore I am – authentication with social networks

ABSTRACT

Social login is the use of a social network account to get access to other services. Since the internet in its architecture does not have the possibility to identify the internet user, for many services, social logins are the solution to authenticate users without the need to set up individual identity management systems. Social logins are not useful for all types of services, however, and the potential lock-in and lock-out of users needs to be considered.     

Further insights into the construct of criminal social identity: validation of a revised measure in a prison population

The current study objective was to develop a revised version of the Measure of Criminal Social Identity (MCSI) with an increased number of indicators to more reliably capture three MCSI dimensions. Dimensionality and construct validity of the Measure of Criminal Social Identity – Revised (MCSI-R) was examined among a sample of systematically selected inmates (N = 2192). Four competing models of the MCSI-R were specified and tested using Mplus with weighted least squares with mean and variance adjustment estimation. Bifactor model with three meaningful factors (cognitive centrality, in-group affect and in-group ties) while controlling for the general factor was the best fit for the data. Good composite reliability of the three MCSI-R dimensions was established. The three subscales of the MCSI-R evidence differential predictive utility for prisonization, number of incarcerations, self-esteem and violent offending. Practical implications and directions for future research are discussed.     

互联网电子身份管理模式及法律保障

在分析电子身份管理制度构建需应对挑战的基础上,剖析我国网络实名制的发展瓶颈,构建基于我国国情的互联网电子身份管理模式,探讨该模式可能引起的运作机制、信息安全保障、个人隐私权保护和法源依据等问题,并提出相应的法律保障建议。     

New Public Management and the Police Profession at Play

This article explores the ways in which competing institutional logics influence the knowledge base of the police, ideas about good police practice and organizational identities. A tension between the humanistic professional police logic and the instrumental New Public Management (NPM) logic is discussed in the context of policing. While the humanistic professional police logic gradually emerged in the 1960s and 70s, over the past twenty years the police force has been reformed in line with the NPM logic. Through qualitative interviews and a quantitative study of the police force, the article investigates the ways in which the ideas of what constitutes a normative good practice are shaped in relation to these two, opposing, logics. A central finding is that despite many years of NPM as the dominant steering logic, a humanistic professional logic persists. However, the shift towards the NPM logic transforms the knowledge base in a more evidence-oriented direction and affects the ideas of normative good practice, especially among police management.     

THE FUNNY SIDE OF DRUG DEALING: RISK,HUMOR, AND NARRATIVE IDENTITY

In this study, we explore the role humor plays in the narrated identities of drug dealers, in their negotiation of the threat of formal punishment, and in their cultural membership and authority. By drawing from interview and observation data gathered from 33 active drug dealers residing in St. Louis, Missouri, we find that humor facilitates identity work among illicit drug dealers in several ways. Humor is an important symbolic boundary marker distinguishing dealers from others they consider “stupid” or less circumspect. It also indicates dealers’ identities as “smart” and simultaneously establishes and validates their subcultural authority and membership in the symbolic group of “smart” dealers. Furthermore, drug dealers use denigrating humor in their narratives to distance their former and virtual identities from their present identities. Finally, humor also reduces dealers’ perceptions of the threats posed by police and potential snitches by casting dealers’ present identities and former reactions to the threat of punishment in a positive light. We conclude by discussing implications for narrative criminology, extant humor research, and current understanding of symbolic boundaries, identity work, and deterrence.     

Surveillance and identity management: Migrant perspectives on UK Biometric Residence Permits

The identity card for foreign nationals - now known as the Biometric Residence Permit (BRP) - was first introduced in November 2008. Following the May 2010 UK general election, the newly formed Conservative-Liberal Democrat Coalition government announced that the scheme would not be extended to UK citizens. To date, over 300,000 BRPs have been issued to UK foreign nationals - a group of non-EEA migrants that include international students, visiting scholars and entrepreneurs. In this paper, we draw on findings from interviews conducted with policymakers, advocacy groups, Higher Education administrators and foreign nationals - between March and December 2010 - to highlight some policy issues arising from the continued roll-out of the BRPs to this migrant group. We conclude by arguing that, although interviewees raised few objections to the BRPs in principle, cardholders were concerned about being unfairly ‘targeted’ for additional surveillance and remained unclear about the true purpose of the BRP. We identify a number of areas for further policy development.     

A cautionary note on the evaluation of genetic evidence from uniparentally transmitted markers

The combination of the information obtained from lineage genetic markers, such as mitochondrial DNA (mtDNA) and the non-homologous region of Y-chromosome, with data resulting from meiotically recombining loci (diploid/autosomal or haplodiploid/X chromosome) into a single likelihood ratio has been recently proposed. In this work we challenge this proposal and demonstrate that while the genetic evidence obtained from loci which reshuffle at meiosis is appropriate for individual probability calculations, mtDNA and Y-chromosome data are not and, consequently, that joining the evidential value of the two types of markers is generally inconsistent and should be avoided. The assumption of non-involvement of relatives must be clearly and explicitly stated and its acceptance must be left to the court decision.     

Analysis of 124 SNP loci included in HID Ampliseq identity panel in a small population of Rio de Janeiro,Brazil

Implementation of massively parallel sequencing platforms can bring a great contribution to Forensic Genetics field, with a great saving of time and costs, as well as allowing reliable results to be obtained from small or extremely degraded samples. The aim of this work was to analyze 124 SNP loci (90 autosomal and 34 Y-SNP) included in HID-Ion Ampliseq Identity Panel in a small sample from Rio de Janeiro state, Brazil. Samples from 12 non-related individuals were amplified with HID-Ion Ampliseq Identity Panel and sequenced on the Ion Torrent PGM platform (Thermo Fisher Scientific); genotypes were generated with HID SNP Genotyper plugin and forensic parameters were calculated with PowerStats v.12. All samples were successfully genotyped and were used to calculate allele frequencies, homozygosity, heterozygosity, random match probability (RMP) and exclusion power for all 90 autosomal SNP loci. Using the formula proposed by Budowle et al. (1996), only 4 of the 90 loci genotyped (4,4%) showed allele frequencies below the minimum required. It means that although a small set of individuals was used on this study, it may have shown a good perspective of Rio de Janeiro state allele frequencies. Among the 11 male samples analyzed, a prevalence of the haplogroup R1b of Y chromosome was observed, followed by the haplogroups E, Q and J. Such distribution reflects the results demonstrated in other studies for the population of Rio de Janeiro. All results together demonstrate the usefulness and applicability of SNP analysis on Ion Torrent PGM.     

Digital identity – The legal person?

This paper examines the concept of digital identity which the author asserts is now evident in the United Kingdom as a consequence of the Identity Cards Act (UK) 2006 and the National Identity Scheme it establishes. The nature and functions of the concept, particularly the set of information which constitutes an individual's transactional identity, are examined. The paper then considers the central question of who, or what, is the legal person in a transaction i.e. who or what enters into legal relations. The analysis presents some intriguing results which were almost certainly not envisaged by the legislature. The implications extend beyond the United Kingdom to similar schemes in other jurisdictions, and to countries, like Australia, which may implement such a scheme.     

Digital identity,privacy and the right to identity in the United States of America

This article analyses digital identity as an emergent legal concept in the United States of America, as a consequence of the move to place all federal government services on-line. The features and functions of digital identity and its legal nature are examined, and the consequences are considered.     

Mistaken identity,identity theft and problems of remote authentication in e-commerce

The problem of mistaken identity in e-commerce transactions brings together seemingly unrelated issues: privacy, network security, digital signatures – and classic contract law. Combining an academic exercise with the practical implications of the insecurity of the Internet, this paper draws some unexpected conclusions regarding cases of mistaken identity and exposes flaws in popular legal arguments on the subject. Problems of mistaken identity must be analysed afresh with a number of factors in mind: the more widespread use of fictitious identities in on-line transactions, the higher incidence of identity theft and the greater difficulty of authenticating the other transacting party. The trend to preserve the privacy of Internet users indirectly clashes with efforts to ensure transactional security in e-commerce. An indispensable prerequisite of the latter is the ability to identify the other party to the contract. The problem of mistaken identity is not new – but it assumes a different scale in e-commerce transactions.