Data Protection by Default in Identity-Related Applications

Abstract : “Privacy by default” is being discussed as one important principle for ICT system design. This principle has been taken up as “data protection by default” in the proposal for a European Data Protection Regulation published in 2012. However, it is debated what this principle should mean in practice. In this text, we analyze the relation to “security by default” and “privacy by design” and discuss different possible interpretations of the “data protection by default” principle. After presenting general considerations on how to choose and implement appropriate default settings, we exemplarily describe recommendations for typical identity-related application scenarios such as social network sites, user tracking on the web and user-controlled management of one’s identities. Both the general and the scenario-based elaborations provide guidance for developers as well as evaluators.
Document type :
Conference papers
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download

https://hal.inria.fr/hal-01470500
Contributor : Hal Ifip <>
Submitted on : Friday, February 17, 2017 - 2:48:45 PM
Last modification on : Friday, February 17, 2017 - 3:16:31 PM
Long-term archiving on : Thursday, May 18, 2017 - 2:51:26 PM

File

978-3-642-37282-7_2_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Marit Hansen. Data Protection by Default in Identity-Related Applications. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. pp.4-17, ⟨10.1007/978-3-642-37282-7_2⟩. ⟨hal-01470500⟩

Share

Metrics

Record views

698

Files downloads

229