I was a pleasure to join a CSFI round-table discussion on identity today. It was the latest in a series of discussions to elucidate the problems with the current approach to identifying customers (and providers) in the financial services context. Subsequent discussions will focus on potential improvements and alternative solutions.
It was a broad-ranging discussion, as you'd expect, and tough to do justice to everyone's remarks, but worth a quick summary. Dr Ian Brown of the Oxford Internet Institute set the context in terms of the various meanings of 'identity' and how other disciplines view it. However, he doesn't believe it's helpful to think in terms of 'identity' itself, as opposed to 'reputation', for example. And it's not actually necessary in many cases for someone to be identified (e.g. a tube journey). People's attitudes to privacy vary with context: students have been shown to disclose more in their responses to an informal student survey than to official university research questionnaires. Ian also explained how the technological landscape is evolving - and ought to be encouraged to evolve - including the work of David Chaum and others on how to ensure 'unconditional anonymity' or that transactions you undertake are not shown as related. He suggested that approach could be promoted via initiatives like Project Stork (a project to enable interoperability of EU member state ID cards).
Marc Dautlich of Olswang pointed out that "identity" itself is not legally prescribed, but explained the relevant provisions of the Data Protection Act and the offences created by the Identity Documents Act 2010 relating to the possession of false documentation with improper intent. However, he believes the law does not adequately address the fact that the consequences of misuse of identity or personal data vary greatly according to the context. His sense is that it would be more helpful in the future to regulate for appropriate outcomes rather than regulate identity or personal data itself.
Marc Dautlich of Olswang pointed out that "identity" itself is not legally prescribed, but explained the relevant provisions of the Data Protection Act and the offences created by the Identity Documents Act 2010 relating to the possession of false documentation with improper intent. However, he believes the law does not adequately address the fact that the consequences of misuse of identity or personal data vary greatly according to the context. His sense is that it would be more helpful in the future to regulate for appropriate outcomes rather than regulate identity or personal data itself.
My role was to say something about alternative legal approaches to identity.
From the outset, given the pan-European approach to regulating data protection and money laundering, it's important to consider the difference between common law and civil law attitudes to regulation. In common law jurisdictions the law tends to follow commerce, whereas in civil law jurisdictions there's an expectation that the law should stipulate what can and cannot be done. That means UK players can't sit back and leave market forces to reveal any need for new regulations to support a shift to a new identity model. The EC will be under pressure to regulate how the new paradigm should work, and to influence such regulation we would need to participate in the EU 'social dialogue'.
From the outset, given the pan-European approach to regulating data protection and money laundering, it's important to consider the difference between common law and civil law attitudes to regulation. In common law jurisdictions the law tends to follow commerce, whereas in civil law jurisdictions there's an expectation that the law should stipulate what can and cannot be done. That means UK players can't sit back and leave market forces to reveal any need for new regulations to support a shift to a new identity model. The EC will be under pressure to regulate how the new paradigm should work, and to influence such regulation we would need to participate in the EU 'social dialogue'.
At any rate, 'identity' is not a constant, but flexible in terms of the data used to distinguish the subject from everyone else, the sources of that data, who controls it and the source of any requirement to identify the subject. Identity is contextual, as Ian mentioned. Some personal data we volunteer happily in a social media situation (or on reality TV), but less so in a formal or institutional situation. Often we have no control over the process. Money laundering regulation, for instance, casts an obligation on product providers to identify their customers by reference to official data.
An organisation's attitude to identity data also tends to be governed by whether the organisation is a 'facilitator' (which exists to solve its customers' problems) or an 'institution' (which primarilty exists to solve its own problems). Facilitators try much harder than institutions to ensure that their collection and use of personal data, and treatment of identity, is transparent and proportionate to the customer activity being facilitated, and 'friction' in the customer experience is kept to a minimum.
However, some institutional identity requirements may be disproportionate partly because the government views the institutions concerned as useful 'choke points' for imposing requirements for public policy purposes, like anti-terrorism or serious crime prevention.
An organisation's attitude to identity data also tends to be governed by whether the organisation is a 'facilitator' (which exists to solve its customers' problems) or an 'institution' (which primarilty exists to solve its own problems). Facilitators try much harder than institutions to ensure that their collection and use of personal data, and treatment of identity, is transparent and proportionate to the customer activity being facilitated, and 'friction' in the customer experience is kept to a minimum.
However, some institutional identity requirements may be disproportionate partly because the government views the institutions concerned as useful 'choke points' for imposing requirements for public policy purposes, like anti-terrorism or serious crime prevention.
In future, I suggested that we determine identity requirements from the consumer/customer standpoint, and ensure they are facilitative and proportionate (rather than simply a hurdle to be cleared). That may also mean solving public policy identification requirements in different ways. The semantic web represents an ideal opportunity to minimise identity issues. For instance, I've long been a proponent of the idea that you should have an applet on your computer that holds your personal profile and can interrogate product provider's semantic datafeeds to find, say, an insurance product that's right for you without requiring you to disclose your personal data.
I look forward to seeing the output of this round table process in due course.
Image from Brainstorm Services.
trabzon evden eve nakliyat
ReplyDeletebursa evden eve nakliyat
ordu evden eve nakliyat
erzurum evden eve nakliyat
mardin evden eve nakliyat
HU3J
düzce evden eve nakliyat
ReplyDeletedenizli evden eve nakliyat
kırşehir evden eve nakliyat
çorum evden eve nakliyat
afyon evden eve nakliyat
Z2G2H
urfa evden eve nakliyat
ReplyDeletemalatya evden eve nakliyat
burdur evden eve nakliyat
kırıkkale evden eve nakliyat
kars evden eve nakliyat
Bİ5T
A87AB
ReplyDeleteBatman Evden Eve Nakliyat
Mersin Lojistik
Kayseri Şehir İçi Nakliyat
Muş Şehir İçi Nakliyat
Tokat Lojistik
Gölbaşı Fayans Ustası
Ankara Asansör Tamiri
Adana Şehirler Arası Nakliyat
Muş Lojistik
D7DEE
ReplyDeletereferans kodu binance
en iyi kripto para uygulaması
en düşük komisyonlu kripto borsası
kaldıraç ne demek
kripto para haram mı
coinex
okex
binance referans
mexc
International Nursing Recruitment Agencies in the USA specialize in matching skilled international nurses with healthcare facilities. They offer services such as credential recognition, licensure support, and job placement, ensuring compliance with immigration and professional standards. These agencies streamline the hiring process, providing personalized career guidance and cultural assimilation programs to ease the transition into the American healthcare system. With a comprehensive understanding of regulatory landscapes, they facilitate smooth recruitment for both nurses and employers, ensuring that both parties achieve their professional objectives. Trust these agencies for reliable, efficient, and holistic recruitment solutions.
ReplyDeletehttps://www.dynamichealthstaff.com/international-nursing-recruitment-agencies-in-usa
Thanks and I have a tremendous offer you: Where To Start Home Renovation house remodeling near me
ReplyDeleteشركة مكافحة حشرات Z26Vvl1LEB
ReplyDelete