Automated privacy audits to complement the notion of control for identity management

Abstract

Identity management systems are indispensable in modern networked computing, as they equip data providers with key techniques to avoid the imminent privacy threats intrinsic to such environments. Their rationale is to convey data providers with a sense of control over the disclosure and usage of personal data to varying degree, so that they can take an active role in protecting their privacy. However, we purport the thesis that a holistic sense of control includes not only the regulation of disclosure, as identity management techniques currently do, but must equivalently comprise the supervision of compliance, i.e. credible evidence that data consumers behave according to the policies previously agreed upon. Despite its relevance, supervision has so far not been possible. We introduce the concept of privacy evidence and present the necessary technical building blocks to realise it in dynamic systems. © 2008 International Federation for Information Processing.