Identification for Accountability vs Privacy
This work provides a framework for designing identity schemes that comply with GDPR, helping data processors and users navigate privacy-accountability trade-offs.
The paper addresses the conflict between privacy and accountability in identity management by proposing two identity forms—publicly-recognised and domain-specific—to balance these requirements, as guided by GDPR principles.
This document considers the counteracting requirements of privacy and accountability applied to identity management. Based on the requirements of GDPR applied to identity attributes, two forms of identity, with differing balances between privacy and accountability, are suggested, termed "publicly-recognised identity" and "domain-specific identity". These forms of identity can be further refined using "pseudonymisation" and as described in GDPR. This leads to the different forms of identity on the spectrum of accountability vs privacy. It is recommended that the privacy and accountability requirements, and hence the appropriate form of identity, are considered in designing an identification scheme and in the adoption of a scheme by data processing systems. Also, users should be aware of the implications of the form of identity requested by a system, so that they can decide whether this is acceptable.