Fidis WP2

(NoE -- the Future of IDentityin the Information Society)

News & Information

Latest news and Highlights

Information

Events, Conferences, Call for Papers

Information Sources

Journals and Scientific magazines

  • Digital Identity World Magazine
    A magazine providing comprehensive, in-depth information and perspective on the entire digital identity industry.
  • The Digital ID World Newsletter
    December 18, 2003 Issue
  • CardTechnology.com
    Source for news about smart cards and such related payment and identification technologies as biometrics,     PKI, mobile commerce, physical access control and computer network security.
  • Cnet News.com Security
    Cnet News
  • Information Security Technical Report
    ISSN: 1363-4127, 4 issues per year
    Information Security Technical Report is designed for senior information security managers who need to keep informed on key areas in IT security
  • Privacy Times
    Privacy Times basically is designed for professionals and attorneys who need to follow the legislation, court rulings, industry developments and horror stories that frame the ongoing debate about information privacy. They cover such issues as the FTC's developing policy for the Internet, credit reports, Caller ID, medical records, "identity theft," the Freedom of Information Act, direct marketing and the European Union's Directive On Data Protection.
  • Biometrics Market Intelgence (BMI)
  • Biometric Technology Today
    Biometric Technology Today, a source of authoritative news, analysis, and surveys on the international biometrics market.
  • Sécurité informatique
    La revue de la sécurité des systèmes d'information au     CNRS
  • RFID Journal (magazine)
    Radio Frequency Identification for Business
  • --- academic Journals (and magazines)
  • IEEE Security & Privacy
    IEEE Security & Privacy will rethink the role and importance of networked infrastructure and help you develop lasting security solutions by bringing together leading experts on computer security technologies and privacy issues.
  • Journal of Computer Security
    The Journal of Computer Security presents research and development results of lasting significance in the theory, design, implementation, analysis, and appcation of secure computer systems and networks
  • Post Identity
    Post Identity, an international, fully-refereed journal of the humanities, publishes scholarship that problematizes the narratives underlying individual, social, and cultural identity formations; that investigates the relationship between identity formations and texts; and that argues how such formations can be challenged.
  • IDENTITY
    IDENTITY is a peer-review journal intended to provide a forum for identity theorists and researchers around the globe to share their ideas and findings regarding the problems and prospects of human self-definition
  • Self and Identity
    Taylor & Francis Group Ltd , The journal of the International Society for Self and Identity
    Self and Identity is devoted to the study of social and psychological processes of the self, including both its agentic aspects, as well as the perceived and construed aspects as reflected in its mental representations. The Journal aims to bring together work on self and identity undertaken by researchers across different subdisciplines within psychology (e.g., social, personaty, cnical, development, cognitive), as well as across other social and behavioral discipnes (e.g., sociology, family studies, anthropology, neuroscience).
  • ...
  • --- miscellaneous
  • The Journal of Identity Management
    Under construction
  • --- electronic newsletters
  • Cipher
    The IEEE Computer Society TCSP (Technical Committee on Security and Privacy) Electronic Newsletter
  • EPIC Alert
    online newsletter of the Electronic Privacy Information Center in Washington, DC.
    Resource indicated by Andreas Pfitzmann
  • INDICARE newsletter
    Newsletter of DRM (Digital Right Management) in Europe.
    Resource indicated by Kai Rannenberg, GUF
  • ...
  • --- other Journals (identity is not the central topic)
  • International Journal of Web Based Communities (IJWBC)
    Focuses on the growing role of the     WWW for new types of communities and new ways to let traditional communities survive.
  • The Journal of Computer-Mediated Communication
  • ...

Articles, papers, etc. (academic and scientific)

Articles, news, etc. (Magazines)

  • note: see also the miscellaneous section for news on RFID, profing, spying, etc.
  • Google automates personazed search
    by Enor Mills, CNET News.com, June 28, 2005,
    Google on Tuesday launched a new version of its personazed search that monitors previous searches to refine future results.
  • To catch a thief
    by Tom Zeller Jr., The New York Times, via CNET News.com, June 25, 2005
    Indicates a use of profing technologies to detect ID fraud
    Resource indicated by Mireille Hildebrandt, VUB
  • Consumers, retailers grapple with data theft
    by Joris Evers, CNET News.com, June 22, 2005,
    like Simitian, Feinstein believes that notification is "vital to affording individuals the abity to protect their identity and their credit," she wrote. Feinstein has introduced a bill in the U.S. Senate that would require that consumers be notified of certain types of security breach.
  • Be a Gaming God for Dollars a Day
    by Daniel Terdiman, Wired News, June 23, 2005
    About renting out high-level characters for popular onne games
  • These walls (and teddy bears) have eyes
    by Michael Kanellos, CNET News.com, June 9, 2005
    Though the system is geared mostly toward providing parents with better information about their kids, there is an entertainment aspect to the monitor as well. The pictures taken nightly by the camera can be strung together to form a composite video charting the baby's development. A prototype teddy bear developed by the same group, meanwhile, contains a hidden video camera.
  • Study: Shoppers naive about retail prices online
    CNN, June 1, 2005
    Most American consumers don't realize Internet merchants and even traditional retailers sometimes charge different prices to different customers for the same products, according to a new survey.
  • IBM software aims for both security and privacy
    by Steve Lohr, The New York Times, via CNET News.com, May 24, 2005
    The new product goes beyond finding relationships in different sets of data. The software, which IBM calls DB2 Anonymous Resolution, enables companies and government agencies to share personal information on customers and citizens without identifying them.
  • Personal data for the taking
    by Tom Zeller Jr., The New York Times, via CNET News.com, May 18, 2005
    As part of a computer science and security project (Johns Hopkins project) and working with a strict requirement to use only legal, public sources of information, groups of three to four students set out to vacuum up not just tidbits on citizens of Baltimore, but whole databases: death records, property tax information, campaign donations, occupational cense registries.
    Several groups managed to gather well over a milon records, with hundreds of thousands of individuals represented in each database.
  • Microsoft to flash Windows ID cards
    by Joris Evers, CNET News.com, May 18, 2005
    The Redmond, Wash.-based software giant plans to release a technical preview of the software, code-named InfoCard, by the end of May, Microsoft said.
  • FAQ: How Real ID will affect you
    by Declan McCullagh, CNET News.com, May 6, 2005
  • Microsoft to plug ID controls into Windows
    by Reuters, posted in CNET News.com, March 29, 2005
    Microsoft will build software for managing identities into Windows (called "info-cards") in order to beef up security by giving users more control over their personal information.
    While Microsoft's earlier plans involved the use of centrally stored information beyond the computer desktop, the info-card system will keep data stored on a personal computer, Microsoft said
  • EU goes on biometric LSD trip
    by Kevin Polisen, The Register, Thursday 3rd February 2005
    In December 2004, the European Commission adopted the biometric passports directive, a regulation that mandates the use of biometric facial images within 18 months and fingerprints within three years for all passports issued.
  • States to test ID chips on foreign visitors
    by Alorie Gilbert, CNET News.com, January 26, 2005
    The U.S. Department of Homeland Security plans to begin issuing special identification devices to foreign visitors arriving by foot and by car by July 31, according to a Tuesday announcement from the agency
  • Federal agent raps ISPs over cybercrime
    by Will Sturgeon, CNET News.com, anuary 25, 2005
    Speaking at the Computer and Internet Crime Conference in London, FBI agent Ed Gibson, who is an assistant legal attache to the U.S. Embassy, expressed concerns that national boundaries are still too much of an obstacle to law enforcement.
  • eBay revokes Microsoft's Passport
    by Robert Lemos, CNET News.com, January 19, 2005
    Online auctioneer eBay officially has notified customers that it will no longer allow them to log on through Microsoft's identity management service, Passport.
  • Prescription for digitized health records
    by Steve Lohr, The New York Times on the Web, via CNET News.com, January 19, 2005
    The information on a patient inside a doctor's office, the report contends, must be capable of being sent across the network freely to hospitals, laboratories, speciasts, insurers and researchers, if the promise of improved care and reduced costs are to be achieved.
  • Worried about Wi-Fi security?
    by Matt Hines, CNET News.com, January 19, 2005
    "But what these people don't understand is that if someone else starts using your network to browse whatever they want on the Web, it's going to come back to your IP address.". In one instance, a Los Angeles man pleaded guilty in September to distributing pornography spam e-mails, sent out using other people's Wi-Fi connections, which he accessed from inside his car.
  • Getting the Chills
    by E. J. Dionne Jr., The Washington Post, Friday, December 17, 2004; Page A33
    In Rhode Island, Jim Taricani, a television reporter, has been sentenced to six months of home confinement for his refusal to say who leaked him a secret FBI videotape of a top aide to former Providence mayor Vincent A. Cianci Jr. taking a bribe.
    Resource indicated by Claudia Diaz
  • Inflicting pain on 'griefers'
    by David Becker, CNET News.com, December 13, 2004
    As onne-game companies court new and wider audiences, many are running into an old problem: "griefers," a small but seemingly irradicable set of players who want nothing more than to murder, loot and otherwise frustrate the heck out of everyone else.
    An increasing number of game companies are fighting griefer damage using a combination of technology, sociology and psychology.
  • Consortium forms IM threat center
    by Dawn Kawamoto, CNET News.com, December 7, 2004
    A group of companies led by IMlogic on Tuesday unveiled a security center designed to monitor threats targeting instant messages and peer-to-peer appcations.
  • Online Identity Theft: Many Medicines, No Cure
    by Paul Roberts, PC World, November 26, 2004
    Anti-phishing applications, smart cards, and new authentication technologies are vying for your support.
  • Brain Imaging with MRI Could Replace lie Detector
    RSNA 2004 news room, 29 November 2004
    CHICAGO - When people e, they use different parts of their brains than when they tell the truth, and these brain changes can be measured by functional magnetic resonance imaging (fMRI), according to a study presented today by Scott H. Faro at the annual meeting of the Radiological Society of North America. The results suggest that fMRI may one day prove a more accurate lie detector than the polygraph.
  • FBI: Hidden threat inside cybercrime
    by Reuters, CNET News.com, November 10, 2004
    The hacking and identity theft tools now earning big money for mainly Eastern European organized crime could be used by terrorists to attack the United States, an FBI official said on Wednesday.
  • Old scams pose the 'greatest security risk'
    by Munir Kotadia, CNET News.com, November 1, 2004
    Rich Mogull, research director for information security and risk at Gartner, said in the announcement that social engineering is more of a problem than hacking.
    The research company defined social engineering as "the manipulation of people, rather than machines, to successfully breach the security systems of an enterprise or a consumer".
  • Secret Service busts onne ID fraud ring
    by Robert Lemos, CNET News.com, October 28, 2004
    Federal agents and international ales arrest 28 suspects thought to have traded in credit card numbers and financial information.
  • Judge disarms Patriot Act proviso
    by Declan McCullagh, CNET News.com, September 29, 2004
    A key part of the USA Patriot Act that allows the FBI to secretly demand information from Internet providers violates the U.S. Constitution, a federal judge said Wednesday in a ruling that could have a broad impact on government surveillance.
  • Academics get NSF grant for Net security centers
    by Robert Lemos, CNET News.com, September 21, 2004
    The National Science Foundation announced Tuesday that it has granted more than $12 milon to academic researchers for the creation of two centers to investigate infectious code and study the Internet's ecology.
  • Feds order airlines to divulge passenger details
    by Declan McCullagh, CNET News.com, September 21, 2004
    The U.S. Department of Homeland Security said Tuesday that it will order airnes to hand over the complete records of all passengers who traveled on a domestic flight in the month of June.
  • Barbarians at the digital gate
    by Timothy L. O'Brien and Saul Hansell, The New York Times, September 19, 2004
    The rapid proferation of such programs (spywares, addwares) has brought Internet use to a stark crossroads, as many consumers now see the Web as a battlefield strewn with land mines.
  • Caller ID: Do you really know who's calling?
    by Ben Charny, CNET News.com, August 30, 2004
    This week, a company is launching technology that will make it possible for someone to choose what appears on phones that have Caller ID, the feature for displaying identifying information about an incoming call.
  • Microsoft touts 'Sender ID' to fight spam, scams
    CNET News.com, August 12, 2004
    Microsoft on Thursday is holding a summit with members of the E-Mail Service Provider Coation to address the use of Sender ID technology as a standard to fight spam and phishing.
  • The weakest security nk? It's you
    by Dawn Kawamoto, CNET News.com, July 22, 2004
    Security technology may be getting more sophisticated, but that doesn't mean employees are--and they're often the last ne of defense against viruses and other potentially costly security threats.
  • Microsoft to show off ID federation
    by Robert Lemos, CNET News.com, May 24, 2004.
    Microsoft will display on Tuesday software that lets customers sign in to a Web site and then take their identity with them as they browse the Web to other federated sites, a representative said.
  • RSA launches identity manager
    by CNET News.com, May 11, 2004.
    RSA Security has released a new product designed to help companies securely share the digital identities of their customers with partners and other enterprises.
  • Netegrity Introduces Universal Federation Architecture With Immediate Support of the berty Alance Specification
    Waltham, MA - 04/02/2004
    Netegrity, Inc. (    NETE), today announced its new Universal Federation Architecture (UFA) which is designed to standardize the sharing of identity information across appcations within the enterprise as well as to partner companies outside of the enterprise for legacy, Web, and service oriented environments.
    Resource indicated by Eric Freyssinet
  • Passport to nowhere?
    by David Becker, CNET News.com, March 23, 2004.
    Remember when Microsoft was going to be your trusted, omnipresent guide through the world of onne commerce?
  • Study: Identity theft worries consumers
    by Dinesh C. Sharma, CNET News.com, February 25, 2004.
    Most consumers do poorly when it comes to password management, making them vulnerable to identity theft, according to a new survey.
  • TiVo watchers uneasy after post-Super Bowl reports
    by Ben Charny, CNET News.com, February 5, 2004
    Janet Jackson's Super Bowl flash dance was shocking in more ways than one: Some TiVo users say the event brought home the reazation that their beloved digital video recorders are watching them, too.
  • Sun Java Identity Server 6.1 Offers New Identity Management Features
    Java Developer's Journal, December 15, 2003.
    The new minor release of the Sun Java System Identity Server 6.1 is the first commercially available identity management product to support both Liberty v. 1.1 and SAML 1.0.
  • Telling the Identity Story
    by Phil Becker, March 06, 2003
    Digital Identity World
  • Face recognition technology a proven farce
    by Thomas C. Greene, The Register, 4th January 2002
    The face recognition system (in Tampas, Florida) has thus far failed to identify one single crook or pervert sted in the department's photographic database, while falsely identifying 'a large number' of innocent citizens
  • Three Tiers of Identity
    by Andre Durand, March 16, 2002
    Digital Identity World
    This article examines the concept that there are in fact at least three distinct types of identity: a Personal Identity (assumed); a Corporate Identity (assigned) and a Marketing Identity (abstracted).
  • The Digital Persona and its Application to Data Surveillance
    by Roger Clarke
    The Information Society 10,2 (June 1994)
  • ...

Documents, reports

  • Open to Exploitation: American Shoppers Online and Offline
    Annenberg Public Policy Center report, June 1, 2005
    Sixty-four percent of American adults do not know that it is legal for online stores to charge different people different prices at the same time of day for the same product. This Groundbreaking new study explores this and many other shopping rules that all Americans need to know in order to protect themselves from online and offline exploitation.
    Resource indicated by Mireille Hildebrandt, VUB
  • Microsoft's Vision for an Identity Metasystem
    Microsoft Corporation, May 2005
    Resource indicated by Christian Geuer-Pollmann, Microsoft
  • Towards Understanding Identity
    eema, Identity Technologies & Services Interest Group, September 2004
    Paper lead by David Goodman -     IBM,
    The objective of this document is to address the fundamentals underlying the definitions and understanding of identity based on the assumptions and experience known from the real-world in order to map them on to the requirements emerging from the digital world. The same approach will be taken with the processes associated with identity, primarily registration and validation - creating and then proving identity.
    Note: This document is only available to eema members (and has been made available to the Fidis consortium). Contact eema to check the possibity to access this document.
    Resource indicated by David-Olivier Jaquet-Chiffelle, VIP
  • The IBM Global Business Security Index
    a monthly report of threats to computer networks in an effort to estabsh an indicator similar to the federal government's Homeland Security Advisory System.
  • The Ernst & Young Global Information Security Survey 2004
    Ernst & Young, September 2004
    The 2004 Ernst & Young Global Information Security Survey questioned 1,233 leading organizations in 51 countries.
    "It is becoming increasingly difficult for organizations to retain control over the security of their information and for senior management to grasp the level of risk being faced," and organizations may be protecting themselves against the wrong threats or, at least, not protecting themselves against the most obvious threat of all: employees and other people with internal access to data.
  • Identity Management Embraces The Future
    by Steve Hunt, Forrester Research, June 21, 2004
    Identity management vendors are finding ways to move into new market niches.     BMC's new partnership with Consul is the latest example of a successful identity management vendor adding security event management. BMC sets itself apart, however, by joining ranks with a leader in compance management.
  • Emerging Identity Management Prospects
    Datamonitor report, ref: DMTC0976, 14 May 2004
    Analyse the IDm products and services market for North America, Latin America, EMEA and Asia Pacific.
    $2295
  • US FTC Survey of Identity Theft
    FTC, September 3, 2003
    FTC Releases Survey of Identity Theft in U.S. 27.3 Milon Victims in Past 5 Years, Billions in Losses for Businesses and Consumers.
  • Americans and online Privacy: The System is Broken
    Annenberg Public Policy Center report, June 25, 2003
    Do Americans understand the purpose on internet privacy pocies? Do they know how websites use information about them? Do they trust government to protect their personal information? The Annenberg public policy Center of the University of Pennsylvania's provocative new report, Americans and online Privacy: The System is Broken, addresses these specific questions
  • Rapport Parlementaire N° 0938 - Les méthodes scientifiques d'identification des personnes à partir de données biométriques et les techniques de mise en oeuvre (in french)
    M. Christian Cabal,     Assemblée Nationale, France, juin 2003
    Rapport de l'Office parlementaire d'évaluation des choix scientifiques et technologiques sur les méthodes scientifiques d'identification des personnes
  • Resolutions were adopted at the 25th International Conference of Data Protection and Privacy Commissioners, 10-12 September 2003.
    These resolution include:
    1.Resolution on improving the communication of data protection and privacy information practices
    2.Resolution concerning the Transfer of Passengers' Data
    3.Resolution on Data Protection and International Organisations
    4.Proposed Resolution on Automatic Software Updates
    5.Resolution on Radio-Frequency Identification
    Resource indicated by Eric Freyssinet
  • NIST Special Publication 800-72, Guidelines on PDA Forensics
    NIST, August 2004
    The report details software tools to aid in the extraction of data from handhelds.
    The primary audience of the PDA Forensic Tool document is law enforcement, incident response team members, and forensic examiners who are responsible for conducting forensic procedures related to digital handheld devices and associated removable media.
  • Who Goes There? Authentication Through the Lens of Privacy
    Stephen T. Kent and Lynette I. Millett, Editors, 165 pages (approx.), 2003.
    This report explores authentication technologies (including passwords,     PKI, biometrics, etc.) and their implications for the privacy of the individuals being authenticated. As authentication becomes ever more ubiquitous, understanding its interplay with privacy is vital. The report examines numerous concepts, including authentication, authorization, identification, privacy, and security. It provides a framework to guide thinking about these issues when deciding whether and how to use authentication in a particular context. The report explains how privacy is affected by system design decisions...
    Resource indicated by David-Olivier Jaquet-Chiffelle, VIP

Dissertation work

  • Faceted Id/entity: Managing representation in a digital world
    by Danah Boyd
  • PhD dissertation: Electronic capture and analysis of fraudulent behavioral patterns: An application to identity fraud
    Benjamin Ngugi
    Expected date of completion: Summer 2005
    The objective of this thesis is to find a transparent way of mitigating identity fraud at the human computer interface. The thesis will then predict and model the acceptance and adoption barriers that such a new innovation will go through and suggest strategic paths that can be used to overcome such barriers.
  • Degree of Doctor of Philosophy by Submission of Published Work- DATA SURVEILLANCE: THEORY, PRACTICE & POLICY
    Roger Clarke, at the Australian National University, 1997
  • Proposed PhD dissertation Controlled anonymity on the Internet
    at COSIC
    The< goal of this thesis is to study and develop solutions for controlled anonymity. Users will normally be anonymous. However, in suspicious circumstances, one will be able to revoke this anonymity with the help of e.g. a judge. A balance is thus made between the fundamental right of privacy and the possibility of prosecution of criminal activities.
  • Electronic Surveillance: benefits and risks for European Union
    by Laurent Beslay,
    at University of Paris I
  • Dr. rer. nat. dissertation: Security and Privacy in User Modeling,
    by Jörg Schreck, University of Gesamthochschule Essen, July 2001
    The methods presented here for increasing security in user modeling systems are used as a basis for the formulation and automatic enforcement of concrete policies on the use of user information through adaptive application systems. They are intended to enable users to make individual adaptations to given policies or to define their own policies. This also enables users to weigh their individual privacy requirements against the added value of the adaptive system.

Books

  • Biometrics for Network Security
    by Paul Reid, Prentice Hall     PTR; 1st edition (November 17, 2003)
    Reid (senior product manager, Cryptometrics) introduces the technical capabilities and limitations of computer biometric systems for measuring fingerprints, eye characteristics, or other body information as a computer security measure serving a similar purpose to personal identification numbers.
  • Life on the Screen: Identity in the Age of the Internet
    Sherry Turkle, New York: Simon & Schuster, 1995.
    Turkle studied the way people interact on so-called MUDs or role-playing games on the Internet, in which they play fictional characters in equally fictitious "worlds," created with words

Case Studies, Stories and Scenarios

  • Identity Federation. Making Pizza Delivery More Efficient in 2015
    Referred by Andre Durand
    An imaginary (humoristic) story of the issues related to identity in the future
    See also Fidis Case: The Pizza Story, an adaptation of this story told by artificial (Microsoft Agents) characters.
  • The Strange Case of the Electronic Lover
    Van Gelder 1991
    Gender Switching and Ambiguity in Cyberspace
    It tells the story of Joan Sue Green, a New York neuropsychologist in her late twenties, who had been severely disfigured in a car accident that was caused by a drunk driver. The accident killed Joan’s boyfriend and left her mute and confined to a wheelchair.  But, through the use of her computer, Joan was able to befriend many users and let her bubbly personality shine.
    The only problem is that Joan had lied and totally fooled people: Joan was not disable, and Joan was a 'man'.

Education (Course & Training)

  • University offers spam and spyware writing course
    by Will Sturgeon, silicon.com,     February 08 2005
    The controversial computer science department at the     University of Calgary has once again kicked off heated debate in the security industry by offering students a course in writing spyware and the tools for sending and propagating spam.
  • Privacy and Anonymity in Data
    from the Data Privacy Lab, at Carnegie Mellon University
    This course introduces students to concepts and methods for creating technologies and related policies with provable guarantees of privacy protection while allowing society to collect and share person-specific information for many worthy purposes

Miscellaneous

  • Survey on privacy laws in over 60 countries around the world 2004
    and     EPIC have released the 7th annual Privacy and Human Rights report. It finds that governments across the world have substantially increased surveillance in the past year and warns that threats to personal privacy have reached a level that is dangerous to fundamental human rights.
    Resource indicated by Mireille Hildebrandt, VUB
  • Law: the "Identity Theft and Assumption Deterrence Act of 1998".
    US government law, As amended by Public Law 105-318, 112 Stat. 3007 (Oct. 30, 1998)
  • Secure Flight
    is the renamed successor to the Computer Assisted Passenger Prescreening System (CAPPS) used in the     US
  • NSF Program Solicitation: NSF 04-524, Cyber Trust
    Cyber Trust promotes a vision of a society in which these systems are: (1) more predictable, more accountable, and less vulnerable to attack and abuse; (2) developed, configured, operated and evaluated by a well-trained and diverse workforce; and (3) used by a public educated in their secure and ethical operation.
    Anticipated Funding Amount: $30,000,000
  • French Law: Décision n° 2004-504 DC
    Loi relative à l'assurance maladie, et au Dossier Médical Informatisé en France.
    Décision du Conseil Constitutionnel, 12 août 2004
    Cette décision valide en particulier l’article 3 du texte, portant sur la création d’un «dossier médical personnel».
    Voire aussi : Décision n° 2004-499 DC - 29 juillet 2004 sur la Protection des données personnelles
  • Homeland Security Presidential Directive/Hspd-12
    Subject: Policy for a Common Identification Standard for Federal Employees and Contractors, in the     US
  • ...

Actors

Organisations

  • Enisa
    European Network and Information Security Agency
  • IEEE Computer Society Technical Committee on Security and Privacy
  • Institute for the Protection and Security of the Citizen
    Joint Research Centre - European Commission, Ispra (VA)     Italy
  • EPIC (Electronic Privacy Information Center)
    EPIC is a public interest research center in Washington, D.C. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values.
  • The Biometric Consortium
    The Biometric Consortium serves as a focal point for research, development, testing, evaluation, and application of biometric-based personal identification/verification technology.
  • CNIL
    La Commission Nationale de l'Informatique et des     Libertés, France
    (the french National Commission for Data protection and the Liberties)
    CNIL is an independent administrative authority in     France which mission is to develop expertise, advice, enforce law, etc. in the area of privacy protection.
  • EPCglobal
    A not-for-profit organization entrusted by industry to establish global standards regarding the development, implementation and adoption of Electronic Product Code™ (    EPC) and Radio Frequency Identification (RFID) technology.
  • The Computer Security Division (CSD)
    NIST
  • eema
    eema was an acronym for 'European Electronic Messaging Association', but as the focus of both the association and its members changed, the full title was dropped.
  • the International Society for Self and Identity (ISSI)
    ISSI is a scholarly association dedicated to promoting the scientific study of the human self.
    The members of     ISSI share an interest in cognitive, emotional, and behavioral processes related to the self-system.
  • ... (to be completed by the members of the FIDIS consortium)

Research Groups, Research Centres

Other

  • EFF (Electronic Frontier Foundation)
    EFF is a nonprofit group of passionate people — lawyers, volunteers, and visionaries — working to protect your digital rights.
  • The Privacy Rights Clearinghouse
    The Privacy Rights Clearinghouse is a nonprofit consumer education, research, and advocacy program. Their publications empower citizens to take action to control their personal information by providing practical tips on privacy protection
  • Identity Theft Resource Center (ITRC)
    ITRC is a nationwide nonprofit organization dedicated to developing and implementing a comprehensive program against identity theft —by supporting victims, broadening public awareness, disseminating information about this crime and decreasing the potential victim population.
  • Groupe de travail “Identité Numérique”
    FING (Fondation Internet Nouvelle Génération)
  • The Society for Research on Identity Formation (SRIF) The Society for Research on Identity Formation (SRIF) is a professional organization devoted to theory, research, and applied work in the area of psychosocial development across the lifespan with a particular emphasis on ego identity formation during the periods of adolescence and adulthood.
  • Statewatch
    Statewatch is a non-profit-making voluntary group monitoring the state and civil liberties in the European Union
  • The Center For Democracy & Technology
    The Center for Democracy and Technology works to promote democratic values and constitutional liberties in the digital age. With expertise in law, technology, and policy,     CDT seeks practical solutions to enhance free expression and privacy in global communications technologies.
  • CASPIAN
    Consumers Against Supermarket Privacy Invasion and Numbering
    (CASPIAN) is a national grass-roots consumer group dedicated to fighting supermarket "loyalty" or frequent shopper cards. CASPIAN's efforts are directed at educating consumers, condemning marketing strategies that invade shoppers' privacy, and encouraging privacy-conscious shopping habits.
  • the Identity Theft Resource Center
    ITRC is a national nonprofit organization that focuses exclusively on identity theft.
    Resource indicated by Mireille Hildebrandt, VUB
  • The Anti-Phishing Working Group
    The Anti-Phishing Working Group is a volunteer organization that is building a repository of phishing scam emails and websites to help people identify and avoid being scammed in the future.
    Resource indicated by Mireille Hildebrandt, VUB
  • ...

Companies

  • ID Analytics
    ID Analytics' advanced analytical solutions are used to manage identity risk, prevent identity fraud across the customer lifecycle and comply with new government regulations.
    Its ID Network Alerts notify clients of suspicious identity-related behavior when the ID Network detects connections between identities that could signal fraud. ID Network Alerts also help with early identification of potential identity fraud victims.
  • PingID
    The Company's identity federation software (SourceID) provides enterprises, integrators and security software vendors with complete identity federation capabilities (SAML, Liberty & WS-Federation).
  • RSA Security Inc.
    RSA Security Inc. helps organizations protect private information and manage the identities of the people and applications accessing and exchanging that information. RSA Security's portfolio of solutions include identity & access management, secure mobile & remote access, secure enterprise access and secure transactions.
  • Anonymizer
    Anonymizer privacy software and services
  • ActivCard
    ActivCard is a global provider of strong authentication and trusted digital identity solutions for secure remote access, single sign-on and enterprise access cards.
  • Critical Path
    Critical Path provides the software and services including Identity Management solutions, such as directory integration, password management and user provisioning
  • DigitalPersona
    fingerprint recognition systems
  • VeriSign
    Authentication software products
  • Applied Digital Solutions
    Maker of the implantable VeriChip for humans.
  • 2idi
    2idi is an identity services provider which mission is to provide users with total control over their identity-related transactions
  • Evidian
    Identity and Access Management products
  • ... to be completed (Microsoft, Sun, IBM, etc.)

People

  • Andreas Pfitzmann (Fidis member)
    Cryptography and data security
  • Marit Hansen (Fidis member)
  • Kai Rannenberg (Fidis member --- coordinator)
    Chair professor of Mobile Commerce and Multilateral Security,     Frankfurt University
  • … (to be completed to include all the members of the FIDIS consortium)
  • --- misc
  • Herminia Ibarra (organizational identity)
    Works on the concept of Working Identity
  • L. Jean Camp
    Identity in digital government
  • Alfred Kobsa
    User modeling and privacy

Information Systems

Standards

Note: Fidis is standard neutral. (the standards are given in alphabetical order)

See also WP2.3 Models of Identity

  • ID federation (Federated Identity)
    Federated identity lets companies securely extend their applications to suppliers and external users
  • The Liberty Alliance Standard
    The Liberty Alliance's vision is one of a networked world in which individuals and businesses can more easily interact with one another while respecting the privacy and security of shared identity information
  • --- standards (protocol)
  • SAML (Security Assertions Markup Language), OASIS
    SAML defines XML/Simple Object Access Protocol-based protocol interactions that support real-time authentication and authorization across federated Web services environments.
    see also a definition from Network World Fusion
  • P3P
    Platform for Privacy Preferences
    The Platform for Privacy Preferences Project (P3P), developed by the World Wide Web Consortium, is emerging as an industry standard providing a simple, automated way for users to gain more control over the use of personal information on Web sites they visit
  • --- standards (domain representation)
  • HR-XML
    The HR-XML Consortium is dedicated to the development and promotion of a standard suite of XML specifications to enable e-business and the automation of human resources-related data exchanges. Specifications include: Benefits Enrollment, Competencies, Contact Method, Education History, Resume, ...
  • FOAF
    (Friend of a Friend), XML and RDF format.
    FOAF allows the expression of personal information and relationships, and is a useful building block for creating information systems that support online communities.
  • Xhtml Friends Network
    XFN is a simple way to represent human relationships using hyperlinks
  • XDI
    This new layer of infrastructure enables individuals and organizations to establish persistent Internet identities and form long-term, trusted peer-to-peer data sharing relationships.
  • --- related standards
  • OASIS
    Organization for the Advancement of Structured Information Standards
  • CEN
    the European Committee for Standardization
  • --- miscellaneous
  • The Social Web: Creating An Open Social Network with XDI
    by Drummond Reed, Marc Le Maitre, Bill Barnhill, Owen Davis, and Fen Labalme; PlaNetwork Journal, July 2004.
    New open standards introduce long-term, trusted links between people, groups, and bits over the Net.
  •  

Mechanisms

  • Sender ID
    Sender ID is a technology designed to foil spammers by authenticating an e-mail sender's "@" address, such as "@yourbank.com," by checking its underlying, numeric Internet Protocol address.
    Note: The proposal of turning Sender ID into a standard has been rejected for the moment.
  • Identity Commons
    A Program for the registration of global and community i-names
  • Sxip
    The Sxip Network gives individuals the ability to create and manage their online personas, facilitating single sign-on and informed attribute exchange. Websites and portals can establish deeper relationships with their users while complying with privacy legislation. Any website can easily participate in this loosely coupled, extensible network.
  • Light-Weight Identity (LID)
    A quite simple, but powerful technology that empowers individuals to keep control over and manage their digital identities.
    • LID is a mechanism for single sign-on (SSO).
    • LID makes vCards always up-to-date with better privacy
    • LID is a password management tool.
    • LID is a foundation for social networking
  • ...

Initiatives & Projects

  • PRIME
    Privacy and Identity Management for Europe
    PRIME is a new European RTD Integrated Project under the FP6/    IST Programme.
    It is concerned with the issues of privacy and identity management in the information society.
  • RAPID (Roadmap)
    Roadmap for Advanced Research in Privacy and IDentity management
  • EUCLID
    European initiative for a Citizen digital ID solution
    EUCLID is a project initiated by the Population Register Centre (Finland) to provide resources for management, operational support and information dissemination to the former eEurope Smart Card Trailblazer 1 “Public Identity”.
  • APES
    Anonymity and Privacy in Electronic Services
    October 1, 2000 until September 30, 2004
    APES is a project of the Flemish government aimed at developing tools and techniques for adding anonymity and pseudonyms to on-line services. This program will be tackled both from a technical and from a legal standpoint.
  • The Liberty Alliance
    The Liberty Alliance's vision is one of a networked world in which individuals and businesses can more easily interact with one another while respecting the privacy and security of shared identity information
  • GUIDE (IST Integrated Project)
    Government User IDentity for     Europe
    Creating an European Identity Management Architecture for eGovernment
  • INDICARE
    The INformed DIalogue about Consumer Acceptability of DRM (Digital Right Management) Solutions in Europe
    The overall goal of INDICARE is to raise awareness, help to reconcile heterogeneous interests of multiple players, and to support the emergence of a common European position with regard to consumer and user issues of Digital Rights Management (DRM) solutions.
  • BioSec
    (IST-2002-001766) is a Project of the IST Priority of the 6th Framework Programme of the European Community
    BioSec is the project that will bring deployment of a European-wide approach to biometric technologies for security applications.
  • Cyber Trust and Crime Prevention
    The Aim of the Project of the UK Office of Science and Technology is to use the best available science to explore the application and implications of the next generation technologies
    Resource indicated by James Backhouse
  • On the Identity Trail (anonequity.org)
    Initiative principally funded by the Social Sciences and Humanities Research Council of Canada
    A central objective of the project is to develop an interdisciplinary dialogue that will generate research results of practical value to policy makers and the broader public.
  • the MIT Initiative on Technology and Self
    The Internet is a new context for self-exploration and social encounter. Psychopharmacology, robotics, nanotechnology, genetic engineering, biotechnology, and artificial intelligence are among the technologies that raise fundamental questions about selfhood, identity, community, and what it means to be human.
  • The Identity Gang
    Designing a Wiki supporting a conversation about what Microsoft calls an Identity Metasystem and how this relates to a vision that many people share of what might be called user-centric identity.
  • ...

Miscellaneous Software projects

  • PGP
    Pretty Good Privacy
  • The Martus Project
    from the The Benetech Initiative
    Martus provides for the creation, encryption and secure storage of reports of human rights abuses. The system improves the accessibility of human rights information and helps assure that violations will be recorded and those responsible held accountable.
  • Shibboleth
    Shibboleth leverages campus identity and access management infrastructures to authenticate individuals and then sends information about them to the resource site, enabling the resource provider to make an informed authorization decision.

Miscellaneous

  • forums SpywareInfo
    Has some sleazy web site taken over your browser? Are you getting pop up ads even when your browser has been closed for some time? Are you infected with a spyware program that refuses to go away? If so, our message board has dozens of dedicated volunteers ready to give you step-by-step assistance to remove the malicious software and regain control of your PC.

Systems and Services making use of a user profile

  • Social Networking services
    Online Social Networking services are helping individuals manage and develop personal or professional relationships.
    Examples of such systems include: Friendster, LinkedIn, Orkut, etc.
  • Blogs, wikis
  • Virtual communities systems
  • to be completed. (virtual communities, personalized shopping, learning, knowledge management, ...)

Definitions, Models & Taxonomies

See also WP2.1 Definition(s) of Identity and WP2.3 Models of Identity

Defining the terms

    1.  identity, personal identity, individuality -- (the distinct personality of an individual regarded as a persisting entity; "you can lose your identity when you join the army")
    2.  identity -- (the individual characteristics by which a thing or person is recognized or known; "geneticists only recently discovered the identity of the gene that causes it"; "it was too dark to determine his identity"; "she guessed the identity of his lover")
    3. identity, identity element, identity operator -- (an operator that leaves unchanged the element on which it operates; "the identity under numerical multiplication is 1")
    4. identity, identicalness, indistinguishability -- (exact sameness; "they shared an identity of interests")

      (WordNet® is an online lexical reference system whose design is inspired by current psycholinguistic theories of human lexical memory. English nouns, verbs, adjectives and adverbs are organized into synonym sets, each representing one underlying lexical concept. Different relations link the synonym sets.)
  • Identity
    in the Webster
  • Identity
    -- A representation (e.g. a string) uniquely identifying an authorised user, which can either be the full or abbreviated name of that user or a pseudonym.
    Common  Criteria  for  IT  Security  Evaluation. This definition is part of what became the ISO International Standard 15408 in 1999.
  • Personal Identity (a philosophical definition)
    Stanford Encyclopedia of Philosophy
    There is no one problem of personal identity, but a range of loosely related problems. Discussions that go by the name of personal identity are most often about questions like these:
    Who am I? Persistence, Evidence, Population, Personhood, What am I? How could I have been? What matters?
  • --- Pseudonymity
  • --- Linkability
  • --- Observability
  • --- miscelaneous
  • …--- Phishing
    Phishing attacks trick people into parting with personal information by luring them to bogus corporate Web sites.

Other terms

  • Definition: Ontology
    From the New Latin ontologia, which means “the study of being.” It refers to the branch of philosophy which attempts to describe the nature of existence.
    In the computer industry, an ontology is a formal model describing the fundamental elements of a system in a way that a computer can understand (see in particular the work on the Semantic Web).

Taxonomies

Identity Taxonomies (defining the identity attributes)

  • vCard
    The Electronic Business Card
  • HR-XML
    The HR-XML Consortium is dedicated to the development and promotion of a standard suite of XML specifications to enable e-business and the automation of human resources-related data exchanges. Specifications include: Benefits Enrollment, Competencies, Contact Method, Education History, Resume, ...
  • InetOrgPerson, eduPerson, organizationalPerson
    Defined in the LDAP schema

Miscellaneous

    1. The Law of Control:
      Technical identity systems MUST only reveal information identifying a user with the user's consent.
    2. The Law of Minimal Disclosure
      The solution which discloses the least identifying information is the most stable, long-term solution.
    3. The Law of Fewest Parties
      Technical identity systems MUST be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship.
    4. The Law of Directed Identity
      A universal identity system MUST support both "omnidirectional" identifiers for use by public entities and "unidirectional" identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.
    5. The Law of Pluralism:
      A universal identity system MUST channel and enable the interworking of multiple identity technologies run by multiple identity providers.
    6. The Law of Human Integration:
      The universal identity system MUST define the human user to be a component of the distributed system, integrated through unambiguous human-machine communications mechanisms offering protection against identity attacks.
    7. …. new laws are being elaborated

Application Domains

Personal Life

Commerce

Business

Banking

Work

Government

Healthcare

Topics

Privacy

  • Privacy notices
    A collection of privacy notices related to the disclosing of user information
  • --- Journals, Magazines
  • Privacy Times
    Privacy Times basically is designed for professionals and attorneys who need to follow the legislation, court rulings, industry developments and horror stories that frame the ongoing debate about information privacy. They cover such issues as the FTC's developing policy for the Internet, credit reports, Caller ID, medical records, "identity theft," the Freedom of Information Act, direct marketing and the European Union's Directive On Data Protection.
  • --- Articles
  • IBM software aims for both security and privacy
    by Steve Lohr, The New York Times, via CNET News.com,     May 24, 2005
    The new product goes beyond finding relationships in different sets of data. The software, which IBM calls DB2 Anonymous Resolution, enables companies and government agencies to share personal information on customers and citizens without identifying them.
  • SUTTER COUNTY Students kept under surveillance at school Some parents angry over radio device
    by Greg Lucas, San Francisco Chronicle, February 10, 2005
    Angry parents, saying their children's privacy rights are being violated, have asked the board of the tiny Brittan School District to rescind a requirement that all students wear badges that monitor their whereabouts on campus using radio signals
  • Carnivore redux
    by Declan McCullagh, CNET News.com, January 31, 2005
    Robert Corn-Revere clearly remembers the day he became the first person to tell the world about the FBI surveillance system once known as Carnivore.
    Resource indicated by Claudia Diaz
  • Digital evidence: Today's fingerprints (Electronic world increasingly being used to solve crimes)
    by Michael Coren, CNN,     Monday, January 31, 2005
    (CNN) -- Police and prosecutors are fashioning a new weapon in their arsenal against criminals: digital evidence. The sight of hard drives, Internet files and e-mails as courtroom evidence is increasingly common.
    Resource indicated by Claudia Diaz
  • HP focuses on paparazzi-proof cameras
    by David Becker, CNET News.com,     January 25, 2005
    Anyone who doesn't want their photo taken at a particular time could hit a clicker to ensure that any cameras or camera-equipped gadgets in range got only a fuzzy outline of their face
  • Security officials to spy on chat rooms
    by Declan McCullagh, CNET News.com, November 24, 2004
    The CIA is quietly funding federal research into surveillance of Internet chat rooms as part of an effort to identify possible terrorists, newly released documents reveal. One of those projects is research devoted to automated monitoring and profiling of the behavior of chat-room users.
  • Mind those IMs--your cubicle's walls have ears
    by Dawn Kawamoto, CNET News.com, October 25, 2004
    As more and more companies install monitoring software to track employee activities--threatening to turn cubicles into no-privacy zones--businesses that offer workplace surveillance tools are enjoying a boomlet.
  • A global assault on anonymity
    by John Borland, CNET News.com,     October 20, 2004
    Cutting-edge data mining and other intelligence tools could redefine privacy as we know it. A News.com special report.
  • Court allows e-mail interception, raising privacy questions
    by Mark Jewell, Associated Press, in USA Today,     30 June 2004
    In an online eavesdropping case with potentially profound implications, a federal appeals court ruled it was acceptable for a company that offered e-mail service to surreptitiously track its subscribers' messages.
    Resource indicated by David-Olivier Jaquet-Chiffelle, VIP
  • --- Articles (academic)
  • "Someone to Watch over You"
    by Nigel Shadbolt, IEEE Intelligent Systems, March April 2003
    Will artificial intelligence technology help maintain or invade your privacy?

Profiling, Tracking, Mining

  • --- Events
  • ICDM
    IEEE International Conference on Data Mining
  • KDD
    International conference on knowledge discovery and data mining
  • AD:TECH
    A conference and expo designed for marketers and agencies, AD:TECH focuses on providing the big picture about the market numbers, market trends and issues for interactive, integrated marketing that leverages all that technology and the internet provide.
  • Workshop on Implicit Measures of User Interests and Preferences
    ACM SIGIR Conference, Toronto, Canada, Friday, August 1, 2003
  • --- Information
  • Data Mining
    This site has been created to log references to technology issues in data mining
  • --- Journals & magazines
  • Data Mining and Knowledge Discovery
    The premier technical journal focused on the theory, techniques and practice for extracting information from large databases
  • --- Articles
  • Phishers get personal
    by Joris Evers, CNET News.com,     May 26, 2005
    Web sites that use e-mail addresses as identifiers for password reminders and registration are open to exploitation by scammers to generate detailed profiles of people, security company Blue Security said in a research report. By matching e-mail addresses with Web sites, cybercriminals can uncover the gender, sexual preference, political orientation, geographic location, hobbies and the online stores that have been used by the person behind an e-mail address.
  • ComScore: Spyware or 'researchware'?
    by Stefanie Olsen, CNET News.com, December 20, 2004
    ComScore Networks' Marketscore application is installed on more than 1 million PCs in the United States, forming the backbone of a well-regarded research service used by Fortune 500 companies, universities and media outlets, including CNET News.com. Now the software is in the privacy spotlight, tied to warnings from some universities and computer security experts about secretive and invasive software, sometimes known as adware or spyware, that can take over a PC with little or no warning.
  • Net advertising on a road revisited
    by Stefanie Olsen, CNET News.com,     May 25, 2004
    So-called behaviorally targeted advertising is a method of compiling data on Web visitors, such as their surfing history, gender, age and personal preferences, to later target them with tailored ads. The form of advertising was hyped during the Internet heyday as the promise of a one-to-one medium, but failed to deliver because of technology limitations and privacy concerns
  • "Total Information Overload"
    Jonietz, Erika; Technology Review (08/03) Vol. 106, No. 6, P. 68;
    Privacy advocates allege that the Defense Department's Terrorism Information Awareness (TIA) project would merge public and private databases into a vast "metabase" that would be mined to gather data on innocent American citizens, but Robert L. Popp of the Defense Advanced Research Projects Agency's (DARPA) Information Awareness Office denies these allegations, insisting that TIA's purpose "is developing a variety of information technologies into a prototype system/network to detect and preempt foreign terrorist attacks."
  • Start-up's tracking software sets off privacy alarm
    by Jim Hu, CNET News.com, May 1, 2000
    Predictive Networks today released a software product that can precisely track online behavior and then use the information to send targeted advertisements to individual Web surfers.
  • Online marketer gains second "profiling" patent
    by  Evan Hansen, CNET News.com,     December 6, 1999
    Online marketer Be Free has been granted a second patent covering certain methods of profiling consumer purchasing preferences (titled "Computer Program Apparatus for Determining Behavioral Profiles of a Computer User").
  • --- Documents & books
  • Hostile Consumer Profiling
    Blue Security, research Paper, May 2005
    The trick in the registration or password reminder attack is in the response. Many online businesses return a specific message--such as "This address is already subscribed"--when an e-mail address is registered with the site. If an attacker gets that response, they know that address represents a valid customer.
  • Profiling Machines (Mapping the Personal Information Economy)
    by Greg Elmer, The MIT Press, ISBN 0-262-05073-0, January 2004
    In this book Greg Elmer brings the perspectives of cultural and media studies to the subject of consumer profiling and feedback technology in the digital economy. He examines the multiplicity of processes that monitor consumers and automatically collect, store, and cross-reference personal information.
  • The Power of Knowledge
    Ethical, Legal, and Technological Aspects of Data Mining and Group Profiling in Epidemiology
    Bart Custers, Wolf Legal Publishers – 2004
    ISBN 90-5850-085-3
    Resource indicated by Mireille Hildebrandt, VUB
  • --- Tools and products
  • Mediaplex
    Profiling tools for advertising.
  • ComScore
  • --- Miscellaneous
  • VALS
    The Values and LifeStyles Framework, SRIC-BI
    The VALS model identifies current and future opportunities by segmenting the consumer marketplace on the basis of the personality traits that drive consumer behavior.
  • ...

RFID

  • --- Journals & magazines
  • RFID Journal  (magazine)
    Radio Frequency Identification for Business
  • --- Articles
  • Wireless tagging in hospitals is 'inevitable'
    by Sylvia Carr, silicon.com, December 7, 2004
    Businesses peddling wireless tagging technologies - such as RFID chips - to the NHS and other healthcare providers will come up against plenty of resistance, but should not give up, according to a recent report.
    Resource indicated by James Backhouse, LSE
  • In Texas, 28,000 students test e-tagging system
    by Matt Richtel, The New York Times on the Web, via CNET News.com, November 17, 2004
    Hoping to prevent the loss of a child through kidnapping or more innocent circumstances, a few schools have begun monitoring student arrivals and departures using technology similar to that used to track livestock and pallets of retail shipments.
  • FDA approves injecting ID chips in patients
    by Alorie Gilbert, CNET News.com, October 13, 2004
    The U.S. Food and Drug Administration has approved the practice of injecting humans with tracking devices for medical purposes.
  • RFID gets a reality check
    by Alorie Gilbert, CNET News.com, September 29, 2004
    BALTIMORE--Radio frequency identification may be a hot topic among tech types these days, but proponents of the technology gathered here this week are keeping their exuberance in check.
  • RFID tags: The people say no
    by Michael Kanellos, CNET News.com,     September 7, 2004
    When it comes to radio frequency identification tags for humans, the people have spoken: They hate it.
  • RFID tags become hacker target
    CNET News.com, July 28, 2004
    Privacy advocates may not be the only people taking issue with the current crop of radio-frequency identification tags--merchants will likely have problems with a lack of security as well, a German technology consultant said Wednesday.
  • Schoolchildren to be RFID-chipped
    by Jo Best, silicon.com,     July 08 2004
    Japanese authorities decide tracking is best way to protect kids
    Resource indicated by James Backhouse, LSE
  • Zombie RFID tags may never die
    by Jo Best, ZDNet, May 18, 2004
    Businesses are all too keen to talk up the potential of radio frequency ID (RFID) while privacy campaigners are similarly vocal in calling for some hardcore data protection to go with the new tagging technology, and one of the emerging battlegrounds is all about when exactly the tracking chips need to die.
  • RFID Tags in New US Notes Explode When You Try to Microwave Them
    PRISON PLANET.com, Adapted from a letter sent to Henry Makow Ph.D., February 2004
    Resource indicated by Mike Radmacher
  • California lawmaker introduces RFID bill
    by Alorie Gilbert, CNET News.com, February 24, 2004
    A California state lawmaker introduced a bill on Tuesday meant to address consumer privacy concerns related to the commercial use of radio frequency identification technology.
  • --- Documents & Reports
  • Selling Wireless Tagging To The Healthcare Sector
    Wireless Healthcare Report, December 2004
    Overcoming the health provider's reluctance to automate clinical and processes.
    Resource indicated by James Backhouse, LSE

Id Card

  • --- articles
  • Feu vert pour la carte d'identité électronique
    LE MONDE | 12.avril 2005
    Le programme Identité nationale électronique et sécurisée (INES) a en effet été approuvé, lundi 11 avril, par le premier ministre Jean-Pierre Raffarin, au cours d'une réunion interministérielle.
    Resource indicated by Claudia Diaz
  • Identification requirements for cell phone services
    PIPEDA Case Summary #288, The Privacy Commissioner of Canada, Issued February 1, 2005
    The Privacy Commissioner of Canada has recently issued a ruling about the number of identity documents a telephone company can ask for in setting up a mobile phone account
    Resource indicated by Bert-Jaap Koops

Biometric

  • --- Events
  • Biometrics’2004
    7th Annual Biometrics Conference and Exhibition,      London, IK, 13-15 October 2004
  • BioSec workshop
    Barcelona, June 28, 2004
    Resource indicated by Kai Rannenberg, GUF
  • --- Journals & magazines
  • Biometrics Market Intelligence (BMI)
  • Biometric Technology Today
    Biometric Technology Today, a source of authoritative news, analysis, and surveys on the international biometrics market.
  • --- articles
  • Expand the Databanks
    by the washingtonpost.com,     May 2, 2005
    The law enforcement benefits of DNA are nothing new. But the continuous demonstration of its power to identify suspects, as well as its power to exclude and exonerate other suspects and convicts, raises anew the question of why so many jurisdictions still restrict what information gets entered into their databanks.
    Resource indicated by Claudia Diaz
  • European Commission report identifies challenges of biometrics
    eGovernment News    31 March 2005
    A report released by the European Commission on 30 March 2005 identifies how biometric technologies – including fingerprint, iris and face recognition – will impact on our daily lives. Policy-makers should act now, the report says, to ensure that Europe shapes the use of these technologies and reaps their full benefits.
    Resource indicated by Els Kindt
  • EU goes on biometric LSD trip
    by Kevin Poulsen, The Register,     Thursday 3rd February 2005
    In December 2004, the European Commission adopted the biometric passports directive, a regulation that mandates the use of biometric facial images within 18 months and fingerprints within three years for all passports issued.
  • --- Projects & initiatives
  • BioSec
    (    IST-2002-001766) is a Project of the IST Priority of the 6th Framework Programme of the European Community
    BioSec is the project that will bring deployment of a European-wide approach to biometric technologies for security applications.

Id Crime

In General

  • Phishing
    Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc.
    by the Anti-Phishing Working Group
  • Pharming
    Phishing via DNS cache poisoning
  • Scamming
  • Shilling
  • Spoofing
    the practice of sending unsolicited e-mail meant to appear as if it were generated by a reliable or known source
  • --- Articles
  • Offline ID crimes still more severe
    by News.com Staff, CNET News.com, January 26, 2005
    Though identity theft using the Internet seems to get all the attention, most of the financial loss linked to fraud is still from offline crime, a new study shows.

Phishing (identity thief of an organization)

  • ---Definition
  • Phishing
    Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc.
    by the Anti-Phishing Working Group
  • Pharming
    Phishing via DNS cache poisoning
  • --- Articles
  • Phishers using DNS servers to lure victims?
    by Robert Lemos, CNET News.com, March 8, 2005
    Using DNS poisoning to redirect customers to sites that appear to be legitimate but actually steal sensitive information is a relatively new threat. Some security companies have called this technique pharming.
  • Caught in a phishing trap
    by Matt Hines, CNET News.com,     November 17, 2004
    According to a report from online privacy watchdog Truste, 7 out of 10 people who go online have received phishing e-mails, and 15 percent of those have successfully been duped into providing personal information.
  • Fishing for 'phishers'
    CNET News.com, June 28, 2004
    Almost 95 percent of e-mail fraud and "phishing" reported in May emanated from forged addresses, according to new research from the Anti-Phishing Working Group, which argued that emerging e-mail authentication standards could take the sting out of such nasty attacks.
  • --- Documents
  • Anti-Phishing: Best Practices for Institutions and Consumers
    Source: McAfee, Mars 2004
    This white paper provides an overview of the stages in a typical phishing attack. The paper also proposes a set of "best practices" for institutions and their customers to minimize the impact of future phishing attacks
  • --- organizations
  • Anti-Phishing Working Group
    The Anti-Phishing Working Group (APWG) is an industry association focused on eliminating the identity theft and fraud that result from the growing problem of phishing and email spoofing.

Spying

  • --- Articles
  • Adware cannibals feast on each other
    by Stefanie Olsen, CNET News.com,     December 7, 2004
    Companies that use free software downloads to target Web surfers with annoying ads are turning on each other to keep customers--and the cash they generate--for themselves
  • House approves spyware legislation
    by Declan McCullagh, CNET News.com,     October 5, 2004
    By a 399-1 vote, House members approved legislation prohibiting "taking control" of a computer, surreptitiously modifying a Web browser's home page, or disabling antivirus software without proper authorization.
  • Google feels spyware strains
    by Stefanie Olsen, CNET News.com,     June 28, 2004
    Spyware installs itself on a PC without consumers' knowledge and tracks computer usage.
  • “Network Associates fights spyware”
    by Marguerite Reardon, CNET News.com, January 22, 2004
    Network Associates, the maker of McAfee antivirus software, is joining the fight against spyware, programs that track people's Internet habits, gather personal information and deliver it to advertisers.
  • ...