nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

Data Protection by Design for Cross-Border Electronic Identification: Does the eIDAS Interoperability Framework Need to Be Modernised?

verfasst von : Niko Tsakalakis, Sophie Stalla-Bourdillon, Kieron O’Hara

Erschienen in: Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This paper contributes to the discussion on privacy preservation methods in the context of electronic identification (eID) across borders through interdisciplinary research. In particular, we evaluate how the GDPR principle of ‘Data Protection by Design’ applies to the processing of personal data undertaken for identification and authentication purposes, suggesting that, in some cases, unlinkable eIDs should be a key requirement in order to facilitate data minimisation and purpose limitation. We argue that in an attempt to welcome diverse types of architectures, the Interoperability Framework could have the effect of reducing the data protection level reached by some national eID schemes, when transacting with services that do not require unique identification. We consequently propose that data minimisation and purpose limitation principles should be facilitated through the implementation of two methods, pseudonymisation and selective disclosure, through an addition to eIDAS’ technical specifications.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Assessing Theories for Research on Personal Data Transparency

Nächstes Kapitel Risk Profiling by Law Enforcement Agencies in the Big Data Era: Is There a Need for Transparency?

Regulation (EU) No 910/2014 of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC [2014] OJ L257/73.

eIDAS Rec. 2.

eIDAS Rec. 12.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), OJ L119/1.

GDPR Art. 1(3).

GDPR Rec. 5 “The economic and social integration resulting from the functioning of the internal market has led to a substantial increase in cross-border flows of personal data”.

GDPR Art. 1(2).

A term first coined by Ann Cavoukian [10, 11] but referring to concepts that started to emerge in privacy literature since the 1970s; see, for example, [12, 13, 30].

Which are considered less effective, “an afterthought” [40].

eIDAS Rec. 27: “This Regulation should be technology-neutral. The legal effects it grants should be achievable by any technical means provided that the requirements of this Regulation are met”.

See eIDAS Rec. 17: “Member States should encourage the private sector to voluntarily use electronic identification means under a notified scheme for identification purposes when needed for online services or electronic transactions.” See also [44], p. 2: “the Commission will further promote interoperability actions, including through issuing principles and guidance on eID interoperability at the latest by 2017. The aim will be to encourage online platforms to recognise other eID means – in particular those notified under the eIDAS Regulation (EC) 910/2014 – that offer the same reassurance as their own”.

eIDAS Art. 12.

eIDAS Art. 8(3) and [22].

eIDAS Art. 3(3): “a set of data enabling the identity of a natural or legal person, or a natural person representing a legal person to be established”.

IR 2015/1501 ANNEX 1.

IR 2015/1501 ANNEX 1(d).

ibid.

GDPR Art. 94(2): “References to the repealed Directive shall be construed as references to this Regulation”.

eIDAS Rec. 11: “authentication for an online service should concern processing of only those identification data that are adequate, relevant and not excessive to grant access to that service online”.

GDPR Art. 25(1).

GDPR Art. 28(1): “[data controllers] shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures”.

GDPR Rec. 78.

GDPR Art. 25(1).

GDPR Art. 83(4)(a).

GDPR Art. 25(1); the qualification will be determined, among others, through a data protection impact assessment.

Confidentiality under GDPR Art. 5(1)(f); integrity under Art. 5(1)(f); availability under Art. 32(b) in relation to Art. 5(1)(f); transparency under Art. 5(1)(a); intervenability under Art. 5(1)(d) and (e) in relation to Arts. 15–22; unlinkability under Art. 5(1)(c) and (e); data minimisation under Art. 5(1)(c).

GDPR Art. 5(1)(c).

GDPR Art. 5(1)(b).

“[Unlinkability] ensures that a user may make multiple uses of resources or services without others being able to link these uses together [...] Unlinkability requires that users and/or subjects are unable to determine whether the same user caused certain specific operations in the system” [35].

For a detailed analysis of how the Interoperability Framework meets the data protection goals, see [47].

eIDAS Art. 12(4)(d).

Commission Implementing Regulation (EU) 2015/1501 Art. 6(2).

Commission Implementing Regulation (EU) 2015/1502 ANNEX 2.3.1.

ibid, ANNEX 2.4.6.

eIDAS Art. 11(1) and 11(3).

Commission Implementing Regulation (EU) 2015/1502 ANNEX 2.4.4 and 2.4.6.

ibid, ANNEX 2.4.2.

See [3] where the authors define the two as “strong” and “weak” unlinkability.

Excerpts from the interviews are not included in this paper due to space constraints. For a transcript of the experts’ opinions, see Sect. 8 and the appendix in [47].

GDPR Art. 4(5).

“the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;” [emphasis given].

For a thorough explanation of this argument, see [48].

GDPR Art. 5(1)(c): “limited to what is necessary in relation to the purposes”.

GDPR Art. 5(1)(e): “for no longer than is necessary for the purposes for which the personal data are processed”.

GDPR Art. 5(1)(b): “not further processed in a manner that is incompatible with those purposes”.

This is an issue with ‘pairwise persistent’ pseudonyms. In a case where two or more services merge together, pairwise persistent pseudonyms can potentially allow linkability depending on the existence of other common identifiers in the dataset.

Privacy-aware eID schemes have started to deploy alternative architectures to sidestep the privacy concerns of pairwise-persistent pseudonyms. See, for example, the implementation of Gov.UK Verify, where a hub in between the Identity and Service Provider mediates all communication in order to obscure the one from the other [27] (cf. though [46] on potential risks); in contrast, the approach taken by the German nPA scheme is to generate pseudonyms locally in the user’s eID token.

The basic premise behind the system’s design is that the identifying set of information, referred to as a “sovereign data set”, has greater value after validation as trustworthy by an official source and therefore deserves greater protection.

Although strictly speaking there is a central Identity Provider operated under the Federal Ministry of the Interior; however its role is to authenticate the service providers, not the users.

German law is rich in privacy-enhancing principles. At the core is the ‘right to information self-determination’ which is a German inception. It confers the right to decide when and within what limits information about one’s self should be communicated to others [31]. The right stemmed from a decision of the German Constitutional Court: Volkszählungsurteil 1 BvR 209/83, BVerfGE 65 E 40 1ff. The Court further prohibited any future creation of a persistent unique identifier, ibid s 1. Public authorities operate under a ‘separation of informational powers’ – they are not allowed to collate data, as the state should not operate as a single entity, and all data transfers have to be justified against the principles of ‘purpose specification’ and ‘proportionality’ [8].

CEF Digital, Overview of pre-notified and notified schemes under eIDAS (2018) https://ec.europa.eu/cefdigital/wiki/display/EIDCOMMUNITY/Overview+of+pre-notified+and+notified+eID+schemes+under+eIDAS.

See for more [47] pp. 48–64.

ibid, Appendix.

For the full list of national schemes undergoing notification, see https://ec.europa.eu/cefdigital/wiki/display/EIDCOMMUNITY/Overview+of+pre-notified+and+notified+eID+schemes+under+eIDAS.

eIDAS Art. 12(3)(c).

eIDAS Art. 5(2).

This is also the position of the ABC4Trust project in [2], which was published before the GDPR, and hence before Data Protection by Design was elevated to a requirement.

The four use cases are indicative examples about the benefits of eIDAS by the eGovernment and Trust team: https://ec.europa.eu/digital-single-market/en/trust-services-and-eid.

An e-government concept that citizens and businesses provide diverse data only once in contact with public administrations, while public administration bodies take actions to internally share and reuse these data. The ‘once-only principle’ was one of the targets of the EU’s ‘eGovernment Action Plan 2016–2018’ [21] and the reason behind the EU’s ‘Single Digital Gateway’: http://www.europarl.europa.eu/news/en/headlines/economy/20180911STO13153/single-digital-gateway-a-one-stop-shop-for-all-your-online-paperwork.

See prohibition of the German Constitutional Court above Footnote 51.

The decision might be related to how services in Germany are authorised to access the eID data: services have to file an application with the Federal Office of Administration, listing all the attributes they wish to have access to along with how the attributes relate to the processing purposes [51]. The decision to treat all public-sector services of a Member State as one, and therefore request a combined authorisation, might be in an attempt to make the process easier for the receiving Member State’s authorities.

In Footnote 42 and related discussion.

See further analysis in [48].

Among others: processing that affects a significant proportion of the population, using data items in high volumes or on a wide scale, with a significant processing duration and in a large geographical extent.

The national systems, the deployed eIDAS nodes and the service providers communicate through defined queries and answers in Security Assertion Markup Language (SAML) [18].

See 6.2 SAML AuthnRequest in [19]. Of note, the equivalent SAML profile of the STORK 2.0 project, which formed the basis of eIDAS, was capable of selective disclosure (see 4.1.4.8.1 in [45]).

32nd International Conference of Data Protection and Privacy Commissioners: Resolution on Privacy by Design. Approved in October 2010, Jerusalem, Israel (2010). https://icdppc.org/wp-content/uploads/2015/02/32-Conference-Israel-resolution-on-Privacy-by-Design.pdf

ABC4Trust: Privacy-ABCs and the eID Regulation. Position paper, ABC4Trust (2014). https://abc4trust.eu/download/documents/ABC4Trust-eID-Regulation.pdf

Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing unlinkability and anonymity using the applied Pi calculus. In: 23rd IEEE Computer Security Foundations Symposium, pp. 107–121, July 2010. https://doi.org/10.1109/CSF.2010.15

Article 29 Data Protection Working Party: statement on the role of a risk-based approach in data protection legal frameworks. WP 218, 30 May 2014

Article 29 Data Protection Working Party: Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679. WP 248 rev 0.1, 4 April 2017

Bieker, F., Friedewald, M., Hansen, M., Obersteller, H., Rost, M.: A process for data protection impact assessment under the european general data protection regulation. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 21–37. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44760-5_2CrossRef

Bishop, M.: Introduction to Computer Security. Addison-Wesley Professional, Boston (2004)

Burkert, H.: Balancing informational power by informational power or Rereading Montesquieu in the internet age. In: Brousseau, E., Marzouki, M., Méadel, C. (eds.) Governance, Regulation and Powers on the Internet, Book Section 4, pp. 93–111. Cambridge University Press, Cambridge (2012)CrossRef

Castro, D.: Explaining international leadership: electronic identification systems. Technical report, ITIF (2011). http://www.itif.org/files/2011-e-id-report.pdf

10.

Cavoukian, A.: 7 Laws of identity: the case for privacy-embedded laws of identity in the digital age. Information and Privacy Commissioner of Ontario (2006). http://www.ontla.on.ca/library/repository/mon/15000/267376.pdf

11.

Cavoukian, A.: Privacy by design: the 7 foundational principles. Information and Privacy Commissioner of Ontario (2009). https://www.ipc.on.ca/wp-content/uploads/resources/7foundationalprinciples.pdf

12.

Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, New York (1990). https://doi.org/10.1007/0-387-34799-2_25CrossRef

13.

Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981). https://doi.org/10.1145/358549.358563CrossRef

14.

CNIL: Privacy Impact Assessment (PIA): Methodology (How to Carry out a PIA). Commission Nationale de l’Informatique et des Libertés (2015). https://www.cnil.fr/sites/default/files/typo/document/CNIL-PIA-1-Methodology.pdf

15.

Conference of the Independent Data Protection Authorities of the Bund and the Länder: the standard data protection model. V.1.0 - Trial version (2017). https://www.datenschutzzentrum.de/uploads/sdm/SDM-Methodology_V1.0.pdf

16.

Dhamija, R., Dusseault, L.: The seven flaws of identity management: Usability and security challenges. IEEE Secur. Priv. 6(2), 24–29 (2008). https://doi.org/10.1109/msp.2008.49CrossRef

17.

eIDAS Technical Sub-group: eIDAS - Interoperability Architecture (2015). https://joinup.ec.europa.eu/sites/default/files/document/2015-11/eidas_interoperability_architecture_v1.00.pdf

18.

eIDAS Technical Sub-group: eIDAS SAML Attribute Profile, 20 June 2015. https://joinup.ec.europa.eu/sites/default/files/eidas_saml_attribute_profile_v1.0_2.pdf

19.

eIDAS Technical Sub-group: eIDAS Message Format. v. 11.2 (2016). https://ec.europa.eu/cefdigital/wiki/download/attachments/46992719/eIDAS%20Message%20Format_v1.1-2.pdf?version=1&modificationDate=1497252919575&api=v2

20.

ENISA: Privacy and Data Protection by Design (2015). https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/privacy-and-data-protection-by-design

21.

European Commission: Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: EU eGovernment Action Plan 2016–2020 - Accelerating the digital transformation of government. COM(2016) 179 final, Brussels, 19 May 2016. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52016DC0179

22.

European Commission: eIDAS-Node Integration Package Service Offering Description (2018). https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS+Node+integration+package?preview=/46992716/59191417/CEF_eID_eIDAS-Node_Integration_Package_Service_Offering_Description.pdf

23.

Federal Office for Information Security [BSI]: Innovations for an eID Architecture in Germany (2011). http://www.personalausweisportal.de/SharedDocs/Downloads/EN/Flyers-and-Brochures/Broschuere_BSI_innovations_eID_architecture.html?nn=6852820

24.

Federal Office for Information Security [BSI]: Technical Guideline TR-03127: Architecture electronic Identity Card and electronic Resident Permit (2011). https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03127/BSI-TR-03127_en.pdf

25.

Federal Office for Information Security [BSI]: eIDAS Notification of the German eID, February 2017. https://www.bsi.bund.de/EN/Topics/ElectrIDDocuments/German-eID/eIDAS/notification/eIDAS_notification_node.html

26.

Federal Office for Information Security [BSI]: German eID based on Extended Access Control v2: Overview of the German eID system. version 1.0, 20 February 2017. https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/EIDAS/German_eID_Whitepaper.pdf?__blob=publicationFile&v=7

27.

Government Digital Service: GOV.UK Verify Technical Guide: Architecture Overview, October 2014. https://alphagov.github.io/rp-onboarding-tech-docs/pages/arch/arch.html

28.

Hansen, M.: Marrying transparency tools with user-controlled identity management. In: Fischer-Hübner, S., Duquenoy, P., Zuccato, A., Martucci, L. (eds.) Privacy and Identity 2007. ITIFIP, vol. 262, pp. 199–220. Springer, Boston, MA (2008). https://doi.org/10.1007/978-0-387-79026-8_14CrossRef

29.

Hansen, M., Jensen, M., Rost, M.: Protection goals for privacy engineering. In: 2015 IEEE Security and Privacy Workshops, pp. 159–166. IEEE, San Jose (2015). https://doi.org/10.1109/SPW.2015.13

30.

Hes, R., Borking, J. (eds.): Privacy-Enhancing Technologies: The Path to Anonymity, Revised edn. Registratiekamer, The Hague (2000)

31.

Hornung, G., Schnabel, C.: Data protection in Germany I: the population census decision and the right to informational self-determination. Comput. Law Secur. Rev. 25(1), 84–88 (2009). https://doi.org/10.1016/j.clsr.2008.11.002. http://www.sciencedirect.com/science/article/pii/S0267364908001660CrossRef

32.

Horsch, M., Tuengerthal, M., Wich, T.: SAML privacy-enhancing profile. In: Hühnlein, D., Roßnagel, H. (eds.) P237 - Open Identity Summit 2014, pp. 11–22. Gesellschaft für Informatik e.V, Bonn (2014)

33.

Hühnlein, D., et al.: Futuretrust - future trust services for trustworthy global transactions. In: Hühnlein, D., Roßnagel, H., Schunck, C.H., Talamo, M. (eds.) P264 - Open Identity Summit 2016, pp. 27–41. Gesellschaft für Informatik eV, Bonn (2016)

34.

Hühnlein, D., et al.: SkIDentity - Trusted Identities for the Cloud (2015). https://www.skidentity.de/fileadmin/Ecsec-files/pub/7_SkIDentity-final.pdf

35.

ISO/IEC 15408–1:2009: Information technology - security techniques - evaluation criteria for it security - part 1: Introduction and general model, International Organization for Standardization, Geneva, CH (2009)

36.

ISO/IEC 27002:2013: Information technology - security techniques - code of practice for information security controls, International Organization for Standardization, Geneva, CH (2013)

37.

ISO/IEC 29134:2017: Information technology - security techniques - guidelines for privacy impact assessment, International Organization for Standardization, Geneva, CH (2017)

38.

Khatchatourov, A., Laurent, M., Levallois-Barth, C.: Privacy in digital identity systems: models, assessment, and user adoption. In: Tambouris, E., et al. (eds.) EGOV 2015. LNCS, vol. 9248, pp. 273–290. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22479-4_21CrossRef

39.

Koning, M., Korenhof, P., Alpár, G.: The ABC of ABC - an analysis of attribute-based credentials in the light of data protection, privacy and identity. In: Balcells, J. (ed.) Internet, Law & Politics : A Decade of Transformations. Proceedings of the 10th International Conference on Internet, Law & Politics, Universitat Oberta de Catalunya, Barcelona, 3–4 July, pp. 357–374. Huygens Editorial, Barcelona (2014). http://edcp.uoc.edu/proceedings_idp2014.pdf

40.

Le Métayer, D.: Privacy by design: formal framework for the analysis of architectural choices. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy (CODASPY), San Antonio (2013)

41.

Pfitzmann, A., Hansen, M.: Anonymity, Unlinkability, Unobservability, Pseudonymity and Identity Management - A Consolidated Proposal for Terminology. Version v0.34, 10 August 2010. https://www.kantarainitiative.org/confluence/download/attachments/45059055/terminology+for+talking+about+privacy.pdf

42.

Poller, A., Waldmann, U., Vowe, S., Turpe, S.: Electronic identity cards for user authentication - promise and practice. IEEE Secur. Priv. 10(1), 46–54 (2012). https://doi.org/10.1109/MSP.2011.148CrossRef

43.

Roßnagel, H., et al.: FutureID - shaping the future of electronic identity. In: Annual Privacy Forum 2012, Limassol, Cyprus, 10–11 October 2012

44.

Servida, A.: Principles and guidance on eID interoperability for online platforms. Revised draft version of January 2018. https://ec.europa.eu/futurium/en/system/files/ged/draft_principles_eid_interoperability_and_guidance_for_online_platforms_1.pdf

45.

STORK: D4.11 final version of technical specifications for the cross-border interface (2015). https://www.eid-stork2.eu/index.php?option=com&view=file&id=64:d411-final-version-of-technical-specifications-for-the-cross-border-interface&Itemid=174

46.

Tsakalakis, N., O’Hara, K., Stalla-Bourdillon, S.: Identity assurance in the UK: technical implementation and legal implications under the eIDAS regulation. In: Proceedings of the 8th ACM Conference on Web Science. WebSci ’16, pp. 55–65. ACM, New York (2016). https://doi.org/10.1145/2908131.2908152

47.

Tsakalakis, N., Stalla-Bourdillon, S.: Documentation of the legal foundations of trust and trustworthiness. FutureTrust deliverable D2.8 v. 1.00, 29 June 2018. https://docs.wixstatic.com/ugd/2844e6_b441a5f255f94cf78a7d4c890e2fe6aa.pdf

48.

Tsakalakis, N., Stalla-Bourdillon, S., O’hara, K.: What’s in a name: the conflicting views of pseudonymisation under eIDAS and the general data protection regulation. In: Hühnlein, D., Roßnagel, H., Schunck, C.H., Talamo, M. (eds.) P264 - Open Identity Summit 2016, pp. 167–174. Gesellschaft für Informatik e.V., Bonn (2016)

49.

Veeningen, M., de Weger, B., Zannone, N.: Data minimisation in communication protocols: a formal analysis framework and application to identity management. Int. J. Inf. Secur. 13(6), 529–569 (2014). https://doi.org/10.1007/s10207-014-0235-zCrossRef

50.

Yee, G.O.M.: Privacy Protection Measures and Technologies in Business Organizations: Aspects and Standards. IGI Publishing, Hershey (2011)

51.

Zwingelberg, H.: Necessary processing of personal data: the need-to-know principle and processing data from the new German identity card. In: Fischer-Hübner, S., Duquenoy, P., Hansen, M., Leenes, R., Zhang, G. (eds.) Privacy and Identity 2010. IAICT, vol. 352, pp. 151–163. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20769-3_13CrossRef

52.

Zwingelberg, H., Hansen, M.: Privacy protection goals and their implications for eID systems. In: Camenisch, J., Crispo, B., Fischer-Hübner, S., Leenes, R., Russello, G. (eds.) Privacy and Identity 2011. IAICT, vol. 375, pp. 245–260. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31668-5_19CrossRef

Titel: Data Protection by Design for Cross-Border Electronic Identification: Does the eIDAS Interoperability Framework Need to Be Modernised?
verfasst von: Niko Tsakalakis
Sophie Stalla-Bourdillon
Kieron O’Hara
Verlag: Springer International Publishing
Buch: Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data
Print ISBN: 978-3-030-16743-1

Electronic ISBN: 978-3-030-16744-8

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-16744-8_17

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"