On Thursday 26 November I had the opportunity to participate in the III Congress electronic ID and digital identity organized by ASIMELEC . Specifically it was in the roundtable "The Digital Identity Accreditation and Data Protection ", which was invited the English Professional Association Privacy-APEP, of which I am Secretary.
Besides the general issues addressed in this event on the electronic signature and, specifically, the electronic identity card (see program ), the board addressed the implications that has the setup and operation of this tool the perspective of the right to protection of personal data of their owners. In particular, we discussed many aspects of great relevance in this regard, among which can be highlighted:
• the potential use of electronic signatures for identification of minors on the Internet and the difficulties to use for this purpose the DNI-e, both in the absence of an obligation on the part of children for that instrument and, in particular, because minors are not active functionality on the certificates;
• the higher incidence of use of electronic ID may result in the personal sphere of the owners to the extent that its use is required for actions in life "face" do not require reliable identification on especially given the increased technical capabilities to collect information that is not strictly necessary for the purpose that justifies the service concerned;
• the implications for the fundamental right of art. 18.4 of the Constitution posed by the processes of checking the revocation status of certificates, especially from the perspective of the actions undertaken by the authorities of validation
• and, above all, the controversy relating to personal data incorporated into electronic documents digitally sign when using the DNI-e, as the public information of the certificates become part of the document and, therefore, anyone who can get to know not only the number of owner NIF but also your birth date or even a summary of its digital fingerprint and other personal information.
main conclusion of the roundtable would highlight the importance of the DNI-e design and computer applications that will be used taking into account the requirements of the protection of personal data of their owners, in particular from the principle of data quality to address two of its manifestations: the compatibility of uses and, above all, the principle of finality.
0 comments:
Post a Comment