Upload
ann-rose
View
213
Download
0
Embed Size (px)
Citation preview
Copyright, 2002 © Michael Sonntag
E-Mail: [email protected]: http://www.fim.uni-linz.ac.at/staff/sonntag.htm
Mag. Dipl.-Ing. Dr. Michael Sonntag
Privacy (and other) issues of Privacy (and other) issues of e-Government in one-stop portalse-Government in one-stop portals
Wroclaw Summer School on a Legal Framework for Information Society
Wroclaw, 19.9.-21.9.2002
Michael Sonntag 2Privacy issues of e-Government
Content
Motivation Federalism and One-Stop-Portals Official help between administrative branches Data exchange between authorities Automated decisions Conclusions
Michael Sonntag 3Privacy issues of e-Government
Motivation
Public administration should be model of excellence Changing status of portals
Information Few personal dataTransactions Lots of personal data
Largest advantage AND largest risks by integrating data from many sourcesDifferent ministries, health data, tax information, …
Reason for interest: eGOV project
Michael Sonntag 4Privacy issues of e-Government
Federalism and One-Stop-Portals (1)
Federalism =» Loose definition; only used here
Different entities» Federal / state / municipal / autonomous level
Different rules of procedure (possibly)No super-/subordination AND no common supervisor
One-stop portal =Simple for citizens: Fully integrated / details hiddenCentralized: management / administration / backup / …Data from many entities used (also for parts of others!)
Michael Sonntag 5Privacy issues of e-Government
Federalism and One-Stop-Portals (2)
Different roles: Controller ProcessorPortal operator - own proceedings: No problemPortal operator - proceedings of other entities
» Serves as a processor - Contract on each process required» Data access: How, when, for what?
Example: Filling in forms with external dataUser asks for own data and transmits it to another entityPortal is here processor for the user
DIFFERENT: Portal uses data to decide what to present the user (personalization)!
Michael Sonntag 6Privacy issues of e-Government
Official help between administrative branches
Usually no threat for privacyFormal procedure In writing: Each instance leaves traces behind Individual reason needed
» „Official“ ones: Needed for decision or other „content“Checking, whether this information may be passed on
One-stop portals:No formal procedure: Done automaticallyOnly general reason: „In such cases it‘s allowed“
» Typical case only; individual circumstance NOT verified!Used for other („non-official“) reasons too:
» Personalization, advice, filling in forms, ...
Michael Sonntag 7Privacy issues of e-Government
Data exchange between authorities (1)
If exchange is allowed, how will it be done?Verification: Who requests, which data, for what?
» Definition required which data may be sent for which reasons, who might send requests with certain reasons
Sending: Data must be masked» Only the authorized data may be sent, not the whole file/record» Therefore huge number of different data sets» Identification of data set per transaction, not unique» Encryption, partner server identification, …
Storage: Bound to single purpose» May be stored/used only for the purpose it was acquired for» Problem: Personalization requires relating it to other data
Michael Sonntag 8Privacy issues of e-Government
Data exchange between authorities (2)
Probably best solution: XML-based languageShould be a large solution: Not confined to small area
Organizational issues also importantHow to place requests Identification of users / Logging
Processes must be adapted Interfaces in electronic record handling systemsRetirement of old / definition of new requests / responsesPerson responsible for privacyUser education
Michael Sonntag 9Privacy issues of e-Government
Automated decisions (1)
Simple procedure & everything available online» (El. Signed or from secure sources) documents, databases, …
Automated decisions are possible» Examples: Dog tax, prolongations, etc.» Example: Register of residency (see e. g. Swiss project)
Problems: Identification of the citizen: Easy in portal!Gathering of evidence needed: Which sources?Payment should be anonymousOfficial decisions/notifications possible without any
human intervention?State/Local/… proceedings done by a federal system
Michael Sonntag 11Privacy issues of e-Government
Conclusions
Integrated one-stop portals are VERY helpful They pose legal problems: PrivacyComplicated and difficult to explainUse implied consent where possible
Data exchange between authorities necessary in such portals to bring advantagesPrinciple of minimalismMany (legally) different roles of the operator
Automated decisions usually possibleOnly for severely restricted areasSource data and resulting data: Special care needed!
Copyright, 2002 © Michael Sonntag
E-Mail: [email protected]: http://www.fim.uni-linz.ac.at/staff/sonntag.htm
Mag. Dipl.-Ing. Dr. Michael Sonntag
Questions?Questions?Thank you for your attention!
? ?
??
??