|
This page is available at www.oecd.org/internet/idm
Download
Digital Identity Management:
Enabling Innovation and
Trust in the
Internet Economy In the early days of the World Wide Web, the possibility for anybody connected to the Internet to access information simply by clicking on hyperlinks was revolutionary.
However, within the span of a few year, another revolution took place: the possibility for individuals to establish personalised interactions with remote computers, where these computers take into account who the user is for delivering information and services in a personalised manner.
This evolution ushered a decade of innovation, enabling Internet services to become pervasive,ubiquitous and increasingly essential in everyday life. It has transformed our economies and societies, serving as a building block for the Internet economy.
The management of digital identity has many facets - technical, economic, social and cultural - and is complex to understand and address as a whole. It raises the issue of how to translate in the digital world the mechanisms through which individuals trust each others as a prerequisite to interacting with each other.
At this stage, the management of digital identity does not seem to have reached the level of maturity which would enable the full realisation of the Internet economy.
In particular, interactions which carry a high level of risk are not yet common on the Internet. The level of trust that existing digital identity management practices provide is not high enough for users to engage into this type of transactions. Why is the market not providing an appropriate response? How should government approach this question and what should be their role?
The OECD Working Party on Information Security and Privacy (WPISP) has been working on this topic since 2007 with the objective of helping policy makers to understand the concept of "digital identity", its role in the development of the Internet economy and how to develop better digital identity management public policies. The main outputs are introduced below. They were developed in furtherance of the Seoul Ministerial Declaration on the Future of the Internet Economy (2008).
OECD work on digital identity is the continuation of almost ten years of activities on policy issues related to electronic authentication, initiated in 1998 in the early days of e-commerce and e-government. The main outputs are introduced below as well and include two OECD legal instruments: the 2007 Recommendation on Electronic Authentication and the 1998 Declaration on electronic authentication.
This stream of work stands at the crossroad of OECD activities in the area of security of information systems and networks and privacy protection, all carried out by the WPISP.
Digital Identity Management
The 4 reports below are included in this booklet.
This report introduces the fundamentals of digital identity from a government policy perspective and provides guidance for government policy makers on strategies that support innovation across the public and private sectors while enhancing security, privacy and trust online. This short document is based on the main findings of the reports below.
This report explores national strategies for digital identity management in OECD countries. Based on a comparative analysis, it analyses how governments approach digital identity policy making and identifies key commonalities and differences across countries at strategic and policy levels.
This primer aims to provide policy makers a broad-brush understanding of the various dimensions of digital identity management. It also aims to support efforts to address public policy issues for securely managing and protecting digital identities, with a view to strengthening confidence in the online activities crucial to the growth of the Internet Economy.
This workshop, organised by the OECD and hosted by the Norwegian Ministry of Education and Research and Ministry of Government Administration and Reform, brought together experts from government, industry and civil society to explore the main information security and privacy issues surrounding digital identity management.
Electronic authentication
Download
Recommendation and
Guidance for
Electronic Authentication
This Recommendation encourages efforts by Member countries to establish compatible, technology-neutral approaches for effective domestic and
cross-border electronic authentication of persons and entities. It should be read in conjunction with OECD Guidance for Electronic Authentication (see below).
This document provides policy and practical guidance for the development, implementation and use of electronic authentication products and services as they relate to the authentication of persons and entities.
The Guidance sets out the context and importance of electronic authentication for electronic commerce and electronic government and provides a number of foundation and operational principles that constitute a common denominator for cross-jurisdictional interoperability. It aims to help Member countries and non-Member economies establish or, as appropriate, amend their approaches to electronic authentication with a view to facilitate cross-border co-operation.
It served as the basis for the 2007 OECD Council Recommendation on electronic authentication (see above).
This Declaration was adopted at the Ministerial Conference "A Borderless World: Realising the Potential of Global Electronic Commerce" held in Ottawa, Canada. It recognises the importance of authentication for
electronic commerce and outlined a number of actions to promote the development and use of electronic authentication technologies and mechanisms.
|
