Harald ZwingelbergUnabhängiges Landeszentrum für Datenschutz
Harald Zwingelberg
About
13
Publications
3,184
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
107
Citations
Publications
Publications (13)
Purpose
This paper aims to present arguments about how a complex concept of privacy labeling can be a solution to the current state of privacy.
Design/methodology/approach
The authors give a precise definition of Privacy Labeling (PL), painting a panoptic portrait from seven different perspectives: Business, Legal, Regulatory, Usability and Human...
Privacy is currently in 'distress' and in need of 'rescue', much like princesses in the all-familiar fairytales. We employ storytelling and metaphors from fairytales to argue how a new and all-encompassing concept of Privacy Labelling (the 'knight in shining armour') can come to the rescue of Privacy (the 'princess in distress'). We paint a detaile...
The decision to employ Privacy-ABC systems and operate them is highly dependent on the business model, requirements and capabilities of the potential adopters. Nevertheless, more knowledge about various use cases of Privacy-ABCs and the problems that can be addressed by them may influence the benefits perceived by the decision makers. In this chapt...
This chapter gives an overview of relevant legal issues for the use of Privacy-ABCs. However, only legal issues stemming from privacy or data protection laws are examined. Further considerations regarding general civil or contractual problems are left aside, since they would require specific knowledge of the intended use-case and the involved entit...
Anonymous, yet accountable authentication solutions such as privacy-enhancing attribute-based credentials do not only provide various privacy features, but also contain an option of conditional identification of specific attributes of the user. While the technical functionality of this so-called inspection is available, it has not yet been examined...
Users in the Internet of Things (IoT) use strategies to determine if they should trust a system or service. These strategies are not actively declared, but it can be useful to know which strategy is being used. We provide possible actions that users may perform when using different trust strategies and possible ways these can be captured for user s...
Protection goals such as confidentiality, integrity and availability have proved to be successful in evaluating information security risks and choosing appropriate safeguards. The recently developed privacy-specific protection goals unlinkability, transparency and intervenability complement these classic goals and thereby provide cornerstones to de...
Many individuals are not aware of who is collecting and handling their personal data for what purpose. Usually privacy policies
are too long, too complicated to understand, and reading them is hardly appealing. To improve the awareness and comprehension
of individuals on what is happening with their personal data, privacy icons are being proposed....
Much research and development has been done during the past couple of years to assist users in managing their partial identities
in the digital world by several types of identity management [BMH05]. A comprehensive privacy-enhancing identity management
system would include the following components [CK01]: an Identity Manager (IdM) on the user’s si...
The new German electronic identity card will allow service providers to access personal data stored on the card. This imposes
a new quality of data processing as these data have been governmentally verified. According to European privacy legislation
any data processing must be justified in the sense that the personal data are necessary for the stip...
In our information society with processing of personal data in almost all areas of life, the legally granted right to privacy
is quite hard to preserve. User-controlled identity management systems have been proposed as a means to manage one’s own private
sphere. Still there is no functioning concept how privacy protection can be effectively safegua...
What is a virtual person? What is it used for? What is its added value?
Virtual persons sometimes describe avatars and new forms of identities in online games. They also appear in other contexts; some authors use them in the legal domain. Within FIDIS, the concept of virtual person has been extended in order to better describe and understand new fo...
Financial institutions have both business incentives and legal obligations to create risk profiles of their clients. Implementing profiling policies, however, raises several problems and does not seem to be effective and efficient for the purposes intended, such as risk management or tracking fraud, money laundering and terrorist funding. In this d...