In our information society with processing of personal data in almost all areas of life, the legally granted right to privacy
is quite hard to preserve. User-controlled identity management systems have been proposed as a means to manage one’s own private
sphere. Still there is no functioning concept how privacy protection can be effectively safeguarded over a long time period
and how self-determination in the field of privacy can be maintained in all stages of life from the womb to the tomb. When
user control and the capability to exercise rights can not yet or no longer be carried out by the data subject herself, the
decisions concerning the processing of personal data may have to be delegated to a delegate. In this text, we elaborate on
delegation of privacy-relevant actions under a lifelong perspective and point out possible legal, technological, and organizational
measures to appropriately take up the arising challenges. For crucial gaps in current concepts we sketch solutions and explain
implications on user-controlled identity management systems. Finally we give recommendations to stakeholders such as data
controllers, application designers and policy makers.
Keywordslifelong privacy-user-controlled identity management-delegation of privacy-incapability to exercise rights-privacy by delegate