In general, parties communicating with each other, whether electronically or otherwise, can place a range of demands on the security and reliability of their exchange of data. Important reliability criteria are:
- Identification and authentication: who am I communicating with (identification) and can I be sure that the other party is indeed who he or she claims to be (authentication)?
- Authorization and qualification: does the other party have the correct rights (authorization) or skills (qualification) to carry out the transaction?
- Confidentiality: can I safely assume that only the person I want to communicate with can find out about the contents of my message?
- Integrity: is what I have received really the original message or has it been changed on its way to me?
- Incontestability: can I prevent a sender later denying ever having sent a message or an addressee maintaining that he or she never received my message?
- Point in time: when was this message sent or when did the transaction take place?
One technological tool which has been become virtually indispensable for guaranteeing these criteria in an open electronic environment is cryptography, the use of secret codes. Public-key cryptography in particular is rapidly gaining popularity. This method uses two different keys, one to encrypt messages and the other to decrypt them. The owner must keep secret one of the two keys, the private key, while publishing the other. Public-key cryptography can be used in two ways, depending on which of the two keys is published. If the encrypting key is public, then anyone can use this key to produce an encrypted message which can then only be decrypted by the owner of the corresponding private key. If on the other hand the decrypting key is public, this can serve as authentication of the source of an encrypted message: only the owner of the corresponding private key can have encrypted the message. The latter technique is known as applying a digital signature.
The use of public-key cryptography requires a reliable way of linking the key to the identity or other attributes of its owner. The infrastructure needed for this process is called a public-key infrastructure (PKI). A trusted third party (TTP) guarantees the said link within a PKI. To do so, the TTP also uses an electronic signature. A digital certificate is an digitally signed electronic document, published by a TTP, which establishes the link between a public key and attributes of its owner.
The Netherlands is on the eve of large-scale introduction of TTPs.
Since the beginning of 2001, rules for the proper and careful handling of personal data have been set out in the Personal Data Protection Act (Wet bescherming persoonsgegevens or Wbp). The basic principles of the Wbp are:
- purpose limitation
- legitimacy
- proportionality and subsidiarity
- transparency
- protection of data subject's rights
Purpose limitation means that when collecting personal data, the purpose of their collection must be clearly specified. The further processing of the collected data must be compatible with the purpose for which they were collected.
Legitimacy implies first and foremost that data are processed in a proper, careful and legal manner. The data must also be relevant, sufficient, not disproportionate, and accurate. The Wbp specifies a limited number of possible legal bases for the legitimate processing of personal data.
Proportionality amounts to the question 'Is the means being used proportionate to the purpose being pursued?' Subsidiarity centres on the question 'Is there no less restrictive alternative?'
Transparency means that a person whose data is being processed has a right to information. The data subject must be informed about who is processing what kind of data, and for what purpose.
The Wbp grants the data subject the right to access his or her data and to request their rectification or erasure. A data subject who has suffered damage as a result of unlawful data processing has a right to compensation.
Anyone processing data must implement appropriate technical and organizational measures to protect those data. One way of doing this is to use privacy-enhancing technologies (PETs).
TTPs who offer PKI services are subject not only to the Wbp but also to European Directive 99/93/EG. This Directive contains strict regulations for how TTPs must handle personal data and stipulates that the Member States may not prohibit the use of pseudonyms.
The Telecommunications Act (Telecommunicatiewet) only applies to TTPs insofar as the services they offer involve the transmission of signals. This is practically never the case.
Anonymous use of a digital signature is appropriate in certain cases, but in general it will be desirable for the owner's identity to be known. This does not mean that the owner's identity has to be indicated on the certificate. It is often sufficient that the owner's identity can be traced if necessary, for example in the case of fraud. Considering the fact that the user of a certificate containing a pseudonym obviously wishes to remain anonymous, there must be clear guidelines for determining under which circumstances these data may nevertheless be disclosed to others. In future, more attention should be given to models for 'PET certificates', which use, among other measures, pseudonyms for protecting privacy.
Traditional identification data such as name and address are an insufficient basis for reliably linking personal data. Such linking may benefit the quality of the data, but it can also entail considerable privacy risks. For this reason it is undesirable to introduce a general personal ID number for data-linking purposes. Sector-related numbers may be able to offer a solution. A situation must not be allowed to develop in which public keys (or biometric templates, which would be more dangerous still) act as alternative personal ID numbers.
Various types of information are disseminated within a PKI, most importantly the data on the certificate and information about certificates which have been revoked. In most cases, certificates are disseminated via a public directory. This is only allowed with the consent of the certificate owner. Consent must be given voluntarily and against the background of a real and feasible alternative, and must be based on accurate, clear and complete information. Disseminated information about revoked certificates may not contain more details than necessary. For instance, a serial number should be used instead of the whole revoked certificate. Widespread public access to certificates presents many opportunities for compiling detailed profiles. For this reason, private dissemination (or even non-dissemination) should be considered a serious alternative.
PKI information is disseminated for a specific purpose. Further processing of this information must be compatible with this purpose. This also applies to dissemination via a public directory. Consequently, the administrator of such a directory should organize it with the designated purpose in mind.
Various parties can demand access to data available to TTPs. They may want to trace the identity of a certificate owner who uses a pseudonym, obtain keys for decrypting messages or files, or gain access to the messages or files themselves. Investigation and intelligence services have various legal powers in this area. The legitimate access of other parties is in the main based on a more general right to certain information. The Dutch Data Protection Authority (DPA) advocates an approach whereby the government's need to be able to trace certain data is balanced against the citizen's right to privacy.