In online identity management and authentication there has been significant work related to the technical exchange of identity information and the actual authentication processes.
This is the cutting edge of a new area of law that is starting to get real attention. Identity Authentication.
“It varies by jurisdiction but there’s a fair amount of privacy law, particularly in the European Union, but to a lesser extent in the U.S. financial and health care sectors,” Smedinghoff says.
Case law starting is starting to ramp up...
In situations regarding identity theft, case law is beginning to emerge. Courts are starting to point the finger at businesses that did not, in their opinion, do enough to protect personal information. Businesses need to be sure to meet obligations and properly authenticate or identify individuals and make sure not to release personal or confidential information.
If a business is the identity provider within the management process, then they are making assertions about a subject to a third party or a relying party. These assertions can, in theory, be considered warranties or representations.
This is good news for online users, with new 'mashup' technologies and cloud solutions entering the market place it is simpler for website owners to secure their users with technologies like LiveEnsure™ multifactor authentication.(http://www.liveensure.com/). Consumers need to trust that online portals are protecting them to do business, the law is highlighting the need for businesses to set us security systems that do this.
Full Article:
http://www.secureidnews.com/2010/06/01/identity-management-and-the-law
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment