Digital identity: an emergent legal concept; an analysis of the role and legal nature of digital identity in a transactional context.

This thesis examines the emergent legal concept of digital identity under the United Kingdom National Identity Scheme ('NIS') and its Australian counterpart, the Access Card Scheme('ACS') proposed in 2007. The Identity Cards Act 2006 UK c 15 ('Identity Cards Act’) and the Human Services (Enhanced Service Delivery) Bill (Cth) 2007 ('Access Card Bill') reveal a remarkably similar concept of identity in terms of its constitution and especially its functions. The United Kingdom scheme is currently being established, whereas the proposed Australian Scheme has been shelved following a change of government late in 2007. The NIS is therefore used as the model for this study but the analysis applies to any such scheme based on digital technology, including the ACS, should it be resurrected. The emergent concept of digital identity which is the subject of this thesis arises from legislation. It is a legal construct which consists of a collection of information that is stored and transmitted in digital form, and which has specific functions under the identity scheme. In this study, the information recorded about an individual for an identity scheme is referred to as an individual's 'database identity.' Database identity consists of information prescribed by legislation. Collectively, that information comprises an individual's registered identity. Under the United Kingdom scheme, it includes an individual's name/s, gender, date and place of birth and date of death, photograph, signature and biometrics, and other information such as citizenship and residential status including residential address/es, nationality, identity card number, passport number, work permit number, driver‘s licence number, and administrative information such as security and verification details. Within database identity is a small subset of information which is an individual‘s transactional identity, that is, an individual‘s identity for transactional purposes. In this study, that subset of database identity is called an individual‘s 'token identity'. Under the NIS, token identity consists of name, gender, date and place of birth, date of death and biometrics. Token identity is the gateway to the other information which makes up database identity and token identity has specific functions at the time of a transaction which give it legal character. In effect, it operates as the individual‘s transactional 'key.' Presentation of the required token identity at the time of the transaction enables the system to recognise, and to deal with, the registered identity. This thesis is therefore not about identity in the deep philosophical sense of 'who am I?' or 'what makes me, me?' It is about a legal concept of individual identity for specific purposes under a national identity scheme. In many ways, though, the concept of digital identity which is the subject of this thesis is just as important in a modern legal context. Under a national identity scheme, the response to the question 'who am I? ' is 'you are who the scheme (and in particular, the National Identity Register ('NIR')) says you are.' As the first conceptual legal analysis of identity in a transactional context, this thesis examines the functions and legal nature of database identity, and particularly token identity. Token identity has specific functions at the time of a transaction which are analysed from a legal perspective to determine whether token identity is a form of legal personality. This thesis also contends that individual personal and proprietary rights necessarily apply as a result of the functions and legal nature of this emergent concept of identity. In addition to the well- recognised right to privacy, this thesis argues that the concept gives rise to the right to identity which has been overlooked in this context. For the first time, identity as a legal concept is distinguished from privacy which is the focus of legal scholarship and jurisprudence in this area. The right to identity is contrasted with the right to privacy and the protection afforded by the right to identity in this context by those human rights in the United Kingdom is considered. The protection afforded to an individual in the United Kingdom is contrasted with the situation in Australia which does not currently have a comprehensive national human rights charter. In view of the limited protection which is currently provided to token identity by the civil law, the protection provided by the criminal law in both the United Kingdom and Australia becomes particularly significant in considering the obligations and rights which arise under the scheme. The adequacy of the criminal law in addressing the nature and consequences of the dishonest use by a person of another person‘s identity information is therefore also examined. Identity theft is defined and distinguished from identity fraud, having regard to the emergent concept of digital identity and the wrong and the harm caused by its misuse. In particular, the nature of token identity is examined and the consequences of its misuse by another person are considered in determining whether token identity is property which is capable of being the subject of theft and criminal damage. The thesis concludes by summarising the major insights provided by chapters 1-6 with a view to the future when national identity schemes like that of the United Kingdom, and indeed international schemes, will be commonplace and token identity routinely required for most commercial transactions. In that environment, being asked to provide one‘s token identity is likely to be as common and as routine as being asked one's name. / Thesis (Ph.D.) -- University of Adelaide, Law School, 2009

Identiferoai:union.ndltd.org:ADTP/269138
Date January 2009
CreatorsSullivan, Clare Linda
Source SetsAustraliasian Digital Theses Program
Detected LanguageEnglish

Page generated in 0.0027 seconds