The project name, GINI-SA, is an abbreviation of "Global Identity Networking of Individuals - Support Action". GINI-SA aims to investigate and establish the foundations for the architectural, legal, regulatory requirements, as well as the provisioning and privacy enhancing aspects, of a framework of user-centric identity management services. GINI-SA is based on the assumption that individuals, i.e. citizens, consumers, users of any related services, should be able to manage their own identity data and provide it in an open and flexible manner. As a Support Action, the main objective of the project is to form the basis whereupon the research community, the European Commission, various policymakers and other institutional, industrial or social stakeholders in the field of identity management, will be able to consult among each other and join forces in advancing the research agenda, which will lead to the implementation of new, user-centric services.
The GINI-SA project works towards the vision of a Personal Identity Management environment where individuals will be able to manage their own identity space (Individual Digital Identity – INDI), and user-specific identity services will be available in the INDI space with certain privacy protection and privacy enhancement provisions.
More specifically, the Personal Identity Management environment will have the following key features:
- Individuals will be able to manage their own identity (Individual Digital Identity –INDI) space
- Establish one or several claimed digital identities according to their own preferences and not because they are obliged by service providers
- Link their INDI space with their authoritative identity data residing in government controlled public registries and/or other trusted repositories (i.e. banks)
- Manage multiple identity footprints (i.e. cross-border)
- Control Authorization mandates, enabling Role definition, Delegation and Consent
- User-specific identity services available in the INDI space will include:
- Presentation of their INDI to organisations and other individuals to facilitate trusted transactions in Citizen-to-Administration (C2A), Citizen-to-Business (C2B) and Citizen-to-Citizen (C2C) situations
- Attachment of their INDI to:
- Profiles created with service provider organisations and social networks, which could become verified
- Messages (email, sms, wiki and blog posts, etc) that could be verified
- One-stop interface for linking, storing, managing identity attributes and related application data/documents to a Virtual Individual Digital Identity Folder (VINDIF), which will facilitate presentation and attachment of VINDIF attributes and allow individuals to obtain a holistic view of their personal, professional, social and formal identity space
- Privacy protection and privacy enhancement provisions
- Identity data minimization through personal control of information submitted, stored and viewed by organisations and other individuals
- Right and possibility to provide, through the INDI, verified links to personal data, rather than the data itself, to service providers and trusted third parties. This will make it possible to enforce the principle of proportionality
- Justified demands on the level of assurance required for C2A, C2B transactions and trusted relationships
- Personal decisions on the level of assurance required for C2C transactions and trusted relationships
Some areas of applicability of INDI ecosystem:
- Citizen-to-Administration (C2A): More efficient access to eGovernment
- Multiple tokens for eGovernment
- Authorization and consent (e.g., eHealth)
- “INDI folder”: a “Virtual Dossier” for citizens
- Citizen-to-Business (C2B): Control of identity data through proportional supply of verified links to interacting parties
- Subscriptions to operators
- Service provision (online or physical)
- Citizen-to-Citizen (C2C): user-controlled trust building processes
- Selling, consulting, auctions, and other transactions in the personal sphere
- Social networking 2.0: personally-controlled single (if distributed) profile enabling person-to-person networking beyond today’s community-based profiles and closed environments
- Cross-domain / sector-specific
- eHealth: Dynamic patient-centric consent management and delegation
- eBusiness: Dynamic, user-centric Role and Mandate management
- Outline the requirements for the next-generation of user-centric identity management service architecture, enabling new, networked consumer services.
- Identify and promote the emergence of models for business provision and societal use of user-centric identity management services, which enhance individuals’.
- Identify, establish and justify the need for legal and regulatory frameworks for the next generation Operators (Identity Service Providers and Validation Services) in the European consumer service landscape.
- Create a community of interest and practice around the Individual Digital Identity (INDI) concept by engaging all relevant actors, stakeholders and initiatives in the sector, to promote awareness raising and international cooperation and consensus on standardization, accreditation, regulatory supervision and social acceptance of user-centric identity management services.
- Suggest a framework for the interconnection and cross-fertilization among current initiatives at the national and EU-level, with major emphasis on European Commission supported initiatives.
- Develop a roadmap of long-term, implementation-oriented research activities that will drive the next research agenda for the research community, industrial or social stakeholders, the European Commission and other EU and national level institutional stakeholders in the field of identity management.
- Make policy recommendations for national and EU level policymakers, on a way forward in order to create the institutional framework necessary for the emergence of INDI operators.
Project main outputs:
- A roadmap identifying new research and technology development areas within and beyond the domains defined by the present project with the aim of contributing to the research and development priorities of FP8, the Competitiveness and Innovation Programme (CIP), and other important initiatives.
- A White Paper identifying domains for policy intervention in terms of regulation, legal measures, technology policy and institutional re-organisation at EU, national and regional levels, needed in order to enable and support the emergence of an operator-driven infrastructure for user-centric identity management in the context of the envisioned INDI ecosystem.
Duration: 24 months
Start Date: 06.01.2010
End Date: 05.31.2012
Partners: 8 partners from 6 European countries namely Sweden, Germany, Belgium, Austria, Greece and Finland.
Project Total Cost: 844.617 euro
Total EC Funding: 724.996 euro