Our Explication
As we considered the conundrum – how to manage online TRUST – it became clear from our detailed analysis of the problem with online identity, for people, that any viable solution would need to have three aspects in scope. Such a solution would need to consider:
a means by which people could control their identity data,
the use of cryptography to provide privacy and security, and
compliance with regulations such as data protection.
Analysis of all three knowledge domains offers the potential to shape a common solution that would enable people to manage and control their new identity asset. Objectsoft pursued this strategy through analysis and refinement to arrive at a stable information architecture that encapsulates the three tenets; control of identity; privacy and security; and regulatory compliance.
Data Protection Regulation
Personal Identifiable Information
With a stable information architecture in place, functionality could then be defined and implemented that would serve the requirements of three principal system actors; the Identity Controller; the Identity Processor; and the Identity Owner. Since the overarching emphasis of the software system was to enable claiming and assuring identity for e-signatures, we finally settled on the name ‘e-ntitle.®’ to reflect the idea that each of us can claim and take control of our identity attributes using a compliant ID Management as a Service (IDMaaS).
Whilst the EU GDPR is an evolution from a number of prior data protection laws, what marks it out is the numerous rights afforded to the Identity Owner and the significant fines for infringement. We anticipated this more stringent direction as GDPR was being formulated and we expect a similar approach in the area of Privacy which is underway.