There is a range of important technical and regulatory features a DPI should offer to empower the user. The features in this chapter are particularly important for user trust in the system.
<aside> đź’ˇ
Users need to know who is requesting their personal information before deciding what to share about themselves.
</aside>
The answer you give to a question may depend on who is asking it. This is true not only in the analogue world, but even more so in digital systems, where information is often exchanged with individuals who are not in your immediate proximity. Therefore, it is essential that any digital public infrastructure (DPI) requiring users to share their identification or other personal information also provides them with the identification of the other party involved.
Respecting privacy means empowering users to make informed decisions. This safeguard protects individuals not only from unintended information sharing, but also from fraud and identity theft. To exercise their individual rights, such as the rights of access and erasure, users must know the identity of the relying party processing their data.
<aside> đź“Ś
Selective disclosure is a powerful feature that empowers users to give fine-grained consent over which specific parts of their information they wish to share.
</aside>
When a user is asked to share a set of attributes, they are not limited to either accepting the request in full or rejecting it outright—they can also selectively disclose only the information they choose to share. For example, a request for proof of a person’s university degree can be answered by sharing only the academic title, without revealing the name of the university or the student ID number.
example screenshot of a selective disclosure dialogue
Digital technology is very good at keeping records up to date and organising information. This capability can be used to ensure that users always have a complete overview of their transactions within the DPI. Similar to a bank account, the trust in the system depends on complete record keeping.
Such a transaction history should allow the users to access a full list of all their transactions, including failed or rejected ones. Such a feature must include information about which relying party requested what data, for what purpose, and exactly what information was shared with them.
The individual rights of end-users, such as the right to lodge a complaint with a competent Data Protection Authority or to request the deletion of their data, should be enforceable for each transaction.
<aside> <img src="/icons/gavel_blue.svg" alt="/icons/gavel_blue.svg" width="40px" />