Abstract
Online communication has increased steadily over the past decades. It has become common practice that the identities of content creators do not have to be revealed. The use of abbreviations or pseudonyms is a de facto standard in online communities. Real identities are hidden behind these and protocol-based identifiers such as Internet Protocol Addresses are difficult to assign to real persons. Due to the increase of fake news and hate postings, the obligatory use of “real names” has been and still is discussed worldwide. In some countries, a “clear name” respectively “real name” obligation has been implemented or such laws are in the process of being implemented. One example is South Korea which gained international fame in 2007 as a “clear name” obligation has been introduced by law. The law was repealed shortly afterward.
In Germany, the “Netzwerkdurchsetzungsgesetz 2017” was passed. In Austria, a draft of the “Bundesgesetz über Sorgfalt und Verantwortung im Netz” (SVN-G) was submitted for review in 2019. Newspaper platforms and large corporations such as Twitter or Google would be affected by the obligation to use “clear names”. The architecture drafted in the SVN-G was analyzed by us and numerous weak points were identified. Thus, we propose a significantly improved architecture as well as an implementation outline using blockchain-based identity providers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Akkaya, C., Krcmar, H.: Towards the implementation of the EU-wide “once-only principle”: perceptions of citizens in the DACH-region. In: Parycek, P., et al. (eds.) EGOV 2018. LNCS, vol. 11020, pp. 155–166. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98690-6_14
Al-Youssef, M.: Postings: Aufhebung der Anonymisierung könnte gegen EU-Recht verstoßen. https://derstandard.at/2000101118088/Postings-Aufhebung-der-Anonymisierung-koennte-gegen-EU-Recht-verstossen. Accessed 09 Apr 2019
Ambrose, M.L., Ausloos, J.: The right to be forgotten across the pond. J. Inf. Policy 3, 1–23 (2013)
Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970). https://doi.org/10.1145/362686.362692
Bundesgesetzblatt: 44. Kundmachung: Aufhebung von Bestimmungen des Telekommunikationsgesetzes 2003, der Strafprozeßordnung 1975 und des Sicherheitspolizeigesetzes durch den Verfassungsgerichtshof (2014). Ausgegeben am 30. Juni 2014
Bundeskanzleramt: Bundesminister Blümel: ‘Der digitale Raum darf kein rechtsfreier Raum sein’. https://www.bundeskanzleramt.gv.at/-/bundesminister-bluemel-der-digitale-raum-darf-kein-rechtsfreier-raum-sein-. Accessed 10 Apr 2019
Carretero, J., Izquierdo-Moreno, G., Vasile-Cabezas, M., Garcia-Blas, J.: Federated identity architecture of the European eID system. IEEE Access 6, 75302–75326 (2018). https://doi.org/10.1109/ACCESS.2018.2882870
Chalaemwongwan, N., Kurutach, W.: A practical national digital id framework on blockchain (NIDBC). In: 2018 15th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), pp. 497–500, July 2018. https://doi.org/10.1109/ECTICon.2018.8620003
Cho, D., Kim, S., Acquisti, A.: Empirical analysis of online anonymity and user behaviors: the impact of real name policy. In: 2012 45th Hawaii International Conference on System Sciences, pp. 3041–3050, January 2012. https://doi.org/10.1109/HICSS.2012.241
Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: EU eGovernment Action Plan 2016–2020. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52016DC0179&from=EN. Accessed 10 May 2019
Digital Chosun Inc.: Real-name online registration to be scrapped. http://english.chosun.com/site/data/html_dir/2011/12/30/2011123001526.html. Accessed 30 Dec 2011
European Union Directive: 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official J. EC 23(6) (1995)
Elsden, C., Manohar, A., Briggs, J., Harding, M., Speed, C., Vines, J.: Making sense of blockchain applications: a typology for HCI. In: Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, CHI 2018, pp. 458:1–458:14. ACM, New York (2018). https://doi.org/10.1145/3173574.3174032
Feige, U., Fiat, A., Shamir, A.: Zero knowledge proofs of identity. In: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, STOC 1987, pp. 210–217. ACM, New York (1987). https://doi.org/10.1145/28395.28419
Gilad, Y., Herzberg, A., Shulman, H.: Off-path hacking: the illusion of challenge-response authentication. IEEE Secur. Priv. 12(5), 68–77 (2014). https://doi.org/10.1109/MSP.2013.130
Hammer, D.: Viele offene Fragen zu Registrierungspflicht. https://orf.at/stories/3118452/. Accessed 11 Apr 2019
Höchtl, B., Lampoltshammer, T.J.: E-Government in Österreich: Ein Überblick, pp. 1–27. Springer, Wiesbaden (2019). https://doi.org/10.1007/978-3-658-21596-5_7-1
Kumar, A., Lafourcade, P., Lauradoux, C.: Performances of cryptographic accumulators. In: 39th Annual IEEE Conference on Local Computer Networks, pp. 366–369, September 2014. https://doi.org/10.1109/LCN.2014.6925793
Kunnert, G.: EuGH zur Vorratsdatenspeicherung: Außer Spesen nichts gewesen? Datenschutz und Datensicherheit - DuD 38(11), 774–784 (2014). https://doi.org/10.1007/s11623-014-0303-6
Köppel, B., Neuhaus, S.: Analysis of a hardware security module’s high-availability setting. IEEE Secur. Priv. 11(3), 77–80 (2013). https://doi.org/10.1109/MSP.2013.56
Lam, O.: South Korea: Internet ‘real name’ law violates the constitution. https://advox.globalvoices.org/2012/08/28/south-korea-internet-real-name-law-violates-the-constitution/. Accessed 28 Aug 2012
Latif, L.: 35 million users are affected by a South Korea hack. https://www.theinquirer.net/inquirer/news/2097740/35-million-users-affected-south-korea-hack. Accessed 28 July 2011
Lee, J.: Bidaas: blockchain based id as a service. IEEE Access 6, 2274–2278 (2018). https://doi.org/10.1109/ACCESS.2017.2782733
Lenz, T., Krnjic, V.: Towards domain-specific and privacy-preserving qualified eID in a user-centric identity model. In: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 1157–1163, August 2018. https://doi.org/10.1109/TrustCom/BigDataSE.2018.00160
Mondal, P.C., Deb, R., Huda, M.N.: Know your customer (KYC) based authentication method for financial services through the internet. In: 2016 19th International Conference on Computer and Information Technology (ICCIT), pp. 535–540, December 2016. https://doi.org/10.1109/ICCITECHN.2016.7860255
Naher, N., Asaduzzaman, Haque, M.M.: Authentication of Diffie-Hellman protocol against man-in-the-middle attack using cryptographically secure CRC. In: Chakraborty, M., Chakrabarti, S., Balas, V., Mandal, J. (eds.) Proceedings of International Ethical Hacking Conference 2018. Advances in Intelligent Systems and Computing, vol. 811, pp. 139–150. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-1544-2_12
Niranjanamurthy, M., Nithya, B.N., Jagannatha, S.: Analysis of blockchain technology: pros, cons and SWOT. Cluster Comput. (2018). https://doi.org/10.1007/s10586-018-2387-5
Ogris, W.: Die Zensur in der Ära Metternich. In: Kern, B.R., Wadle, E., Schroeder, K.P., Katzenmeier, C. (eds.) HUMANIORA Medizin—Recht—Geschichte, pp. 243–256. Springer, Heidelberg (2006). https://doi.org/10.1007/3-540-28514-8_15
Parra Moyano, J., Ross, O.: KYC optimization using distributed ledger technology. Bus. Inf. Syst. Eng. 59(6), 411–423 (2017). https://doi.org/10.1007/s12599-017-0504-2
Posch, K.C., Posch, R., Tauber, A., Zefferer, T., Zwattendorfer, B.: Secure and privacy-preserving eGovernment—best practice Austria. In: Calude, C.S., Rozenberg, G., Salomaa, A. (eds.) Rainbow of Computer Science. LNCS, vol. 6570, pp. 259–269. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19391-0_19
Posch, R., Leiningen-Westerburg, A., Menzel, T.: Das Konzept Bürgerkarte und erste Ausprägungen. e & i Elektrotechnik und Informationstechnik 120(7), a18–a20 (2003). https://doi.org/10.1007/BF03054890
Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., Mortimore, C.: OpenID Connect Core 1.0 incorporating errata set 1. https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued. Accessed 08 Nov 2014
Schaar, P.: Privacy by design. Identity Inf. Soc. 3(2), 267–274 (2010)
Šimon, M., Huraj, L.: A Study of DDoS reflection attack on internet of things in IPv4/IPv6 networks. In: Silhavy, R. (ed.) CSOC 2019. AISC, vol. 984, pp. 109–118. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-19807-7_12
Statista: Internet usage worldwide (2018). https://www.statista.com/study/12322/global-internet-usage-statista-dossier/
Sullivan, C., Burger, E.: Blockchain, digital identity, e-government. In: Treiblmaier, H., Beck, R. (eds.) Business Transformation through Blockchain, pp. 233–258. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-99058-3_9
SVN: Entwurf - Bundesgesetz, mit dem ein Bundesgesetz über Sorgfalt und Verantwortung. https://www.ris.bka.gv.at/Dokumente/Begut/BEGUT_COO_2026_100_2_1631073/BEGUT_COO_2026_100_2_1631073.pdf. Accessed 02 May 2019
Takemiya, M., Vanieiev, B.: Sora identity: secure, digital identity on the blockchain. In: 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), vol. 02, pp. 582–587, July 2018. https://doi.org/10.1109/COMPSAC.2018.10299
Terboven, J.: Postident online with the new personal identity card. In: Pohlmann, N., Reimer, H., Schneider, W. (eds.) ISSE 2010, pp. 385–391. Vieweg+Teubner, Wiesbaden (2011). https://doi.org/10.1007/978-3-8348-9788-6_37
The European Parliament and the Council of the European Union: Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC. (2014), 23. Juli 2014
Theuermann, K., Zefferer, T., Lenz, T., Tauber, A.: Flexible und benutzerfreundliche Authentifizierungsverfahren zur Umsetzung transaktionaler E-Government-Services auf mobilen Geräten, pp. 1–30. Springer, Wiesbaden (2019). https://doi.org/10.1007/978-3-658-21596-5_36-1
uPort: Open Identity System for the Decentralized Web. https://www.uport.me. Accessed 11 May 2019
W3C: Decentralized Identifiers (DIDs) v0.13. https://w3c-ccg.github.io/did-spec/. Accessed 10 July 2019
Zwattendorfer, B., Tauber, A., Zefferer, T.: A privacy-preserving eID based single sign-on solution. In: 2011 5th International Conference on Network and System Security, pp. 295–299, September 2011. https://doi.org/10.1109/ICNSS.2011.6060018
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Pinter, K., Schmelz, D., Lamber, R., Strobl, S., Grechenig, T. (2019). Towards a Multi-party, Blockchain-Based Identity Verification Solution to Implement Clear Name Laws for Online Media Platforms. In: Di Ciccio, C., et al. Business Process Management: Blockchain and Central and Eastern Europe Forum. BPM 2019. Lecture Notes in Business Information Processing, vol 361. Springer, Cham. https://doi.org/10.1007/978-3-030-30429-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-30429-4_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30428-7
Online ISBN: 978-3-030-30429-4
eBook Packages: Computer ScienceComputer Science (R0)