Self-sovereign identity systems and European data protection regulations: an analysis of roles and responsibilities
Vorschaubild nicht verfügbar
ISSN der Zeitschrift
Gesellschaft für Informatik e.V.
Decentralized identity systems have taken a key role in the identity management landscape. Self-sovereign identity management systems have promised to return control over identity to individuals. However, these promises still need to be assessed against the existing regulatory framework. As identity attributes can be considered personal data, rules such as the General Data Protection Regulation are applicable. The existing legal literature has still not delivered an analysis of who is a controller and who is a processor in the context of a self-sovereign identity system for the process of identity creation. As such, the purpose of this contribution is to tackle this challenge.