The IT Law Wiki



Identification is

[a] task where the biometric system searches a database for a reference matching a submitted biometric sample, and if found, returns a corresponding identity. A biometric is collected and compared to all the references in a database. Identification is "closed-set" if the person is known to exist in the database. In "open-set" identification, sometimes referred to as a "watchlist," the person is not guaranteed to exist in the database. The system must determine whether the person is in the database, then return the identity.[1]
[t]he one-to-many (1:N) process of comparing a submitted biometric sample against all of the biometric reference templates on file to determine whether it matches any of the templates and, if so, the known identity of the biometric subject whose template was matched.[2]

Computer systems[]

Identification is:

[t]he process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system.[3]
[t]he process of discovering the true identity (i.e., origin, initial history) of a person or item from the entire collection of similar persons or items.[4]
[a] process whereby a real-world entity is recognized and its identity established. Identity is operationalized in the abstract world of information systems as a set of information about an entity that differentiates it from other similar entities. The set of information may be as small as a single code, specifically designed as an identifier, or may be a compound of such data as a given and family name, date of birth, and address. An organization's identification process comprises the acquisition of the relevant identifying information.[5]
[a] process of recognizing an entity in a particular identity domain as distinct from other entities.[6]



of an individual in a database occurs when a third party learns the identity of the person whose attributes are described there.[7]
[is t]he linking of information to a particular individual to infer an individual's identity or to allow the inference of an individual's identity in some context.[8]


Identification is

[the] process of using claimed or observed attributes of an entity to single out the entity among other entities in a set of identities.[9]
[t]o develop the organisational understanding required to manage cyber risk to systems, assets, data and capabilities.[10]


"Identification is the process of using claimed or observed attributes of an individual to infer who the individual is. Identification can be done without the individual's having to (or being given the opportunity to) claim any identifier (for example, an unconscious patient in an emergency room might be identified without having to state his or her name)."[11]

"In some contexts, it is perfectly legitimate to identify individuals, whereas in others, identification may potentially stifle individuals' activities or expression by inhibiting their ability to be anonymous or pseudonymous. Identification also makes it easier for individuals to be explicitly controlled by others (e.g., governments) and to be treated differentially compared to other individuals."[12]


See also[]