Abstract: Digital insurance services already provide consumers many benefits; however, they bring multiple risks as well. Privacy and personal data protection risks, attacks to the cybersecurity model, fraud, misinformation, among others, threaten these consumer benefits in a direct way. The growing challenge for policy makers is to guarantee data protection and control for consumers while not undermining the role of other stakeholders such as capital markets and financial institutions. Although the limited time frame for the implementation of the relevant regulations is a huge challenge for the relevant authorities, it should not lead to generic solutions, which without knowledge of the specific context and of the opposing stakeholder interests will not work appropriately. Moreover, they should not lead to models which cannot be implemented easily and quickly in practice. The design of transparent and resilient digital identification frameworks should take place after careful examination of the public and private ecosystems and of their intrinsic characteristics, in close cooperation with societal stakeholders, and focusing on proper incentive schemes.
Insurance companies introduced improved scalability and resilience in their digital identity protection approaches, but at the resulting higher costs. The policy makers now face the challenge to improve the protection of personal data and identifications on the cloud infrastructure of the insurance companies. They should remain well aware of the fact however, that quick and easy to obey regulation seems impossible. For example, decentralized identity platforms are at an early stage. Consequently, their universal implementation cannot be quick, as many stakeholders should be engaged to successfully operate through decentralized identities. On the other hand, promoting some characteristics of decentralized identity solutions through standards (or at least usable solutions with such characteristics) could be done as an initial step in a quick and effective way. Finally, understanding of context and incentives for compliance should be introduced in the design of regulations at the outset. Privacy preserving solutions that protect the consumers data and identifications are not in the best financial interests of the insurance companies as there are important sunk costs in their current digital identity and personal data protection infrastructure. Understandably, their desire for a quick windfall gain in compliance will lead to a generic regulation finally hurting consumers rights.
Keywords: Identity and Access Management; Identity and Access Governance; Digital Insurance; Cloud-based Identity and Access Management.
|
DOI:
10.17148/IJARCCE.2020.91224
