Section: Highlights of the Year

An Privacy Risk Analysis of the TES system

The decree of 28 October 2016 authorising the creation of a centralised file of “secure electronic documents” (TES) has raised a certain number of questions and concerns. The main aim put forward by the French government is the fight against identity fraud. However, the text of the decree also authorises certain accesses to the database by officers of the national police, national Gendarmerie and intelligence. Many voices have been raised to highlight the risks that such a centralised file could represent with regard to individual freedom, and particularly the invasion of citizens’ privacy. The strengthening of the means to fight fraud (and, more generally, criminality) and the requirement to protect privacy are not necessarily in contradiction. However, in order to be able to reach a decision on the advantages and disadvantages of a management system for electronic documents, it seemed necessary to: (1) Clearly define the desired functionalities and the advantages that can be expected from them, in particular with respect to the current situation and other solutions. (2) Describe the technical solution chosen in a sufficiently precise way to enable its analysis. (3) Rigorously analyse the risks of an invasion of privacy with regard to the expected benefits.

As a contribution to this debate, we have analyzed several architectures and alternative solutions which are described in an Inria Analysis Note [15]. This note received a lot of attention, and was partially covered by several high-audience media.