Privacy, Security and Technology The Future of Privacy - PowerPoint PPT Presentation

1 / 50

About This Presentation

Title:

Privacy, Security and Technology The Future of Privacy

Description:

Oversight: Carrots, Sticks and Backlash. Culture: Why Can't We ... Monitoring IBM's research project regarding privacy-enhancing biometrics. IPC. www.ipc.on.ca ... – PowerPoint PPT presentation

Number of Views:221

Avg rating:3.0/5.0

Slides: 51

Provided by: ipc13

Category:

more less

Transcript and Presenter's Notes

Title: Privacy, Security and Technology The Future of Privacy

1
Privacy, Security and Technology The Future of
Privacy
Ken Anderson Assistant Commissioner
(Privacy) Office of the Information and Privacy
Commissioner of Ontario
Riley Information Services - Ottawa March 31, 2008
2
Outline

Privacy What
Privacy How
Lets Talk Tech
So, The Future

3
1 Privacy What?
4
Is Privacy?

The Right to Be Left Alone?
The Right to Decide Who Collects, Uses and
Discloses Your Personal Information?

5
Westins FourStates of Privacy

Solitude
Intimacy
Anonymity
Reserve

6
Westins FourPrivacy Functions

Personal autonomy
Emotional release
Self-evaluation
Limited protected communication

7
Arthur SchafersPhilosophical Overview

Ensuring the definition for privacy fits

8
Psychological Aspects of Privacy

Laurence Brown boundaries control
Fred Emery dissociation and withdrawal into
privacy

9
Another Sorting of Privacy

Anita Allen Castellittos definition
Four Types of Privacy
Informational
Physical
Decisional
Proprietary

10
2 Privacy How?
11
How?

Rights Constitutions, Codes Courts
Principles Fair Information Practices
Oversight Carrots, Sticks and Backlash
Culture Why Cant We Be Friends
Niche Solutions Insurance, Construction liens
Technology Design It In

12
Rights Constitutions, Codes Courts
13
Privacy in Canada?

The Supreme Court has recognized that the
primary purpose behind the right set out in s. 8
of the Charter the right to be secure against
unreasonable search and seizure is the
protection of the privacy of the individual
Joy Cheskes et al v. A-G of Ontario
Ontario Superior Court of Justice
September 19, 2007

14
Fulfilling Privacy Requirements?

In Ontario, in the absence of express statutory
authority, an institution must not collect
personal information unless it can satisfy a
strict necessity test
Ontario Court of Appeal
Cash Converters v Oshawa (City)
July, 2007

15
Meeting the Necessity Test?

In order to meet the necessity condition, the
institution must show that each item or class of
personal information that is to be collected is
necessary to properly administer the lawfully
authorized activity. Consequently, where the
personal information would merely be helpful to
the activity, it is not necessary within the
meaning of the Act. Similarly, where the purpose
can be accomplished another way, the institution
is obliged to choose the other route. freedom
disappears
Ontario Court of Appeal
Cash Converters v Oshawa (City)
July, 2007

16
Principles Fair Information Practices
17
Fair Information Practices A Very Brief History

OECD Guidelines on the Protection of Privacy and
Transborder Flows of Personal Data (1980)
European Union Directive on Data Protection
(1995/1998)
CSA Model Code for the Protection of Personal
Information (1996)
United States Safe Harbor Agreement (2000)
Global Privacy Standard (2006)

18
Global Privacy Standard

In 2005, at the 27th International Data
Protection Commissioners Conference in Montreux,
Switzerland, Ontarios Commissioner chaired a
Working Group of Commissioners convened for the
sole purpose of creating a single Global Privacy
Standard (GPS)
GPS builds upon strengths of existing codes
containing time-honoured privacy principles -
enhancements by explicitly recognizing concept of
data minimization under collection limitation
principle
Final version of GPS formally tabled and accepted
in London, U.K. November 3, 2006, at 28th
International Data Protection Commissioners
Conference

19
Global Privacy StandardPrivacy Principles

Consent
Accountability
Purposes
Collection Limitation Data Minimization
Use, Retention, Disclosure Limitation
Accuracy
Security
Openness
Access
Compliance

20
New Fair Information Standards?

In Australia, Roger Clarke has written on
Beyond the OECD Guidelines Privacy Protection
for the 21st Century beginning in 2000

21
Oversight Carrots, Sticks and Backlash
leadership/guidance
22
Culture Why Cant We Be Friends what if we
treat personal information like money or like
nuclear waste?
23
Niche Solutions insurance construction
law approach audits international standards
(ISO, WTO?)
24
3 Lets Talk Tech
25
Privacy-Enhancing Technologies(PETs)

The IPC developed the concept and methodology
recognized around the world today as
privacy-enhancing technologies (PETs)
In 1995, the IPC and the Dutch Data Protection
Authority published the landmark study,
Privacy-Enhancing Technologies The Path to
Anonymity (Vols. I II).
www.ipc.on.ca/images/Resources/anoni-v2.pdf
PETs are transformative they change privacy
problems into privacy solutions

26
Privacy by Design Build It In

Build in privacy up front, into the design
specifications into the architecture if possible
embed privacy right into the technology used
bake it in
Assess the risks to privacy conduct a privacy
impact assessment follow up with annual privacy
audits
Data minimization is key minimize the routine
collection and use of personally identifiable
information use encrypted or coded information
whenever possible
Use privacy enhancing technologies (PETs) give
your customers maximum control over their data.

27
(No Transcript)
28
Privacy-Enhancing Technologies(PETs)

Privacy-Enhancing Technologies include those that
empower individuals to manage their own
identities in a privacy enhancing manner.
These include tools or systems to
anonymize and pseudonymize identities
securely manage login IDs and passwords and other
authentication requirements
restrict traceability and limit surveillance
allow users to selectively disclose their
Personally Identifiable Information (PII) to
others and exert maximum control over their PII
once disclosed.

29
Benefits of PETs

Data protection, such as encryption, is markedly
less expensive than cleaning up after a data
breach
Research has shown that it would cost about 6
per customer account to encrypt data
Avivah Litan, Gartner Analyst
The cost of a breach is much higher 30 times
higher
In 2006, the average number of records
compromised in a corporate privacy breach was
about 25,000
At an average cost of 182 per record, this meant
that each privacy breach incident cost 4.7
million
Ponemon Institute
100,000 records encrypted 600,000 vs.
100,000 records breached 18,200,000
You do the math.

www.ponemon.org/press/Ponemon_200620Data20Breach
20Cost_FINAL.pdf
30
(No Transcript)
31
What Privacy is Not

Privacy ? Security

32
Privacy and Security The Difference

Authentication
Data Integrity
Confidentiality
Non-repudiation
Privacy Data Protection
Fair Information Practices
Use of Personally Identifiable Information (PII)

Security
Organizational control of information through
information systems

33
Privacy OR SecurityA Zero-Sum Game
34
Positive-Sum Model

Change the paradigm
from a zero-sum to
a positive-sum model
Create a win-win scenario

35
Looking at Privacy Differently

Old World Zero-sum mentality
Future Positive-sum paradigm

Dont get stuck in the past
36

Example 1
Biometrics and
Biometric Encryption

37
Biometrics and Biometric Encryption

Biometrics refers to automatic systems that use
measurable, physical or physiological
characteristics or behavioural traits to
recognize the identity, or verify/authenticate
the claimed identity of an individual (e.g.,
fingerprints, iris, face, hand or finger
geometry, retina, voice, signature, and keystroke
dynamics)
What is Biometric Encryption (BE)?
Class of emerging untraceable biometric
technologies that seek to transform the biometric
data provided by the user
Special properties - uniqueness-
irreversibility

38
Privacy and BiometricsConcerns and Risks

Creation of large centralized databases
Far-reaching consequences of errors in
large-scale networked systems
Interoperability invites unintended additional
secondary uses
Security risks
Function creep
Expanded surveillance, discrimination
Negative impacts of errors, false matches, etc.
Diminished oversight
Absence of individual knowledge or consent
Loss of personal control
Misuse of data (data breach, ID fraud, theft)
Loss of user confidence, acceptance, trust, use

39
Biometric Encryption A Positive-Sum Technology
that Achieves Strong Authentication, Security AND
Privacy

Commissioner Cavoukian co-authored a paper with
Biometrics Scientist Alex Stoianov that
discusses
privacy-enhanced uses of biometrics, with a
particular focus on the privacy and security
advantages of BE over other uses of biometrics
how BE technology can help to overcome the
prevailing zero-sum mentality (i.e., that
adding privacy to identification and information
systems will necessarily weaken security and
functionality)

40
Applications and Uses of Biometric Encryption

Possible applications and uses include
Biometric ticketing for events
Biometric boarding cards for air travel
Identification, credit and loyalty card systems
Anonymous (untraceable) labeling of sensitive
records (medical, financial)
Consumer biometric payment systems
Access control to personal computing devices
Personal encryption products
Local or remote authentication to access files
held by government and other various
organizations.

41
Biometric Encryption Current Initiatives

University of Toronto
Researching a made-in-Ontario BE algorithm
(facial recognition, self-exclusion program for
OLG)
Bell Canada, Philips (privID BE), PerSay
(Israel)
Exploring a pilot project regarding BE and voice
biometrics for customer authentication
IBM
Monitoring IBMs research project regarding
privacy-enhancing biometrics

Example 2
Video Surveillance

43
IPCs Work On Video Surveillance

The IPC has issued guidelines regarding the use
of video surveillance
Guidelines for the Use of Video Surveillance
Cameras in Public Places
Guidelines for Using Video Surveillance
Cameras in Schools
In December 2007, the IPC was invited by the U.S.
Department of Homeland Security to speak at a
workshop on best practices for CCTV programs

44
Video Surveillance Focus

Video surveillance (a.k.a. CCTV) is receiving
attention in Canada and internationally. For
example
The Toronto Police Service is conducting a pilot
project testing CCTV in specific high-crime
areas, as an added tool for the detection and
deterrence of crime and enhancing public safety
and security concludes with an evaluation in
Spring 2008
In November 2007, a hospital surveillance camera
was acknowledged to have helped police find a
newborn girl who was snatched from a hospital in
Sudbury
In November 2006, the U.K. Information
Commissioner published A Report on the
Surveillance Society (followed by the launch in
December 2007 of a Privacy Impact Assessment
handbook for use in the U.K.)

45
TTC Surveillance Cameras

In March 2008, Ontario Commissioner rules
that the Toronto Transit Systems
expansion of its video surveillance system,
for the purposes of public safety, was in
compliance with Ontarios Municipal
Freedom of Information and Protection of
Privacy Act.
However, the Commissioner recommended
that the TTC undertake a number of specific
steps to enhance privacy protection
Personal information will only be collected for
legitimate, limited and specific purposes
Collection will be limited to the minimum
necessary for the specified purposes and
Personal information will only be used and
disclosed for the specified purposes.