- PowerPoint PPT Presentation
Title:
1
Security and privacy convergence or
contradiction?
- . Constitutional rights beyond the security
challenges
2
Security
- Information security preservation of
confidentiality, integrity and availability of
information - Information Systems security refers to the
protection of all elements constituting an IS
(i.e. hardware, software, information, people,
processes) - Security is not a pure technical issue!
3
Risks and culture of security
- The nature, volume and sensitivity of information
has expanded substantially - Growing number and wider variety of threats and
vulnerabilities - Respond to a changing risk/security environment
by promoting the culture of security, i.e.
focus on security in the development of systems
and networks and adoption of new ways of thinking
and behaving
4
Privacy and Data Protection
- Informational self-determination
- Precondition of (deliberative) autonomy and
freedom, of participation in communal life, as a
member of a free, democratic society - Object of the data protection legislation is to
establish obligations and responsibilities, to
provide the terms and conditions, under which the
processing of personal data is to be carried out
so as to protect the fundamental rights and
liberties of natural persons and in particular
their right to privacy
5
Security as regulatory obligation
- Security as a component of effective data
protection? - Convention 108 (81) Council of Europe
Appropriate security measures for the
protectionagainst accidental or unauthorised
destruction, accidental loss, unauthorised
access, alteration, dissemination (Art. 7) - OECD Privacy Guidelines security principle
6
The Data Protection Directive
- The protectionrequiresappropriate technical and
organisational measures, both at the time of the
design of the processing system and at the time
of the processing itself, particularly in order
to maintain security and thereby to prevent any
unauthorised processing. - These measures must ensure the appropriate level
of security taking into account the state of the
art, the cost in relation to the risk and the
nature of the data to be protected.
7
The Electronic Privacy Directive
- Security and Information about security risks
- Appropriate technical and organisational measures
to safeguard security of services - Information of subscribers in case of a
particular risk of a breach of the security of
the network - The requirement to inform does not discharge from
the obligation to face and remedy security risks
and restore normal security level of the
service
8
Privacy Enhancing Technologies
- PETs as a system of technological measures that
minimize or eliminate the collection of data,
without damaging the system itself - The term PETS should be reserved for
technological systems that are intentionally
developed to promote privacy. - We should distinguish PETs from respectively
security enhancing technologies (i.e.mechanisms
aimed primarily at ensuring the confidentiality,
integrity and/or availability of data/information
( though not necessarily in order to promote
personal privacy) and from patterns of mere
behaviour , though there are considerable
overlaps.
9
PETs, Security and User Empowerment
- Individuals should be placed in a position in
which they are able to determine the use of
technical and organizational protection tools
themselves - User empowerment as an alternative to protective
regulation? - The main objection to relying on user empowerment
is simply, that PETs as a tool to fend for
himself/herself are often and simply difficult to
use. - Therefore it is crucial that the default settings
offer a high level of privacy protection.
Engineering specifications should embody policies
for data protection
10
PETs as PITs?
- PETs can be Privacy Invasive Technologies?
- Level of Privacy (pseudonymity where anonymity is
arguably viable) - Character of technological standard setting
process (transparency, legitimacy etc.) - Context in which PETs are applied and effect of
application - PETs as palliative for the introduction of a PIT
and for the disempowerment of rules and
authorities
11
Security and Privacy
- An attack may not necessarily breach
confidentiality or privacy of the data. - Adequate security protects more than just
privacy it also protects the integrity and
availability of information resources. - Ensuring data privacy requires implementing
adequate security measures and introducing
security mechanisms including authentication,
secure access control, encryption and security
management practices.
12
Privacy Invasive Security?
- Inherent tension between privacy and security.
Security measures are not identified with privacy
protective and enhancing measures - Anonymity and pseudonymity are not included in
any security definition! - All the current authentication technologies
needed for authorisation and accountability of
users involve the use of personal information or
attributes that can be linked to personally
identifiable information. - Risk analysis tools focus on authentication and
identification but make no provision to minimise
the collection of personal data during these
procedures.
13
Authentication procedures
- Some situations require strong identification to
combat crime and fraud, attacks and threats. - Excessive personal data may be collected during
authentication procedure within a system. - Cryptographic methods to ensure the integrity of
data in electronic transactions raise privacy
implications, which include the collection of
personal data and the creation of systems of
personal identification.
14
Security in the context of e-voting
- Security is a multidimensional notion in the
context of e-voting. Security primarily refers to
the (technically guaranteed) respect of secrecy
and freedom but it covers the entire range of
functions and election components such as
registration, eligibility and authentication. - Security is a technical criterion, which aims
at protecting integrity, generality, equality,
freedom, secrecy and fairness of elections. - Not only a technical issue, but a political issue
as well, as its lack undermines legitimacy and
trust of the public in the election process
15
Security contra voting rights?
- Security against external threats and attacks. It
is generally not feasible to remove fraudulent
ballots from an election tally because it may be
impossible to determine which ballots should not
have been counted. - Security must of course not jeopardize the voting
principles that it has to guarantee secrecy,
transparency and verifiability! - Authentication/Identification that threats
secrecy? - Security and confidence are not only means of
making elections secure, but also means of
convincing citizens that the system is secure.
16
Workplace Surveillance
- Protecting a system from insider threat or misuse
involves deterrence, prevention and containment
of misuse. - ISO/IEC 17799 proposes personnel screening as a
sub-category of personnel security, aiming at
information security management. - Monitoring and surveillance of electronic
communications is an intrusion in workers
privacy - Balance of interests transparency and
proportionality of risks and monitoring.
17
Democracy as a security-frontier?
- The security of information systems and networks
should be compatible with essential values of a
democratic society. - Security should be implemented in a manner
consistent with the values recognised by
democratic societies including the freedom to
exchange thoughts and ideas, the free flow of
information, the confidentiality of information
and communication, the appropriate protection of
personal information, openness and transparency
(OECD Guidelines for the Security of Information
Systems and Networks 2002)
18
Conclusion
- Technology could and should be used to enhance
democracy.A first condition for successful
protection of freedoms and rights is the
transposition of the legal demands into technical
standards integrated into technology. - Risk assessment and rights impact assessment
measures should be evaluated against the question
does this meet democratic standards? - A democratic society should accept even security
risks!
19
References
- Institute for Prospective Technological Studies
(IPTS), Security and Privacy for the Citizen in
the Post-September 11 Digital Age (2003) - OECD - Group of Experts on Information Security
and Privacy, Privacy Protection in a global
networked society. (Paris 1998) - Ana I. Vicente, La convergence de la sécurité
informatique et la protection des données à
caractère personnel Vers une nouvelle approche
juridique (2003) - L. Mitrou/D.Gritzalis/S. Katsikas, Electronic
voting Constitutional and legal requirements and
their technical implications (Kluwer, 2003) - L. Mitrou/K. Moulinos, Privacy and Data
Protection in Electronic Communications
(Springer, 2003) - Lee Bygrave, PETs, Caught between a Rock and a
Hard Place, European Commission -Data Protection
Conference (Brussels 2002) - M. Te??a??d??, ? e? t?? ?s? ape??? sta
?????f???a?? S?st?µata, ??p??µat??? ???as?a, ???
2004
20
Security and privacy convergence or
contradiction?
- . Constitutional rights beyond the security
challenges
21
Security
- Information security preservation of
confidentiality, integrity and availability of
information - Information Systems security refers to the
protection of all elements constituting an IS
(i.e. hardware, software, information, people,
processes) - Security is not a pure technical issue!
22
Risks and culture of security
- The nature, volume and sensitivity of information
has expanded substantially - Growing number and wider variety of threats and
vulnerabilities - Respond to a changing risk/security environment
by promoting the culture of security, i.e.
focus on security in the development of systems
and networks and adoption of new ways of thinking
and behaving
23
Privacy and Data Protection
- Informational self-determination
- Precondition of (deliberative) autonomy and
freedom, of participation in communal life, as a
member of a free, democratic society - Object of the data protection legislation is to
establish obligations and responsibilities, to
provide the terms and conditions, under which the
processing of personal data is to be carried out
so as to protect the fundamental rights and
liberties of natural persons and in particular
their right to privacy
24
Security as regulatory obligation
- Security as a component of effective data
protection? - Convention 108 (81) Council of Europe
Appropriate security measures for the
protectionagainst accidental or unauthorised
destruction, accidental loss, unauthorised
access, alteration, dissemination (Art. 7) - OECD Privacy Guidelines security principle
25
The Data Protection Directive
- The protectionrequiresappropriate technical and
organisational measures, both at the time of the
design of the processing system and at the time
of the processing itself, particularly in order
to maintain security and thereby to prevent any
unauthorised processing. - These measures must ensure the appropriate level
of security taking into account the state of the
art, the cost in relation to the risk and the
nature of the data to be protected.
26
The Electronic Privacy Directive
- Security and Information about security risks
- Appropriate technical and organisational measures
to safeguard security of services - Information of subscribers in case of a
particular risk of a breach of the security of
the network - The requirement to inform does not discharge from
the obligation to face and remedy security risks
and restore normal security level of the
service
27
Privacy Enhancing Technologies
- PETs as a system of technological measures that
minimize or eliminate the collection of data,
without damaging the system itself - The term PETS should be reserved for
technological systems that are intentionally
developed to promote privacy. - We should distinguish PETs from respectively
security enhancing technologies (i.e.mechanisms
aimed primarily at ensuring the confidentiality,
integrity and/or availability of data/information
( though not necessarily in order to promote
personal privacy) and from patterns of mere
behaviour , though there are considerable
overlaps.
28
PETs, Security and User Empowerment
- Individuals should be placed in a position in
which they are able to determine the use of
technical and organizational protection tools
themselves - User empowerment as an alternative to protective
regulation? - The main objection to relying on user empowerment
is simply, that PETs as a tool to fend for
himself/herself are often and simply difficult to
use. - Therefore it is crucial that the default settings
offer a high level of privacy protection.
Engineering specifications should embody policies
for data protection
29
PETs as PITs?
- PETs can be Privacy Invasive Technologies?
- Level of Privacy (pseudonymity where anonymity is
arguably viable) - Character of technological standard setting
process (transparency, legitimacy etc.) - Context in which PETs are applied and effect of
application - PETs as palliative for the introduction of a PIT
and for the disempowerment of rules and
authorities
30
Security and Privacy
- An attack may not necessarily breach
confidentiality or privacy of the data. - Adequate security protects more than just
privacy it also protects the integrity and
availability of information resources. - Ensuring data privacy requires implementing
adequate security measures and introducing
security mechanisms including authentication,
secure access control, encryption and security
management practices.
31
Privacy Invasive Security?
- Inherent tension between privacy and security.
Security measures are not identified with privacy
protective and enhancing measures - Anonymity and pseudonymity are not included in
any security definition! - All the current authentication technologies
needed for authorisation and accountability of
users involve the use of personal information or
attributes that can be linked to personally
identifiable information. - Risk analysis tools focus on authentication and
identification but make no provision to minimise
the collection of personal data during these
procedures.
32
Authentication procedures
- Some situations require strong identification to
combat crime and fraud, attacks and threats. - Excessive personal data may be collected during
authentication procedure within a system. - Cryptographic methods to ensure the integrity of
data in electronic transactions raise privacy
implications, which include the collection of
personal data and the creation of systems of
personal identification.
33
Security in the context of e-voting
- Security is a multidimensional notion in the
context of e-voting. Security primarily refers to
the (technically guaranteed) respect of secrecy
and freedom but it covers the entire range of
functions and election components such as
registration, eligibility and authentication. - Security is a technical criterion, which aims
at protecting integrity, generality, equality,
freedom, secrecy and fairness of elections. - Not only a technical issue, but a political issue
as well, as its lack undermines legitimacy and
trust of the public in the election process
34
Security contra voting rights?
- Security against external threats and attacks. It
is generally not feasible to remove fraudulent
ballots from an election tally because it may be
impossible to determine which ballots should not
have been counted. - Security must of course not jeopardize the voting
principles that it has to guarantee secrecy,
transparency and verifiability! - Authentication/Identification that threats
secrecy? - Security and confidence are not only means of
making elections secure, but also means of
convincing citizens that the system is secure.
35
Workplace Surveillance
- Protecting a system from insider threat or misuse
involves deterrence, prevention and containment
of misuse. - ISO/IEC 17799 proposes personnel screening as a
sub-category of personnel security, aiming at
information security management. - Monitoring and surveillance of electronic
communications is an intrusion in workers
privacy - Balance of interests transparency and
proportionality of risks and monitoring.
36
Democracy as a security-frontier?
- The security of information systems and networks
should be compatible with essential values of a
democratic society. - Security should be implemented in a manner
consistent with the values recognised by
democratic societies including the freedom to
exchange thoughts and ideas, the free flow of
information, the confidentiality of information
and communication, the appropriate protection of
personal information, openness and transparency
(OECD Guidelines for the Security of Information
Systems and Networks 2002)
37
Conclusion
- Technology could and should be used to enhance
democracy.A first condition for successful
protection of freedoms and rights is the
transposition of the legal demands into technical
standards integrated into technology. - Risk assessment and rights impact assessment
measures should be evaluated against the question
does this meet democratic standards? - A democratic society should accept even security
risks!
38
References
- Institute for Prospective Technological Studies
(IPTS), Security and Privacy for the Citizen in
the Post-September 11 Digital Age (2003) - OECD - Group of Experts on Information Security
and Privacy, Privacy Protection in a global
networked society. (Paris 1998) - Ana I. Vicente, La convergence de la sécurité
informatique et la protection des données à
caractère personnel Vers une nouvelle approche
juridique (2003) - L. Mitrou/D.Gritzalis/S. Katsikas, Electronic
voting Constitutional and legal requirements and
their technical implications (Kluwer, 2003) - L. Mitrou/K. Moulinos, Privacy and Data
Protection in Electronic Communications
(Springer, 2003) - Lee Bygrave, PETs, Caught between a Rock and a
Hard Place, European Commission -Data Protection
Conference (Brussels 2002) - M. Te??a??d??, ? e? t?? ?s? ape??? sta
?????f???a?? S?st?µata, ??p??µat??? ???as?a, ???
2004
Recommended
CrystalGraphics Presentations
