Getting to the Truth about Privacy - PowerPoint PPT Presentation

About This Presentation
Title:

Getting to the Truth about Privacy

Description:

Getting to the Truth about Privacy & Security Ann Cavoukian Ph.D. Information and Privacy Commissioner/Ontario Privacy & Security: Totally Committed – PowerPoint PPT presentation

Number of Views:57
Avg rating:3.0/5.0
Slides: 19
Provided by: IPC84
Category:

less

Transcript and Presenter's Notes

Title: Getting to the Truth about Privacy


1
Getting to the Truth about Privacy Security
  • Ann Cavoukian Ph.D.
  • Information and Privacy Commissioner/Ontario
  • Privacy Security Totally Committed
  • November 7, 2002
  • Toronto

2
The Privacy/Security Relationship
  • Privacy relates to personal control over ones
    personal information
  • Security relates to organizational control over
    information
  • These represent two overlapping, but distinct
    activities

3
What Privacy is Not
Security ? Privacy
4
The Foundation for Information Security
  • The rights of data users or their surrogates
  • Functions
  • Authentication
  • Authorization
  • Confidentiality
  • Data Integrity
  • Non-repudiation
  • Availability

5
The Foundation Fair Information Practices
  • Accountability
  • Identifying Purposes
  • Consent
  • Limiting Collection
  • Limiting Use, Disclosure, Retention
  • Accuracy
  • Safeguards
  • Openness
  • Individual Access
  • Challenging Compliance

6
Privacy Security A Visual
7
The Security/Privacy Dilemma
8
Privacy is more than Policy
  • The misconception
  • Privacy is essentially a policy issue while
    security is a technology issue
  • PIAs can avoid the technology design and
    implementation components as long as they
    identify the risks and privacy issues

9
Privacy/Policy, Security/Technology
  • Privacy is essentially a policy issue
  • Security is a technology issue
  • Oh yeah? What about

10
Most Individuals Dont Care About Privacy
  • The misconception
  • What's the point of regulating Internet privacy?
    Consumers sure don't care.
  • The Privacy Hoax Eric Goldman,
  • Forbes10.14.02

11
Wrong They do Care
  • It doesnt take much for people to get really
    concerned about a companysprivacy practices.
  • Johnathan Gaw, IDC Corp. March 29, 2001

12
Well, maybe they care, but its not my
responsibility.
  • Whos responsibility is it?
  • CEO?
  • IM/IT?
  • Line managers?
  • 3rd Party Contractors?
  • Front-line staff?
  • Vendors/Consultants?

13
Privacy Brand Valuation
Privacy Value vs. Overall Value Privacy accounts
for an estimated 14 of overall Brand Value, and
7 of overall Shareholder Value,
14
Its not me, its the other guy
  • The misconception
  • It is up to the application suppliers to provide
    appropriate safeguards as part of their products
    and services

15
We Dont Need a CPO
  • The misconception
  • Things are just fine, we dont need a CPO
  • OK, things could be better, so give the job to
    the Chief Security Officer

16
Privacy is Primarily a Public Relations Exercise
  • The misconception
  • If we have a privacy policy we are home free.
  • We have a privacy policy now well get to the
    details next quarter.

17
Conclusion
  • In order to address privacy effectively, you need
    to clear your mind of the misconceptions
  • Privacy and security are both essential, theyre
    just not the same.

18
How to Contact Us
Ann Cavoukian Ph.D. Information Privacy
Commissioner/Ontario 80 Bloor Street West, Suite
1700 Toronto, Ontario M5S 2V1 Phone (416)
326-3333 E-mail commissioner_at_ipc.on.ca Web www.
ipc.on.ca
Write a Comment
User Comments (0)
About PowerShow.com