Starting the debate about privacy

Borka Jerman-BlažičEIFFEL TT Meeting, Louvain La Neuve,

March 9, 2010

Privacy in the 21st century

• What can be considred as a“PRIVACY” in an era of :– pervasive computing– ubiquitous networks and– mobile devices which always know where you are

by design?

Privacy in the information age ……

Social attitudes towards privacy have changed as popular assumption is that privacy has been already irrevocably eroded?

The CEO of Sun Microsystems was widely

quoted as saying "You have zero privacy anyway. Get over it."

In search for definition: some traditional understanding….

• “The right to be left alone – the most comprehensive of rights, and the right most valued by – men”, Judge Brandeis, the case Olmstead against the state, U.S in 1928.

• The definition of privacy according to Ross Anderson: “Ability and/or right to protect our personal secrets, the ability and/or right to prevent invading our personal space“.

• Is this still applicable? What is personal space in the information age?

In search of definition …..some attributes

According to Anderson:a person has privacy when two factors are in place:

• she/he must have ability to control information about her/him/self,

• She/he must exercise that control consistent with her/his values.

• Is this possible today at all? Can we practice?

….yet another definition

Alan Westin (Columbia University, 1967):“The right of individuals, groups and institutions todetermine for themselves, when, how and to whatextent information about them is communicatedto others“

However, Echelon, Carnivore, web crawlers, iPhones ect. are information age tools that break all known rules for privacy. Have you met some “carnivors”?

?

?

?

?

?

?

?

Multiple levels of reviewrelaxed by the 11. September events

Source IITRI report

Few technical issues

•Source code of Carnivore has not been released.

• Commercial code can not be released

• “Hackers” will discover vulnerabilities (?)

• Title 18 USC 2512 prohibits possession of devices designed to eavesdrop other people.

• However, lawful Interception in real time (minimum post-processing and pre-retention) is still difficult.

Attempt to list the most known privacy risks

Data disclosure (e.g. personal data) Identity disclosure and theft User profiling

– Data on the Web is collected silently, data from many sources may be merged (Myface postings, Web discussion contributions, mailing lists, Web server log files, domain ownership records, ISP traces)

– Unsolicited marketing, – Price discrimination (offering cheaper stuff according to some criteria)

• The insider attack or malfunctioning (lack of technical expertise and responsability (e.g medical environment)

• Monitoring and Surveillance– Address disclosure Location disclosure, Service access disclosure (is an IP

personal data?),

• Authorisation privacy risks (who controls and what is being controlled)

PREVENTby ISPs, SP,

users,

companies …

PROSECUTEby law

enforcement

NETWORK &INFO SECURITY

CYBERCRIME &TERRORISM

PRIVACY ANDDATA PROTECTION

Intrusion Data retention

Hacking

ID theft

PROTECTpeople, companies …

The problem is multidimensionalwho, what and why???

…but we may agree on:

That privacy provision is a cross-section problem: • between technologies that are implemented across the world • and the law(s) and directive(s) implemented by regions.• It is certainly multi-dimensional• Must be treated with a holistic approach• and the social attitudes and the regulations are changing with

the time.

?

?

? ??

?

??

? ?

?

Some privacy well known concepts

Are they in place?

• Anonymity• Pseudonymity• Unlinkability• Unobservability

Privacy and Law • Legislation is adopted and applied in

particular country or region• What privacy provision law will apply to

terrestrial/satellite networks?• Or to a ship in international waters providing

services?• In EU we have Directives but no coherent

model of sanctions and law enforcement is different in each country

Privacy and law:EU

• EU Directive on Data Protection, 95/46/ECProtection of individuals with regard to theprocessing of personal data and the freemovement of such data outside EU• EU Directive on Privacy and Electronic

Communications 2002/58/ECProtection of privacy in the electroniccommunication sector

Privacy and law: EU • EU Directive 2006/24/ECData protection and data security• Public consultation, EU DG Freedom, Security and

Justice (7th July – 31st December, 2009) on Privacy challenges: advanced technologies, effective legal frameworks and active responsibility

• Madrid resolution, November 2009, - a Draft of International Standard on the Protection of Privacy of processing personal data

EU 46: protection of personal data

European Directive 1996/46/EC introduced legal rules for processing of personal data

1. data quality2. lawful purpose3. stricter rules for special categories of data4. information 5. minimum security level required6. export rules (e.g. Safe harbours)7. Supervision8. Terms: controler and processor - definition of their roles

and tasks

EU 58:privacy, security and data

European Directive 2002/58/EC introduced new rules on the subject addressing:

1. general security2. confidentialiy3. cookies4. traffic data5. location data6. directories7. unsolicited mail8. data retention

Privacy and law: other countries outside EU

• Canada: The Personal Information Protection and Electronic Documents Act, 2000

• U.S, GLB Act, Gracham,Leach,Bliley –personal data given to financial service providers

• U.S, HIPAA, Health Insurance Portability and Accountability Act

• U.S, COPPA, Children on line privacy protection

EU Privacy Law: implementation in EU members

• France, security measures “a must” for data protection, authorization for processing must be given by CNIL – Commission Nationale de L˝Informatique et des libertes

• Belgium, very complicated, monitoring if the companies are taking measures for data protection during processing ect.

• Spain, the Data Protection Agency is providing guides for security measures

EU Privacy Law: implementation in EU members

• U.K, - no inforcement of measures on companies when processing personal data, apart from requirement from written processing agreement

• Slovenia, similar approch, strong protection on personal data (Law and ombdusman)

• Portugal, Agency set up but no Data Protection ACT• Italy, Decree 196 (the code) from June 2003,

requires security measures and Security Policy Document

Anyhow ….

• “Now and then an innocent man/woman is sent to the legislature.”– Kin Hubbard

…..but the privacy problem is still on the table: we miss

• user friendly interface forprivacy policy specification (PET are they in place?)

• automatization andenhanced bilateral (end-to-end) negotiationprocess relevant for entire privacy (nodes, end systems)

• user ontology based privacypolicy negotiation

• protection of ID management• privacy by design (architecture of FI)• trust in processing (credibility, efficiency) –• Who controls, what is being controlled and why is being controlled.

Funded EU projects with focus on the privacy

FIDIS (2004 - 2009), FP6(The Future of Identity in the Information Society) • Shaping the requirements for the future

management of identity in the European Information Society

• Contributing to the technologies and infrastructures needed

• Link: http://www.calt.insead.edu/Project/Fidis/

Privacy relevant EU projects • PRIME (Privacy and Identity Management for Europe,

http://www.prime-project.eu.org/)• FIDIS (Future of Identity in the Information Society,

http://www.fidis.net/)• DAIDALOS (Designing Advanced network Interfaces for

the Delivery and Administration of Location independent, Optimised personal Services, http://www.ist-daidalos.org/)

• REWERSE (Reasoning on the Web with Rules and Semantics, http://rewerse.net/)

• PISA (Privacy Incorporated Software Agent, http://www.pet-pisa.nl)

• RAPID (Roadmap for Advanced Research in Privacy and Identity Management, http://www.ra-pid.org)

• ELENA (Creating a Smart Space for Learning, http://www.elena-project.org/)

Privacy relevant EU projects

REWERSE (2004 - 2008), FP6 (Reasoning on the Web with Rules and Semantics)

• Rule-based Policy specification semantics• XACML standard with the aforementioned

advanced features• Reasoning languages for the Web by networking

and structuring a scientific community• Link: http://rewerse.net/

Privacy relevant EU projects

PRIME (2004 – 2008), FP6(Privacy and Identity Management for Europe)

• Research issues of digital identity management • Research of privacy in the information society • Users can act securely and safely in the

Information Society while keeping sovereignty of their private sphere

• Link: http://www.prime-project.eu.org/• NOT THE END!!, FP7 not yet included!