““The Strategy of Using The Strategy of Using Security to Protect Privacy”Security to Protect Privacy”

Peter P. SwirePeter P. SwireOhio State UniversityOhio State University

Consultant, Morrison & Foerster, LLPConsultant, Morrison & Foerster, LLPData Protection Commissioner ConferenceData Protection Commissioner Conference

Montreux, September 14, 2005Montreux, September 14, 2005

A Shift In This TalkA Shift In This Talk

I provided different materials to the I provided different materials to the conference last monthconference last month

Today is my 4Today is my 4thth privacy or security privacy or security conference in Europe in past two weeksconference in Europe in past two weeks

Today’s talk focuses on the most Today’s talk focuses on the most important theme from this experienceimportant theme from this experience

Theme for TodayTheme for Today

Political challenge to data protection after 9/11Political challenge to data protection after 9/11 Security often trumps privacySecurity often trumps privacy

Burkert, Cavoukian & need for strategy and Burkert, Cavoukian & need for strategy and alliesallies

Theme: need effective, critical examination of Theme: need effective, critical examination of proposed security measuresproposed security measures Show when they are bad for Show when they are bad for securitysecurity Often an effective way also to protect Often an effective way also to protect privacyprivacy

Examples here for government access to Examples here for government access to commercial datacommercial data

OverviewOverview

My backgroundMy background Data retention and its security flawsData retention and its security flaws Security critiques of other government Security critiques of other government

access to dataaccess to data ConclusionsConclusions

My BackgroundMy Background

Now law professor, Ohio State UniversityNow law professor, Ohio State University 1998, “None of Your Business” book on EU-US 1998, “None of Your Business” book on EU-US

data protection & e-commercedata protection & e-commerce 1999-early 2001, Chief Counselor for Privacy for 1999-early 2001, Chief Counselor for Privacy for

the Clinton Administrationthe Clinton Administration Much work since on many privacy & security Much work since on many privacy & security

issuesissues www.peterswire.netwww.peterswire.net

Data Retention StrategyData Retention Strategy

Overall, in addition to privacy, stressOverall, in addition to privacy, stress CostCost SecuritySecurity

Data preservation is likely the best policy Data preservation is likely the best policy outcomeoutcome Save records where have individualized Save records where have individualized

suspicionsuspicion Is strict enough for the USIs strict enough for the US Complies with Cybercrime Convention, etc.Complies with Cybercrime Convention, etc.

Critiques of Data RetentionCritiques of Data Retention

Data protection argumentData protection argument Data retention is bad, not proportionateData retention is bad, not proportionate Will lead to many secondary usesWill lead to many secondary uses

Familiar cost argumentFamiliar cost argument High costs to ISPs, etc.High costs to ISPs, etc.

Familiar data security argument:Familiar data security argument: Huge databases become targets for future Huge databases become targets for future

attacksattacks Security measures for the databases are hardSecurity measures for the databases are hard

Other Threats to SecurityOther Threats to Security

Security threats to the intelligence & police agenciesSecurity threats to the intelligence & police agencies Risks for all government agenciesRisks for all government agencies

Their web & email activity will be retained as well!Their web & email activity will be retained as well! Unknown outsiders, in ISP and government agencies Unknown outsiders, in ISP and government agencies

elsewhere, can see this dataelsewhere, can see this data Invite their CIOs to testifyInvite their CIOs to testify

Undercover cops & other confidential activityUndercover cops & other confidential activity Data retention of contacts between undercover Data retention of contacts between undercover

operatives & their agenciesoperatives & their agencies Invite these cops to testifyInvite these cops to testify

A Double BindA Double Bind If police & intel actions are retained:If police & intel actions are retained:

Risk that terrorists, organized crime will target ISPsRisk that terrorists, organized crime will target ISPs New burden of background checks at ISPsNew burden of background checks at ISPs

• Including universities, small ISPsIncluding universities, small ISPs Costs and risks at ISPs go upCosts and risks at ISPs go up

If police & intel are If police & intel are notnot retained: retained: Would need complex & expensive system to shield Would need complex & expensive system to shield

these activities from the systemthese activities from the system The “hole” for police would be a hole for others to The “hole” for police would be a hole for others to

exploitexploit Either way, have costs & security risksEither way, have costs & security risks Put burden of persuasion on the other side to explainPut burden of persuasion on the other side to explain

Solution on Data RetentionSolution on Data Retention

Better to use the U.S. approach of data Better to use the U.S. approach of data preservation than a data retention regimepreservation than a data retention regime

These individualized searches will not expose These individualized searches will not expose the police and intel agencies to surveillance by the police and intel agencies to surveillance by terrorists & organized crimeterrorists & organized crime

Better for privacy, cost, & securityBetter for privacy, cost, & security That has been a winning coalition in U.S.That has been a winning coalition in U.S.

Security & Other IssuesSecurity & Other Issues

Other current data protection debatesOther current data protection debates BiometricsBiometrics RFIDs & other pervasive computing issuesRFIDs & other pervasive computing issues Identity theftIdentity theft

Technical security critiques will reduce the risk of Technical security critiques will reduce the risk of bad systems in these areasbad systems in these areas

ConclusionConclusion

““Information Security” is clearly part of “Data Information Security” is clearly part of “Data Protection”Protection” Effective critiques on security are part of the Effective critiques on security are part of the

core mission of DPAscore mission of DPAs Pragmatic politicsPragmatic politics

Gain allies to critique badly-designed systemsGain allies to critique badly-designed systems Staff within DPAsStaff within DPAs Participation in “cybersecurity” conferences & Participation in “cybersecurity” conferences &

activitiesactivities

ConclusionConclusion

The critique of security as The critique of security as partpart of DPA of DPA effortsefforts No need to abandon traditional effortsNo need to abandon traditional efforts

The results will be better legal and The results will be better legal and technical decisionstechnical decisions More secure & efficient systemsMore secure & efficient systems Better protection of human rightsBetter protection of human rights

A pragmatic strategy to achieve high moral A pragmatic strategy to achieve high moral goalsgoals

Contact InformationContact Information

Professor Peter P. SwireProfessor Peter P. Swire Phone: (240) 994-4142Phone: (240) 994-4142 Email: Email: peter@peterswire.netpeter@peterswire.net Web: Web: www.peterswire.netwww.peterswire.net