SlideShare una empresa de Scribd logo

Copyright and privacy by design - what lessons have we learned?

Descargar como PPT, PDF
blogzilla
blogzilla
TecnologíaNoticias y política
1 de 13
© and privacy “by design” Dr Ian Brown, U. of Oxford @IanBrownOII
Early DRM systems
“Trusted” architectures
DRM a hard problem
More recent efforts  Web blocking – Newzbin injunction, Digital Economy Act s.18  PROTECT-IP Act/Stop Online Piracy Act  Anti-Counterfeiting Trade Agreement, Trans-Pacific Partnership
Effectiveness of blocking  Ease of masking P2P traffic using encryption  Ease of site and content transfers and replication  Sneakernets and WiFi/Bluetooth sharing  Ease of changing DNS servers, and building alternate directory systems  “I agree with counsel for the Studios that the order would be justified even if it only prevented access to Newzbin2 by a minority of users.” [2011] EWHC 1981 (Ch) §198
[2011] EWHC 1021 (Admin) § 232 “Experts can seek to establish a profile of those who engage in P2P file sharing, and their various reasons for doing so, and may then attempt to predict how these users may be likely to respond if confronted with the kind of regime that the DEA enacts. In theory, some may cease or substantially curtail their unlawful activities, substituting or not, for example, lawful downloading of music; others may simply seek other means to continue their unlawful activities, using whatever technical means are open. The final outcome is uncertain because it is notoriously difficult accurately to predict human behaviour”
GDPR Art. 23 Data protection by design and by default 1. Having regard to the state of the art and the cost of implementation, the controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures and procedures in such a way that the processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject. 2. The controller shall implement mechanisms for ensuring that, by default, only those personal data are processed which are necessary for each specific purpose of the processing and are especially not collected or retained beyond the minimum necessary for those purposes, both in terms of the amount of the data and the time of their storage. In particular, those mechanisms shall ensure that by default personal data are not made accessible to an indefinite number of individuals.
Designing for privacy  Data minimisation key: is your personal data really necessary? Limit personal data collection, storage, access and usage – enforced using cryptography  Protects against hackers, corrupt insiders, data loss, as well as function creep  Users must also be notified and consent to the processing of data – easy-to-use interfaces are critical. What are defaults? Jedrzejczyk et al. (2010)
Mobile data  Is communication uni- or bi- directional or broadcast? Oblivious transfer  Does sensor, user agent or network carry out triangulation and processing? What resolution data can network access?  How long-lived and linkable are identifiers? IMSIs, TMSIs and location patterns
Location-Based Services  Can we use features of mobile phone networks to supply anonymous, targeted adverts? Haddadi, Hui, Henderson and Brown (2011)
Transport pricing  Monitor all traffic centrally (London), at kerbside (W London) or deduct payment from pay-as-you-go toll cards (Singapore)? On-board unit (Balasch et al. 2010)? Or tax parking spaces?  Link all payment card usage (Oyster) or use unlinkable RFID tokens (Shenzen)? MIT Technology Review (2006)
Privacy-friendly smart grids  Personal data should almost always remain at customer premises under their direct control  Network broadcasts tariff data to meters, which control appliances  Heavily aggregated information used for billing and price comparison  PETs can further reduce information leakage to third parties Rial and Danezis (2011)

Recomendados

Keeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodKeeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodblogzilla
 
Where next for encryption regulation?
Where next for encryption regulation?Where next for encryption regulation?
Where next for encryption regulation?blogzilla
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?blogzilla
 
The Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsThe Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsblogzilla
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowdenblogzilla
 
Internet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms dayInternet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms daymoldovaictsummit2016
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internetmoldovaictsummit2016
 
Wikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetWikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetVincy
 

Recomendados

Keeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodKeeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodblogzilla
 
Where next for encryption regulation?
Where next for encryption regulation?Where next for encryption regulation?
Where next for encryption regulation?blogzilla
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?blogzilla
 
The Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsThe Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsblogzilla
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowdenblogzilla
 
Internet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms dayInternet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms daymoldovaictsummit2016
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internetmoldovaictsummit2016
 
Wikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetWikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetVincy
 
Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime conventionmoldovaictsummit2016
 
An Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the InternetAn Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the InternetDibussi Tande
 
cybercrime landscape for moldova
cybercrime landscape for moldovacybercrime landscape for moldova
cybercrime landscape for moldovamoldovaictsummit2016
 
Finding balance in the age of open data
Finding balance in the age of open dataFinding balance in the age of open data
Finding balance in the age of open dataCaribbean Open Data Conference & Code Sprint
 
Internet governance
Internet governanceInternet governance
Internet governanceGhazala Ajami
 
Social media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacySocial media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacyYasmin AbdelAziz
 
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan SiberID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan SiberIGF Indonesia
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...AJHSSR Journal
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Hannes astok data protection agency
Hannes astok data protection agencyHannes astok data protection agency
Hannes astok data protection agencyE-Government Center Moldova
 
Surveillance and privacy panel
Surveillance and privacy panelSurveillance and privacy panel
Surveillance and privacy panelNewsquare
 
Internet ecosystem and the internet
Internet ecosystem and the internetInternet ecosystem and the internet
Internet ecosystem and the internetShreedeep Rayamajhi
 
Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...Santosh Sigdel
 
Privacy and Surveillance
Privacy and SurveillancePrivacy and Surveillance
Privacy and SurveillanceIrem Gokce Aydin
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeDani Ann Eunice Vargas Espelico
 
Presentation wk6
Presentation wk6Presentation wk6
Presentation wk6Douglas Pippen
 
Pubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkPubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkMatt Siltala
 
The state of Internet freedom after the coup in Thailand
The state of Internet freedom after the coup in ThailandThe state of Internet freedom after the coup in Thailand
The state of Internet freedom after the coup in ThailandArthit Suriyawongkul
 
Freedom of speech
Freedom of speechFreedom of speech
Freedom of speechUc Man
 
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalIGF Indonesia
 
I want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfI want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfamitkhanna2070
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpJason Lackey
 

Más contenido relacionado

La actualidad más candente

An Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the InternetAn Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the InternetDibussi Tande
 
Social media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacySocial media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacyYasmin AbdelAziz
 
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan SiberID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan SiberIGF Indonesia
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...AJHSSR Journal
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
 
Surveillance and privacy panel
Surveillance and privacy panelSurveillance and privacy panel
Surveillance and privacy panelNewsquare
 
Internet ecosystem and the internet
Internet ecosystem and the internetInternet ecosystem and the internet
Internet ecosystem and the internetShreedeep Rayamajhi
 
Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...Santosh Sigdel
 
Pubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkPubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkMatt Siltala
 
The state of Internet freedom after the coup in Thailand
The state of Internet freedom after the coup in ThailandThe state of Internet freedom after the coup in Thailand
The state of Internet freedom after the coup in ThailandArthit Suriyawongkul
 
Freedom of speech
Freedom of speechFreedom of speech
Freedom of speechUc Man
 
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalIGF Indonesia
 

La actualidad más candente (20)

Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime convention
 
An Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the InternetAn Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the Internet
 
cybercrime landscape for moldova
cybercrime landscape for moldovacybercrime landscape for moldova
cybercrime landscape for moldova
 
Finding balance in the age of open data
Finding balance in the age of open dataFinding balance in the age of open data
Finding balance in the age of open data
 
Internet governance
Internet governanceInternet governance
Internet governance
 
Social media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacySocial media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacy
 
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan SiberID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
 
Unit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hrUnit 6 Privacy and Data Protection 8 hr
Unit 6 Privacy and Data Protection 8 hr
 
Hannes astok data protection agency
Hannes astok data protection agencyHannes astok data protection agency
Hannes astok data protection agency
 
Surveillance and privacy panel
Surveillance and privacy panelSurveillance and privacy panel
Surveillance and privacy panel
 
Internet ecosystem and the internet
Internet ecosystem and the internetInternet ecosystem and the internet
Internet ecosystem and the internet
 
Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...
 
Privacy and Surveillance
Privacy and SurveillancePrivacy and Surveillance
Privacy and Surveillance
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Presentation wk6
Presentation wk6Presentation wk6
Presentation wk6
 
Pubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David MinkPubcon Privacy Legal Presentation by David Mink
Pubcon Privacy Legal Presentation by David Mink
 
The state of Internet freedom after the coup in Thailand
The state of Internet freedom after the coup in ThailandThe state of Internet freedom after the coup in Thailand
The state of Internet freedom after the coup in Thailand
 
Freedom of speech
Freedom of speechFreedom of speech
Freedom of speech
 
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber NasionalID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
ID IGF 2016 - Hukum 3 - Kedaulatan dan Ketahanan Cyber Nasional
 

Similar a Copyright and privacy by design - what lessons have we learned?

I want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfI want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfamitkhanna2070
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpJason Lackey
 
Copyright Protection in the Internet
Copyright Protection in the InternetCopyright Protection in the Internet
Copyright Protection in the Internetipoque
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodmanjonneiditz
 
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudFog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudIJSRD
 
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...Konstantinos Demertzis
 
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGY
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGYHOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGY
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGYcscpconf
 
How to detect middleboxes guidelines on a methodology
How to detect middleboxes guidelines on a methodologyHow to detect middleboxes guidelines on a methodology
How to detect middleboxes guidelines on a methodologycsandit
 
Who has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceWho has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceEmil Lupu
 
What are data networks?
What are data networks?What are data networks?
What are data networks?James Steele
 
Accessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentIJNSA Journal
 
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTIJNSA Journal
 
Privacy by design
Privacy by designPrivacy by design
Privacy by designblogzilla
 
Sookman law society_6_min_business_law
Sookman law society_6_min_business_lawSookman law society_6_min_business_law
Sookman law society_6_min_business_lawbsookman
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposureredpel dot com
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
FOG COMPUTING- Presentation
FOG COMPUTING- Presentation FOG COMPUTING- Presentation
FOG COMPUTING- Presentation Anjana Shivangi
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
 

Similar a Copyright and privacy by design - what lessons have we learned? (20)

I want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfI want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdf
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can Help
 
Copyright Protection in the Internet
Copyright Protection in the InternetCopyright Protection in the Internet
Copyright Protection in the Internet
 
FOGCOMPUTING
FOGCOMPUTINGFOGCOMPUTING
FOGCOMPUTING
 
Network security
Network securityNetwork security
Network security
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodman
 
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudFog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
 
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...
 
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGY
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGYHOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGY
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGY
 
How to detect middleboxes guidelines on a methodology
How to detect middleboxes guidelines on a methodologyHow to detect middleboxes guidelines on a methodology
How to detect middleboxes guidelines on a methodology
 
Who has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidenceWho has the data ... and will breach the duty of confidence
Who has the data ... and will breach the duty of confidence
 
What are data networks?
What are data networks?What are data networks?
What are data networks?
 
Accessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environment
 
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Sookman law society_6_min_business_law
Sookman law society_6_min_business_lawSookman law society_6_min_business_law
Sookman law society_6_min_business_law
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposure
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
FOG COMPUTING- Presentation
FOG COMPUTING- Presentation FOG COMPUTING- Presentation
FOG COMPUTING- Presentation
 
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...
 

Más de blogzilla

Interoperability for SNS competition
Interoperability for SNS competitionInteroperability for SNS competition
Interoperability for SNS competitionblogzilla
 
Transatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentTransatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentblogzilla
 
Lessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open BankingLessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open Bankingblogzilla
 
Covid exposure apps in England and Wales
Covid exposure apps in England and WalesCovid exposure apps in England and Wales
Covid exposure apps in England and Walesblogzilla
 
Key issues in data protection policy
Key issues in data protection policyKey issues in data protection policy
Key issues in data protection policyblogzilla
 
Trusted government access to private sector data
Trusted government access to private sector dataTrusted government access to private sector data
Trusted government access to private sector datablogzilla
 
Interoperability in the Digital Services Act
Interoperability in the Digital Services ActInteroperability in the Digital Services Act
Interoperability in the Digital Services Actblogzilla
 
Making effective policy use of academic expertise
Making effective policy use of academic expertiseMaking effective policy use of academic expertise
Making effective policy use of academic expertiseblogzilla
 
Introduction to Cybersecurity for Elections
Introduction to Cybersecurity for ElectionsIntroduction to Cybersecurity for Elections
Introduction to Cybersecurity for Electionsblogzilla
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managersblogzilla
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africablogzilla
 
Human rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCHuman rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCblogzilla
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulationblogzilla
 
Regulation and the Internet of Things
Regulation and the Internet of ThingsRegulation and the Internet of Things
Regulation and the Internet of Thingsblogzilla
 
Global Cyber Security Capacity Centre
Global Cyber Security Capacity CentreGlobal Cyber Security Capacity Centre
Global Cyber Security Capacity Centreblogzilla
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloudblogzilla
 
Can the law control Digital Leviathan?
Can the law control Digital Leviathan?Can the law control Digital Leviathan?
Can the law control Digital Leviathan?blogzilla
 
Investigating cybercrime at the United Nations
Investigating cybercrime at the United NationsInvestigating cybercrime at the United Nations
Investigating cybercrime at the United Nationsblogzilla
 
Regulating code
Regulating codeRegulating code
Regulating codeblogzilla
 
Data protection redress in the UK
Data protection redress in the UKData protection redress in the UK
Data protection redress in the UKblogzilla
 

Más de blogzilla (20)

Interoperability for SNS competition
Interoperability for SNS competitionInteroperability for SNS competition
Interoperability for SNS competition
 
Transatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentTransatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgment
 
Lessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open BankingLessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open Banking
 
Covid exposure apps in England and Wales
Covid exposure apps in England and WalesCovid exposure apps in England and Wales
Covid exposure apps in England and Wales
 
Key issues in data protection policy
Key issues in data protection policyKey issues in data protection policy
Key issues in data protection policy
 
Trusted government access to private sector data
Trusted government access to private sector dataTrusted government access to private sector data
Trusted government access to private sector data
 
Interoperability in the Digital Services Act
Interoperability in the Digital Services ActInteroperability in the Digital Services Act
Interoperability in the Digital Services Act
 
Making effective policy use of academic expertise
Making effective policy use of academic expertiseMaking effective policy use of academic expertise
Making effective policy use of academic expertise
 
Introduction to Cybersecurity for Elections
Introduction to Cybersecurity for ElectionsIntroduction to Cybersecurity for Elections
Introduction to Cybersecurity for Elections
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managers
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africa
 
Human rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCHuman rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QC
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulation
 
Regulation and the Internet of Things
Regulation and the Internet of ThingsRegulation and the Internet of Things
Regulation and the Internet of Things
 
Global Cyber Security Capacity Centre
Global Cyber Security Capacity CentreGlobal Cyber Security Capacity Centre
Global Cyber Security Capacity Centre
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloud
 
Can the law control Digital Leviathan?
Can the law control Digital Leviathan?Can the law control Digital Leviathan?
Can the law control Digital Leviathan?
 
Investigating cybercrime at the United Nations
Investigating cybercrime at the United NationsInvestigating cybercrime at the United Nations
Investigating cybercrime at the United Nations
 
Regulating code
Regulating codeRegulating code
Regulating code
 
Data protection redress in the UK
Data protection redress in the UKData protection redress in the UK
Data protection redress in the UK
 

Último

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 

Último (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 

Copyright and privacy by design - what lessons have we learned?

  • 1. © and privacy “by design” Dr Ian Brown, U. of Oxford @IanBrownOII
  • 4. DRM a hard problem
  • 5. More recent efforts  Web blocking – Newzbin injunction, Digital Economy Act s.18  PROTECT-IP Act/Stop Online Piracy Act  Anti-Counterfeiting Trade Agreement, Trans-Pacific Partnership
  • 6. Effectiveness of blocking  Ease of masking P2P traffic using encryption  Ease of site and content transfers and replication  Sneakernets and WiFi/Bluetooth sharing  Ease of changing DNS servers, and building alternate directory systems  “I agree with counsel for the Studios that the order would be justified even if it only prevented access to Newzbin2 by a minority of users.” [2011] EWHC 1981 (Ch) §198
  • 7. [2011] EWHC 1021 (Admin) § 232 “Experts can seek to establish a profile of those who engage in P2P file sharing, and their various reasons for doing so, and may then attempt to predict how these users may be likely to respond if confronted with the kind of regime that the DEA enacts. In theory, some may cease or substantially curtail their unlawful activities, substituting or not, for example, lawful downloading of music; others may simply seek other means to continue their unlawful activities, using whatever technical means are open. The final outcome is uncertain because it is notoriously difficult accurately to predict human behaviour”
  • 8. GDPR Art. 23 Data protection by design and by default 1. Having regard to the state of the art and the cost of implementation, the controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures and procedures in such a way that the processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject. 2. The controller shall implement mechanisms for ensuring that, by default, only those personal data are processed which are necessary for each specific purpose of the processing and are especially not collected or retained beyond the minimum necessary for those purposes, both in terms of the amount of the data and the time of their storage. In particular, those mechanisms shall ensure that by default personal data are not made accessible to an indefinite number of individuals.
  • 9. Designing for privacy  Data minimisation key: is your personal data really necessary? Limit personal data collection, storage, access and usage – enforced using cryptography  Protects against hackers, corrupt insiders, data loss, as well as function creep  Users must also be notified and consent to the processing of data – easy-to-use interfaces are critical. What are defaults? Jedrzejczyk et al. (2010)
  • 10. Mobile data  Is communication uni- or bi- directional or broadcast? Oblivious transfer  Does sensor, user agent or network carry out triangulation and processing? What resolution data can network access?  How long-lived and linkable are identifiers? IMSIs, TMSIs and location patterns
  • 11. Location-Based Services  Can we use features of mobile phone networks to supply anonymous, targeted adverts? Haddadi, Hui, Henderson and Brown (2011)
  • 12. Transport pricing  Monitor all traffic centrally (London), at kerbside (W London) or deduct payment from pay-as-you-go toll cards (Singapore)? On-board unit (Balasch et al. 2010)? Or tax parking spaces?  Link all payment card usage (Oyster) or use unlinkable RFID tokens (Shenzen)? MIT Technology Review (2006)
  • 13. Privacy-friendly smart grids  Personal data should almost always remain at customer premises under their direct control  Network broadcasts tariff data to meters, which control appliances  Heavily aggregated information used for billing and price comparison  PETs can further reduce information leakage to third parties Rial and Danezis (2011)

Notas del editor

  1. http://www.docstoc.com/docs/88760415/PrETP-Privacy-Preserving-Electronic-Toll-Pricing
  2. http://research.microsoft.com/en-us/projects/privacy_in_metering/mainwpes.pdf