802E Privacy Report Date: Authors: January 2016

Slides:



Advertisements
Similar presentations
Office of the Information and Privacy Commissioner, Ontario, Canada
Advertisements

Doc.: IEEE /1448 r00 Submission Paul A. Lambert, Marvell SemiconductorSlide Privacy Date: Authors: November 2013.
Privecsg Tracking of Link Layer Identifiers Date: [ ] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital
1 privecsg IEEE 802 EC Privacy Recommendation Study Group Update to IEEE802 March 2015 Plenary meeting Juan Carlos Zuniga, InterDigital.
1 privecsg IEEE 802 EC Privacy Recommendation Study Group Update to March 2015 Plenary meeting Juan Carlos Zuniga,
SWAMI Threats, vulnerabilities & safeguards in a World of Ambient Intelligence David Wright Trilateral Research & Consulting 21 March 2006.
Privacy, Security, and trust in cloud computing BY: SIANI PEARSON PRESENTED BY: KIA MANOOCHEHRI.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 16 Network Management.
2015 National BDPA Technology Conference Big Data: Cool, Creepy or Privacy Violation? Arlonda Stevens August 18-22, 2015 Washington, DC.
Privecsg ecsg 1 IEEE 802 EC Privacy Recommendation Study Group Update to 802 Sept Interim meetings Juan Carlos Zuniga, InterDigital.
Doc.: IEEE ai Submission Paul Lambert, Marvell Security Review and Recommendations for IEEE802.11ai Fast Initial Link Setup Author:
1 privecsg ecsg IEEE 802 EC Privacy Recommendation SG Comments on Privacy PAR/CSD March, 2015 Juan Carlos Zuniga, InterDigital Labs (EC SG Chair)
Privecsg Privacy Recommendation PAR Proposal Date: [ ] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital
Privecsg Tracking of Link Layer Identifiers Date: [ ] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital
Privecsg Privacy Recommendation PAR Proposal Date: [ ] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital
Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.
Privecsg Privacy Recommendation PAR Proposal Date: [ ] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital
Page 1 IEEE 802 January Meeting EEE 802 Recommended Practice for Privacy Considerations for IEEE 802 Technologies Date: Authors: NameAffiliationPhone .
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
IS3220 Information Technology Infrastructure Security
Privecsg Privacy Recommendation PAR Proposal Date: [ ] Authors: NameAffiliationPhone Juan Carlos ZúñigaInterDigital
Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.
NETWORK SECURITY. What do you see THE IMPORTANCE OF SECURITY THE ARE WEBSITES ON THE INTERNET COULD INFORM PEOPLE THE RANGE AND AVAILABLE UNSECURED SITES.
Combating Identity Fraud In A Virtual World
Privacy and Public Policy Implications of IoT
Judicial Training on Data Protection and Privacy Rights
ETSI Software Reconfiguration Overview
Instructor Materials Chapter 6 Building a Home Network
Security Standard: “reasonable security”
WUR Reconnection Usage Model
SUBMITTED BY DINEEJ A 28 S3 EC
Teleconference Agenda
Light Communication Use-Cases in Retail
General Data Protection Regulation (GDPR
P802.11aq Pre-Association Service Discovery Summary
Firmware Notification
Privacy: A Regulator’s Perspective
Submission Title: Response to the Call for Applications
Juan Carlos Zuniga, InterDigital Labs (EC SG Chair)
September 2011 April 2009 doc.: IEEE /xxxxr0
Working Spread Sheets for Assignment and Schedule
doc.: IEEE <doc#>
P802.11aq Pre-Association Service Discovery Summary
P802.11aq Pre-Association Service Discovery Summary
802E Privacy Recommendations Update to
Submission Title: Response to the Call for Applications
WiFi Ads Delivering Location Sensitive Ads Using Wireless Networks
Uplink Broadcast Service
IEEE 802 EC Privacy Recommendation SG Comments on Privacy PAR/CSD
TGn Gen Ad Hoc May Motions
Privacy Recommendations for 802 LMSC Section 8: Recommendations
Security Ad-Hoc Report Draft
Juan Carlos Zuniga, InterDigital Labs (EC SG Chair)
802E Privacy Recommendations Update to
Privacy Recommendation PAR Proposal
Submission Title: Response to the Call for Applications
doc.: IEEE <doc#>
IEEE 802 EC Privacy Recommendation SG November, 2014, Report to 802 EC
Juan Carlos Zuniga, InterDigital Labs (EC SG Chair)
Impact of KTP Non-definition
Ashley Roughton Nabarro LLP
The MobileIron® Threat Detection difference:
Deployment Considerations in Wireless Mesh Networking
Security Ad-Hoc Report Draft
Shared Infrastructure
LM 5. Wireless Network Security
Privacy protection in Wi-Fi analytics systems
Privacy protection in Wi-Fi analytics systems
Submission Title: TG9ma Closing Report for July Meeting
Summary of PAD SG use cases
Presentation transcript:

802E Privacy Report Date: 2016-03-15 Authors: January 2016 doc.: IEEE 802.11-16/0190r0 802E Privacy Report Date: 2016-03-15 Authors: Joseph Levy (InterDigital)

Privacy Scope: Individuals Narrow: focused on individuals Broad: any information related to an individual that can identify him/her, directly or indirectly, may be relevant Limited to what can be addressed in protocol design - vs. deployment and operation

Privacy Scope: Technical Only Discussion without reference to any particular legal framework Mitigating privacy threats strictly from the technical point of view (e.g. protecting PIIs), and regardless of the motivation of the attacker If the attacker does it for criminal reasons, privacy-unfriendly commercial reasons, legally or illegally, it is irrelevant The actions of the attacker are technically indistinguishable and they should be mitigated in the same way

Privacy Threats: Identification Tracking Wi-Fi mobile devices of by-passers is an easy job, even if devices are not actively connected to any Wi-Fi network [REF: “Wi-Fi Internet connectivity and privacy: hiding your tracks on the wireless Internet”; Bernardos, C.J., Zuniga, J.C., and O’Hanlon, P.; IEEE CSCN 2015] © 2015 InterDigital, Inc. All rights reserved.

Privacy Threats: Correlation The combination of several pieces of information reveals patterns and behaviors that can be used to profile users Coffee shop, hotel, shopping mall – APs all run by the same company, guy/device roaming from one to the next (dotted line path between them) SSID list: “ORD_Free_WiFi”, “My_House_Is_Empty”, “I_Work_Here” [REF: https://mentor.ieee.org/802-ec/dcn/14/ec-14-0043-00-00EC-internet-privacy-tutorial.pdf]

PIIs in the Internet of “Things” Personally Identifiable Information (PII)

Privacy by Design (PbD) Embrace PbD principles - applied specifically to Internet protocols Proactive not reactive; Preventative not remedial Privacy as the default setting Privacy embedded into design Full functionality – positive-sum, not zero-sum End-to-end security – full lifecycle protection Visibility and transparency – keep it open Respect for user privacy – keep it user-centric [REF: https://www.ipc.on.ca/english/privacy/introduction-to-pbd/]

Key Mitigations Data minimization Privacy as the default Avoid as much as possible the collection, disclosure, sensitivity, and retention of PIIs Privacy as the default When there are options in the protocol, Privacy features should be used by default Allow user to opt-out - or rather opt-in! Users should be allowed to opt-out from providing personal information at any point in time

Resources Mailing list - reflector Mentor - document repository stds-802-privacy@listserv.ieee.org Mentor - document repository https://mentor.ieee.org/privecsg/documents

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.