Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2002 IBM Corporation Information & Privacy Commissioner/Ontario 1 PETTEP History and Future: Making the ISO connection Mike Gurski Information & Privacy.

Similar presentations


Presentation on theme: "© 2002 IBM Corporation Information & Privacy Commissioner/Ontario 1 PETTEP History and Future: Making the ISO connection Mike Gurski Information & Privacy."— Presentation transcript:

1 © 2002 IBM Corporation Information & Privacy Commissioner/Ontario 1 PETTEP History and Future: Making the ISO connection Mike Gurski Information & Privacy Commissioner/Ontario mgurski@ipc.on.ca

2 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 2 Defining Privacy Set of legal rights of an individual’s personal control over the collection, use, disclosure and retention as well as timeliness, accuracy and relevancy of any recorded information about that identifiable individual An organization's responsibility for data protection and management of personal information in its custody or control as well as the interchange of such personal information with other organizations

3 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 3 Privacy Concerns are increasing Concern that information is collected, used, disclosed and protected properly Compliance with legislation

4 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 4 Privacy Enhancing Technologies

5 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 5 Privacy Enhancing Technologies PETs have been defined as “a coherent system of Information and Communications Technology measures that protect privacy by eliminating or reducing personal data or by preventing unnecessary and/or undesired processing of personal data; all without losing the functionality of the data system “

6 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 6 Privacy Enhancing Technologies  A Partial List of Types of PETs Anonymizers/Pseudonymizers Limited Show Blind Signatures Biometric Encryption Secret Sharing Privacy Preserving Data Mining Unlinkable databases Unobservable data management

7 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 7 PETs Proliferating No defined criteria No international coordination Different Testing schemes The Concern. Need to be able to trust PETs in order to Deploy Need to evaluate PETs under a common standard recognized internationally

8 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 8 Privacy Enhancing Technologies Testing and Evaluation Project (PETTEP)

9 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 9 PETTEP Goals  Goals: Short Term to Long Term Develop Testing Criteria for Labs Implement Pilot Testing Inform PET Technology Development Inform Technology Implementation Incorporate experience into International Technology Standards

10 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 10 PETTEP  Ontario IPC formed an international team to take on the challenge of developing testing criteria for PET’s  Privacy Enhancing Technologies Testing and Evaluation Project  Members included Privacy and CC experts from government, industry academic and legal communities. Core team consists of German, Dutch, Swedish, Italian, Canadian Privacy/DataProtection Commissions, Research and Academic institutions, Government sponsorship (CSE, DoD) Private Sector Involvement (e.g., IBM)

11 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 11 PETTEP The work: based evaluation of PETs on the CC –Internationally accepted criteria for ITS products –National Evaluation Schemes already exist to provide oversight, lab accreditation and evaluation methodology –Although intended for security - Privacy elements already included –Security Functionality Requirements may be mapped to the elements of the Privacy Fair Information Practices

12 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 12 PETTEP Approach Map Fair Information Practices to CC where possible Determine how to approach evaluation of PETs – based on technology grouping, multiple PP’s, single PP, package? Gain understanding and consensus within PETTEP membership on way ahead. Multiple analysis (protection profiles, extensions, retrofitting CC) Used a research/workshop approach to develop materials. Goal to rewrite current CC chapter on Privacy

13 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 13 Why the Common Criteria as Foundation? The Common Criteria had a place-holder already developed for privacy technologies that dealt with observability, linkability, traceability and anonymity. The Communications & Security Establishment (CSE), NSA’s Canadian equivalent, joined the project and funded two initial contracts to examine elements of this project (reports attached). The Common Criteria scheme was both endorsed by a growing number of national governments and formed an ISO standard. Independent testing labs around the world are accredited Common Criteria certifiers.

14 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 14 Using the Protection Profile Model in the Common Criteria  Protection Profile (PP) (a standard tool of the Common Criteria) A statement of user need A system design document A consistent thread from ‘what’ to ‘how’ Based on fair information practices Provides high-level guidelines Implementation independent Multiple implementation may satisfy  Protection profile is the agreed upon approach within PETTEP to address evaluation of privacy functionality.

15 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 15 Clustering Fair Information Practices for Technology Evaluation The right of individuals to determine for themselves when, how and to what extent information about them is communicated to others. Collection Limitations Openness Disclosure Accountability VerificationUse Limitations Security Privacy Principles CHOICE/CONSENT NOTICE/AWARENESS ACCESSENFORCEMENT/RECOURSE INFORMATION QUALITY & INTEGRITY Protecting Privacy Collection Limitations Collection Limitations Openness Disclosure Accountability Compliance Use Limitations Use Limitations Consent Security Privacy Principles CHOICE/CONSENT ACCURACY SECURITY COLLECTION/USE ACCOUNTABILITY Protecting Privacy Privacy Protection Profiles

16 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 16 Includes:  Security and Safeguards Security Data Management Includes:  Unlinkability  Unobservability  Pseudonymity  Anonymity  Deletion  Consent  Identifying purpose  Limit use/disclosure  Non-Collection  Limit collection  Data Scarcity PETTEP – Privacy PP Development Includes:  Accountability  Challenging compliance  Openness  Individual access  Openness  Accuracy Accountability

17 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 17 Response to Singapore resolution  Question 1 - PETTEP is in favor of JTC1 addressing privacy  Question 2 - The suggested organization is a new SC Needs focus Privacy standards have progressed - JTC1 needs to address existing privacy work Time frames need to be shortened of delivery and a new SC can prioritize ONLY privacy related standards  PETTEP would support and work with a new SC  Question 3 - Scope MUST reconcile with existing PETTEP work  Scope needs to address standards, as outlined  Canada would be a good candidate for hosting the secretariat for such new ISO Sub-Committee(SC) on Privacy

18 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 18 PETTEP: Next Steps  Finalisation of research into CC for re-usable elements for Privacy  Continued Workshops  Final review of Privacy Security PP developed by DoD  Private Sector funding for next phase (Chapter Rewrite and lab testing/ refinement)  Examination of issues and way ahead

19 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 19 Challenges remaining  How to use the existing functionality of the CC in creation of Privacy PP’s (mapping of FIPS) – OR – are additional privacy functions required?  Development of the other PP’s  Evaluation of the designated PET products to the PP (proof of concept)  The need to evaluate more PET products (via PP or ST)  Encourage vendors to have PET products evaluated  Gaining acceptance of the PETTEP approach internationally  Need to position Privacy PPs (based on thread model approach) in context of overall set of Privacy requirements & development of a multipart ISO standard.  Time!!! and of course Money!!!

20 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 20 PETTEP and ISO: a match made in Privacy Heaven  PETTEP membership is international, multi-jurisdictional, bridges academic, privacy and public sectors and is available to work with ISO in developing a Privacy Technology Standard.  PETTEP experience and research papers available.  Canadian leadership in PETs evaluation can be levered for ISO work.  ISO can benefit from involvement of international privacy/data protection community.

21 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 21 Summary and Closing Thoughts  Next Steps for next 18 months: Continue PETTEP workshops to review work by partners Test technologies using Privacy Protection Profiles Use results to develop a Privacy Protection Profile standard based on CC as part of new multipart ISO Privacy standard Request ISO to establish of Standards Committee for Privacy Develop a common definition for Privacy and a common set of FIPs as input into multipart ISO standard

22 Information & Privacy Commissioner/Ontario Data Protection & Privacy Commissioners Conference, Australia 2003 © 2003 IPC/O 22 Thank You Mike Gurski Information & Privacy Commissioner/Ontario mgurski@ipc.on.ca


Download ppt "© 2002 IBM Corporation Information & Privacy Commissioner/Ontario 1 PETTEP History and Future: Making the ISO connection Mike Gurski Information & Privacy."

Similar presentations


Ads by Google