Presentation is loading. Please wait.

Presentation is loading. Please wait.

Malcolm Crompton Keynote Presentation: The Future of Privacy Technology IAPP TRUSTe Symposium: Privacy Futures Preconference I: Privacy Technology – Real.

Published byJob Daniels Modified over 9 years ago

Similar presentations

Presentation on theme: "Malcolm Crompton Keynote Presentation: The Future of Privacy Technology IAPP TRUSTe Symposium: Privacy Futures Preconference I: Privacy Technology – Real."— Presentation transcript:

1

2 Malcolm Crompton Keynote Presentation: The Future of Privacy Technology IAPP TRUSTe Symposium: Privacy Futures Preconference I: Privacy Technology – Real World Experiences San Francisco 9 June 2004 IAPPTRUSTePrivacy Futures

3 Privacy is about: context control freedom of choice identity integrity

4 Identity management: the next big push for government and business Response to: –identity fraud –identity theft or identity takeover –border control and traveller identification –individual convenience –better customer service for individuals –more and more complex IT networks

5 Commonwealth State Private Sector  AUSTRAC: Cost of ID Fraud ReportCost of ID Fraud Report  Document verification service Document verification service  ACC: Identity ProtectionIdentity Protection RegistersRegisters (prev ID Fraud Register)  ACPR: ID Crime Working PartyID Crime Working Party  NOIE: e- authentication e- authentication  Customs: SmartGate SmartGate  Customs: Advance Passenger InfoAdvance Passenger Info  DIMIA: Extend use of biometricsExtend use of biometrics  DFAT: biometric passportbiometric passport  Macquarie Bank: info brochure info brochure  Unique Health IdentifierUnique Health Identifier  DEST: CHESSNCHESSN  ACT: Smartcard proposal (2000) ?Smartcard proposal  VIC: Victoria Online portalVictoria Online portal  IMSC/CIOC/AWG: e-authentication e-authentication  AEC&HIC: match Electoral Roll/Medicarematch Electoral Roll/Medicare  NEVDISNEVDIS  ACPR ID Crime Policing StrategyID Crime Policing Strategy  CrimTrac National DNA DBNational DNA DB  Common POI frameworkCommon POI framework  AGD: Whole-of- Government ID Fraud processWhole-of- Government ID Fraud process  Centrelink: voice verification?voice verification  AFP: Identity Crime Task ForceIdentity Crime Task Force  SA: ID theft amendments (awaiting assent)ID theft amendments  Bankers: Fraud taskforceBankers: Fraud taskforce  QLD: SmartcardSmartcard driver licence  BaycorpBaycorp  FCS OnLineFCS OnLine  PSMA: G- NAFG- NAF Authentication and Identification initiatives In Australia  Cross-agency data matchingCross-agency data matching

6 ID management is a problem of trust & control –Individuals don’t know who they can trust with their information –Organisations / governments want to know who they can trust –Individuals have a right to have control over their identity and information

7 One number per person leads to total surveillance –Same person with the same number, easy to “zip together” personal information –Do we want info from banks, libraries, video shops, and takeaway food outlets zipped together with government identifiers? –If it can be zipped together, it will be – eventually

8 Major Privacy Problems –Fort Knox Problems –Identity theft is a self-defeating consequence of increased identificationself-defeating consequence of increased identification –People may change behaviour (to avoid situations that might be misunderstood by watchers, e.g. talking to people with strong political views, or of certain ethnic backgrounds)talking to people with strong political views –No EOI documents means no engagement in society – EOI documents become the condition of citizenry

9 Success feel like: Individuals feel trusted by the government agencies and organisations they deal with Agencies and organisations trust the individuals they deal with Individuals have control over who knows about them, and how much they know Just the right amount of personal information is handled: –only the minimum necessary to authenticate identity, complete the transaction

10 GETTING ID MANAGEMENT RIGHT A MULTI-LAYERED APPROACH We must have this debate now There are good ID management solutions –use them Use technology that can identify people without creating a ‘honey pot’ for all the information about a person Extra costs are worth it in the long run Good ID management will –Build trust between individuals government & business –Increase individual control over own identity

11 Law + Technology + Market + Transparency + Accountability Law = promise; enforcement Technology = delivers promise Market = people don’t buy; nobody makes T+A = proof of promise kept Combined = total cost too high, except in extremes (High Court; or worth a massive tech attack; or...) = Privacy

12 –Multiple identities allowed –Only authenticate when necessary & what’s necessary –is it ID which really needs to be authenticated or something else? –Individuals retain control –Unique identifiers specific to application –Identifiers carry no other information –Data Silos –De-identification Good ID management: PITs v PETs PITs v PETs

13 Biometrics too good to be true? –Too much or irrelevant information? –DNA can carry information about ethnic origin, health, family etc –Speech recognition may carry information about accent or cultural background –Link between a person and the biometric may be unbreakable, even when it needs to be? –If the system is hacked will the identifier be compromised? –Reconstruction, or ‘reverse engineering’ from biometric identifier? –(e.g. picture of fingerprint may allow construction of forged fingerprint)

14 Iris recognition technology & application specific biometric templatesIris recognition technologyapplication specific biometric templates ‘Drug records in blink of an eye’, AFR, 9 Mar 2004Drug records in blink of an eye Biometric encryption IBM – P3P; EPAL; Distributed Identity; CombinationsP3PEPALDistributed IdentityCombinations Privacy Enhancing Technologies (PETs) ? Building in trust, permission & control …

15 The Big Picture The Big Picture Strong push for identity management Strong push for identity management Get it wrong – society significantly worse off Get it wrong – society significantly worse off Get it right – trust & control Get it right – trust & control The debate must start now, before it’s too late The debate must start now, before it’s too late Privacy – a fundamental human right Privacy – a fundamental human right

16 Malcolm Crompton jamaz@iinet.net.au +61 407 014 450

Download ppt "Malcolm Crompton Keynote Presentation: The Future of Privacy Technology IAPP TRUSTe Symposium: Privacy Futures Preconference I: Privacy Technology – Real."

Similar presentations

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.
Biometrics Biometrics refers primarily to the measurement of physiological and behavioral characteristics to automatically identify people.

Biometrics Biometrics refers primarily to the measurement of physiological and behavioral characteristics to automatically identify people.
Signature (unit, name, etc.) Introduction to biometrics from a legal perspective Yue Liu Mar. 2007 NRCCL, UIO.

Signature (unit, name, etc.) Introduction to biometrics from a legal perspective Yue Liu Mar NRCCL, UIO.
The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,
Computer Security Biometric authentication Based on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003.

Computer Security Biometric authentication Based on a talk by Dr J.J. Atick, Identix, “Biometrics in the Decade of Security”, CNSS 2003.
Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.

Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.
2003 1 Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.

Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics.
1 Suzanne Lockhart M.A. Criminology thesis University of Melbourne, 2005 Current: PhD candidate University of S.A Identity Fraud – Displacement effects.

1 Suzanne Lockhart M.A. Criminology thesis University of Melbourne, 2005 Current: PhD candidate University of S.A Identity Fraud – Displacement effects.
Confidentiality and Collaboration The ethics of information sharing in health and social care.

Confidentiality and Collaboration The ethics of information sharing in health and social care.
Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.

Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
The Role of Computers in Surveillance ~ Katie Hatland.

The Role of Computers in Surveillance ~ Katie Hatland.
Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.

Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.
Biometrics Kyle O'Meara April 14, 2008. Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.

Biometrics Kyle O'Meara April 14, Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.
Identity Cards: Strategy, Implementation & Challenges A Melodrama in Three Parts Simon Davies Director, Privacy International Visiting Fellow, London School.

Identity Cards: Strategy, Implementation & Challenges A Melodrama in Three Parts Simon Davies Director, Privacy International Visiting Fellow, London School.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
General Purpose Packages

General Purpose Packages
Ronny Depoortere 19th March, 2012 Warsaw. www.zetes.com/poland Identification – Business Case The ability to uniquely identify citizens and foreign residents.

Ronny Depoortere 19th March, 2012 Warsaw. Identification – Business Case The ability to uniquely identify citizens and foreign residents.
Track II: Introduction and Overview of Financial Services and Information Technology Privacy Policy: Synthesizing Financial Services Industry Privacy David.

Track II: Introduction and Overview of Financial Services and Information Technology Privacy Policy: Synthesizing Financial Services Industry Privacy David.

Similar presentations

Ads by Google