Presentation is loading. Please wait.

Presentation is loading. Please wait.

TERENA Networking Conference 2005©The JNT Association, 2005 Network Performance Measurement: Privacy and Legal Issues Andrew Cormack, UKERNA

Published byPaula Sharp Modified over 9 years ago

Similar presentations

Presentation on theme: "TERENA Networking Conference 2005©The JNT Association, 2005 Network Performance Measurement: Privacy and Legal Issues Andrew Cormack, UKERNA"— Presentation transcript:

1 TERENA Networking Conference 2005©The JNT Association, 2005 Network Performance Measurement: Privacy and Legal Issues Andrew Cormack, UKERNA A.Cormack@ukerna.ac.uk

2 TERENA Networking Conference 2005©The JNT Association, 2005 Terminology Active measurement Measurer generates own traffic and watches result E.g. ping, traceroute, … Passive monitoring Measurer looks at headers of other people’s traffic E.g. netflow, … Interception Measurer can see content of other people’s traffic E.g. network sniffer …

3 TERENA Networking Conference 2005©The JNT Association, 2005 Privacy Issues Looking at someone else’s traffic breaches their privacy Looking at headers is less serious than content Headers are “stuff needed to get message from A to B” So networks have to look at headers anyway But even headers can still be a serious breach of privacy Suppose you find lots of packets to a cancer support site? Aggregating/anonymising headers reduces breach Passive Monitoring and Interception always breach privacy Laws exist that protect privacy

4 TERENA Networking Conference 2005©The JNT Association, 2005 Legal Issues (Europe) Active measurement No legal issues, provided you measure consenting targets! Passive monitoring Data Protection (95/46/EC) & Privacy and Electronic Communications (2002/58/EC) Directives protect people Confidentiality Law protects organisations Interception European Convention on Human Rights (Art.8) applies Plus Data Protection/Confidentiality Law as above

5 TERENA Networking Conference 2005©The JNT Association, 2005 Does Law Allow Privacy Breaches? Yes, but only if they are Necessary, proportionate and controlled Law recognises that some actions are needed, e.g. Management of billing or traffic (operations), Prevention or detection of misuse Providing value-added services Not clear if unanonymised “research” is allowed except as part of planning/operations Almost always need to tell users beforehand General notice, specific information, explicit consent

6 TERENA Networking Conference 2005©The JNT Association, 2005 National Laws Member states need to implement European law DP Directives are detailed and prescriptive Ought to be similar laws in all Member States UK: Data Protection Act 1998 & Electronic Communications (EC Directive) Regulations 2003 ECHR Article 8 has more room for variation Different national rules likely UK: Regulation of Investigatory Powers Act 2000

7 TERENA Networking Conference 2005©The JNT Association, 2005 UK law on informing users (UK) Passive Monitoring (DPA 1998) Interception (RIPA 2000) OperationNN (by DPA) MisuseNI or C V-A serviceN (can opt out)C “Research”None, N or CC N:must notify users, i.e. publish the information somewhere I:must take “all reasonable measures” to inform users C:must obtain positive consent from all affected users

8 TERENA Networking Conference 2005©The JNT Association, 2005 So Must Ask (and Write Down) About my activities Why am I going to do this? Is the risk if I don’t do it greater than the breach if I do? Can I do it in a less intrusive way? How long do I need to keep the data? How will I protect the data against misuse? Have I informed users? Have they consented? What does my national law require of me? Some activities will be unlawful and thus prohibited

Download ppt "TERENA Networking Conference 2005©The JNT Association, 2005 Network Performance Measurement: Privacy and Legal Issues Andrew Cormack, UKERNA"

Similar presentations

Public Administration use of Social Networks - Data Protection Implications European Public Administration Network, Dublin Castle, 5 April 2013 Billy Hawkes.

Public Administration use of Social Networks - Data Protection Implications European Public Administration Network, Dublin Castle, 5 April 2013 Billy Hawkes.
Overview of the Regulation of Investigatory Powers Act 2000 Andrew Charlesworth University of Warwick 10 June 2002.

Overview of the Regulation of Investigatory Powers Act 2000 Andrew Charlesworth University of Warwick 10 June 2002.
© JANET(UK) 2011 Running a Public Communications Service Andrew Cormack Chief Regulatory Adviser, Janet

© JANET(UK) 2011 Running a Public Communications Service Andrew Cormack Chief Regulatory Adviser, Janet
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
In confidence Chair: Storm Westmaas Principal Legal Adviser, the Standards Board for England Speakers: Bernadette Livesey Chief Law and Administration.

In confidence Chair: Storm Westmaas Principal Legal Adviser, the Standards Board for England Speakers: Bernadette Livesey Chief Law and Administration.
Copyright JNT Association 2006 1 1 Striking a Balance: Privacy and Legal Issues in Network Management Andrew Cormack Chief Regulatory Adviser, UKERNA

Copyright JNT Association Striking a Balance: Privacy and Legal Issues in Network Management Andrew Cormack Chief Regulatory Adviser, UKERNA
Net Neutrality, What Else? Wim Nauwelaerts Partner Hunton & Williams.

Net Neutrality, What Else? Wim Nauwelaerts Partner Hunton & Williams.
Getting data sharing right for every child

Getting data sharing right for every child
Copyright JNT Association 20071 Federated Identity and Data Protection Law Andrew Cormack, Eva Kassenaar, Mikael Linden, Walter Martin Tveter.

Copyright JNT Association Federated Identity and Data Protection Law Andrew Cormack, Eva Kassenaar, Mikael Linden, Walter Martin Tveter.
BYOD: Privacy and Security Andrew Paterson, Senior Technology Officer.

BYOD: Privacy and Security Andrew Paterson, Senior Technology Officer.
Big Data and data protection

Big Data and data protection
Communications Briefing: Navigating the clouds Sam Parr and Ian Walden Wednesday 21 October 2009, 12.00 – 2.00 pm.

Communications Briefing: Navigating the clouds Sam Parr and Ian Walden Wednesday 21 October 2009, – 2.00 pm.
Legalities of ICT Chapter 7.

Legalities of ICT Chapter 7.
Class 13 Internet Privacy Law European Privacy.

Class 13 Internet Privacy Law European Privacy.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005

Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection Act. Lesson Objectives To understand the data protection act.

Data Protection Act. Lesson Objectives To understand the data protection act.
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
Email Marketing - Best Practice from a Legal Point of View Yvonne Cunnane - Information Technology Law Group 30 November 2006.

Marketing - Best Practice from a Legal Point of View Yvonne Cunnane - Information Technology Law Group 30 November 2006.

Similar presentations

Ads by Google