Thursday Feb 26, 2009

You can't keep the Spies out

While continuing to think about the privacy and regulatory issues that Cloud computing raises, I was point at this article in the NY Times, called "Does Cloud Computing Mean More Risks to Privacy?", which looks at the US legal position and points out that the US police and even civil investigators will find it easier to get data from third parties than from the entities orginally authorised to have access to private data. The article seems to have been categorised as news due to the release of the World Privacy Forum's latest report, "Privacy in the Clouds", which I have not yet read, but plan to.

Its probably true in the EU, and is certainly so in the UK, that a number of IT service providers have national security duties that are not well publicised and growing, but it seems that the basic principle of EU law is that data mustn't be shipped to countries with weaker laws than the originator country, although on the internet, how does one know which that is.

tags:

Sunday Feb 22, 2009

For more about Privacy in Europe

So what was I looking for? I found and was pointed to by a lazyweb search at,

and now I have these three links collected in a single HTML page with a permalink, i.e here. The delicious links are tagged EU, but I might add a gov tag to the tag base as this seems sensible for this case.

tags:

Wednesday May 21, 2008

Discussing security and privacy in Italy

 CSI Piemonte, an italian public sector co-operative visited Sun yesterday to talk about today and tomorrow's Security with Alec Muffet and Dave Walker, and I had the honour of hosting and MC'ing the meeting.

While discussing data centre networks i.e the network inside the firewall and how to build the firewalls, a number of products and companies were discussed, these include CSE Piemonte themselves, Tripwire for intrusion detection, Zeus, traffic management, ActivIdentity, part of an SSO solution, Tier-3, leveraging Behavioural Intelligence, Sun's Access Manager, "Privacy on the Line" a book by Whitfield Diffie and Susan Landau, Endevours Technologies, Sun's Security Community's publications, Shibboleth, for single sign-on, and juniper.net/, looking at their virtual firewalls. Alec also spoke about some of the ideas he developed in his blog article Hankering For A World Without “Identity” or “Federation”. This latter conversation was very wide ranging and reviewed the significant differences between the UK and Italian data privacy laws, particularly in the field of medical data and records. The italian laws seem very citizen-centric, which is what we'd hope for in a democratic Republic. The CSI Piemonte people told us that

"The Italian Government is prohibited from asking for citizen's information twice"

which is really cool but it still has problems sharing it around the government between departments and bodies. In the UK, this is causing me problems with the Student Finance company at the moment. I'd like the Passport Agency and the Inland Revenue to pass my details on to them, so I don't have to collect all the stuff they ask for. I suppose that they can't ask the Inland Revenue because they want to know more than they do. Go figure.

I recorded these URL's as we discussed them on my del.icio.us feed in real time, i.e. as of this article's publication date, well, yesterday actually. (I suppose I should create a tag for the meeting, to ensure that all the URLs have a common and exclusive tag, but I havn't, and del.icio.us doesn't enable you to query a date range, which is why I repeat the list above, and I can't be bothered to write a script that displays how many days ago the meeting took place.)

I also think, or hope at least, that  this is an article, where the snap shots add value to the article. If you hover most of the links above, you get a preview of the web page. 

tags:

About

DaveLevy

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today