Concept for deliverable on privacy issues on pan european white pages service
1 / 43

- PowerPoint PPT Presentation

  • Uploaded on

Concept for deliverable on privacy issues on pan-European White Pages service . 3rd TF-LSD Meeting Antalya, 13.5.2001 Peter Gietz [email protected] Agenda. Preliminary remarks European privacy legislation Other texts on the matter Privacy issues of the CIP WPS

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about '' - kenna

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Concept for deliverable on privacy issues on pan european white pages service l.jpg

Concept for deliverable onprivacy issues on pan-European White Pages service

3rd TF-LSD Meeting Antalya, 13.5.2001

Peter Gietz

[email protected]

Agenda l.jpg

  • Preliminary remarks

  • European privacy legislation

  • Other texts on the matter

  • Privacy issues of the CIP WPS

  • Organizational and technical solutions

Personal statement l.jpg
Personal Statement

  • Privacy legislation is

    • not a bug it´s a feature

    • Not a burden but a good thing

    • Not the technical possibilities count but the feasability of these possibilities

Discussion features l.jpg
Discussion features

  • Privacy discussion is more focused on e-Commerce than on directories

  • Legislation more complies to data servers, not indexing system

International issue l.jpg
International Issue

  • European solution is only half the way to go

  • Worldwide regulations exist (OECD, UN)

  • 40 countries around the world have enacted, or are preparing to enact privacy legislation

    • E.g.: Switzerland, Hungary, Kanada, AustraliaHong Kong, Taiwan, Japan, Malaysia, South Korea.

  • „The US has isolated itself from the rest of the world“ (EPIC)

  • Only has legislation for Federal authorities

  • Possible solution: „Safe Harbor“

Safe harbor l.jpg
Safe Harbor

  • Organized by Department of Commerce

  • Catalogue of adequate processing rules for data from Europe

  • Companies can proclaim their committment


Codes of conduct l.jpg
Codes of Conduct

  • Selfdefined rules to comply with EU-regulations

  • One for customer data and one for employee data

  • Privacy statements

  • Formalizeable see P3P initiative of W3 Consortium

Oecd regulations l.jpg
OECD Regulations

  • OECD Recommendation concerning and Guidelines governing the protection of privacy and transborder flows of personal data, O.E.C.D. Document C(80)58(Final), October 1, 1980


    • Promotes selfregulatory measures

United nations regulation l.jpg
United Nations Regulation

  • Guidelines concerning computerized personal data files, adopted by the General Assembly on 14 December 1990


1995 directive l.jpg
1995 Directive

  • Directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data (95/46, October 1995)


  • Preamble:

    • Data-processing systems are designed to serve man

    • Data should be able to flow freely

    • But: They must respect the fundamental freedoms and rights

Article 1 object of the directive l.jpg
Article 1: Object of the directive

  • Member states shall protect the right to privacy with respect to the processing of personal data

  • but shall not restrict or prohibit free flow of information between member states

Article 2 definitions l.jpg
Article 2: Definitions

  • „personal data“: any information relating to an identifiable natural person (called „data subject“) White Pages data

  • „processing“: (whether or not automated) collection, storage, retrieval, dissemination, erasure etc. storage, update, replication and retrieval

  • „personal data filing system“: structured set of personal data which are accessible according to specific criteria, whether centralized or decentralised, ... Directory Service

Definitions contd l.jpg
Definitions contd.

  • „controller“: natural or legal person, public authority, agency that determines the purpose and means of the processing Designer of Directory service

  • „processor“: natural or legal person, etc. which processes personal data on behalf of the controller Data manager

  • „third party“: natural or legal person, etc. other than the data subject, the controller or the processor, or the person who is authorized to process the data all others

Definitions contd14 l.jpg
Definitions contd.

  • „recipient“: natural or legal person, etc. natural or legal person, etc. to whom data are disclosed, whether third party or not, but not inquiring authorities  Directory service user

  • „the data subject‘s consent“: any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed ?? See below

Article 3 scope l.jpg
Article 3: Scope

  • Processing of data wholly or partly by automatic means and nonautomatic if part of a filing system.

  • But not in cases of public security, defence, State security and activities of the State in areas of criminal law

  • And not if done by a natural person in the course of purely personal or household activity

Article 6 principals l.jpg
Article 6: principals

  • Fairly and lawfully

  • Collected for specified, explicit and legitimate purpose and not further processed incompatible to that.

  • Historical, statistical or scientifical purposes are never incompatible

  • Adequate, relevant and not exessive

  • Accurate and up to date

  • Identifyable not longer than neccessary

Article 7 criteria l.jpg
Article 7: Criteria

  • Data subject consented or

  • If neccessary for the performance of a contract to which the data subject is party or

  • For compliance with legal obligation of controller or

  • To protect vital interest of the data subject or

  • To perform a task carried out in the public interest ...

  • For the purpose of the legitimate interest of the controller or recipient except if against interest or fundamental rights of the data subject

Article 10 11 information l.jpg
Article 10/11 Information

  • Controller has to inform data subject about:

    • Identity of controller

    • Purpose of processing

    • Recipients of the data

    • Existence of the right of access and rectify the data

  • Whether controller asks the data from data subject or gets them otherwise

Article 12 right of access l.jpg
Article 12: Right of Access

  • Data subject has the right to obtain from controller:

    • Without constraint at reasonable intervals without excesive delay

      • Confirmation whether or not data about him are processed, for what purpose, which data categories and recipients

      • Form and logic of the processing

    • Rectification, erasure or blocking of data

    • Notification of recipients about rectification etc., unless this prooves impossibleor involves dispropriate effort

Article 14 right to object l.jpg
Article 14: Right to object

  • Data subject has the right

    • to object to the processing

    • on compelling legitimate grounds

    • Especially if data are to be used for direct marketing

Article 17 security l.jpg
Article 17: Security

  • Controller must implement measures to protect personal data against:

    • Accidental or unlawful destruction or loss

    • Unauthorized alteration, disclosure or access

    • Especially when processing involves transmission over a network

    • Apropriate to the risks

    • Processor must be governed by a contract or legal act binding in writing or equivalent form

Article 25 transfer to third countries principals l.jpg
Article 25: Transfer to third countries - Principals

  • Third country must ensure an adequate level of protection

  • Member state shall take measures necessary to prevent transfer to such a country

  • Commission shall enter into negotiations with a view to remedying the situation

  • Member states shall take the necessary measures to comply with the Commision‘s decision

Article 26 transfer to third countries derogations l.jpg
Article 26: Transfer to third countries - Derogations

  • Transmission to Countries with unadequate privacy legislation may take place if:

    • Data subject has given his consent or

    • Neccessary for performance of a contract between data subject and controller or

    • Contract between controller and third party in the interest of data subject or

    • On important public interest grounds or

Derogations contd l.jpg
Derogations contd.

  • To protect vital interest of data subject or

  • Transfer is made from a register which according to laws or regulations is intended to provide information to the public and which is open to consultation either by the public in general or by any person who can demonstrate legitimate interest, to the extent that the conditions laid down in law for consultation are fulfilled in the particular case

Article 29 working party l.jpg
Article 29: Working Party

  • Working party on the protection of individuals with regard to the processing of personal data is hereby set up.

  • WG with Chair, secretary and rules of procedure

  • Independent advisory status

  • Gives opinion on the level of protection in the comunity and in third countries

Working party l.jpg
Working Party

  • Composed a number of documents on Transfer of personal data to third countries:

    • Defining what constitutes adequate protection

    • Possible ways forward in assessing adequacy

    • On processing of personal data on the Internet

    • Recommendation 1/99 on Invisible and automatic processing of personal data on the Internet performed by software and hardware

    • ...

1997 directive l.jpg
1997 Directive

  • Directive concerning the processing of Personal data and the protection of privacy in the telecommunications sector (97/66/EC, 15. December 1997)


    • Enhancement of the 1995 directive for the telecommunications sector, especially ISDN and mobile networks

Article 2 definitions28 l.jpg
Article 2: Definitions

  • „subscriber“: any natural or legal person that is party to a contract with the provider of publicly available telecommunications service

  • „user“: any natural person using such a service for private or business purpose, without neccessarily having subscribed to it

Definitions contd29 l.jpg
Definitions contd.

  • „public telecommunications network“: transmission system and switching equipment and other resources which are used in whole or in part for the provision of publicly available telecommunications service

  • „ telecommunications service“: service that consists wholly or partly in the transmission and routing of signals on telecommunications network, with the exception of radio- and TV-broadcasting

Article 11 directories l.jpg
Article 11: Directories

  • Personal data contained in printed or electronica directories of subscribers available to the public should be limited to what is neccessary to identify a particular subscriber unless the subscriber has given his consent to the publication of additional personal data.

Other european texts l.jpg
Other European texts

  • COM(99) 337 final: Proposal for a regulation of the European Parliament for the protection of natural persons at the processing of personal data by organs and institutions of the Community and for the free flow of data, 1999

  • Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, Council of Europe, European Treaty Series No. 108. Signed January 28, 1981

Other valuable texts l.jpg
Other valuable texts

  • SURFnet: Privacy aspects of directory Services – Directory Services and the changes in privacy legislation – new boundaries for a new paradise [no date, but seems quite new]

  • Arbeitskreis „Technische und organisatorische Datenschutzfragen“: Datenschutzrechtliche Aspekte beim Einsatz von Verzeichnisdiensten [Privacy legislation aspects of using directory services], 26.10.2000

Other valuable texts33 l.jpg
Other valuable texts

  • Catherine Treca (CNRS/UREC), Erik Huizer (SURFnet): An overview of international privacy issues concerning the provision of Directory Services (Draft sent to IETF ids WG 21.7.1994 [sic])

  • Work of the The RARE WG on Networked Application Services and the IETF ids WG

  • Who knows what came out of this?

Other texts l.jpg
Other texts

  • RFC 1355: J.Curran (NNSC), A. Marine (SRI): Privacy and accuracy issues in Network Information Center databases, August 1992

Privacy issues l.jpg
Privacy Issues

  • Controller and processor are the maintainers of the actual data server

  • Do the maintainer of the index service have the same legal bindings to the data subject?

  • If not all data subjects have consented to transmission to unadequate legislation countries, transmission to those countries has to be prevented

Solutions l.jpg


Thanks to SURFnet

Organizational solutions l.jpg
Organizational Solutions

  • Define and stick to purpose of service

  • Call for a data protection officer

  • Define who is the controller and who is processor

  • Define and restrict population of data subjects

  • Define procedures how the data are gathered and processed

  • Inform data subjects about e.g. via email:

    • Who collected data

    • What data

    • For what purpose

    • About the rights of the data subject

Organizational solut contd l.jpg
Organizational Solut. contd.

  • Define procedure of informing the data subjects about rights and data updates

  • Define how data subjects can make use of their rights (e.g. via signed e-mail, Web-Formular)

  • Better have user consent when he applies for a user account

  • Only collect minimum set of data attributes

  • Publish and disseminate all organizational definitions in a policy text

Technical solutions l.jpg
Technical Solutions

  • Establish adequate security agains loss, damage and unlawful access or manipulation of the data

  • Restrict maximum number of retrievable entries

  • Disallow wildcards

  • Restrict number of searchable attributes

  • Do robots detection and refuse services to them

  • Restrict access to user from countries with adequate privacy legislation

  • Disallow access from proxies

Technical solut contd l.jpg
Technical Solut. contd.

  • Encrypt Indexobjects while on the net

  • Define Crawler policies

  • Only let registered crawlers access the data

  • Enforce digital signatures for e-Mail-consent of the data subjects

Proposed structure of deliverable l.jpg
Proposed structure of deliverable

  • Discussion of EU-Regulation

  • Generic description of CIP index system

  • Privacy issues of the system

  • Organizational and technical solutions

How to proceed l.jpg
How to proceed?

  • Should be restrict ourselfes to EC-Direcive or interprete othe mentioned regulatory texts?

  • How detailed should we be?

  • How much of the directive should we quote?

  • Should a template privacy policy text be included?

  • Does it make sence to contact Working Party?

How to proceed contd l.jpg
How to proceed? Contd.

  • Who will actively join this work?

  • I intend to get the first draft version out soon

  • But the matter is very difficult and it is easy to make mistakes