Privacy and Security: The Positive Sum Approach

Athens.
The next speaker at WebSci '09 (via video) is Ann Cavoukian, the Toronto privacy commissioner. She suggests that we need to think differently to protect privacy - there is a need for strong legislation and other forms of protection. but most of all privacy also needs to be embedded into technology; without privacy, she says, there is no freedom.

This may need a substantial change of attitudes amongst technology companies,but it is possible and necessary - riffing off the Obama slogan 'yes we can', Ann suggest that for this issue, it's 'yes we must', and she has been pushing for the recognition of an international data privacy day.

So, we need privacy by design - we need not only privacy-enhancing technologies (PETs), but technologies which enhance both privacy and security, or what Ann calls PETs+. Under this framework, there is no longer a payoff between privacy and security, where improvements in one undermine the other, but instead improvements in privacy also increase security.

Examples where this 'positive sum approach' may be applied are the protection of laptops, the eHealth sector, the wider field of datamining, video surveillance, biometrics, social networking, or RFIDs - contrary to popular perception, Ann suggests, it is possible to advance these areas without undermining either privacy or security in favour ot the other.

In the future envisioned by Ann, users no longer have to ask for privacy - privacy will be the default. And as we know, the default rules.

Technorati : WebSci '09, identity, policy, privacy, security, trust
Del.icio.us : WebSci '09, identity, policy, privacy, security, trust