Security - Information and Privacy Commissioner of Ontario

advertisement
Exposing the Myths,
Exploring the Solutions
Ann Cavoukian, Ph.D.
Information & Privacy Commissioner/Ontario
Privacy & Security: Seeking the Middle Path
www.ipc.on.ca
5th Annual Privacy & Security Workshop
October 28-29, 2004
University of Toronto
Government Surveillance
“People will not trust government if there is
excessive secrecy. And they will get increasingly
anxious about a 'surveillance society' if they
cannot be confident that information about their
private lives is being handled properly.”
Richard Thomas,
UK Information Commissioner
January 2003
www.ipc.on.ca
Slide 2
“”No-fly” lists
Be prepared not to know
www.ipc.on.ca
Slide 3
Where are we now: U.S.
 Biometrics in travel documents now a given
• Enhanced Border Security & Visa Entry Reform
Act
• International Civil Aviation Organization (ICAO)
adopted a three pronged approach for travel
documents: Facial recognition (the global base),
fingerprint & iris scans
• U.S. VISIT Program requires countries to have
biometrics to remain in Visa Waiver program
www.ipc.on.ca
Slide 4
Where are we now: U.S. part II
CAPPSII dead
• Reasons cited: lack of airline data for testing, law
suits against airlines, privacy concerns, failure to
address 7 out of 8 Congressional requirements
Secure Flight new screening tool
• Government, not airlines, to compare passengers
to no-fly and watch lists
• TSA assures reduction of false positives (current
15% pull-overs to drop to 5% of passengers)
• 30 day test began in September of Secure Flight
www.ipc.on.ca
Slide 5
Secure Flight
• Redress process to be instituted, Senator Edward
Kennedy had to call DHS Secretary Tom Ridge to
clear his name
• Multi-stage process ending in review by DHS
Chief Privacy Officer: Nuala Kelly O’Connor
• New level of transparency, with crucial documents
for public view
• Senate has required DHS to report on
privacy impact of this action
www.ipc.on.ca
Slide 6
Where are we Now: Canada
CANPASS-Air uses iris scanning for identity
check
RCMP working with ISO to ensure fingerprint
biometric interoperability
Gov’t compiling no-fly lists to be used by
airline agents for domestic flights, to notify
Transport Canada of ‘immediate threats’
No redress policy appears to be available
www.ipc.on.ca
Slide 7
Are we losing Balance?
“Public safety is paramount but
balanced against privacy”
 Security measures must be real, not illusory
 New powers must be studied and measured to
determine effectiveness and utility
 Are new security powers truly necessary or are
existing ones not fully utilized or effectively
deployed?
http://www.ipc.on.ca/userfiles/page_attachments/1517136_pub01-e.pdf
http://www.cbc.ca/news/indepth/usattacked/essay_privacy.html
www.ipc.on.ca
Slide 8
Anti-Terrorism Laws
– Why be Concerned?
General Issues:
 Expanded scope
 Lack
of justification
 Weakening
 Lack
www.ipc.on.ca
of domestic surveillance
Judicial Controls
of Oversight
Slide 9
STEPS: Revisted
 Terrorist attacks 9/11
 Government concerns over public safety
 Patriot and anti-terrorist legislation
 Polarized debate for Security/Privacy
 Resurgence of Privacy concerns by public
www.ipc.on.ca
Slide 10
Still Need a Shift in Paradigms
 The Old Paradigm: Zero Sum Game
 The New Paradigm:
Security + Privacy = Democracy
 Privacy and Security are both necessary
components: both are essential to
freedom and liberty
www.ipc.on.ca
Slide 11
The Challenge for
Privacy Experts
Expand the discourse: Privacy and Security
are not polar opposites
Engage government and industry in
demonstration projects to promote STEPs
http://www.ipc.on.ca/docs/steps.pdf
www.ipc.on.ca
Slide 12
The Challenge for
Solution Developers
Introduce privacy into the concept, design
and implementation of technology solutions
Recognize and promote existing STEP
solutions:
 3-D Holographic Scanner: respecting physical
privacy while enhancing security
 Biometric encryption
www.ipc.on.ca
Slide 13
The Challenge for
Governments
 Develop the privacy requirements for
technology:
• Use the 3-D Holographic Scanner Paradigm
for IT design requirements.
• Avoid equating security with privacy.
• Put the ‘ terrorist attack fear factor’ in
context of other threats to citizens.
www.ipc.on.ca
Slide 14
The Discussion Today
How is privacy fairing in the national
security arena?
What are the issues we face?
What is the road ahead?
What can we do?
www.ipc.on.ca
Slide 15
How to Contact Us
Ann Cavoukian, Ph.D.
Information & Privacy Commissioner/Ontario
2 Bloor Street West, Suite 1400
Toronto, Ontario M4W 1A8
www.ipc.on.ca
Phone:
Web:
E-mail:
(416) 326-3333
www.ipc.on.ca
commissioner@ipc.on.ca
Download