Guest Post: A Busy Time For Privacy and Security

Guest Post: A Busy Time For Privacy and Security

The following is a guest post by David Hoffman, Director of Security Policy and Global Privacy Officer at Intel and FPF advisory board member.

Check out A Busy Time For Privacy and Security and other posts by David on the Intel Policy Blog.

A Busy Time For Privacy and Security

The past two weeks have included a number of important events for privacy and security. At the top of my mind have been the protests in Egypt, as I worry about the welfare of the Egyptian people and the many non-Egyptians in the country. One of the more disturbing aspects of the developments in Egypt, was the Egyptian government’s actions to require local internet service providers to disconnect from the global internet. The internet has become an integral component of individuals’ lives. Disconnecting a country from the global internet is an extreme and unfortunate reaction.

The Egyptian government had a solid record of assisting the private sector in making the internet available to its citizens. That record made the government’s decision to take down the connections more impactful, as local internet infrastructure suppliers appear not to have had plans to deal with the government decision.

In an interesting coincidence, the Egyptian government’s actions took place while many around the world were recognizing Data Privacy Day. Intel has been one of the core supporters of Data Privacy Day since its inception. Intel embraces Data Privacy Day’s goal of educating individuals on how they can use technology to provide benefits for their lives, while still having their personal date protected. Intel has been working in several areas to provide recommendations on how we can continue to foster technology innovation, while improving cybersecurity and privacy.

The Egyptian government’s actions call attention to the need of providing strong protections for individuals and companies so they can depend upon technology. Efforts to allow government access to, or control over, private components of the global digital infrastructure have been finding their way to light in many countries. These government attempts to control technology, include providing government the right to take down all, or a portion of, a private network. Any such government ability to impact technology in such a manner, creates substantial privacy concerns for individuals and industry. National security and law enforcement are fundamental obligations of government, but reasonable due process is necessary before government should take steps to access communications or take down private networks.

Several organizations have proposed alternative mechanisms to address government concerns. One example of these efforts are the Cybersecurity Principles authored by the Information Technology Industry Council, which were finalized on January 31st. The ITI Principles focus on building off of existing public-private partnerships and fostering the development of standards, best practices and international assurance programs.

Also distributed on January 31st, was the Center for Strategic and International Studies (CSIS) Cybersecurity Commission report “Cybersecurity Two Years Later.”    I have been honored to sit on the Commission and to take part in some of the discussion that led to this report. The Commission operates as a body to provide input to the Project Director and Co-chairs. By its nature and size the Commission does not endeavor to create a report that all Commission members agree with fully. Not surprisingly, there are elements of the report with which I disagree. However, the document is an important piece of work assembled by some of the best minds in cybersecurity policy.

The report aptly calls for investment in cybersecurity education, more focus on the international implications of a patchwork of differing national regulations of the global digital infrastructure, improvements in the area of authentication and the fundamental importance of meeting the privacy expectations of individuals. Conversely, I do have concern about extending cybersecurity regulations to the private sector component of the “critical infrastructure”, when the report does not define the term. I also find the report too critical of existing public-private partnerships, as many of these activities have focused on building needed trust, while still providing transparency of operation. The Egyptian government’s actions highlight the danger of moving away from structures which create trust between government and industry.

Many companies, like Intel, are investing significantly in privacy and security to make certain individuals will be able to reasonably trust their use of technology. This busy time for privacy and security policy both brings some of these issues to the forefront, and provides useful fodder for debate on how we should move forward.

Leave a Reply


Feb 08, 2011
0 Comments

Issues

Privacy Calendar

May
19
Sun
all-day IEEE Symposium on Security and Privacy @ The Westin St. Francis
IEEE Symposium on Security and P… @ The Westin St. Francis
May 19 – May 22 all-day
The IEE Symposium on Security and Privacy will mark its 34th annual meeting as they present recent developments in computer security and electronic privacy. The [...]
May
22
Wed
all-day Georgetown’s 1st Annual Cybersecurity Law Institute Washington, DC @ Georgetown University Law Center
Georgetown’s 1st Annual Cybersec… @ Georgetown University Law Center
May 22 – May 23 all-day
“Georgetown Law CLE has created the inaugural Cybersecurity Law Institute, designed by a national advisory board of professionals who have been in the trenches dealing with [...]
all-day IAPP Canada Privacy Symposium 2013
IAPP Canada Privacy Symposium 2013
May 22 – May 24 all-day
Join the IAPP for their Canada Symposium 2013, where you will have the chance to learn and debate on the issues that matter most to [...]
May
23
Thu
all-day IAB Interact Sponsored by TRUSTe @ Hotel W Barcelona
IAB Interact Sponsored by TRUSTe @ Hotel W Barcelona
May 23 – May 24 all-day
“ Join leading European advertisers, agencies and media owners, regulators and policy makers for a two-day debate in Barcelona on the theme ‘The Battle of the [...]
May
30
Thu
all-day Ramp Up Summit @ Computer History Museum
Ramp Up Summit @ Computer History Museum
May 30 all-day
Over 1,000 marketers, advertisers, and industry insiders come together to discuss the convergence of offline and online data in digital advertising. For more information or to register [...]
Jun
3
Mon
6:30 pm EPIC’s Champion of Freedom Awards Dinner 2013 Washington, DC @ The Fairfax at Embassy Row
EPIC’s Champion of Freedom Award… @ The Fairfax at Embassy Row
Jun 3 @ 6:30 pm – 9:00 pm
Join Electronic Privacy Information Center (EPIC) for the annual Champion of Freedom Awards Dinner 2013 Honorees: Sen. Paul Rand (R-KY), Sen. Ron Wyden (D-OR), Martha [...]
Jun
6
Thu
all-day The 6th Annual Privacy Law Scholars Conference @ Claremont Hotel Club & Spa
The 6th Annual Privacy Law Schol… @ Claremont Hotel Club & Spa
Jun 6 – Jun 7 all-day
BCLT and The George Washington University Law School will host the sixth annual Privacy Law Scholars Conference (PLSC). The PLSC assembles a wide array of [...]
Jun
17
Mon
all-day National Association of Attorneys General-Summer 2013 Meeting Boston, MA
National Association of Attorney…
Jun 17 – Jun 20 all-day
Chris Wolf participates in a panel on Section 230 and its strengths and challenges for state law enforcement, moderated by NAAG President Doug Gansler. For more information visit http://www.naag.org/naag-2013-summer-meeting.php [...]

View Calendar