Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Thursday April 30 2015, @10:47AM   Printer-friendly
from the at-least-somebody-understands-the-problem dept.

Security and privacy are not mutually exclusive says Europe’s privacy watchdog – and people should stop saying they are.

The European Data Protection Supervisor (EDPS), Giovanni Buttarelli, told a Brussels conference he was concerned that “the objective of cyber-security may be misused to justify measures which weaken protection of [data protection] rights.”

“Cyber-security must not become an excuse for disproportionate processing of personal data. Let's not forget that when the European Court of Justice (ECJ) last year found the Data Retention Directive to be invalid, one of the reasons was concern about the inadequacy of the data security provisions in the directive,” he continued . Although some commentators interpreted the ECJ ruling to mean that data must be stored within national borders, Buttarelli disagreed.

“Physical location is not the determining factor in security. Rather, it is degree of control, accountability and responsibility which data controllers demonstrate when processing personal information. They must take full responsibility for all the measures they implement, regardless of the technology they use. Responsibility must not vanish in the clouds,” said the newly appointed EDPS. Negotiations on a new Data Protection Regulation are currently underway and Buttarelli says that accountability should not be sacrificed in the inevitable compromise.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by FakeBeldin on Thursday April 30 2015, @04:02PM

    by FakeBeldin (3360) on Thursday April 30 2015, @04:02PM (#177130) Journal

    Hogwash.
    1. There is no set exchange rate between security and privacy.
            It is not +1 privacy = -1 security.
    2. Even where security & privacy conflict, we're a long way from maximizing one while keeping the other constant.

    Case in point: here's one fairly simple idea that would improve privacy for many people: implement some Kerberos-style security instead of the passenger-details sharing.
    So instead of the EU providing the US with details of all its passengers headed that way, the US provides the EU with details of who is to be kept off. The EU then implements this and everyone who passes gets a "kerberos" ticket (i.e., a flight).

    Upshot: no more sharing of passenger details.
    Downside: the US would have to somehow provide a way for EU officials to check whether a passenger is on the no-fly list.
    if only that could be done without sharing any of the data or queries...
    oh wait [google.com].

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2