Your SlideShare is downloading. ×
0
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protection
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Pal gov.tutorial6.session5.privacy and data protection

297

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
297
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. ‫أكاديمية الحكومة اإللكترونية الفلسطينية‬ The Palestinian eGovernment Academy www.egovacademy.psTutorial 6: The Legal Framework of New Technologies Session5 Privacy & Data Protection Dr. Ismail M. Romi Palestine Polytechnic University Email: ismailr@ppu.edu PalGov © 2011 1
  • 2. AboutThis tutorial is part of the PalGov project, funded by the TEMPUS IV program of theCommission of the European Communities, grant agreement 511159-TEMPUS-1-2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.psProject Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, PalestineCoordinator:Dr. Mustafa JarrarBirzeit University, P.O.Box 14- Birzeit, PalestineTelfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
  • 3. © Copyright NotesEveryone is encouraged to use this material, or part of it, but should properlycite the project (logo and website), and the author of that part.No part of this tutorial may be reproduced or modified in any form or by anymeans, without prior written permission from the project, who have the fullcopyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SAThis license lets others remix, tweak, and build upon your work non-commercially, as long as they credit you and license their new creationsunder the identical terms. PalGov © 2011 3
  • 4. Privacy and Data ProtectionSession ILOsAfter completing this session trainees will be able to:1. Understand the legal frame for access management2. Enforcing security management through internal regulation3. Widen the knowledge of privacy and data protection4. Develop knowledge about international as well as EU best practices and standards5. Ensure public transparency of the processing of data.6. Control of the processing of personal data by public bodies.7. Team Work.8. Analysis skills PalGov © 2011 4
  • 5. Overview1. Protecting Personal Privacy2. Ensuring Confidentiality PalGov © 2011 5
  • 6. 1. Protecting Personal Privacy Personal Privacy. Privacy Rights Privacy and Technology Privacy Protection PalGov © 2011 6
  • 7. Privacy ‫الخصوصية‬• Privacy is the claim of individuals, groups and institutions to determine for themselves, when, how and to what extent information about them is communicated to others, [Westin 1967].• Who have the right to privacy? – Natural (individuals). – Legal persons (groups and institutions). ‫الخصىصية: هي حق األفراد والجماعات والمؤسسات في أن يقرروا كيفية التعامل‬ .‫مع المعلىمات الخاصة بهم، مه حيث التىقيث، والكمية، والجهة‬ PalGov © 2011 7
  • 8. Aspects of Privacy• Territorial privacy: :‫أوجه الخصوصٌة‬ – Protecting the close physical area surrounding a ‫1- الخصوصٌة المكانٌة‬ person, i.e. domestic and other environments such as the workplace or public space). ‫2- الخصوصٌة الشخصٌة‬• Privacy of the person: ‫3- خصوصٌة المعلومات‬ – Protecting a person against undue interference, such as physical searches, drug testing or information violating his/her moral sense).• Informational privacy: – Controlling whether and how personal data can be gathered, stored, processed or selectively disseminated. PalGov © 2011 8
  • 9. Personal Identifiable Information (PII) ‫المعلومات الشخصية المميزة‬• Any information about an individual maintained by an agency, including: – Any information that can be used to distinguish or trace an individual‗s identity. – Any other information that is linked or linkable to an individual. ،‫المعلومات التعرٌفٌة الممٌزة: هً معلومات األفراد التً تحتفظ بها المؤسسات‬ ‫وتشمل المعلومات التً تمٌز األفراد عن غٌرهم‬ PalGov © 2011 9
  • 10. Examples of PII Data‫أمثلة على المعلومات التعريفية المميزة‬• Names: full name, mother‗s name, or alias.• Personal identification number: social security number (SSN), passport number, driver‗s license number, taxpayer identification number, patient identification number, and financial account or credit card number.• Address information: such as street address or email address.• Asset information: Internet Protocol (IP) or Media Access Control (MAC) address, other host-specific persistent static identifier that consistently links to a particular person or small, well-defined group of people. ...‫– االسم، اسم األم، الكنٌة، الرقم الوطنً، رقم الجواز، الرقم الضرٌبً، رقم رخصة القٌادة‬ ‫– العنوان، االٌمٌل، عنوان االنترنت، رقم الهاتف، الصور، ....الخ‬ PalGov © 2011 10
  • 11. Examples of PII Data ….Cont• Telephone numbers, including mobile, business, and personal numbers• Personal characteristics, including photographic image (especially of face or other distinguishing characteristic), x- rays, fingerprints, or other biometric image or template data (e.g., retina scan, voice signature, facial geometry).• Information identifying personally owned property, such as vehicle registration number or title number and related information.• Information about an individual that is linked or linkable to one of the above (e.g., date of birth, place of birth, race, religion, weight, activities, geographical indicators, employment information, medical information, education information, financial information). PalGov © 2011 11
  • 12. Privacy Rights ‫حقوق الخصوصية‬• The right to be let alone to live one‘s own life with the minimum degree of interference. ‫حق الفرد بأن ٌمارس حٌاته لوحده دون أي تدخل أو تشوٌش من الغٌر‬• The right of the individual to lead his own life protected against: – Interference with his private, family and home life. – Interference with his physical or mental integrity or his moral and intellectual freedom. – Attacks on his honor and reputation. – Being placed in a false light. – The disclosure of irrelevant embarrassing facts relating to his private life.‫كشف حقائق محرجه‬ PalGov © 2011 12
  • 13. Privacy Rights…Cont– The use of his name, identity or likeness.– Spying, prying, watching and besetting.– Interference with his correspondence.– Misuse of his private communications, written or oral.– Disclosure of information given or received by him in circumstances of professional confidence. PalGov © 2011 13
  • 14. Privacy and Technology ‫التكنولوجيا والخصوصية‬• A number of privacy issues arise with the proliferation of digital technologies: ‫مع دخول التكنولوجٌا ظهرت العدٌد من القضاٌا المتعلقة بالخصوصٌة‬ – Personalized services, such as reward programs (supermarket cards, frequent flyer/buyer cards, etc.) require collection, (uncontrolled) processing, and often even distribution of personal data and sensitive information. – With ubiquitous connectivity, people are increasingly using electronic technologies in business-to-consumer and business-to-business settings (are financial transactions, credit card payments, business transactions, email, document exchange, and even management of personal health records). – New technologies are being used for the purpose of monitoring and recording behaviors of individuals who may not even be aware of it, this data typically includes personal information and is essentially privacy sensitive. ‫ٌتمثل تأثٌر التكنولوجٌا على الخصوصٌة فً إمكانٌة وسهولة تجمٌع المعلومات عن‬ .‫األفراد بطرق عدٌدة ومتنوعة‬ PalGov © 2011 14
  • 15. Privacy and Technology: No Secrets• Personal Data: All About You More than 15,000 specialized ‫تشٌر االحصائٌات إلى توفر‬ ‫كمٌات هائلة من قواعد‬ marketing databases contain ‫البٌانات التً تحتوي على‬ 2,000,000,000 names ‫بٌانات عن األفراد حول‬ These databases contain ‫العالم‬ characteristics like age, income, religion PalGov © 2011 15
  • 16. Privacy and Technology: No SecretsBig Brother and Big Business Other information technologies amplify the ‫تعتبر الشبكات وقواعد‬ threat to personal privacy, too: ‫البٌانات الخدمٌة من‬  Networks: make it possible for personal data to ‫العوامل التً سهلت‬ be transmitted almost anywhere instantly ‫الوصول لبٌانات‬  Microsoft’s Passport, part of its .NET ‫األفراد‬ technologies, can optionally collect in a central database controlled by Microsoft  Passwords  Credit card numbers  Other consumer information PalGov © 2011 16
  • 17. Privacy and Technology: No Secrets Workplace monitoring technology: enables managers to learn more than ever before about the work habits and patterns of workers . ‫تكنولوجٌا مراقبة‬ Surveillance cameras: increasingly used for nabbing routine traffic violations and detecting ،‫العمل، الكامٌرات‬ security violators, can be combined with picture ‫األقمار‬ databases to locate criminals—and others ‫اإلصطناعٌة، أجهزة‬ Surveillance satellites: can provide permanent ..‫الهاتف‬ peepholes into our lives for anyone willing to pay ‫جمٌعها أٌضا سهلت‬ the price ‫الوصول لبٌانات‬ Cell phones: are now required by law to include technology to determine and transmit their ‫األفراد‬ locations to emergency personnel responding to 911 calls. PalGov © 2011 17
  • 18. Privacy Protection in the Law• The interest in privacy increased in the 1960´s and 1970´s with the advent of Information Technology and its obvious surveillance potential.• 1974, In the USA, the Privacy Act was adopted as an acknowledgement that the development of complex information systems posed a threat to personal privacy.• 1980, Organization for Economic Cooperation and Development (OECD) adopted its Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, which should help to harmonize the different national laws and enforce some minimum degree of privacy protection amongst member countries. ‫اهتمت القوانٌن الدولٌة بقضٌة الخصوصٌة، وتطورت هذه القوانٌن فً العدٌد من‬ ‫البلدان، حٌث تم وضع قوانٌن تضبط التعامل مع بٌانات األفراد والمؤسسات‬ PalGov © 2011 18
  • 19. Privacy Protection in the Law …Cont• 1981, the Council of Europe adopted the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, which is legally binding on any member state that ratifies it.• 1990, The United Nations (UN) considers the adoption of international data protection guidelines as a natural extension of the 1966 International Covenant on Civil and Political Rights. The Guidelines Concerning Computerized Personal Data Files were adopted by the General Assembly. PalGov © 2011 19
  • 20. Privacy Protection in the Law …Cont• 1990, the European Community issued the first draft proposal for a Directive on Personal Data Protection, which was later revised.• 1995, The final EU Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data.• 1997, The EU Directive 97/66/EC on Data protection in Telecommunications [EU Telecommunications Directive 1997] was adopted. PalGov © 2011 20
  • 21. Privacy Protection in the Law…Cont• The law protects privacy in many ways.• The type of laws and the level of protection may differ between countries and jurisdictions.• The following categories of legal protection can be identified in most jurisdictions: – Constitutional laws and international treaties ‫القوانٌن الدستورٌة والمعاهد الدولٌة‬demonstrate the importance of the right to privacy. Legislators as well as the courts have to take these fundamental rights into account when drafting or interpreting the laws. PalGov © 2011 21
  • 22. Privacy Protection in the Law…Cont– Criminal laws define the minimum level of acceptable behavior by a society. All privacy-intrusive behavior below that threshold in punishable by society i.e. stalking, the use of hidden cameras, illegal wire-tapping of somebody else‘s telecommunications (such as spyware), hacking into a computer system, entering somebody‘s home without permission. ،‫التتبع، الكامٌرات‬ ‫التنصت، اختراق الحاسوب، دخول المنازل‬– Administrative laws on criminal procedure or laws on background checking, give rules and procedures for allowing certain types of privacy-intrusive behavior.– Civil law and tort law provide obligations in the case of (unreasonable) invasions of privacy, such as paying damages or compensation, to undo harmful actions or to refrain from certain privacy-invasive behavior. PalGov © 2011 22
  • 23. ‫‪Privacy Protection in the Palestinian Law‬‬ ‫•غٌاب قانون فلسطٌنً ٌنظم حماٌة أمن المعاومات وحماٌة الخصوصٌة.‬ ‫•ٌنظم القانون األساسً الفلسطٌنً لسنة 3002 الحقوق والحريات العامة، لكن‬ ‫ال توجد قواعد مباشرة بخصوص حماٌة أمن المعلومات وحماٌة الخصوصٌة.‬ ‫• توجد قواعد مبعثرة فً بعض القوانٌن الفلسطٌنٌة بخصوص حماٌة‬ ‫الخصوصٌة، مثل قانون األحوال المدنٌة ، ففً المادة 01 المتعلقة بسرٌة‬ ‫السجالت نص القانون على أنه تعتبر محتويات سجالت األحوال المدنية سرية‬ ‫وال يجوز االطالع عليها لغير صاحب العالقة إال بموجب حكم قضائي ويكون‬ ‫االطالع في المكان المحفوظ به السجالت.‬‫.‪•Absence of privacy protection regulations‬‬‫‪•No direct regulation in 2003 law that deals with privacy‬‬‫.‪protection‬‬ ‫1102 © ‪PalGov‬‬ ‫32‬
  • 24. International Privacy Principles‫القواعد العالمية للخصوصية‬ ‫معظم القوانٌن المتعلقة بالخصوصٌة تم اشتقاقها من مجموعة من القواعد العامة التً وضعتها‬ .‫منظمة االقتصاد للتعاون والتطوٌر‬• Most privacy laws use commonly recognized privacy principles as a basis.• The most influential principles have been developed by the Organization for Economic Cooperation and Development (OECD).• The OECD issued its guidelines on the protection of privacy and transborder flows of personal data in 1980.• This document has played a leading role in the development of privacy laws in the EU, Canada, Australia and other jurisdictions. PalGov © 2011 24
  • 25. International Privacy Principles• The main privacy principles: :‫القواعد العالمٌة للخصوصٌة‬ – Collection limitation ‫• قواعد تتعلق بتجمٌع البٌانات‬ – Purpose specification ‫• الغاٌة من تجمٌع البٌانات‬ – Use limitation ‫• استخدام البٌانات‬ – Data quality ‫• جودة البٌانات‬ – Security safeguards ‫• أمن البٌانات‬ – Openness ‫• مشاركة األفراد‬ – Individual participation ‫• الوضوح مع الفرد‬ – Accountability ‫• المسؤولٌة‬ PalGov © 2011 25
  • 26. Collection Limitation, Purpose Specification and Use Limitation• Personal data should only be collected by lawful means and in a fair manner, including - where appropriate - with the knowledge or the consent of the individual.• Personal data can only be collected and used for predefined legitimate purposes.• Legitimate purposes for processing personal data include: – The performance of a contract with the individual – Complying with a legal obligation – Protecting the vital interests of the individual – Legitimate business needs – Legitimate public interest, which overrides the (privacy) interests of the individual. PalGov © 2011 26
  • 27. Collection Limitation, Purpose Specification and Use Limitation…..Cont• Using data for other purposes (including disclosure of data to third parties) is not allowed.• Secondary use is sometimes allowed if the purpose for which the data have been collected and the purpose for which the data will be used are not incompatible. PalGov © 2011 27
  • 28. Data Quality• Personal data should be relevant for the purposes of processing, as well as accurate, complete and up to date.• So, there should, for instance, be a data management process, which ensures that data are kept up to date and are deleted when the purposes are no longer there. PalGov © 2011 28
  • 29. Security Safeguards• According to this principle personal data have to be protected against unauthorized access, use, destruction, modification or disclosure.• Reasonable means should be used compared to the risks and the nature of the data. PalGov © 2011 29
  • 30. Openness• The party which collects and uses the data has to inform the individual about: – Who he is. – Why he is collecting and using the data. – Information that is necessary to ensure fair processing: • The right to object to the processing or to opt out from it, • The fact that data will be disclosed or sold to third parties, • The fact that data are stored and used in another jurisdiction (with possibly different rules for privacy protection). PalGov © 2011 30
  • 31. Individual Participation• The individual has the right to access the data stored about him, and has the right to ask for correction, updates or removal of the data.• Note that access could be granted in many ways: – Allowing the individual to retrieve the data from the system himself (which requires extra security measures such as identity verification and authentication), – Providing the individual with a copy or summary overview of the data. PalGov © 2011 31
  • 32. Individual Participation ….Cont• The disclosed data cannot include data about other individuals.• The individual also has the right to ask for an explanation about the meaning of the data or their origin. PalGov © 2011 32
  • 33. Accountability• The party under whose authority the data are collected, processed and used, can be held accountable for complying with privacy principles.• This accountability may include civil or criminal liability. PalGov © 2011 33
  • 34. 2. Ensuring Confidentiali ‫السرية‬  Confidentiality PII Confidentiality Impact Levels Factors for Determining PII Confidentiality Impact Levels PII: Personal Identifiable Information (PII). PalGov © 2011 34
  • 35. Confidentiality ‫السرية‬• Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.• The security objectives of integrity and availability are equally important for personal identifiable information (PII). ‫مجموعة القٌود على الوصول للمعلومات ومعالجتها بما ٌضمن‬ .‫الخصوصٌة الفردٌة‬• The confidentiality of PII should be protected based on its impact level.• Impact level: – The harm (any negative or unwanted effects) caused from a breach of confidentiality should be considered when attempting to determine which PII confidentiality impact level corresponds to a specific set of PII. PalGov © 2011 35
  • 36. Three Impact Levels• The following describe the ‫ترتبط السرٌة بمستوى التأثٌر‬ • three impact levels—low, ،‫السلبً على الخصوصٌة‬ moderate, and high— :‫وهناك ثالثة مستوٌات‬ defined in FIPS 199: ‫التأثٌر القلٌل: عندما ٌكون‬ • – Low: if the loss of .‫تأثٌر غٌاب السرٌة منخفضا‬ confidentiality, integrity, or ‫التأثٌر المتوسط: عندما ٌكون‬ • availability could be expected ،‫تأثٌر غٌاب السرٌة متوسطا‬ to have a limited adverse .‫بمعنى أن الضرر متوسط‬ effect on organizational ‫التأثٌر العالً: عندما ٌؤدي‬ • operations, organizational ‫غٌاب السرٌة إلى ضرر‬ assets, or individuals. .‫كبٌر‬ PalGov © 2011 36
  • 37. Three Impact Levels ….Cont– Moderate: if the loss of confidentiality, integrity, or availability could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.– High: if the loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. PalGov © 2011 37
  • 38. Factors for Determining PII Confidentiality Impact Levels• Determining the impact from a :‫تحدٌد مستوى التأثٌر السلبً لفقدان السرٌة‬ loss of confidentiality of PII .‫• درجة تمٌٌز المعلومات للفرد‬ should take into account ‫• كمٌة المعلومات‬ relevant factors. ‫• حساسٌة المعلومات‬1. Identifiability: ‫• سٌاق استخدام المعلومات‬ – How easily PII can be used to identify specific individuals? ‫• درجة اإللتزام بالخصوصٌة‬2. Quantity of PII: ‫• طرٌقة ومكان استخدام المعلومات‬ – consider how many individuals are identified in the information.3. Data Field Sensitivity: – the sensitivity of each individual PII data field, as well as the sensitivity of the PII data fields together. PalGov © 2011 38
  • 39. Factors for Determining PII Confidentiality Impact Levels….Cont• Context of Use: – Context of use is defined as the purpose for which PII is collected, stored, used, processed, disclosed, or disseminated (statistical analysis, eligibility for benefits, administration of benefits, research, tax administration, or law enforcement ).• Obligation to Protect Confidentiality: – An organization that is subject to any obligations to protect PII should consider such obligations when determining the PII confidentiality impact level. – Many organizations are subject to laws, regulations, or other mandates governing the obligation to protect personal information. PalGov © 2011 39
  • 40. Factors for Determining PII Confidentiality Impact Levels….Cont• Access to and Location of PII: – The nature of authorized access to PII. – When PII is accessed more often or by more people and systems, there are more opportunities for the confidentiality of the PII to be compromised. – Another aspect of the nature of access to PII is whether PII is being stored on or accessed from teleworkers devices or other systems, such as web applications, outside the direct control of the organization. PalGov © 2011 40
  • 41. Practice1: Intranet Activity Tracking• An organization maintains a web use audit log for an intranet web site accessed by employees. The web use audit log contains the following: – The user‗s IP address – The Uniform Resource Locator (URL) of the web site the user was viewing immediately before coming to this web site (i.e., referring URL) – The date and time the user accessed the web site – The web pages or topics accessed within the organization‗s web site (e.g., organization security policy).• What is the confidentiality impact level of this organization? PalGov © 2011 41
  • 42. Practice1 :…...Cont• Identifiability: By itself, the log does not contain any directly identifiable data. However, the organization has a closely-related system with a log that contains domain login information records, which include user IDs and corresponding IP addresses. Administrators who have access to both systems and their logs could correlate information between the logs and identify individuals. Potentially, information could be stored about the actions of most of the organization‗s users involving web access to intranet resources. The organization has a small number of administrators who have access to both systems and both logs.• Quantity of PII: The log contains a large number of records containing linked PII. PalGov © 2011 42
  • 43. Practice1 :…...Cont• Data field sensitivity: The information on which internal web pages and topics were accessed could potentially cause some embarrassment if the pages involved certain human resources- related subjects, such as a user searching for information on substance abuse programs. However, since the logging is limited to use of intranet-housed information, the amount of potentially embarrassing information is minimal.• Context of use: Creation of the logs is known to all staff members through the organization‗s acceptable use policies. The release of the information would be unlikely to cause harm, other than potential embarrassment for a small number of users. PalGov © 2011 43
  • 44. Practice1 :…...Cont• Access to and location of PII: The log is accessed by a small number of system administrators when troubleshooting operational problems and also occasionally by a small number of incident response personnel when investigating incidents. All access to the log occurs only from the organization‗s own systems.• Conclusion:• Taking into account these factors, the organization determines that a breach of the log‗s confidentiality would likely cause little or no harm, and it chooses to assign the PII confidentiality impact level of low. PalGov © 2011 44
  • 45. Practice 2: Fraud, Waste, and Abuse Reporting Application• A database contains web form submissions by individuals claiming possible fraud, waste, or abuse of organizational resources and authority.• Some of the submissions include serious allegations, such as accusing individuals of accepting bribes ‫رشوة‬or not enforcing safety regulations.• The submission of contact information is not prohibited, and individuals often enter their personal information in the form‗s narrative text field.• The web site is hosted by a server that logs IP address and referring web site information.• What is the confidentiality impact level of this organization? PalGov © 2011 45
  • 46. Practice 2: Fraud, Waste, and Abuse Reporting Application …Cont• Identifiability: By default, the database does not request PII, but a significant percentage of users choose to provide PII. The web log contains IP addresses, which could be identifiable. However, the log information is not linked or readily linkable with the database or other sources to identify specific individuals.• Quantity of PII: A recent estimate indicated that the database has approximately 50 records with PII out of nearly 1000 total records.• Data field sensitivity: The database‗s narrative text field contains user-supplied text and frequently includes information such as name, mailing address, email address, and phone numbers. PalGov © 2011 46
  • 47. Practice 2: Fraud, Waste, and Abuse Reporting Application …Cont• Context of use: Because of the nature of the submissions (i.e., reporting claims of fraud, waste, or abuse), the disclosure of individuals‗ identities: – would likely cause retribution by management and peers. ‫العقوبات‬ – It could negatively impact individuals about whom accusations‫ اتهامات‬are made. – The harm may include blackmail‫ ,ابتزاز‬severe emotional distress, loss of employment, and physical harm. – A breach would also undermine employee and public trust in the organization. ‫تقوٌض الثقة مع المؤسسة‬ PalGov © 2011 47
  • 48. Practice 2: Fraud, Waste, and Abuse Reporting Application …Cont• Access to and location of PII: The database is only accessed by a few people who investigate fraud, waste, and abuse claims. All access to the database occurs only from the organization‗s internal systems.• Conclusion:• Taking into account these factors, the organization determines that a breach of the database‗s confidentiality would likely cause catastrophic harm to some of the individuals and chooses to assign the PII confidentiality impact level of high. PalGov © 2011 48
  • 49. Summary• The escalation of security breaches involving personally identifiable information (PII) has contributed to the loss of millions of records over the past few years. Breaches involving PII are hazardous to both individuals and organizations.• To appropriately protect the confidentiality of PII, organizations should use a risk-based approach.• Organizations should identify all PII residing in their environment. PalGov © 2011 49
  • 50. Summary• Organizations should minimize the use, collection, and retention of PII to what is strictly necessary to accomplish their business purpose and mission.• Organizations should categorize their PII by the PII confidentiality impact level, using determined factors such as identifiability, quantity of PII, data field sensitivity, context of use, obligations to protect confidentiality, and access to and location of PII. PalGov © 2011 50
  • 51. References• ―Data Protection Act 1998: Legal Guidance‖, Retrieved: September, 18, 2011, From: http://www.ico.gov.uk.• Fischer-Hubner, S., (2001), ―IT-Securityand Privacy: Design and Use of Privacy-Enhancing Security Mechanisms‖, Springer.• McCallister, E., Grance, T., Scarfone, K., (2010), ―Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)‖, NIST Special Publication 800-122.• Nemati, H. R., (2009), ―Techniques and Applications for Advanced Information Privacy and Security: Emerging Organizational, Ethical, and Human Issues‖ , IGI Global:USA. Petković, M. and Jonker, W. (2007) ―Security, Privacy and Trust in Modern Data Management‖, Springer.• Wang, H., (2011), ―Protecting Privacy in China‖, Springer. e-Government Lifelong 51
  • 52. Session End PalGov © 2011 52

×