Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Identity and Privacy: Past, Present, and Digital - Brenda K. Leong

150 views

Published on

http://ssimeetup.org/identity-privacy-past-present-digital-brenda-k-leong-webinar-12/

Brenda K. Leong, Senior Counsel & Director of Strategy of the Future of Privacy Forum, will talk about Identity and Privacy. The problem of whether private citizens should be required to have government-issued documentation (verifying their personal identity in order to access goods and services, seek employment, travel, or obtain government benefits), long predates the current discussions related to digital identity systems, the use of biometrics, or platforms like blockchain. But whether past or present, these challenges are all based on the question of how to balance government efficiencies and national security against protections for individual freedoms and liberty.

Underlying this conversation is the concept of privacy. Is it a fundamental right? What does it mean? Who gets to decide which conveniences are worth the tradeoffs they require? Are the protections for personal data offered by policy and law sufficient, or should technical and security protections be required? Are some systems simply too high-risk to implement regardless of perceived benefits? To answer those questions, it’s important to understand the technologies at work – biometrics such as fingerprints and facial recognition offer greater reliability, security and certainty, but raise fears of “permanent” breach if the personal data is compromised. These systems offer accessibility at scale that can be updated throughout a lifetime in a way that password-based accounts cannot equal. But fair access to all, protections of personal data, and most importantly, legal, policy, and technical protections against discrimination and abuse are critical to ensuring these and related technologies are not simply used to restrict personal freedom, or target groups and other populations. Brenda covers how these and other aspects of the modern concept of “digital identity” are being approached in different ways, and what some of the benefits and risks are for the future.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Identity and Privacy: Past, Present, and Digital - Brenda K. Leong

  1. 1. Identity and Privacy – Past, Present, and Digital Brenda K. Leong, Senior Counsel & Director of Strategy Future of Privacy Forum https://creativecommons.org/licenses/by-sa/4.0/
  2. 2. 1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA SSIMeetup.org Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org https://creativecommons.org/licenses/by-sa/4.0/ SSIMeetup objectives
  3. 3. Who is FPF? The Members 130+ Companies 25+ Leading Academics 10+ Advocates The Mission Bridging the policymaker-industry-academic gap in privacy policy Developing privacy protections, ethical norms, and workable business practices The Workstreams Ethics De-identification Smart Cities IoT/Connected Toys Connected Cars Student Data Health Location & Ad Tech Artificial Intelligence Biometrics https://creativecommons.org/licenses/by-sa/4.0/
  4. 4. “When a place gets crowded enough to require ID's, social collapse is not far away. It is time to go elsewhere. The best thing about space travel is that it made it possible to go elsewhere.” - Robert Heinlein https://creativecommons.org/licenses/by-sa/4.0/
  5. 5. “By 2030, provide legal identity for all, including birth registration.” - UN Sustainable Development Goals https://creativecommons.org/licenses/by-sa/4.0/
  6. 6. To Credential or Not to Credential* •Creation •Verification •Authentication •Authorization •Federation * World Bank estimates over 1.1B people who cannot prove their identity https://creativecommons.org/licenses/by-sa/4.0/
  7. 7. Passports Were Once Offensive • Only Letters of Introduction for elites • Rendered reputation irrelevant • Affront to “dignity of the traveler” • Culture of distrust and documentation • “The State’s creature” https://creativecommons.org/licenses/by-sa/4.0/
  8. 8. National Identity System • Unique ID of individual citizens • Universal medical care • Combat ID theft • Census for allocation of services • Suppression • Political repression • Individual troublemakers • Ethnic groups https://creativecommons.org/licenses/by-sa/4.0/
  9. 9. Cultural Values •Community v. individual autonomy •High-income Countries •Identify terrorist and NS threats •Target people for minor infractions •Low-income Countries •Government efficiencies •Deliver goods and services https://creativecommons.org/licenses/by-sa/4.0/
  10. 10. In the U.S. - REAL ID Concerns: • State v. Federal • Individual freedom • Anonymity • Data requirements • Sharing across states https://creativecommons.org/licenses/by-sa/4.0/
  11. 11. Current Reality • Photo ID required now; frequently 2 forms • Separate IDs for library, credit, travel • Many becoming digital – passwords… • National IDs already in many countries • Argentina, Belgium, Germany, Italy, Peru, Spain • ID number , used for many purposes • Extensive personal data https://creativecommons.org/licenses/by-sa/4.0/
  12. 12. Digital ID Challenges • Accuracy • Security • Government Abuse • Privacy https://creativecommons.org/licenses/by-sa/4.0/
  13. 13. Digital Opportunities • New channels for human interaction • Personal data is transportable • Real-time value of information • Financial inclusion/unbanked • Est. 63% of population worldwide owns a mobile phone https://creativecommons.org/licenses/by-sa/4.0/
  14. 14. System Challenges •Authentication Infrastructure • Cost, interoperability •Accessibility • Institutional and individual •Reliability • Leakage, fraud https://creativecommons.org/licenses/by-sa/4.0/
  15. 15. Biometric Systems • Type – fingerprint, facial recognition • Comparisons – passwords; tokens • Accuracy – edge cases • Cost – implementation; long term • Security – spoofing; risk valuations https://creativecommons.org/licenses/by-sa/4.0/
  16. 16. Privacy Protections •Regulatory • Data protection laws • Independent oversight • Appeals and recourse •Technical safeguards • Distributed or decentralized data • On-device standards •Market competition • Competitive opportunities https://creativecommons.org/licenses/by-sa/4.0/
  17. 17. EU ID Cards EDPS Opinion 7/2018 – Proposal to Strengthen security of ID cards • ID cards and residence documents • Proposal includes facial image & fingerprints • Biometric data are sensitive data • Mandatory fingerprinting – “strict necessity” • GDPR impact • Safeguards against national databases • Delete immediately; no image on chip • Anti-fraud doesn’t justify 2 biometrics • Concerns for children https://creativecommons.org/licenses/by-sa/4.0/
  18. 18. We Can’t Go to Space (yet), So… •Awareness •Public-private engagement •Diverse voices included •Oversight •Human Rights https://creativecommons.org/licenses/by-sa/4.0/
  19. 19. Identity and Privacy – Past, Present, and Digital Brenda K. Leong, Senior Counsel & Director of Strategy Future of Privacy Forum https://creativecommons.org/licenses/by-sa/4.0/

×