This document discusses privacy by design and the virtues of not asking for or revealing unnecessary personal information. It provides a biography of Eleanor McHugh, an expert in privacy architecture, cryptography, and security. It then defines paranoia and discusses how justified suspicion of others is important in information security.
Don't ask, don't tell the virtues of privacy by design
1. DON'T ASK, DON'T TELL
THE VIRTUES OF PRIVACY BY DESIGN
Eleanor McHugh
2. Cryptographer
Security Architect
Physicist
Privacy Architecture
1998 PKI
elliptic curves
satellite PSN
1999 π-calculus VM
2000 control networks
2001 mobile identity
secure documents
2003 ENUM
2006 dotTel
hybrid encryption
2007 encrypted DNS
2010 concurrent VM
2011 national eID
2012 encrypted SQL
privacy by design
2014 uPass
2017 Identity Lab
3. paranoia
Pronunciation: /ˌparəˈnɔɪə/
noun
{mass noun}
A mental condition characterized by delusions of persecution, unwarranted
jealousy, or exaggerated self-importance, typically worked into an organized
system. It may be an aspect of chronic personality disorder, of drug abuse, or
of a serious condition such as schizophrenia in which the person loses touch
with reality.
Unjustified suspicion and mistrust of other people:
mild paranoia afflicts all prime ministers
4. Wheneve
personal
consent f
by demandcircling of top-tier law
gh=profile test cases for
irst rulings likely to be
er 2018. Big name
ongst those feeling the
regulation’s bite.
Whenever your
organisation
If this weren’t on
the subjects of pr
5. he Payment Card
ndustry’s PSD2
which aim to safe-
uard privacy and
educe security
reaches.
You already
nderstand how
ou need to use
dentity to service
he needs of your
usiness and
ustomers, the
uestion is how do
ou adapt existing
olutions to
regulation’s bite.
Whenever your
organisation
processes
personal data for
individuals living
in the EU the
GDPR rules and
restrictions apply
even if that
processing
happens in
another
jurisdiction.
Personal data
"If your organisation can't
demonstrate that good data protection
is a cornerstone of your business
policy and practices, you're leaving
your organisation open to
enforcement action that can damage
both public reputation and bank
balance."
— Elizabeth Denham, Information Commissioner
10. as an aggressive marketeer
I want to access your visitor data
to guess who might pay for miracle product X
don’t make my life difficult if it affects sales
I’m higher up the food chain than you!
insider threat
11. as a disgruntled employee
I want to access your service
to make you pay for the pain I’m feeling
I’ve had privileged access in the past
and you’re too dumb to have cancelled it
insider threat
12. as a script kiddie
I want to access your service
because it’s a rush to break into your stuff
I’ve lots of different scripts to play with
coz all lolz belong to us
external threat
13. as an online fraudster
I want to access your service
so I can steal credentials and data
if that’s hard I’ll move onto a fresh target
there’s always another sucker ripe for scamming
external threat
14. as a malicious attacker
I want to access your service
to monitor user behaviour and steal identities
I’m waaaay more skilled than your team
and I’m being paid for results
external threat
15. as a system administration
I want to roll-back errors and monitor security breaches
so I can protect my users and my business from fraud or loss
but it’s okay if I can only see data relevant to a particular incident
so that I know the bare minimum about you or any other user
16. as a law enforcement officer
I want to perform lawful interception queries
so I can catch criminals and terrorists
but it’s okay if you control my access and require court orders
so that criminal investigate is never a cover for political oppression
17. as a regulator
I want to ensure this service complies with all applicable rules
so I can catch prove that the service is trustworthy and legitimate
but it’s okay if you restrict my access to how you operate this service
so that I know neither your users nor their interactions
39. paranoia
Pronunciation: /ˌparəˈnɔɪə/
noun
{mass noun}
The perfectly reasonable belief that someone, somewhere is watching your
online behaviour with malicious and/or voyeuristic intent. It may be a result
of reading a Hacking Exposed or Hacking for Dummies publication,
experiencing the fallout from identity theft, or shopping with bitcoin.
Justified suspicion and mistrust of other people:
chronic paranoia afflicts all information security professionals
accute paranoia afflicts the victims of hacking
40. some basic rules
users are only customers if they register
and you should know your customers well enough to help them
but your customers own their identity so never compromise it
secure all transports and storage where their data may exist
give them final say over what data you store and for how long
and definitely don’t give or sell their data to third parties!
http://slides.games-with-brains.net
41. DON'T ASK, DON'T TELL
THE VIRTUES OF PRIVACY BY DESIGN
Eleanor McHugh