National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy?
24
www.ipc.on.ca National Security in a National Security in a Post-9/11 World: The Post-9/11 World: The Rise of Surveillance, … Rise of Surveillance, … the Demise of Privacy? the Demise of Privacy? Ann Cavoukian, Ph.D. Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario 2004 Osler Hoskin & Harcourt Lecture Centre for Innovation Law and Policy February 23, 2004
description
National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy?. Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario 2004 Osler Hoskin & Harcourt Lecture Centre for Innovation Law and Policy February 23, 2004. Whither Privacy?. Post September 11 th - PowerPoint PPT Presentation
Transcript of National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy?
www.ipc.on.ca
National Security in a Post-9/11 National Security in a Post-9/11 World: The Rise of Surveillance, World: The Rise of Surveillance,
… the Demise of Privacy?… the Demise of Privacy?
Ann Cavoukian, Ph.D.Ann Cavoukian, Ph.D.Information & Privacy Commissioner/Ontario
2004 Osler Hoskin & Harcourt Lecture
Centre for Innovation Law and Policy
February 23, 2004
www.ipc.on.cawww.ipc.on.ca Slide 2
Whither Privacy?
Post September 11th
Enormous impact on privacy
The Security of Freedom: Essays on Canada's Anti-Terrorism Bill
• University of Toronto, 2001 www.utppublishing.com/detail.asp?TitleID=2493
www.ipc.on.cawww.ipc.on.ca Slide 3
September 11, 2001
“Public safety is paramount butbalanced against privacy”
Security measures must be real, not illusory
New powers must be studied and measured to determine effectiveness and utility
Are new security powers truly necessary or are existing powers not fully utilized or effectively deployed?
http://www.ipc.on.ca/userfiles/page_attachments/1517136_pub01-e.pdfhttp://www.cbc.ca/news/indepth/usattacked/essay_privacy.html
www.ipc.on.cawww.ipc.on.ca Slide 4
Anti-terrorism Laws
Canada• Anti-terrorism Act
• Customs Act – Canada Customs & Revenue Agency expanded powers
• Bill C-17 Public Safety Act (first reading)
United States• USA PATRIOT Act
• Transportation Security Administration: CAPPS II
United Kingdom• Anti-terrorism, Crime and Security Act
www.ipc.on.cawww.ipc.on.ca Slide 5
Why be Concerned?
Expanded scope of domestic surveillance
Lack of justification
Weakening of judicial controls
Lack of independent oversight
www.ipc.on.cawww.ipc.on.ca Slide 6
Are These Laws Effective?
Reasons why these laws will not work:
Depend on questionable technology
Too much irrelevant information collected
Create a tempting target
Solving the wrong problem
www.ipc.on.cawww.ipc.on.ca Slide 7
Importance of Privacy to Liberty
Privacy is a vital social value.
“Privacy is at the heart of liberty in the modern state. Grounded in [one's] physical and moral autonomy, privacy is essential for the well-being of the individual. … [I]t also has a profound significance for the public order.”
Dr. Alan Westin
www.ipc.on.cawww.ipc.on.ca Slide 8
Information Privacy Defined
Information Privacy: Data Protection
• Freedom of choice; personal control; informational self-determination
• Personal control over the collection, use and disclosure of any recorded information about an identifiable individual
www.ipc.on.cawww.ipc.on.ca Slide 9
Fair Information Practices:A Brief History
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
E.U. Directive on Data Protection
CSA Model Code for the Protection of Personal Information
Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
www.ipc.on.cawww.ipc.on.ca Slide 10
The Foundation: Fair Information Practices
AccountabilityIdentifying PurposesConsentLimiting CollectionLimiting Use,
Disclosure, RetentionAccuracy
SafeguardsOpennessIndividual AccessChallenging
Compliance
CSA Model Code for the Protection of Personal Information
www.ipc.on.cawww.ipc.on.ca Slide 11
Submission to the Standing Committee
Submission to the House of Commons Standing Committee on Citizenship and Immigration re: privacy implications of a National Identity Card and Biometric Technology – November 4, 2003
Interim Committee report questioned the value of introducing a national ID card
www.ipc.on.cawww.ipc.on.ca Slide 12
National ID Card Issues
No business case justifying ID Cards
Enormous cost of design and roll-out
Security vulnerabilities: high demand for access to associated databases – increased threat
www.ipc.on.cawww.ipc.on.ca Slide 13
National ID Card
Only one plausible rationale:U.S. requirement for biometric identifiers at border crossings by end of 2004• Enhanced Border Security and Visa Entry
Reform Act of 2002
• Canada currently exempted
www.ipc.on.cawww.ipc.on.ca Slide 14
Biometrics
Definition:
The automated use of physiological or behavioral characteristics to determine or verify identity
Far from foolproof: myths abound (don’t believe the movies)
www.ipc.on.cawww.ipc.on.ca Slide 15
Biometric Applications
Identification:one-to-many comparison
Authentication:one-to-one comparison
www.ipc.on.cawww.ipc.on.ca Slide 16
The Myth of Accuracy
The problem with large databases containing thousands (or millions) of biometric templates:
• False positives
• False negatives
www.ipc.on.cawww.ipc.on.ca Slide 17
Biometric Identification
False Positive Challenge
• Even with a 99.99% accuracy rate, everyone will have at least one false positive match
• “The false alarm rate would overwhelm the system...”
Bruce Schneier, Beyond Fear, p.253
www.ipc.on.cawww.ipc.on.ca Slide 18
The Fallacy of the Accuracy Re: Biometric Identification
If you have a 1 in 10,000 error rate per fingerprint (99.99% accuracy rate), then a person being scanned against a million-record data set will be flagged as positive 100 times. And that’s every person. A system like that would be useless because everyone would be a false positive.
Bruce Schneier, quoted in Ann Cavoukian’s Submission to the Standing Committee on Citizenship and Immigration, November 4, 2003
http://www.ipc.on.ca/docs/110403ac-e.pdf
www.ipc.on.cawww.ipc.on.ca Slide 19
Biometric Identification
False Negative Challenge:
• Attackers could fool the system
• Pay-offs high for compromising the system
• Increased vulnerability to a target once a terrorist succeeds in obtaining a false negative: threat escalates considerably
www.ipc.on.cawww.ipc.on.ca Slide 20
Biometric Strength: Authentication
The strength of one-to-one matches
• Authentication/verification does not require the central storage of templates
• Biometrics can be stored locally, not centrally – on a smart card, bar code, passport etc.
www.ipc.on.cawww.ipc.on.ca Slide 21
Designing Privacy Into Biometrics
The Privacy Challenges:
– Central template databases
– Unacceptable error rates
– Secondary uses
www.ipc.on.cawww.ipc.on.ca Slide 22
Final Thoughts on Biometrics
Current off-the-shelf biometrics will permit the secondary uses of personal information
The Goal: “Technology that allows for informational self-determination and makes good security a by-product of protecting one’s privacy” – George Tomko
Using the biometric to encrypt a PIN or a standard encryption key will meet that goal: Biometric Encryption
www.ipc.on.cawww.ipc.on.ca Slide 23
“I am not a number, I am a human being.
I will not be filed, stamped, indexed or numbered.
My life is my own.”
The Prisoner TV series, 1968
“I am not a number,I am a free man”
www.ipc.on.ca
How to Contact UsHow to Contact Us
Ann Cavoukian, Ph.D.Ann Cavoukian, Ph.D.Information & Privacy Commissioner/Ontario
80 Bloor Street West, Suite 1700
Toronto, Ontario M5S 2V1
Phone: (416) 326-3333
Web: Web: www.ipc.on.cawww.ipc.on.ca
E-mail: [email protected]
