Privacy Protection Goals and Their Implications for eID Systems

Part 8: Privacy for eHealth and eID ApplicationsInternational audienceProtection goals such as confidentiality, integrity and availability have proved to be successful in evaluating information security risks and choosing appropriate safeguards. The recently developed privacy-specific protection goals unlinkability, transparency and intervenability complement these classic goals and thereby provide cornerstones to define requirements concerning information security as well as privacy and to assess solutions. This text focuses on the application of the three new protection goals to eID systems such as government-issued electronic identity cards in different settings

PRIAM: A Privacy Risk Analysis Methodology

Privacy Impact Assessments are recognized as a key step to enhance privacy protection in new IT products and services. They will be required for certain types of products in Europe when the future General Data Protection Regulation becomes effective. From a technical perspective, the core of a PIA is a privacy risk analysis (PRA), which has so far received relatively less attention than organizational and legal aspects of PIAs. In this document, we propose a framework and methodology for conducting a PRA which is both rigorous and systematic and illustrate it with a quantified self use-case.La nécessité de conduire une analyse d’impact (PIA) avant tout déploiement de système ou de service informatique présentant des risques potentiels d’atteinte à la vie privée est désormais reconnue. Les analyses d’impact sur les données personnelles deviendront d’ailleurs obligatoires pour certaines catégories de produits quand le nouveau règlement européen sur la protection des données personnelles entrera en vigueur. L’analyse des risques en matière de vie privée, qui doit constituer la partie technique d’un PIA, a jusqu’à présent été moins étudiée que les aspects juridiques et organisationnels des PIAs. Ce rapport de recherche décrit une proposition de cadre et de méthodologie pour conduire ces analyses de risques d’atteinte à la vie privée de manière rigoureuse et systématique. Ce cadre, appelé PRIAM (Privacy Risk Analysis Methodology) est illustré avec un cas d’étude dans le domaine du "quantified self"

Data Protection by Default in Identity-Related Applications

Part 2: Session 1 - Privacy and Identity ManagementInternational audience“Privacy by default” is being discussed as one important principle for ICT system design. This principle has been taken up as “data protection by default” in the proposal for a European Data Protection Regulation published in 2012. However, it is debated what this principle should mean in practice. In this text, we analyze the relation to “security by default” and “privacy by design” and discuss different possible interpretations of the “data protection by default” principle. After presenting general considerations on how to choose and implement appropriate default settings, we exemplarily describe recommendations for typical identity-related application scenarios such as social network sites, user tracking on the web and user-controlled management of one’s identities. Both the general and the scenario-based elaborations provide guidance for developers as well as evaluators