DOCSLIB.ORG

Study on the Economic Benefits of Privacy-Enhancing Technologies

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Study on the Economic Benefits of Privacy-Enhancing Technologies Study on the economic benefits of privacy‐enhancing technologies (PETs) Final Report to The European Commission DG Justice, Freedom and Security Prepared by July 2010 About London Economics London Economics is one of Europe's leading specialist economics and policy consultancies and has its head office in London. We also have offices in Brussels, Dublin, Cardiff and Budapest, and associated offices in Paris and Valletta. We advise clients in both the public and private sectors on economic and financial analysis, policy development and evaluation, business strategy, and regulatory and competition policy. Our consultants are highly‐qualified economists with experience in applying a wide variety of analytical techniques to assist our work, including cost‐benefit analysis, multi‐criteria analysis, policy simulation, scenario building, statistical analysis and mathematical modelling. We are also experienced in using a wide range of data collection techniques including literature reviews, survey questionnaires, interviews and focus groups. Head Office: 11‐15 Betterton Street, London, WC2H 9BP, United Kingdom. w: www.londecon.co.uk e: [email protected] t: +44 (0)20 7866 8185 f: +44 (0)20 7866 8186 Acknowledgements We would like to thank the participants of the Workshop on the Economic Benefits of PETs, hosted by DG Justice, Freedom and Security on 12 November 2009 (http://tinyurl.com/2b23ll), for comments on an earlier version of this report. In particular, we acknowledge valuable contributions by Mr Caspar Bowden (Microsoft) and Mr John Borking (Borking Consultancy). We also owe a debt of gratitude to Professor Alessandro Acquisti (Carnegie Mellon University) and Ms Marit Hansen (Independent Centre for Privacy Protection Schleswig‐Holstein) for enlightening discussions on the subject of PETs. Finally, we are grateful to the many individuals who provided us with information on the case studies that were conducted as part of the report. Copyright © 2010 London Economics. Except for the quotation of short passages for the purposes of criticism or review, no part of this document may be reproduced without permission. Contents Page Glossary vi Executive summary vii 1 Introduction 1 1.1 Terms of reference 1 1.2 Approach 2 2 PETs: definition and technical overview 7 2.1 Definition 7 2.2 Classification 8 2.3 Technical overview 14 2.4 Summary 28 3 PETs deployment: context and issues 29 3.1 Outline of the economic approach 29 3.2 Individuals’ demand for PETs 32 3.3 Data controllers’ deployment decision 45 3.4 PETs and competition 52 3.5 Patterns of technology adoption 56 3.6 Summary 59 4 Stakeholders’ views 64 4.1 Risks to privacy and the state of data protection 65 4.2 The role of PETs 69 4.3 Promoting PETs deployment 76 4.4 Summary 77 5 Case Studies 79 5.1 Assessing the economic benefits of PETs 79 5.2 Case study I: GENOMatch 83 5.3 Case study II: PriPAYD 96 5.4 Case study III: Pseudonymisation services 103 5.5 Case study IV: location‐based mobile services 107 5.6 Case study V: CCTV privacy zones 112 5.7 Case study VI: Nightclub fingerprint identification 117 5.8 Summary 120 6 Business survey 125 6.1 Response sample and respondent profile 125 6.2 Use of personal information 128 6.3 PETs and the benefits of holding personal data 133 6.4 Summary 143 7 Options for public‐private cooperation 146 7.1 Theoretical arguments 146 7.2 Case study evidence 149 London Economics Study on the economic benefits of privacy‐enhancing technologies (PETs) i 7.3 Views of businesses and stakeholder organisations 151 7.4 Summary 151 8 Conclusions 153 9 References 156 Stakeholder consultation documents 163 rNPV of pharmaceuticals – model parameters 169 Exploratory case Studies 171 Business survey 230 London Economics ii Study on the economic benefits of privacy‐enhancing technologies (PETs) Tables & Figures Page Table 1: Consultation with national data protection authorities, business associations and consumer associations 4 Table 2: FIDIS (2007) PETs classification 10 Table 3: META GROUP (2005) PETs classification 11 Table 4: Clarke’s (2007) PETs classification 13 Table 5: PETs classification after Hacohen (2009) 13 Table 6: Summary of PETs reviewed 27 Table 7: Prices for personal data sold via underground economy servers (2008) 36 Table 8: Overview of data tracks of the average Austrian citizen 38 Table 9: Determinants of e‐commerce participation in the EU: regression results 43 Table 10: Summary of event studies 54 Table 11: Return on investment from a Privacy Management System (PMS) 82 Table 12: Success rates during the development process 91 Table 13: Direct cost of GENOMatch to data controllers 91 Table 14: Example of clinical trial costs 92 Table 15: Effect of PET 94 Table 16: Please use sentence case 101 Table 17: Indicative cost of pseudonymisation services 105 Table 18: Conventional LBS deployment distribution of information 109 Table 19: LBS partitioned information 109 Table 20: Costs of privacy zones in CCTV systems 114 Table 21: Benefits of privacy zones 116 Table 22: Case studies summary 123 Table 23: Distribution of firms by activity 127 Table 24: Relationship between volume and detail of customer data held by survey respondents 130 Table 25: Net economic impact for businesses deploying PETs 140 Table 26: rNPV of pharmaceuticals – model parameters 169 Table 27 Exploratory case studies: overview 174 Table 28: Exploratory case studies: selected summaries 178 Table 29: Please use sentence case 211 Figure 1: Potential costs and benefits of PETs deployment xi Figure 2: Methodological approach for considering the economic benefits of PETs deployment 3 Figure 3: The 'PET‐Staircase' 12 Figure 4: The consequences of misjudging the risk of misuse 34 Figure 5: Rate of identity loss events (2000‐2008) 35 Figure 6: Consumer risk aversion 39 Figure 7: Perceived security of transactions over the Internet 40 Figure 8: E‐commerce transactions and consumer concern in the EU (2008) 42 Figure 9: E‐commerce transactions and broadband penetration in the EU (2008) 43 London Economics Study on the economic benefits of privacy‐enhancing technologies (PETs) iii Tables & figures Page Figure 10: Awareness of tools or technologies improving data security 44 Figure 11: The ‘S‐curve’ 57 Figure 12: Distribution of firm privacy valuations (xi) 58 Figure 13: Potential costs and benefits of PETs deployment 62 Figure 14: Are the risks to privacy and the protection of personal data associated with online activity increasing? 67 Figure 15: Is the deployment of PETs an effective means of minimising the risks associated with online activity? 69 Figure 16: Is the deployment of PETs currently widespread? 70 Figure 17: Has the deployment of PETs changed significantly over the past 5 years? 71 Figure 18: To what extent could the deployment of PETs yield economic benefits to data controllers? 72 Figure 19: To what extent could the deployment of PETs yield non‐economic benefits to data controllers? 74 Figure 20: Factors limiting PETs deployment 75 Figure 21: Classification scheme for business case techniques 81 Figure 22: The stages of drug development 84 Figure 23: GENOMatch system architecture 86 Figure 24: Risk‐adjusted NPV of drug X 93 Figure 25: Current PAYD model 98 Figure 26: Black box, high‐level specification 99 Figure 27: Privacy‐friendly PAYD model 99 Figure 28: LBS with location intermediary 109 Figure 29: Privacy zones in CCTV 113 Figure 30: No. of responses to business survey per Member State 126 Figure 31: Size distribution of no. of employees of respondents 128 Figure 32: Type of personal data held 129 Figure 33: Number of records, by data type 130 Figure 34: Type of personal data (customers, suppliers 3rd parties), by business size 131 Figure 35: Number of records, by company size 132 Figure 36: Type of personal data, by sector 133 Figure 37: Overall benefit of personal data, by size of data controller 134 Figure 38: Benefit of personal data on customers, by size of data controller 134 Figure 39: Privacy risk to businesses 136 Figure 40: Net economic impact of PETs 137 Figure 41: Awareness of PETs 138 Figure 42: Awareness and perceived benefits 139 Figure 43: Effectiveness of PETs 140 Figure 44: Awareness and perceived effectiveness 141 Figure 45: Factors preventing deployment of PETs 142 Figure 46: Consumer concern and business awareness of PETs 143 London Economics iv Study on the economic benefits of privacy‐enhancing technologies (PETs) Tables & Figures Page Figure 47: Users of FinanzOnline (as of March 2009) 181 Figure 48: Proportion of sales tax return filings via FinanzOnline (as of April 2009) 181 Figure 49: Proportion of income tax return filings via FinanzOnline (as of April 2009) 182 Figure 50: Electronic file exchange via EDIAKT 184 Figure 51: Two examples of EDIAKT II objects 185 Figure 52: EDIAKT metadata 186 Figure 53: Average usage of SRF filled in through electronic system 195 Figure 54: Screenshot personal information held by TNS Infratest 203 Figure 55: Architecture of genome projects database system 207 Figure 56: The technological architecture of e‐school system 210 Figure 57: Schools in Estonia (and Sweden) using the eSchool system (September 2009) 211 Figure 58: The CdB certificate 225 Figure 59: The one‐stop‐shop concept 226 Figure 60: Distribution of sectors across Member States 232 Figure 61: Type of personal data held on CUSTOMERS, by business size 233 Figure 62: Type of personal data held on STAFF, by business size 233 Figure 63: Type of personal data held on SUPPLIERS, by business size 234 Figure 64: Type of personal data held on 3rd parties,
Load more

Recommended publications
  • Intel X86 Considered Harmful
    Intel x86 considered harmful Joanna Rutkowska October 2015 Intel x86 considered harmful Version: 1.0 1 Contents 1 Introduction5 Trusted, Trustworthy, Secure?......................6 2 The BIOS and boot security8 BIOS as the root of trust. For everything................8 Bad SMM vs. Tails...........................9 How can the BIOS become malicious?.................9 Write-Protecting the flash chip..................... 10 Measuring the firmware: TPM and Static Root of Trust........ 11 A forgotten element: an immutable CRTM............... 12 Intel Boot Guard............................. 13 Problems maintaining long chains of trust............... 14 UEFI Secure Boot?........................... 15 Intel TXT to the rescue!......................... 15 The broken promise of Intel TXT.................... 16 Rescuing TXT: SMM sandboxing with STM.............. 18 The broken promise of an STM?.................... 19 Intel SGX: a next generation TXT?................... 20 Summary of x86 boot (in)security.................... 21 2 Intel x86 considered harmful Contents 3 The peripherals 23 Networking devices & subsystem as attack vectors........... 23 Networking devices as leaking apparatus................ 24 Sandboxing the networking devices................... 24 Keeping networking devices outside of the TCB............ 25 Preventing networking from leaking out data.............. 25 The USB as an attack vector...................... 26 The graphics subsystem......................... 29 The disk controller and storage subsystem............... 30 The audio
    [Show full text]
  • Mass Surveillance
    Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof.
    [Show full text]
  • NSA) Surveillance Programmes (PRISM) and Foreign Intelligence Surveillance Act (FISA) Activities and Their Impact on EU Citizens' Fundamental Rights
    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT C: CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS The US National Security Agency (NSA) surveillance programmes (PRISM) and Foreign Intelligence Surveillance Act (FISA) activities and their impact on EU citizens' fundamental rights NOTE Abstract In light of the recent PRISM-related revelations, this briefing note analyzes the impact of US surveillance programmes on European citizens’ rights. The note explores the scope of surveillance that can be carried out under the US FISA Amendment Act 2008, and related practices of the US authorities which have very strong implications for EU data sovereignty and the protection of European citizens’ rights. PE xxx.xxx EN AUTHOR(S) Mr Caspar BOWDEN (Independent Privacy Researcher) Introduction by Prof. Didier BIGO (King’s College London / Director of the Centre d’Etudes sur les Conflits, Liberté et Sécurité – CCLS, Paris, France). Copy-Editing: Dr. Amandine SCHERRER (Centre d’Etudes sur les Conflits, Liberté et Sécurité – CCLS, Paris, France) Bibliographical assistance : Wendy Grossman RESPONSIBLE ADMINISTRATOR Mr Alessandro DAVOLI Policy Department Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] LINGUISTIC VERSIONS Original: EN ABOUT THE EDITOR To contact the Policy Department or to subscribe to its monthly newsletter please write to: [email protected] Manuscript completed in MMMMM 200X. Brussels, © European Parliament, 200X. This document is available on the Internet at: http://www.europarl.europa.eu/studies DISCLAIMER The opinions expressed in this document are the sole responsibility of the author and do not necessarily represent the official position of the European Parliament.
    [Show full text]
  • Reloading Protection
    INFO 6 th INTERNATIONAL CONFERENCE T +32 2 629 20 93 • [email protected] 23 24 25 JANUARY 2013 l BRUSSELS BELGIUM COMPUTERS, PRIVACY DATES & DATA PROTECTION 23 24 25 January 2013 RELOADING LANGUAGE English DATA AUDIENCE PROTECTION Data protection authorities and offi cials, academics, civil liberties organisations, magistrates, barristers, legal consultants, lobbyists, representatives of ICT and security companies, etc. LOCATION www.nickvanhee.be © Les Halles de Schaerbeek (Grande Halle (6,237m2 - 750 seats), Petite Halle (380m2), and La Cave, Rue Royale-Sainte-Marie 22, 1030 Brussels side events De Markten: Oude Graanmarkt 5 Rue du Vieux Marché aux Grains, 1000 Brussels Bazar: Kapucijnenstraat 63 Rue des Capucins, 1000 Brussels WHAT’S GOING ON IN BRUSSELS AT THE MOMENT? www.agendamagazine.be www.brusselsmuseums.be www.visitbrussels.be www.europeanprivacyday.org WWW.CPDPCONFERENCES.ORG WWW.CPDPCONFERENCES.ORG CPDP2013_PROGRAMME_37.indd 48-49 21/01/13 21:07 CPDP CONFERENCE PARTNERS WHAT IS CPDP? Every year in Brussels, CPDP gathers policy makers, academics, computer scientists, consultants, practitioners and activists from all over the world to exchange ideas and discuss emerging issues in information technology, privacy, data protection and law. CPDP has been growing progressively since its inception in terms of speakers, participants and panels. Ambitions for CPDP 2013 are higher than ever, as it will stage more than 40 panels and workshops (with a stimulating mix of academics, practitioners, regulators and advocates), as well as multiple side events (such as open debates, PechaKucha talks and artistic interventions). CPDP will pay particular attention to high-level and innovative research, and four panels will be completely devoted to the presentations of outstanding junior and senior academics.
    [Show full text]
  • December 1999 Conference Participants
    Hoover Press : Cyber DP5 HPCYBEAPX2 06-09-:1 18:47:03 rev1 page 271 APPENDIX 2 December 1999 Conference Participants drew c. arena Former Senior Counsel to the Assistant Attorney General, U.S. Department of Justice; former Counselor for Criminal Justice Matters at the U.S. Mission to the European Union (EU) in Brussels, Belgium. Now retired from over twenty years of federal government service, he has served as the Attorney General’s senior representative in Europe for multilateral affairs and has been responsible for Justice Department relations with the EU, the Council of Europe, the United Nations Commission on Criminal Justice, and the G-8’s Senior Experts Group on Organized Crime. He has worked extensively with all these organizations on issues relating to cyber crime. joseph betser Project Leader, Business Development and Program Man- agement, Aerospace Corporation, El Segundo, California. He has served as a Defense Advanced Research Projects Agency (DARPA) Principal Investi- gator for a number of network management and information assurance pro- jects and led activities in the growing commercial satellite network business, as well as in Department of Defense space architecture planning, and Battle Awareness and Data Dissemination (BADD). He also led the CalREN (Cal- ifornia Research and Education Network) ATM Research Consortium (ARC), among the first ATM networks in Southern California, consisting of eleven premier university and research organizations. caspar bowden Director, Foundation for Information Policy Research (FIPR), London, United Kingdom (http://www.fipr.org),an independent non- profit organization that studies the interaction between information technol- ogy and society, identifies technical developments with significant social im- pact, and commissions research into public policy alternatives.
    [Show full text]
  • Submission Data for 2020-2021 CORE Conference Ranking Process Privacy Enhancing Technologies Symposium (Was International Workshop of Privacy Enhancing Technologies)
    Submission Data for 2020-2021 CORE conference Ranking process Privacy Enhancing Technologies Symposium (was International Workshop of Privacy Enhancing Technologies) Shaanan Cohney, Matthew Wright, Aaron Johnson, Veelasha Moonsamy Conference Details Conference Title: Privacy Enhancing Technologies Symposium (was International Workshop of Privacy Enhancing Technologies) Acronym : PETS Rank: B Requested Rank Rank: A Recent Years Proceedings Publishing Style Proceedings Publishing: journal Link to most recent proceedings: https://dblp.org/db/journals/popets/popets2020.html Further details: PETS papers are published in the journal Proceedings on Privacy Enhancing Technologies (PoPETs). PoPETs is an open-access journal published by Sciendo, part of the De Gruyter publishing house. PoPETs has four issues per year, and all papers that appear in PoPETs are full papers and are presented at the PETS conference. PoPETs builds on the scholarly tradition initiated by PETS in July 2000. The membership of the Editorial Board and Program Committee, as well as the high-quality publications, make PoPETs a premier venue for scholarship in the area of privacy and technology. Regarding Google Scholar Metrics, PoPETs is listed. However, the PoPETs journal only started in 2015, and Google Scholar Metrics doesn’t include the 2000âĂŞ2014 PETS proceedings published in Springer LNCS. Therefore, rankings are inaccurate that use metrics dependings on papers published before 2015 (e.g. h5-index). Most Recent Years Most Recent Year Year: 2019 URL: https://petsymposium.org/cfp19.php
    [Show full text]
  • Open Rights Group
    Company Registration Number 05581537 Open Rights Report and Accounts 31 October 2015 Open Rights Contents of the Financial Statements 31 October 2015 Page Company Information 1 Directors' Report 2 Accountants' Report 6 Income and Expenditure Account 7 Balance Sheet 8 Notes to Financial Statements 9 Open Rights Company Information 31 October 2015 Directors James Cronin Simon Phipps Alec Muffett Maria Farrell Harry Metcalfe Ben Laurie Milena Popova Owen Blacker John Elliott Secretary James Cronin Accountants Urban Ledgers Limited 14 Thornhill Square London N1 1BQ Bankers Cooperative Bank plc PO Box 101 1 Balloon Street Manchester Company number 05581537 Page 1 Open Rights Report of the Board of Directors for the year ended 31 October 2015 Introduction This year we campaigned against mass surveillance, and worked on data protection and e-privacy. It was also the year in which our legal strategy started to bite, as cases began to reach the courts with a high likelihood of changing the way that governments have to view surveillance, particularly in the UK, but also more widely. It was also the first year that we employed a Scotland Officer. Our supporter base grew significantly, to over 3000, giving us a more sustainable financial future. However, we had to adjust our expenditure downwards in the mid part of the year in order to balance it with our income, which was lower due to smaller grant receipts. Caspar Bowden This year, we also remember Advisory Council member Caspar Bowden, who passed away in July 2015. He contributed to our surveillance work, warning before the Snowden revelations of the legal instruments permitting mass surveillance.
    [Show full text]
  • Surveillance?
    Is “Big Data” simply a codeword for mass- surveillance? Caspar Bowden independent advocate for privacy rights (Chief Privacy Adviser - Microsoft 2002-2011, Director of FIPR 1998-2002) st Alpbach Forum – 21 August 2014 Cloud computing parallel processing power as commodity Consumer: Facebook, Skype, Microsoft, Google Business : Microsoft Azure/Office365, Google Apps, Amazon “Warrantless Wiretapping” 2001-7 ● 2003: AT&T San Francisco switching centre – Internet backbone split to DPI and forwarded to NSA ● 2005 New York Times broke story – media self-censored story until after 2004 election – several whistleblowers NSA, FBI, and AT&T ● tried official channels and then media – ignored, prosecuted – Traffic-analysis of call patterns and transaction data ● 2007: “legalized” by Protect America Act – retroactive immunity for telcos – new paradigm: “collect everything, minimize later” – no more particular warrants – FISC approves “procedures” What is “foreign intelligence information” ? (1) information that relates to, and if concerning a United States person is necessary to, the ability of the United States to protect against - (A) actual or potential attack or other grave hostile acts of a foreign power or an agent of a foreign power; (B) sabotage, international terrorism, or the international proliferation of weapons of mass destruction by a foreign power or an agent of a foreign power; or (C) clandestine intelligence activities by an intelligence service or network of a foreign power or by an agent of a foreign power; or (2) information with respect to a foreign power or foreign territory that relates to, and if concerning a United States person is necessary to - (A) the national defense or the security of the United States; or (B) the conduct of the foreign affairs of the United States.
    [Show full text]
  • Behind Datagate
    BEHIND DATAGATE Chiara Marchetti e Matteo Longeri Dipartimento di Informatica e Comunicazione Università degli Studi di Milano Milano, Italia [email protected], [email protected] 15 aprile 2015 Indice 1 Introduzione 4 2 Il background dello scandalo 8 2.1 Edward Snowden . 8 2.2 Glenn Greenwald . 9 2.3 NSA e GCHQ . 10 2.3.1 National Security Agency . 10 2.3.2 Government Communications HeadQuarters . 11 2.4 Terzi coinvolti ed elementi aggiuntivi . 12 2.5 Datagate . 16 3 Le aziende coinvolte 20 3.1 Google . 21 3.2 Yahoo . 26 3.3 Facebook . 28 3.3.1 WhatsApp . 32 3.4 Twitter . 33 3.5 Apple . 34 3.6 Microsoft . 40 3.6.1 Skype . 44 3.7 Verizon . 46 3.8 Le aziende in sintesi . 49 4 "Effetto Snowden" 51 4.1 La reazione dell’Europa . 51 4.1.1 Francia . 52 1 4.1.2 Germania . 53 4.1.3 Italia . 54 4.1.4 Regno Unito . 55 4.1.5 Russia . 56 4.1.6 Spagna . 57 4.1.7 Svezia . 57 4.1.8 Intervista a Mikko Hypponen . 58 4.2 Cosa dicono i nostri intervistati . 59 5 Gli strumenti per difendersi 70 5.1 Chat OTR e CryptoCat . 70 5.2 PGP e GnuPG . 71 5.3 Tor . 73 5.4 Telegram . 74 5.5 Tox................................. 75 5.6 Prism-Break . 75 5.7 I2P . 76 5.8 Freenet . 77 5.9 GNUnet . 77 5.10 MaidSafe . 78 5.11 Bitcoin . 79 5.12 File System Crittografici . 80 6 Conclusioni 82 2 Abstract Nel 2013 le rivelazioni di Edward Snowden hanno dato il via al grande dibattito sulla liceità delle intercettazioni di massa perpetrate in segreto dai più grandi governi mondiali.
    [Show full text]
  • Mass Surveillance Part 1 - Risks and Opportunities Raised by the Current Generation of Network Services and Applications
    Science and Technology Options Assessment (STOA) Mass Surveillance Part 1 - Risks and opportunities raised by the current generation of network services and applications ANNEX EPRS | European Parliamentary Research Service Scientific Foresight (STOA) Unit PE 527.409 EN Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Annex IP/G/STOA/FWC-2013-1 - LOT 9 – Safety and security technologies December 2014 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance – Risks, Opportunities and Mitigation Strategies Part 1” was carried out by TECNALIA Research and Investigation. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero José Javier Larrañeta Ibañez Stefan Schuster (Editor) STOA RESEARCH ADMINISTRATOR Peter Ide-Kostic Scientific Foresight Unit Directorate for Impact Assessment and European Added Value Directorate-General for Parliamentary Research Services European Parliament, Rue Wiertz 60, B-1047 Brussels E-mail: [email protected] LINGUISTIC VERSION Original: EN ABOUT THE PUBLISHER To contact STOA or to subscribe to its newsletter please write to: [email protected] This document is available on the Internet at: http://www.ep.europa.eu/stoa/ Manuscript completed in November, 2014 Brussels, © European Union, 2014 DISCLAIMER The content of this document is the sole responsibility of the author and any opinions expressed therein do not necessarily represent the official position of the European Parliament. It is addressed to the Members and staff of the EP for their parliamentary work.
    [Show full text]
  • Privacy and Security in an Age of Surveillance
    Report from Dagstuhl Perspectives Workshop 14401 Privacy and Security in an Age of Surveillance Edited by Bart Preneel1, Phillip Rogaway2, Mark D. Ryan3, and Peter Y. A. Ryan4 1 KU Leuven and iMinds, BE, [email protected] 2 University of California, Davis, US, [email protected] 3 University of Birmingham, GB, [email protected] 4 University of Luxembourg, LU, [email protected] Abstract The Snowden revelations have demonstrated that the US and other nations are amassing data about people’s lives at an unprecedented scale. Furthermore, these revelations have shown that intelligence agencies are not only pursuing passive surveillance over the world’s communication systems, but are also seeking to facilitate such surveillance by undermining the security of the internet and communications technologies. Thus the activities of these agencies threatens not only the rights of individual citizens but also the fabric of democratic society. Intelligence services do have a useful role to play in protecting society and for this need the capabilities and authority to perform targeted surveillance. But the scope of such surveillance must be strictly limited by an understanding of its costs as well as benefits, and it should not impinge on the privacy rights of citizens any more than necessary. Here we report on a recent Dagstuhl Perspectives Workshop addressing these issues – a four- day gathering of experts from multiple disciplines connected with privacy and security. The meeting explored the scope of mass-surveillance and the deliberate undermining of the security of the internet, defined basic principles that should underlie needed reforms, and discussed the potential for technical, legal and regulatory means to help restore the security of the internet and stem infringement of human-rights by ubiquitous electronic surveillance.
    [Show full text]
  • The US Surveillance Programmes and Their Impact on EU Citizens' Fundamental Rights
    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT C: CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS CIVIL LIBERTIES, JUSTICE AND HOME AFFAIRS The US surveillance programmes and their impact on EU citizens' fundamental rights NOTE Abstract In light of the recent PRISM-related revelations, this briefing note analyzes the impact of US surveillance programmes on European citizens’ rights. The note explores the scope of surveillance that can be carried out under the US FISA Amendments Act 2008, and related practices of the US authorities which have very strong implications for EU data sovereignty and the protection of European citizens’ rights. PE 474.405 EN This document was requested by the European Parliament's Committee on Civil Liberties, Justice and Home Affairs. AUTHORS Mr Caspar BOWDEN (Independent Privacy Researcher) Introduction by Prof. Didier BIGO (King’s College London / Director of the Centre d’Etudes sur les Conflits, Liberté et Sécurité – CCLS, Paris, France). Copy-Editing: Dr. Amandine SCHERRER (Centre d’Etudes sur les Conflits, Liberté et Sécurité – CCLS, Paris, France) Bibliographical assistance: Wendy Grossman RESPONSIBLE ADMINISTRATOR Mr Alessandro DAVOLI Policy Department Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] LINGUISTIC VERSIONS Original: EN ABOUT THE EDITOR To contact the Policy Department or to subscribe to its monthly newsletter please write to: [email protected] Manuscript completed in September 2013. Source: European Parliament © European Union, 2013. This document is available on the Internet at: http://www.europarl.europa.eu/studies DISCLAIMER The opinions expressed in this document are the sole responsibility of the author and do not necessarily represent the official position of the European Parliament.
    [Show full text]