Presentation is loading. Please wait.

Presentation is loading. Please wait.

S-1 © RGP & UW-CISA 2010 Business & Technology Environment Summer 2010 Robert G Parker.

Similar presentations

Presentation on theme: "S-1 © RGP & UW-CISA 2010 Business & Technology Environment Summer 2010 Robert G Parker."— Presentation transcript:

1 S-1 © RGP & UW-CISA 2010 Business & Technology Environment Summer 2010 Robert G Parker

2 S-2 © RGP & UW-CISA 2010 Business & Technology Environment Summer 2010 Robert G Parker

3 S-3 © RGP & UW-CISA 2010 Crisis Management Privacy Social Networks eDiscovery / eEvidence Cloud Computing Parallel Programming Agenda

4 S-4 © RGP & UW-CISA 2010 Privacy

5 S-5 © RGP & UW-CISA 2010 Privacy USA: Supreme Court Canada: No Jail Time

6 S-6 © RGP & UW-CISA 2010 Privacy As patrons enter a bar they’ll have their ID cards swiped through a data reader and their photo taken. If the patron causes trouble in the bar, an “alert” will be placed on file are shared with other bars Times Colonist – July 2009

7 S-7 © RGP & UW-CISA 2010 Privacy Privacy Commissioner David Loukidelis ruled earlier this week that the technology used by about 100 bars and clubs involved in Barwatch across the province violates section 7(2) of the B.C. Personal information protection Act Times Colonist – August 8, 2009

8 S-8 © RGP & UW-CISA 2010 Privacy Bars can still scan driver’s licences but can only collect the name, photo, birthdate and gender. They can no longer collect driver’s licence numbers. Information must be destroyed within 24 hours unless the patron is determined to be violent or unsafe Protecting Society vs. Protecting Individual Rights

9 S-9 © RGP & UW-CISA 2010 Privacy Social Worker took home paper lists of 1,400 welfare recipients Breach discovered but “victims” not notified for 6 months Breach not disclosed to the provincial Privacy Commissioner Canada Lacks Privacy Breach Notification Laws

10 S-10 © RGP & UW-CISA 2010 Privacy Social Worker “Richard Perran” was actually “Richard Ernest Wainwright” who had a criminal record for credit card fraud and counterfeiting. Call were made for increased background checks and increased due diligence in hiring practices Identity Theft Issues The Impact of Criminal Convictions on Future Employment

11 S-11 © RGP & UW-CISA 2010 Privacy Backlash! Reputational Damage Government bureaucracy not usually affected Public sentiment was stirred Was it enough to bring changes?

12 S-12 © RGP & UW-CISA 2010 Privacy Breach Notification Laws are proposed for PIPEDA Are they Robust enough to protect the victims? Will have to report to the Federal Privacy Commissioner if they have experienced a material data breach of personal information: Factors to determine materiality Sensitivity of information Number of customers affected Internal assessment that the breach is not the result of a systemic problem The threshold to compel institutions to notify customers will be higher. Public notification must occur “when the organization deems the breach to pose a real risk of significant harm, such as identity theft or fraud, or damage to reputation In the US (State law) there is no threshold – they MUST be transparent

13 S-13 © RGP & UW-CISA 2010 Privacy Numbered Swiss bank accounts may no longer be private The law does have some interesting aspects Cash hoarded away by corrupt politicians will be seized by Swiss officials and redistributed to aid agencies. Ferdinand Marcos –Philippine’s Sani Abacha – Nigeria Valdimiro Montesunoe – Peru Jean-Claude ‘baby-Doc” Duvalier - Haiti Assets Seized: Who determines if they are corrupt? Could this be extended to corrupt business officials ?

14 S-14 © RGP & UW-CISA 2010 Privacy Identity theft and privacy breaches continue to go unreported because of current Canadian privacy laws. Canadian organizations such as Winners provided transparency after TJ Max in the USA had done so following a privacy breach involving Winners customers' date.

15 S-15 © RGP & UW-CISA 2010 Privacy Most of may us have experienced some discomfort from immigration and customs officials Well! Not all immigration and customs officials are unfriendly 2007-08 1,607 Complaints 2008-08 1,421 Complaints

16 S-16 © RGP & UW-CISA 2010 Privacy Entered Canada at 5:00 pm on October 18, 2009 Four hours later she received a “Friend” request on Facebook Not knowing the person she ignored the Facebook “Friend “ request Next day the same person asked why she had ignored his “Friend “ request She wrote him back asking how he knew her He responded “I don’t mean to creep you out. I met you and thought you were stunning. I think we kinda shared chemistry.” He went to describe her! An investigation revealed that the guard had captured images and names of female travellers as he conducted primary processing and sent the information to his personal eMail

17 S-17 © RGP & UW-CISA 2010 Privacy The press wants access to various court documents, including search warrants Time is involved in obtaining and providing such documents Some judges do not release documents to court clerks and therefore are unavailable The process is inconsistent amongst court houses

18 S-18 © RGP & UW-CISA 2010 Privacy The press start a campaign to get access The courts start to charge $6.00 per request

19 S-19 © RGP & UW-CISA 2010 Privacy Press Wanted: Free access for the press Consistent availability throughout the court system Ability to print court proceedings Privacy of the individual who was the subject of an erroneous search warrant Privacy of individuals given the presumption of innocent until proven guilty Privacy Issues

20 S-20 © RGP & UW-CISA 2010 Privacy By an 8-1 margin, the bench concluded that the press – in a world of tweeters and bloggers – is an ill defined group and to grant wholesale constitutional immunity “ would blow a giant hole in law enforcement” Solicitor client privilege and police informants are among the few class privileges that exist in Canada and courts have been cool to broaden the field Does this open up to police, and the courts, the ability to obtain evidence from the “tweeter” (via their service providers, etc) rather than only from traditional media?

21 S-21 © RGP & UW-CISA 2010 Privacy We are seeing increased video surveillance by police and others Personal video cameras have captured police actions Video cameras are becoming accepted “protection” for both parties in law enforcement Retention and Disclosure are the Issues

22 S-22 © RGP & UW-CISA 2010 Privacy Little public input into privacy This person went to great detail: Right of access to records in control of a public body. Except in limited specific cases Controls in the manner in which public bodies collect, use and disclose personal information Individuals, except in limited circumstances, should have the right to have access to information about them held by public bodies Individuals should have the right to request corrections to information about them held by public bodies Individuals should the right to an independent review of decisions made by a public body public bodies under the legislation

23 S-23 © RGP & UW-CISA 2010 Privacy Section 215: Only Requires a “Process” for FBI Increasing “privacy” protection from the Patriot Act in the US

24 S-24 © RGP & UW-CISA 2010 Privacy Privacy has not really caught on in Canada Canadians, in general, do not display “emotions” about privacy breaches or misuse of their information. Canadians appear ambivalent to increased use of video cameras and video recording at public events Canadian “Do Not Call” legislation allows significant unwanted contact Changes to PIPEDA will not address key deficiencies Lack of transparency rules Does not address non-commercial activities Does not address human resources Niche groups, civil liberties groups, etc are the most active in taking stands against use of personal information in Canada The private sector is still not embracing privacy standards based on “fair information practices”

25 S-25 © RGP & UW-CISA 2010 Privacy Service opportunities may exist for the profession to assist clients, but without : Stronger privacy legislation Public awareness of their privacy rights; and the will to protect those rights A compelling event Privacy seems like a smouldering issue which has yet to capture the interest of Canadians Professionals can assist business in addressing privacy through: Creating an appropriate privacy organization Conducting risk management reviews over personal information, particularly security Creating processes to operationalize an entity’s privacy policies

Download ppt "S-1 © RGP & UW-CISA 2010 Business & Technology Environment Summer 2010 Robert G Parker."

Similar presentations

Ads by Google