Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.ipc.on.ca National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy? Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario.

Similar presentations


Presentation on theme: "Www.ipc.on.ca National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy? Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario."— Presentation transcript:

1 www.ipc.on.ca National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy? Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario 2004 Osler Hoskin & Harcourt Lecture Centre for Innovation Law and Policy February 23, 2004

2 www.ipc.on.ca Slide 2 Whither Privacy?  Post September 11 th  Enormous impact on privacy  The Security of Freedom: Essays on Canada's Anti-Terrorism Bill University of Toronto, 2001 www.utppublishing.com/detail.asp?TitleID=2493 www.utppublishing.com/detail.asp?TitleID=2493

3 www.ipc.on.ca Slide 3 September 11, 2001 “Public safety is paramount but balanced against privacy”  Security measures must be real, not illusory  New powers must be studied and measured to determine effectiveness and utility  Are new security powers truly necessary or are existing powers not fully utilized or effectively deployed? http://www.ipc.on.ca/userfiles/page_attachments/1517136_pub01-e.pdf http://www.cbc.ca/news/indepth/usattacked/essay_privacy.html

4 www.ipc.on.ca Slide 4 Anti-terrorism Laws  Canada Anti-terrorism Act Customs Act – Canada Customs & Revenue Agency expanded powers Bill C-17 Public Safety Act (first reading)  United States USA PATRIOT Act Transportation Security Administration: CAPPS II  United Kingdom Anti-terrorism, Crime and Security Act

5 www.ipc.on.ca Slide 5 Why be Concerned?  Expanded scope of domestic surveillance  Lack of justification  Weakening of judicial controls  Lack of independent oversight

6 www.ipc.on.ca Slide 6 Are These Laws Effective?  Reasons why these laws will not work:  Depend on questionable technology  Too much irrelevant information collected  Create a tempting target  Solving the wrong problem

7 www.ipc.on.ca Slide 7 Importance of Privacy to Liberty  Privacy is a vital social value. “Privacy is at the heart of liberty in the modern state. Grounded in [one's] physical and moral autonomy, privacy is essential for the well-being of the individual. … [I]t also has a profound significance for the public order.” Dr. Alan Westin

8 www.ipc.on.ca Slide 8 Information Privacy Defined  Information Privacy: Data Protection Freedom of choice; personal control; informational self-determination Personal control over the collection, use and disclosure of any recorded information about an identifiable individual

9 www.ipc.on.ca Slide 9 Fair Information Practices: A Brief History  OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data  E.U. Directive on Data Protection  CSA Model Code for the Protection of Personal Information  Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)

10 www.ipc.on.ca Slide 10 The Foundation: Fair Information Practices  Accountability  Identifying Purposes  Consent  Limiting Collection  Limiting Use, Disclosure, Retention  Accuracy  Safeguards  Openness  Individual Access  Challenging Compliance CSA Model Code for the Protection of Personal Information

11 www.ipc.on.ca Slide 11 Submission to the Standing Committee  Submission to the House of Commons Standing Committee on Citizenship and Immigration re: privacy implications of a National Identity Card and Biometric Technology – November 4, 2003  Interim Committee report questioned the value of introducing a national ID card

12 www.ipc.on.ca Slide 12 National ID Card Issues  No business case justifying ID Cards  Enormous cost of design and roll-out  Security vulnerabilities: high demand for access to associated databases – increased threat

13 www.ipc.on.ca Slide 13 National ID Card  Only one plausible rationale: U.S. requirement for biometric identifiers at border crossings by end of 2004 Enhanced Border Security and Visa Entry Reform Act of 2002 Canada currently exempted

14 www.ipc.on.ca Slide 14 Biometrics  Definition: The automated use of physiological or behavioral characteristics to determine or verify identity  Far from foolproof: myths abound (don’t believe the movies)

15 www.ipc.on.ca Slide 15 Biometric Applications Identification:  one-to-many comparison Authentication:  one-to-one comparison

16 www.ipc.on.ca Slide 16 The Myth of Accuracy  The problem with large databases containing thousands (or millions) of biometric templates: False positives False negatives

17 www.ipc.on.ca Slide 17 Biometric Identification False Positive Challenge Even with a 99.99% accuracy rate, everyone will have at least one false positive match “The false alarm rate would overwhelm the system...” Bruce Schneier, Beyond Fear, p.253

18 www.ipc.on.ca Slide 18 The Fallacy of the Accuracy Re: Biometric Identification If you have a 1 in 10,000 error rate per fingerprint (99.99% accuracy rate), then a person being scanned against a million- record data set will be flagged as positive 100 times. And that’s every person. A system like that would be useless because everyone would be a false positive. Bruce Schneier, quoted in Ann Cavoukian’s Submission to the Standing Committee on Citizenship and Immigration, November 4, 2003 http://www.ipc.on.ca/docs/110403ac-e.pdf

19 www.ipc.on.ca Slide 19 Biometric Identification  False Negative Challenge: Attackers could fool the system Pay-offs high for compromising the system Increased vulnerability to a target once a terrorist succeeds in obtaining a false negative: threat escalates considerably

20 www.ipc.on.ca Slide 20 Biometric Strength: Authentication The strength of one-to-one matches Authentication/verification does not require the central storage of templates Biometrics can be stored locally, not centrally – on a smart card, bar code, passport etc.

21 www.ipc.on.ca Slide 21 Designing Privacy Into Biometrics  The Privacy Challenges: –Central template databases –Unacceptable error rates –Secondary uses

22 www.ipc.on.ca Slide 22 Final Thoughts on Biometrics  Current off-the-shelf biometrics will permit the secondary uses of personal information  The Goal: “Technology that allows for informational self-determination and makes good security a by-product of protecting one’s privacy” – George Tomko  Using the biometric to encrypt a PIN or a standard encryption key will meet that goal: Biometric Encryption

23 www.ipc.on.ca Slide 23 “I am not a number, I am a human being. I will not be filed, stamped, indexed or numbered. My life is my own.” The Prisoner TV series, 1968 “I am not a number, I am a free man”

24 www.ipc.on.ca How to Contact Us Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario 80 Bloor Street West, Suite 1700 Toronto, Ontario M5S 2V1 Phone: (416) 326-3333 Web: www.ipc.on.ca E-mail: commissioner@ipc.on.ca


Download ppt "Www.ipc.on.ca National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy? Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario."

Similar presentations


Ads by Google