Idea for deliverable on protection issues on skillet European White Pages administration .


41 views
Uploaded on:
Category: Funny / Jokes
Description
Plan. Preparatory remarksEuropean protection legislationOther writings on the matterPrivacy issues of the CIP WPSOrganizational and specialized arrangements. Individual Statement. Security enactment is not a bug it
Transcripts
Slide 1

Idea for deliverable on security issues on skillet European White Pages benefit third TF-LSD Meeting Antalya, 13.5.2001 Peter Gietz Peter.gietz@DAASI.de

Slide 2

Agenda Preliminary comments European protection enactment Other messages on the matter Privacy issues of the CIP WPS Organizational and specialized arrangements

Slide 3

Personal Statement Privacy enactment is not a bug it\'s an element Not a weight yet something worth being thankful for Not the specialized conceivable outcomes tally yet the feasability of these potential outcomes

Slide 4

Discussion highlights Privacy talk is more centered around internet business than on catalogs Legislation more consents to information servers, not ordering framework

Slide 5

International Issue European arrangement is just a large portion of the approach Worldwide controls exist (OECD, UN) 40 nations around the globe have sanctioned, or are get ready to institute security enactment E.g.: Switzerland, Hungary, Kanada, Australia Hong Kong, Taiwan, Japan, Malaysia, South Korea. „The US has confined itself from whatever is left of the world" (EPIC) Only has enactment for Federal experts Possible arrangement: „Safe Harbor"

Slide 6

Safe Harbor Organized by Department of Commerce Catalog of sufficient preparing rules for information from Europe Companies can declare their committment www.export.gov/safeharbor

Slide 7

Codes of Conduct Self characterized standards to follow EU-directions One for client information and one for representative information Privacy proclamations Formali ze capable see P3P activity of W3 Consortium

Slide 8

OECD Regulations OECD Recommendation concerning and Guidelines administering the assurance of protection and transborder streams of individual information, O.E.C.D. Archive C(80)58(Final), October 1, 1980 http://www.rewi.hu-berlin.de/Datenschutz/International/1980_oecd_privacy_guidelines.txt Promotes selfregulatory measures

Slide 9

United Nations Regulation Guidelines concerning mechanized individual information records, embraced by the General Assembly on 14 December 1990 http://www.datenschutz-berlin.de/recht/int/uno/gl_pbden.htm

Slide 10

1995 Directive on the assurance of people as to the handling of individual information and on the free development of such information (95/46, October 1995) http://www.privacy.org/pi/intl_orgs/ec/eudp.html Preamble: Data-preparing frameworks are intended to serve man Data ought to have the capacity to stream uninhibitedly But: They should regard the basic flexibilities and rights

Slide 11

Article 1: Object of the mandate Member states might secure the privilege to protection as for the preparing of individual information yet might not confine or disallow free stream of data between part states

Slide 12

Article 2: Definitions „ individual information ": any data identifying with an identifiable characteristic individual (called „data subject")  White Pages information „ handling ": (regardless of whether robotized) gathering, stockpiling, recovery, dispersal, deletion and so forth  capacity, overhaul, replication and recovery „ individual information documenting framework ": organized arrangement of individual information which are available as per particular criteria, whether concentrated or decentralised, ...  Directory Service

Slide 13

Definitions contd. „ controller ": characteristic or lawful individual, open expert, organization that decides the reason and method for the preparing  Designer of Directory administration „ processor ": regular or lawful individual, and so on which forms individual information for the controller  Data chief „ outsider ": normal or lawful individual, and so on. other than the information subject, the controller or the processor, or the individual who is approved to prepare the information  all others

Slide 14

Definitions contd. „ beneficiary ": characteristic or legitimate individual, and so forth regular or lawful individual, and so on. to whom information are uncovered, regardless of whether outsider or not, but rather not asking experts  Directory benefit client „ the information subject\'s assent ": any unreservedly given particular and educated sign of his desires by which the information subject means his consent to individual information identifying with him being handled  ?? See underneath

Slide 15

Article 3: Scope Processing of information entirely or halfway via programmed implies and nonautomatic if part of a recording framework. In any case, not in instances of open security, safeguard, State security and exercises of the State in territories of criminal law And not if done by a characteristic individual throughout absolutely individual or family unit movement

Slide 16

Article 6: principals Fairly and legally Collected for determined, unequivocal and honest to goodness reason and not further prepared incongruent to that. Authentic, measurable or scientifical reasons for existing are never contrary Adequate, pertinent and not exessive Accurate and breakthrough Identifyable not longer than neccessary

Slide 17

Article 7: Criteria Data subject assented or If neccessary for the execution of an agreement to which the information subject is gathering or For consistence with legitimate commitment of controller or To secure essential enthusiasm of the information subject or To play out an undertaking did in the general population intrigue ... With the end goal of the true blue enthusiasm of the controller or beneficiary aside from if against premium or crucial privileges of the information subject

Slide 18

Article 10/11 Information Controller needs to advise information subject about: Identity of controller Purpose of preparing Recipients of the information Existence of the privilege of get to and redress the information Whether controller asks the information from information subject or gets them generally

Slide 19

Article 12: Right of Access Data subject has the privilege to acquire from controller: Without imperative at sensible interims immediately Confirmation regardless of whether information about him are handled, for what reason, which information classes and beneficiaries Form and rationale of the handling Rectification, deletion or hindering of information Notification of beneficiaries about correction and so forth., unless this prooves unthinkable or includes dispropriate exertion

Slide 20

Article 14: Right to question Data subject has the privilege to protest the preparing on convincing genuine grounds Especially if information are to be utilized for direct advertising

Slide 21

Article 17: Security Controller must execute measures to secure individual information against: Accidental or unlawful decimation or misfortune Unauthorized modification, exposure or get to Especially when preparing includes transmission over a system Apropriate to the dangers Processor must be represented by an agreement or lawful act official in composing or proportional frame

Slide 22

Article 25: Transfer to third nations - Principals Third nation must guarantee a satisfactory level of insurance Member state might take measures important to forestall exchange to such a nation Commission should go into arrangements with a view to curing the circumstance Member states might take the essential measures to follow the Commision\'s choice

Slide 23

Article 26: Transfer to third nations - Derogations Transmission to Countries with unadequate protection enactment may happen if: Data subject has given his assent or Neccessary for execution of an agreement between information subject and controller or Contract amongst controller and outsider in light of a legitimate concern for information subject or On critical open intrigue grounds or

Slide 24

Derogations contd. To ensure imperative enthusiasm of information subject or Transfer is produced using an enlist which as indicated by laws or directions is planned to give data to the general population and which is interested in discussion either by people in general all in all or by any individual who can exhibit authentic enthusiasm, to the degree that the conditions set down in law for interview are satisfied in the specific case

Slide 25

Article 29: Working Party Working gathering on the security of people concerning the handling of individual information is thus set up. WG with Chair, secretary and principles of methodology Independent consultative status Gives supposition on the level of insurance in the comunity and in third nations

Slide 26

Working Party Composed various archives on Transfer of individual information to third nations: Defining what constitutes satisfactory security Possible routes forward in evaluating ampleness On preparing of individual information on the Internet Recommendation 1/99 on Invisible and programmed handling of individual information on the Internet performed by programming and equipment ...

Slide 27

1997 Directive concerning the preparing of Personal information and the insurance of protection in the broadcast communications part (97/66/EC, 15. December 1997) http://europa.eu.int/ISPO/infosoc/telecompolicy/en/9766en.pdf Enhancement of the 1995 mandate for the media communications division, particularly ISDN and portable systems

Slide 28

Article 2: Definitions „subscriber": any regular or legitimate individual that is gathering to an agreement with the supplier of openly accessible broadcast communications benefit „user": any common individual utilizing such an administration for private or business reason, without neccessarily having subscribed to it

Slide 29

Definitions contd. „public media communications arrange": transmission framework and exchanging hardware and different assets which are utilized as a part of entire or to a limited extent for the arrangement of openly accessible media communications benefit „ media communications benefit": benefit that comprises completely or mostly in the transmission and steering of signs on media communications organize, except for radio-and TV-broadcasting

Slide 30

Article 11: Directories Personal information contained in printed or electronica catalogs of supporters accessible to people in general ought to be constrained to what is neccessary to distinguish a specific endorser unless the endorser has given his agree to the distribution of extra individual information.

Slide 31

Other European writings COM(99) 337 last: Proposal for a control of the European Parliament for the security of characteristic per

Recommended
View more...