Detection and surveillance technologies: privacy-related requirements and protection schemes
Pages 218 - 231
Abstract
Detection, identification, authentication and surveillance technologies are increasingly deployed and at the same time further researched, aiming at countering terrorism and crime, protecting people and goods, and managing working procedures and activities. Although, such technologies may also be applied to secure personal data processing, their wide use raises serious concerns. For instance, when they are used for public security reasons, they led to the creation, collection, storage, communication, interconnection and analysis of huge amounts of personal data, even globally. In this paper, after reviewing relevant developments, mentioning key enabling technologies, discussing relevant risks and mentioning social, ethical, legal and political related aspects, we focus on technological issues, namely privacy-related requirements and protection schemes and techniques, which may respond to human rights and liberties related concerns. Basic building elements of protection measures range from more conventional, such as cryptography, access control and auditing to new ones based on information hiding and privacy-preserving data mining techniques. Also, the active involvement of oversight authorities in data protection schemes may significantly increase their effectiveness.
References
[1]
Article 29 Working Party (2004) 'Opinion 8/2004 on the information for passengers concerning the transfer of PNR data on flights between European Union and United States of America', Available at: http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2004/wp97_en.pdf.
[2]
Article 29 Working Party (2007a) 'Opinion 1/2007 on the Green Paper on Detection Technologies in the work of law enforcement, customs and other security authorities', Available at: http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2007/wp129_en.pdf.
[3]
Article 29 Working Party (2007b) 'Working Document WP131 on the processing of personal data relating to health in electronic health records (EHR)', Available at: http://ec.europa.eu/ justice_home/fsj/privacy/docs/wpdocs/2007/wp131_en.pdf.
[4]
Bakken, D.E., et al. (2004) 'Data obfuscation: providing anonymity and desensitization of usable data sets', IEEE Security and Privacy Magazine, Vol. 2, No. 6, pp. 34-41.
[5]
Commission of the European Communities (2005) 'The 2nd e-safety communication, bringing eCall to citizens', COM(2005) 431, Available at: http://europa.eu.int/eur-lex/lex/ LexUriServ/site/en/com/2005/com2005_0431en01.pdf.
[6]
Commission of the European Communities (2006) 'Green Paper on detection technologies in the work o law enforcement, customs and other security authorities', COM(2006) 474, Available at: http://www.statewatch.org/news/2006/sep/eu-com-detection-techn-com-474.pdf.
[7]
Council of the European Union (2004) 'On the introduction of common security standards and biometrics into passports and other travel documents issued by Member States', Regulation 2252/2004, Available at: http://www.egovemonitor.com/node/6526/print.
[8]
Council of the European Union (2005) 'Prüm Convention on the stepping up of cross-border cooperation, particularly in combating terrorism, cross-border crime and illegal migration', Regulation 10900/05, Available at: http://www.statewatch.org/news/2005/aug/ Prum-Convention.pdf.
[9]
Cover, T.M. and Thomas, J.A. (1991) Elements of Information Theory, John Wiley & Sons, Inc.
[10]
Damiani, E., De Capitani di Vimercati, S. and Samarati, P. (2003) 'Managing multiple and dependable identities', IEEE Internet Computing Magazine, November-December, pp. 29-37.
[11]
European Parliament and Council (2006) 'Directive on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of communications networks', 2006/24/EC, Available at: http://www.ispai.ie/DR%20as% 20published%20OJ%2013-04-06.pdf.
[12]
Hubuax, J-P., Capcun, S. and Luo, J. (2004) 'The security and privacy of smart vehicles', IEEE Security and Privacy Magazine, Vol. 2, No 3, pp. 49-55.
[13]
28th International Conference on Data Protection and Privacy Commissioners (2006) 'Closing communiqué', 2-3 November, London, UK, Available at: http://ico.crl.uk.com/files/ FinalConf.pdf.
[14]
ISO/IEC 20886 (Draft International Standard) (2004) Information Technology - International Security, Trust, and Privacy Alliance - Privacy Framework.
[15]
Norwich Union (2007) Available at: http://www.norwichunion.com//.
[16]
Popp, R. and Poindexter, J. (2006) 'Countering terrorism through information and privacy protection technologies', IEEE Security and Privacy Magazine, Vol. 4, No. 6, pp. 18-27.
[17]
Raya, M., Papadimitratos, P. and Hubaux, J-P. (2006) 'Securing vehicular communications', IEEE Wireless Communications, Vol. 13, No. 5, pp. 8-15.
[18]
Samarati, P. (2001) 'Protecting respondent's privacy in microdata release', Journal of IEEE Transactions on Knowledge Data Engineering, Vol. 13, No. 6, pp. 1010-1027.
[19]
Sweeney, L. (2002) 'k-anonymity: a model for protecting privacy', Journal on Uncertainty, Fuzziness and Knowledge-Base Systems, Vol. 10, No. 5, pp. 557-570.
[20]
Vaidya, J. and Clifton, C. (2004) 'Privacy - preserving data mining: Why, How, and When', IEEE Security and Privacy Magazine, Vol. 2, No. 6, pp. 19-27.
[21]
Vaidya, J., Clifton, C.W. and Zhu, Y.M. (2006) Privacy Preserving Data Mining, Springer Science.
[22]
Zorkadis, V. (2007) 'Detection, identification and surveillance technologies: privacy related requirements', Proceedings of the 3rd Annual International Conference Global e Security, University of East London, pp. 53-61.
[23]
Zorkadis, V. and Donos, P. (2004) 'On biometrics-based authentication and identification from a privacy protection perspective: deriving privacy enhancing requirements', Journal of Information Management and Computer Security, Vol. 12, No. 1, pp. 125-137.
[24]
Zorkadis, V., Karras, D.A. and Panayotou, M. (2005) 'Efficient information theoretic strategies for classifier combination and performance evaluation in improving false positives and false negatives for spam e-mail filtering', Journal of Neural Network, Vol. 18, pp. 799-807.
- Detection and surveillance technologies: privacy-related requirements and protection schemes
Recommendations
Privacy Rights and Protection: Foreign Values in Modern Thai Context
The concept of privacy as a basic human right which has to be protected by law is a recently adopted concept in Thailand, as the protection of human rights was only legally recognized by the National Human Rights Act in 1999. Moreover, along with other ...
Privacy preserving data obfuscation for inherently clustered data
Privacy is defined as the freedom from unauthorised intrusion. The availability of public records along with intelligent search engines and data mining tools allow easy access to useful information. They also serve as a haven for individuals with ...
Privacy-enhancing technologies: approaches and development
In this paper, we discuss privacy threats on the Internet and possible solutions to this problem. Examples of privacy threats in the communication networks are identity disclosure, linking data traffic with identity, location disclosure in connection ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Publisher
Inderscience Publishers
Geneva 15, Switzerland
Publication History
Published: 01 January 2007
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 07 Jan 2025