548,282 active members*
2,116 visitors online*
Register for free
Login Register

Perfection in Protection, Licensing, and Security

Encryption, Cybersecurity & Privacy: The Global Conundrum

October 2018
Author: Wibu-Systems
Encryption, Cybersecurity & Privacy: The Global Conundrum

BSA | The Software Alliance, a global software industry advocate, recently asserted their opinion on communications legislation being considered by the Australian Government. The Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 proposes new provisions that would allow Australian law enforcement and security agencies to gain assistance from key providers in the communications supply chain to increase their ability to collect evidence from electronic devices under Crimes Act search warrants. At the crux of the matter is the ability for law enforcement to break encryption code designed to protect personal data for the purpose of obtaining incriminating evidence useful to identify and arrest lawbreakers.

BSA Director Darryn Lim said, in a statement to itwire.com, that “BSA has urged the Australian Government to include in its encryption bill a judicial oversight and challenge mechanism in order to ensure that any new powers given to law enforcement are not abused.” In their submission to the Australian Government, the BSA further urged “continued engagement between the Australian government, policy-makers, and industry to ensure that the solution eventually adopted would balance the legitimate rights, needs, and responsibilities of the government, citizens, providers of critical infrastructure, third-party stewards of data, and innovators.”

The issue brought to the table in Australia shines a spotlight on a controversial topic with global implications. Undoubtedly, these discussions conducted by International governments, advocacy groups and technology companies will become more urgent as new cyberattacks and data breaches unfold.  BSA is encouraging the establishment of standards to govern how personal data is used. In their recently released Privacy Framework guidance for policymakers, BSA supports making collection and use of personal data more transparent, giving consumers more control over their personal data, enabling governance over data collection and use, providing robust security, and promoting the use of data for legitimate business purposes.

The Privacy Framework incorporate ten components:

  1. Transparency: Organizations should provide clear and accessible explanations of their practices for handling personal data, including the categories of personal data they collect, the type of third parties with whom they share data, and the description of processes the organization maintains to review, request changes to, request a copy of, or delete personal data.
  2. Purpose specification: Personal data should be relevant to the purposes for which it is collected and obtained by lawful means.
  3. Informed Choice: Organizations should provide consumers with sufficient information to make informed choices and, where practical and appropriate, the ability to opt out of the processing of personal data.
  4. Data Quality: Personal data should be relevant to the purpose for which it is used and, to the extent necessary for those purposes, should be accurate, complete, and current.
  5. Consumer Control: Consumers should be able to request information about whether organizations have personal data relating to them and the nature of such data.
  6. Security: Organizations should employ reasonable and appropriate security measures designed to prevent unauthorized access, destruction, use, modification, and disclosure of personal data based on the volume and sensitivity of the data, size and complexity of the business, and cost of available tools.
  7. Facilitating Data Use for Legitimate Business Interests: Privacy frameworks should facilitate the use of data for legitimate business purposes.
  8. Accountability: Organizations should develop policies and procedures that provide the safeguards outlined in this framework.
  9. Legal Compliance and Enforcement: Organizations that determine the means and purposes of processing personal data should have primary responsibility for satisfying legal privacy and security obligations.
  10. International Interoperability: Privacy frameworks should enable and encourage global data flows, which underpin the global economy.

You can read the entire framework document here.


Blog Archiv

November 2021
October 2021
September 2021
August 2021
July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
October 2016
September 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016