Ms Christine Page-Hanify Speaker Presentation

| September 10, 2003 | © 2003 IBM Corporation

Harriet PearsonV.P. Workforce and Chief Privacy OfficerIBM

Technology: Supporting a Culture of Privacy in Your Organisation

2

25th International Conference of Data Protection and Privacy Commissioners

© 2003 IBM Corporation

The Information Explosion Continues…

Technology TrendsCOMPUTING

Chips/$ 10x in 5 years Computing power/$ 10x in 4 years

STORAGE

Storage/$ 10x in 6 years

COMMUNICATIONS

Backbone 100x in 5 years Local loop 100x in next 5 years

3



Total Amount of Data Connected to The Internet

2001 1 petabyte (1015 bytes)2006 1 exabyte (1018 bytes)2010 1 zettabyte (1021 bytes)

The result of:

More people spending

More time using

More data-rich applications

More replication and caching of data

4



The Future Is Here…

5



The BIG Question

How to balance individuals’ interest in privacy with the benefits of faster, easier, more insightful sharing of information?

A culture of privacy—supported by technology--is required!

6



Enterprise Privacy Management

Enterprises want to meet privacy expectations – but need support

Privacy practices implementing the promises must be enforced & controlled from access control to privacy authorization

enforcement on enterprise data systems

reporting back to data subjects

audit by independent third parties

Compatibility with laws, regulations, and public promises easy to understand and maintain by non-technical people

easy to derive new policies from existing ones (laws, corporate, sector, …)

well-defined relation to P3P and similar standards as they are developed

10



Some Examples: Privacy-Enhancing Applications and a Standard

Statistical data mining (Hippocratic Database) Novel randomization tricks let enterprises make statistics w/o

putting individual records at risk.

Surveillance technologies (PeopleVision) Novel image processing technologies will hide all personally

identifiable info, until needed (if ever)

EPAL (Enterprise Privacy Authorization Language) Is the first XML based mark up language designed to enable

organizations to translate their privacy policies into IT control statements and enforce policies

11



EPAL Summary

EPAL is designed to make it easier for enterprises to translate their privacy policies into machine-readable descriptions of data handling procedures

EPAL provides enterprises with a way to automate the enforcement of privacy policies across IT applications and systems

enables organizations to enforce P3P policies behind the Web, among applications and databases

EPAL’s evolution has been influenced by feedback from diverse enterprises

can be the core of a coherent privacy mgmt framework

12



Privacy Policy Example

Privacy Statement"Email can be used for the book-of-the-month club if consent has been given and age is more than 13"

User Category

Operation

Condition

Purpose

Obligation

DataData

CategoryCategory

EPAL Rule<ALLOW user-category = "borderless-booksdata-category = "email“purpose = "book-of-the-month-club“operation = "read“condition = "/CustomerRecord/Consent/Book Club=True&& /CustomerRecord/age>13">

14



Government of Alberta – Privacy Architecture

Requirement: a “Privacy/Technology Roadmap” to help apply the Government of Alberta Enterprise Architecture (GAEA) Privacy Principles and guide related technology decisions

Solution: a phased architecture with specific practical near-term guidance and a long range blueprint based on leading-edge thinking such as IBM’s EPA and EPAL

15



Phase 1 Terminology – a common language for discussing privacy requirements, issues and solutions Identification Keys - how will data subjects be uniquely identified? Data Classification - how should personal information or its uses be classified? Data Sharing, Re-Use and Placement – to what extent can personal information be shared

between departments and where should it be stored?

Phase 2 User Interface - what privacy related features are required and what should they look like? Data Transformation - guidance for rendering data anonymous Data Subject Access to Data – how should Data Subjects be provided with access to their own data? Software Acquisition Criteria – privacy criteria for both privacy-enhancing and general software

Consent and Choice - rules for what consents and choices are to be offered

Access Control – expression of “need to know” in a privacy context

Phase 3 Use of Technology to Monitor Privacy Compliance - where should technology be used vs.

processes and procedures Use of Technology to Enforce Privacy Rules - where should technology be used vs. processes

and procedures

GoA Privacy Architecture Requirements

16



Phase 1: Terminology Privacy Glossary Identification Keys Identification Key Scheme/Privacy Protection Component Data Classification Privacy Taxonomy – P3P and EPAL based Data Sharing, Re-Use and Placement Data Band Placement Process

Phase 2: Data Transformation Privacy Transformation Techniques Software Acquisition, User Interface, Consent and Choice Privacy Design

Guidance Access Control EPAL-based access rules Data Subject Access Process leveraging Privacy Taxonomy etc.

Phase 3: Technology to Enforce/Monitor Privacy EPA/ISTPA based component/services

based conceptual model

GoA Privacy Architecture Solutions

17



Concluding Thoughts

Foundational work underway by various vendors and early-adopting leaders to refine privacy-enabling technologies and business processes

Pace of adoption: led by “early adopters,” needs support by all stakeholders; e.g. data protection commissioners, advocates, other leaders

Ms Christine Page-Hanify Speaker Presentation

Technology

culture of privacy

privacy requirements

privacy expectationsbut

privacy technology awareness

privacy related features

support privacy practices

public privacy noticelimited

ibm privacy research