1 the interplay of stopping computer crime while protecting privacy svein yngvar willassen...
TRANSCRIPT
![Page 1: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/1.jpg)
1
The interplay of stopping computer crime while protecting privacy
Svein Yngvar Willassen
Department of Telematics,
Norwegian University of Science and Technology
![Page 2: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/2.jpg)
2
It is already far too late to prevent the invasion of cameras and databases. The djinn cannot be crammed back into its bottle. No matter how many laws are passed, it will prove quite impossible to legislate away the new surveillance tools and databases. They are here to stay.
Accountability is the one fundamental ingredient on which liberty thrives. Without the accountability that derives from openness -- enforceable upon even the mightiest individuals and institutions -- how can freedom survive?
D. Brin, The transparent society, 1998
![Page 3: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/3.jpg)
3
Definitions: Privacy
Privacy is the claim of individuals, groups, or institutions to determine for
themselves when, how, and to what extent information about them is
communicated to others.
A. Westin, Privacy and Freedom, 1967
![Page 4: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/4.jpg)
4
Definitions: Computer Crime
A crime in which a computer was directly and significantly instrumental
J. Taber, One Computer Crime, Computer Law Journal, 1979
Action directed against the confidentiality, integrity and availability of computer systems, networks and computer data as well as misuse of such systems, network and data
Preamble, Council of Europe Cybercrime Convention, Budapest 2001
![Page 5: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/5.jpg)
5
Consequence of Definitions
Computer crime is a threat against computers and the information stored therein. The rightful owners of information are thereby deprived of their ability to decide for themselves how this information is spread to others.
Computer crime is harmful to privacy.
Stopping Computer Crime is Preserving Privacy!
3
![Page 6: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/6.jpg)
6
Protecting Privacy from Computer Crime, Options
- Protect
- Protect, detect and stop
- Protect, detect, stop and investigate
- Don’t use computers
- Protect, detect, stop, investigate and prosecute
4
![Page 7: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/7.jpg)
7
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Information flow
Detection and investigation of Computer Crime must be based on information about the occurred events.
Detection, investigation and prosecution relies on information (evidence) distilled from the pool of data that has been recorded about the events that occured.
![Page 8: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/8.jpg)
8
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Information flow
![Page 9: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/9.jpg)
9
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Information flow
The amount of information available in each step is determined by various considerations, among them privacy:
- by regulations (statutory requirements, recommendations, standards)
- by policy
This affects the outcome of the investigation and prosecution.
Terminology from [Breaux, Anton et.al 2007]
![Page 10: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/10.jpg)
10
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Event Data generation
Data about occurring events is generated on computers involved in the occurring events.
End users may use Privacy Enhancing Technologies to control the visibility of the event information to others.
![Page 11: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/11.jpg)
11
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Event Data generation
Anonymization:
- Decouples the event data from an individual, so attribution becomes impossible.
- Enhances privacy but reduces the investigative
value of the data
- Examples of statutory provisions outlawing
anonymization.
![Page 12: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/12.jpg)
12
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Event Data generation
Encryption:
- Hides data content from anyone not in possession of a key.
- Enhances privacy but reduces the investigative
value of the data
- Examples of government efforts to prevent
effective encryption for investigative reasons
![Page 13: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/13.jpg)
13
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Storage/Retention
Storage and retention of event data is to a very little extent determined by users themselves:
- Local storage/retention determined by applications and operating systems
- Event data is retained on computers controlled by others than the end user
![Page 14: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/14.jpg)
14
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Storage/Retention
Privacy provisions:
- Provisions that do not allow data processors to store data without “informed consent” from the data owner. (Directive 95/46/EC)
- Example: Logs of internet usage shall not be
stored or retained unless needed for invoicing.
(Effectively anonymization)
![Page 15: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/15.jpg)
15
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Storage/Retention
Storage/retention requirements:
- Provisions that require the storage and retention of specific types of data.
- Example: Financial accounts
- Example: EU Directive on Data Retention
4
![Page 16: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/16.jpg)
16
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Seizure
- Seizure of data for investigation purposes is in most jurisdictions restricted to crimes of a certain seriousness
- Must be decided by an independent party (court) after having reviewed the information that leads to the seizure request.
- Protect the privacy of third parties as well as the accused in cases where the suspicion is too weak.
5
![Page 17: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/17.jpg)
17
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Investigation
Investigation aims at extracting the information of interest in the case from the seized data. (Evidence)
Provisions may disallow investigation of certain material for privacy reasons:
- Records from certain professions such as lawyers, physicians
- Trade secrets
6
![Page 18: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/18.jpg)
18
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Reporting/Presentation
The investigator includes in his report what he finds relevant to the case.
The results may be presented in public hearings. Thus, details never meant for the public will be publicly disclosed. This has privacy implications for those involved in the case.
![Page 19: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/19.jpg)
19
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Evidence relied on by fact finder
A fact finder (court) is obliged to comply with statutory requirements.
- Evidence admissibility
- Unlawfully acquired evidence
7
![Page 20: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/20.jpg)
20
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Investigation / Privacy
The investigation process is harmful for privacy
- Details about individuals will be publicly revealed without consent
- The process is to a large extent outside of control by the individual
![Page 21: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/21.jpg)
21
Event Data
Stored
Retained
Presented
Seized
Investigated
Reported
Relied on
Investigation / Privacy
Computer crime is even more harmful for privacy
- Investigating and prosecuting crimes prevents crime harmful to privacy.
- Legal protection should limit the privacy harm done by investigations, at least to third persons.
- Do perpetrators have an expectation of privacy?
![Page 22: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/22.jpg)
22
The interplay of stopping computer crime while protecting privacy
Svein Yngvar Willassen
Department of Telematics,
Norwegian University of Science and Technology
![Page 23: 1 The interplay of stopping computer crime while protecting privacy Svein Yngvar Willassen Department of Telematics, Norwegian University of Science and](https://reader035.vdocuments.net/reader035/viewer/2022070409/56649e725503460f94b71d55/html5/thumbnails/23.jpg)
23
A proposed middle ground
- Separate knowledge of behavior from knowledge of identity
- Privacy is only compromised by knowledge of both behavior and identity
- Proposed default rule: knowledge of behavior is visible but knowledge of identify is concealed, and will only be revealed under legal procedures.
- Correspond to the Internet (with data retention)
C. Demchak, K. Fenstermacher,
Balancing Security and Privacy in the 21st century, 2004