Empowering individuals to control their personal information

Here is a seriously interesting paper that came out of the UK a year ago: “Empowering individuals to control their personal information”.  It is a background paper presented to a conference on “Privacy by Design” which was all about providing a proactive approach to privacy protection.  It was held on 26 November 2008 and hosted by the UK Information Commissioner’s Office in Manchester.

When Less is More

Last week the Sydney Morning Herald published, “When the small print leaves us all at sea”, a very good article by Annette Sampson. It really got me going.

Neil Armstrong & Buzz Aldrin: Leading Privacy Campaigners …

This is not a long blog.  I encourage you to read a longer article & possibly explore further from there.

E-security Awareness: When it comes to Personal Information, it’s Security AND Privacy ‘cos there is no trade-off

The experiences of handling (and losing) personal information have a lot to tell us about better security in any organisation. 

How often have you heard somebody argue that there has to be a trade off between security and privacy?

The argument usually runs something along the lines that in order to keep you secure, you have to give up some aspect of your privacy.  For example, you must exhibit a lot of evidence of identity before completing a transaction or joining a group or organisation.

Top 10 themes from RSA Security Conference as seen by iTnews

For all those Mac fans who think that they are immune from vulnerabilities, think again. 

Swinging pendulums: accountability, the Global Financial Crisis and prosecuting Google in Italy

As the political pendulum swings back towards more regulation of the markets, how do we stop it from swinging too far?

I am a free marketeer.  Within limits.

For over a decade, I worked in Department of Finance as a proud part of the micro-economic reform revolution wrought by the Hawke-Keating governments that contributed so much to economic growth in the subsequent decade.  As a member of the Management Improvement Advisory Committee of the government’s Management Advisory Board, I also led some of the teams introducing world class public management reform, seen by many in the OECD as an exemplar to be followed.

A New Year’s Resolution? Don’t forget ID Management, Mutual Authentication and the ruthless power of social engineering!

May you all have a Happy New Year that is also safe online and offline and where you, not others, control what happens to the personal information about you and about what you are doing.

Strasbourg in 3 hours

The centre of old Strasbourg offers a unique mixture of French and German cultures. Home of the European Parliament, this city is famous for its magnificent Gothic cathedral and pâté de foie gras which is said to have been invented here in about 1780.

Cusco & Machu Pichu – a postcard from Peru

The historic capital of the Inca Empire, Cusco is situated 3,400 m above sea level, so you'll need at least a day of acclimatising before doing anything else.

Accountability, partners in the value chain and trans border data flows: looking elsewhere

As information flows ever more easily between jurisdictions, how can effective regulatory protections be put in place for the stakeholders?

This question applies equally to the protection of intellectual property (IP) as it does to the protection of personal information (PI) or any other valuable information assets held by an organisation.  It also applies equally to organisations in the private sector, be they banks or online retailers, as it does to government agencies, be they policing agencies or anything else in various services (Customs, Immigration, national security etc) or even hybrid processes such as the exchange of Passenger Name Records between airlines and authorities or fulfilling anti money laundering obligations.

The privacy conversation is not moving; The Identity Management debate is

What is happening in the global debate on how to make it safe for individuals to share personal information (or have it shared), otherwise known as "information privacy"?  What about a significant part of this discussion, developing identity management arrangements for the 21st century that respect the individual, otherwise known as "user centric identity management"?

Is rationality returning to the official debate over the “war on terrorism”?

The debate has been long on rhetoric and short on cold, hard analysis.  But it may be about to improve.