Speaking of Security – The RSA Blog and Podcast

• Home

Taking Me with Me

Written on July 30, 2012 by Rashmi Knowles

Comments

So, here we are with my pet topic – The proposed EU Data Directive.  Its ultimate goal is to protect the privacy of the EU citizen. One of the proposed changes is the ‘right to be forgotten’ so that an individual can request for their data to be deleted.  If this change goes through, it will present several challenges to all organizations that collect, process and keep citizen information which is pretty much every single organization in the EU.  A happy medium would be where individuals can trust the organizations to use their data for the purposes they have consented to and provide proof that their data has been deleted when requested. Encryption may be the answer here.

Image courtesy of www.freedigitalphotos.net

Encryption and key management have come a long way since they were first used and are becoming much more powerful, easier and cost effective to set up and use. So, imagine if you as an individual could actually keep your information encrypted with your own key.  Organizations could encrypt data based on a different key for each user and either provide the encryption key or allow users to use their own keys.  When a user wants ‘to be forgotten’ they could simply withdraw or delete the key.  Of course, the encryption will have to be built into the systems as part of the privacy by design objective, but it would provide the user with confidence that their data has been deleted and removes some of the burden from organizations.

Taking this a step further, what if we had portable global identities that we could take with us anywhere we went.  For example, when you move  to a different country you could take all your data with you – eliminating the need to set up new banking, healthcare, employment history, etc.  A friend of mine recently moved to the US and had difficulty getting a credit rating to rent an apartment, buy a car or even set up a bank account because she had no credit history in the US – creating portable identities could alleviate problems like this

I look forward to a day when I can keep me with me but until then be careful with your data…

• 

Leave a Reply

Click here to cancel reply.

Name (required)

Mail (will not be published) (required)

Website

• Topics

  • Advanced Threats
  • Authentication
  • Big data
  • Cloud Security
  • Compliance
  • Consumer Security
  • Cryptography
  • Cyber Security Training
  • Cybercrime and Fraud
  • Cyberwarfare
  • Data Loss Prevention
  • ecommerce
  • Encryption & Tokenization
  • Enterprise Security
  • Governance, Risk & Compliance (GRC)
  • Government & Policy
  • Identity & Access Management
  • Information Sharing
  • Insider Risk
  • Intelligence-driven security
  • IT Security
  • Mobile Security
  • Passwords
  • PCI
  • Personal Security
  • Podcasts
  • Privacy
  • Risk Management
  • RSA Conference
  • Security Analytics
  • Security Information and Event Management (SIEM)
  • Security Management
  • Software Assurance
  • Standards
  • Uncategorized
  • Virtualization

• Speaking of Security Podcast

  • Non-malware Penetration Techniques of an Advanced Attacker – Podcast #246
  • Building a Next Generation SOC – Using Intelligence to Find the Threats; Podcast #245
  • Safe Online Holiday Shopping Beyond Cyber Monday – Podcast #244
  • Protecting Banking Users from Online Account Takeover – Podcast # 243
  • Hackers Targeting Treasure Troves of Healthcare PII – Podcast #242

• RSA Connection

  • 
  • 
  • 
  • 
  • 
  • 
  • 
  • 
  • 
  • 
  • 
  • 

• Blog Authors

  • Idan Aharoni
  • Eric Baize
  • Erin K. Banks
  • Heidi Bleau
  • SBIC Blog
  • Sean Brady Director of Identity & Data Protection Product Mkting
  • Chris Corde Director of Corporate Strategy
  • Art Coviello
  • Sam Curry CTO, Identity & Data Protection
  • Identity and Data Protection Beat
  • Ian Farquhar
  • Seth Geftic
  • Will Gragido
  • Bob Griffin Chief Security Architect
  • Advanced Cyber Defense/ Incident Response Chatter
  • GRC Insights
  • Dr. Ari Juels RSA Chief Scientist
  • Rashmi Knowles Chief Security Architect, EMEA
  • Security Management Insights
  • Nirav Mehta
  • Alison Parker
  • SOS Podcast
  • Jason Rader Chief Security Strategist
  • RSA FraudAction Research Labs
  • Steve Schlarman eGRC Solution Architect
  • Payment Security Focus
  • RSA First Watch

• Tag Cloud

  Advanced Persistent Threats advanced threats APT APTs Archer Authentication Big Data botnet cloud Cloud Security Compliance credit card fraud cybercrime Cybercrime and Fraud Cyberwarfare DLP eGRC encryption Fraud fraudsters GRC malware Mobile Security mules PCI compliance PCI DSS Phishing privacy risk risk management RSA Conference SecurID security intelligence security management SecurityWeek SIEM SpyEye Stuxnet tokenization trojan trojans trust Virtualization Zeus Zeus Trojan

© Copyright 2011 EMC Corporation. All Rights Reserved.
The opinions expressed here may be personal. Content published here is not read or approved in advance by EMC
and does not necessarily reflect the views and opinions of EMC.

• Legal
• Privacy
• Contact RSA