Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

Panel: Security and Privacy: Are they Two Sides of the Same Coin?

Thursday, 6 December 2012
15:30 - 16:50

Diamond

Chair: Lillie Coney, EPIC

The panel topic will explore the complimentary role that privacy plays in enforcing and reinforcing security objectives while sustaining democratic values.  Transparency, accountability and oversight should not be limited to policy discussions, but should be central to security organizational culture. There can be no privacy without security, but there can be security without privacy. Is the US is constructing a glass-society? The important and not so important individuals by societal definitions all live in the same digital environment. People who fill key roles in domestic security, national defense and law enforcement all consume and use digital information services just as all consumers do.  However, the key questions for them is: can they be clearly seen and identified by their data profiles or footprints; are their connections online like tethers to the important roles they fill in society;  are their vulnerabilities obvious and exploitable? The answers to these questions can place additional pressure on the question of secondary uses of data can have broader implications.

Privacy is assured by data subject control and data holder transparency, accountability and oversight. From a privacy perspective the more sensitive the information the more protection it should have and some personal information should never be linked to other personal data or be subjected to data mining. The most difficult challenge is developing policy  that can adjust to protect new forms of sensitive personal information that will emerge in an environment of massive personal data collection over long periods of time--perhaps an entire life. Making the case security argument for access to all personal data all of the time will be countered by justifiable and rationalized access to personal information for specified purposes. Finally, the panel will explore why it is important to create mechanisms within security environments for enforcing privacy rules regarding data collection, retention and use that can be proven to be  enforceable and are enforced.

Panelists:

Christopher W. Clifton
Associate Professor of Computer Science
Perdue University

David Farber
Professor Emeritus
University of Pennsylvania

Sherry Burs-Howard
Lead Cyber Security and Privacy Engineer Mitre

 

Powered by OpenConf®
Copyright ©2002-2012 Zakon Group LLC