Upload
agatha
View
25
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Symposium Interpreting Privacy Principles: Chaos or Consistency? 17 May 2006, Sydney Interpreting the Security Principle Nigel Waters, Principal Researcher. Methodology of Investigation. Identify issues Identify ‘cases’ expressly involving the security principle - PowerPoint PPT Presentation
Citation preview
1
SymposiumInterpreting Privacy Principles:
Chaos or Consistency?17 May 2006, Sydney
Interpreting the Security Principle
Nigel Waters, Principal Researcher
2
Methodology of Investigation
• Identify issues• Identify ‘cases’ expressly involving the
security principle • Primary source - WorldLII Privacy Law
Project
3
4
Methodology of Investigation• Search for relevant material• Iterative process • Will review all published cases• Initial focus on information privacy laws • Progressively extension to other relevant
laws
5
… Unauthorised Use of p.i. … Unauthorised Disclosure of p.i. …
… Loss or corruption of p.i.
Security measures are designed to mitigate the RISK of …
… by someone with authorised accessi.e. exceeding their authority
… by an unauthorised third party e.g. by hacking or phishing
MisuseIncluding: Authorised but improper use?
6
Security Principle - Issues• Reasonableness• Generic Industry standards vs
customised standards for personal information?
• Generic ‘all mode’ vs mode/technology-specific standards
• Human (Personnel) security
7
Security Principle - Issues• Liability – organisation vs employee vs
contractors• Relationship between security and
disclosure• Carelessness
8
9
10
11
12
13
14
15