Feeds

back to article EU security agency draws 'privacy baseline' for ID cards

Europe urgently needs to develop a strategy for protecting the privacy of data held through national ID card schemes, a European security agency warns. ENISA (the European Network and Information Security Agency) argues that the "vast disparity between privacy features in electronic ID cards across Europe" is creating a recipe …

COMMENTS

This topic is closed for new posts.
b
Stop

I'll believe it when I see it.

and incidentally biometrics are part of the problem, not the solution.

0
0

Europe saves us from our muppet leaders again

If this was being conceived in the uk, the baseline on privacy would be : "What privacy, nothing to hide then nothing to fear".

0
0

Privacy Baseline =

Newspeak for 'no privacy protections whatsoever'

0
0
Flame

UK Muppets obfuscate yet again

Amazing, here we are, less than 12 months from UK cards starting to be distributed and yet our bunch of plonkers STILL won't tell us how or if they intend to implement privacy on the ID card's data content.

The safest approach is to assume the anybody can and will read everything on the card without the owner's knowledge and, using whats on the card, can and will read everything on the database.

Welcome to the goldfish bowl, citizen.

0
0

DIY privacy countermeasures

When RFID tags are the size of grains of pepper, and virtually impossible to see (now, folks)... when RFID tags are so ubiquitous that their unit price is comparable to ground pepper (now, folks)... when tag readers/writers become commodities (soon, folks)... who, valuing their privacy, will leave home without a pocketful of pepper, to be trailed like electronic chaff from a black helicopter... and when there is so much chaff in the streets and in the air that every lampost, mall door, and till overloads the uberdatabase... presumaby the tourists will be simply able to sneak under the radar.

0
0
Anonymous Coward

@UK Muppets obfuscate yet again

"The safest approach is to assume the anybody can and will read everything on the card without the owner's knowledge and, using whats on the card, can and will read everything on the database."

Should go

"The safest approach is to assume the anybody can and will read everything on the card without the owner's knowledge and, using whats on the card, can and will read everything on the database and that all of the data is incorrect."

That should be the safe approach to the database, becouse hey even if there's a 1% margin of error that's a fair few people, and seen as they intend on harvesting the national register from existing sources I recon 1% is a best case.

"Mr Smth"

"No it's Smith"

"I'm afraid you're wrong, you're Mr Smth"

"No I'm not. Here all my utility bills."

"Bootboys take this man to the catacombs he's obviously some kind of terrorist! Why else would you have so many fake documents saying you were Mr Smith eh Mr Smth?"

I look forward to "Sorry you can't get health care becouse the computer says you're dead."

"But I'm clearly not dead."

"I'm afraid I'll have to report this to the Bootboys."

"Good I'd like to clear this up."

Taser fire and a quick ride to the catacombs

"So 'Mr Jones' how did you get this card?"

"You issued it to me!"

"O really, and why would we issue a card for someone whose dead?"

"I'm not dead!"

"No and there in lies the problem, see you can't be Mr Jones, becouse the database clearly says that Mr Jones is dead."

But at least it would be easy for the boot boys to fix that problem, just kiill the error (person.)

0
0
Silver badge
Boffin

Privacy Baseline...?

You want a privacy baseline? I'll give you one...

Fuck off, it's none of your damn business!

Good enough?!

0
0

@Graham Marsden

Yep.

0
0
This topic is closed for new posts.