Most implementations ofgovernment data sharinglack adequate
privacy protection for citizens, a member of the data privacy and
advisory council at the US Department of Homeland Security has
warned.
Speaking at the
Oasis ID Trust
Workshop running at the Burton Group Catalyst conference in
Barcelona today (22 October 2007), John Sabo, who is also president
of the International Security Trust and director of government
relations at CA, said, "Chief security officers are not looking at
data privacy. Policies on security and privacy are unclear."
Addressing delegates at the workshop, he said governments had no
desire to support privacy. "Everyone wants to collect information.
Most countries have data laws that enable people to see what data
is stored about them but do not have sufficient identity management
to support this requirement."
Without sufficient
identity management to protect privacy, data could be misused.
Sabo warned that the problem not only affected government systems.
"Flows of information in business are being caught up by government
policy." He said that even though business would normally be able
to provide a level of "privacy protection" implemented through
strong authentication and identity management within their
enterprise systems, this trust model is lost when the data is
shared with governments.