Most implementations of government data sharing lack adequate privacy protection for citizens, a member of the data privacy and advisory council at the US Department of Homeland Security has warned.
Speaking at the Oasis ID Trust Workshop running at the Burton Group Catalyst conference in Barcelona today (22 October 2007), John Sabo, who is also president of the International Security Trust and director of government relations at CA, said, "Chief security officers are not looking at data privacy. Policies on security and privacy are unclear."
Addressing delegates at the workshop, he said governments had no desire to support privacy. "Everyone wants to collect information. Most countries have data laws that enable people to see what data is stored about them but do not have sufficient identity management to support this requirement."
Without sufficient identity management to protect privacy, data could be misused. Sabo warned that the problem not only affected government systems. "Flows of information in business are being caught up by government policy." He said that even though business would normally be able to provide a level of "privacy protection" implemented through strong authentication and identity management within their enterprise systems, this trust model is lost when the data is shared with governments.