tag:blogger.com,1999:blog-6974997875021040765.post392993706893617550..comments2024-03-12T12:04:59.304+01:00Comments on Peter Fleischer: Privacy...?: France re-writes the rules of data retentionAnonymoushttp://www.blogger.com/profile/09908660263905877338noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-6974997875021040765.post-21461543846936490592011-04-05T13:35:25.488+01:002011-04-05T13:35:25.488+01:00Dear Peter
Sorry, this might be a bit off-topic, ...Dear Peter<br /><br />Sorry, this might be a bit off-topic, but I had to contact you with an idea.<br /><br />I live in Zurich, Switzerland and I am really sorry about the Swiss court's decision that Google Streetview has to manually anonymize photos now to achieve 100% anonymization.<br /><br />I really love Google Streetview and it is a tool greatly appreciated by the vast majority of Swiss internet users; especially small business owners.<br /><br />I am very sure that Swiss internet users would love to help Google to achieve the 100% anonymization. I therefore suggest a wiki-approach to the problem: Interested volunteers could register online to help Google review streetview pictures and blur remaining faces / number plates online. A second or third volunteer could then sign-off their work and clear the picture for publishing.<br /><br />This way, with thousands of volunteers, effort would be limited for Google (apart from providing the wiki blurring software) and this approach (wiki software) could be used around the globe where needed.<br /><br />Best Regards<br /><br />Monica SchaffhauserMonica Schaffhauserhttp://iSupply.chnoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-47184883765478911552011-03-16T09:13:40.650+01:002011-03-16T09:13:40.650+01:00The decree has nothing to do with data retention l...The decree has nothing to do with data retention legislation, it is a secondary legislation for the French E-commerce directive implementation (LCEN) and it imposes obligations only for hosting providers, not ISPs. The draft was actually made in 2007, when CNIL was asked to comment on it...<br /><br />The problem with the password remains.. but this is NOT data retention.<br /><br />See more info at:<br />http://www.edri.org/edrigram/number9.5/data-retention-hosting-france<br />Or in French<br />http://www.numerama.com/magazine/18191-la-lcen-a-enfin-son-decret-sur-les-donnees-a-conserver-par-les-hebergeurs.htmlAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-22512378767874450362011-03-12T22:39:02.181+01:002011-03-12T22:39:02.181+01:00This law has passwords grouped with other identify...This law has passwords grouped with other identifying data. However, those who drafted the Directive surely intended identifying data to mean data that are useful to an external entity. A password is only identifying within the service provided, and then only in conjunction with a user ID.<br /><br />Passwords don’t belong in a transposition of the Directive into national law, but not because of any blurring of traffic and content data. The Directive is about the past, retaining data speculatively that might not otherwise be retained. A password is about the present and the future. What does a password get you? Access to the account. If the police want to see the current contents of an account or know about future messages, they can go to the service provider and request that data. They might need court approval, they might not. And, if they don’t think a court would approve, going ahead and using the password to gain access probably isn’t a good idea.<br /><br />It’s highly unlikely that the absence of passwords would stop an investigation. Assume a communications system that includes long-term storage, where those running it could not be compelled to assist. Assume the communications can’t be intercepted. Assume neither device at the ends of the communications can be compromised, either through physical access or remote hacking. Then, assuming the suspect had reused a password and the system uses no other authentication factor, it would allow law enforcement or security services to gain access.<br /><br />Another example where law enforcement or security services might consider password reuse is in breaking encryption used on stored data. If a password hasn’t been reused directly, they might still look at other known passwords a suspect has used in the hope of turning a hopeless brute-force attack into a successful, limited search. They want passwords because they’re like content data, giving an insight into someone’s mind. Does the French Constitution provide a right to silence or protection from self-incrimination? The UK doesn’t have these absolute principles and has made failure to disclose encryption keys a criminal offence punishable with up to five years in prison, although that’s an equally shocking piece of legislation.<br /><br />Leaving aside the legality, it’s crazy from a technical point of view. Service providers shouldn’t retain passwords, because it’s really bad security practice. Good practice is storing salted hashes of the passwords. You know a correct password when you see one, but if someone walks off with your user database, the loss of passwords would be limited to those that are very short or common. The computational effort required might protect the weak passwords too.<br /><br />It’s now not possible to run an email service like Hushmail or Lavabit in France. Messages are encrypted when stored on a server, and only the user retains the password to decrypt them. This is a a way to improve the security of any cloud service; any unencrypted data, encryption keys and passwords are limited to volatile memory and wiped as soon as they’re not needed. This doesn’t stop a service provider from being legally compelled to retain the password of a specific user when that user next logs in.<br /><br />It looks like some flic or spook bent the ear of a politician and said that having passwords would be useful, and the politician dutifully slipped it in with no understanding of whether it is necessary or if there’d be any downside.Anonymousnoreply@blogger.com