Monday, December 1, 2008

Canada backpedals on sharing ID database with U.S. - What is the difference between sharing and copying?

The Globe and Mail posted an interesting article entitled "Canada backpedals on sharing ID database with U.S.".

Here is a great example of the differences between sharing access to information and copying information between organizations. It seems the original plan was to let the U.S. "house a database of personal information about Canadians who hold special driver's licences aimed at better securing the border." Plans changed after criticism from both federal and provincial privacy commissioners.

Once in the control of the U.S., the data "could be disclosed to other organizations for any other purpose as authorized by law." While there are obviously good intentions by all parties, the problem is, that once out of the control of Canadian authorities, it would be difficult for them to audit how the U.S. used the data. And in the event of any problem, the multi-jurisdictional issues, would be difficult at best. Sharing entire databases requires enormous trust between governments for this to happen.

The Canadian Border Services Agency now says the data will be housed in Canada where the agency will be responsible for its security. What is the difference? Well, a couple come to mind:
1. The data remains in Canadian jurisdiction and its use subject to Canadian law.
2. The CBSA is now in a position to audit each use of the data by the U.S.

In this scenario, the CBSA is acting as an "authoritative" data source. By collecting and retaining the information, it is appropriate that the authority maintain control over the data's use as it has the responsibility for loss, breaches in security, and most importantly the quality of that data.

The sad thing, is that proposals to share CDs of databases are nothing new. I seem to recall an incident in the UK not too long ago.

Because of this issue alone, it is my personal belief that federated identity systems are going to become critical to improving personal privacy down the road. To date, the focus of federated system deployments has been on single-sign-on approaches linking different sites that each hold permanent copies of our personal information. But as federation technologies become more widely deployed, they can and should be used to share identity information, on-demand, where the transfer can be secured with user consent, and where request for information can be audited.

No comments:

Post a Comment