"Privacy Baseline" For European EID Cards

"Privacy Baseline" For European EID Cards 24

Posted by timothy on Tuesday February 03, 2009 @01:20PM from the you-don't-need-to-know-to-that dept.

giles hogben writes "This paper from the European Network and Information Security Agency looks at the roll-out of privacy features in electronic identity card technology (PDF) over Europe. It includes numerous tables for easy comparison but doesn't make too much comment on the relative privacy-merits of different cards. Readers can draw their own conclusions though ..."

"Privacy Baseline" For European EID Cards

This discussion has been archived. No new comments can be posted.

Load All Comments

Search 24 Comments Log In/Create an Account

Comments Filter:

Hey guys! (Score:3, Insightful)

by fuzzyfuzzyfungus ( 1223518 ) writes: on Tuesday February 03, 2009 @01:24PM (#26712641) Journal

Here is the list of eID privacy features you asked for. Don't worry, it's not like you get to choose whether you carry one or not, and which one you carry, so don't get too excited. Have a great day!

- - Re: (Score:2)
    
    by Mind Booster Noori ( 772408 ) writes:
    
    Unfortunately not every country is like Finland on that regard: in Portugal, for instance, every citizen has to own and carry their ID card (which, on the other hand, has no RFID, so you have to use a card reader). Also, if you read the report, you'll see that the problem isn't only on RFID, so having an RFID-blocking wallet won't help you that much...
- Re: (Score:2)
  
  by KlaymenDK ( 713149 ) writes:
  
  At home, eating dinner. :) Or watching tv.
  Or ... reading FTA. Ok, ok, only kidding!
  - Re: (Score:3, Interesting)
    
    by KlaymenDK ( 713149 ) writes:
    
    Ok, so I haven't exactly read all 24 pages, but I've given them a good skim and studied some of the notes.
    It seems to me to be a good primer, but I don't for a second think that anyone who matters will pay it deserved consideration. (Such is my trust in and opinion of politicians.)
    Anyway, Denmark, as I well knew already, is not really on the list except as part of the EU. But even so, we do have a central ID register that's represented in the form of a plastic card (no chip, only magstripe and barcode) with
- Re: (Score:1)
  
  by zeridon ( 846747 ) writes:
  
  Here ...
  Now ... it is 6PM (GMT) where do you think normal people are ... traveling home maybe ...
  Just let me finish reading and maybe i will rant
- Re: (Score:2)
  
  by Teun ( 17872 ) writes:
  
  Europeans have a far greater trust in their governments than Americans, rightly or wrongly.
  But many have noticed that all the designs for stricter and more comprehensive electronic ID schemes are coming from the US government.
  For many years Europeans and Americans could go and visit each other without many barriers but especially after 9/11 the demands on Europeans travelling to the US have dramatically increased.
  Had it been up to Europe we'd still use the old and trusted paper passports.
  Personally I'm qui
  - Re: (Score:1, Insightful)
    
    by Anonymous Coward writes:
    
    Personally I'm quite disgusted about this 'bend over' attitude of our politicians but hey, they get more power while blaming the other! (USA)
    Aye. Well, in theory, EU is supposed to exist mainly for stopping that kind of stuff.
    When USA said "We now demand this. Begin supplying us loads of private info about anyone flying here or you will no longer fly here", EU could have gotten together, smiled and said "Okay. We won't. Say goodbye to all your income and jobs from tourism. And it will work both ways. You won't be getting holidays in Paris, Berlin, Amsterdam, etc. any more. It will hurt both of us a lot. So what about we don't force that to happe
ENISA (Score:3, Interesting)

by Elektroschock ( 659467 ) writes: on Tuesday February 03, 2009 @02:31PM (#26714123)

What you have to understand that ENISA is a completely useless EU agency [enisa.org] residing in Greece. It was installed by the lobby, and is back mostly by BSA members as Symantec, Microsoft,...
This year the Commission attempted to rewind it by merging its competences into a new regulatory institution for the Telecom sector. However the Telecom package debate lead to the rejection of the regulatory authority and thus to the survival to ENISA.
In other words, this institutione is owned by the industry lobby. It is just an advisory institution and its guidance is bullshit so far. It has no competence to propose laws or anything.
The studies carried out so far are of low quality and target imaginary audiences. For them Enisa experts have trivial recommendations. And Enisa openly says it lacks expertise and asks the vendor lobby for input. Enisa is a placebo institution for IT security. Anything that comes out of the body is suspicious.

- Re: (Score:2)
  
  by Mind Booster Noori ( 772408 ) writes:
  
  Funny, according to their website [europa.eu] (which is not what you linked, BTW) none of their members seem to be part of any lobby, much less representatives of entities such as Symantec, Microsoft and so on. I could be wrong, but I'll have to ask you to please back up your statements with evidence...
  - Re: (Score:2)
    
    by Elektroschock ( 659467 ) writes:
    
    McGann is the lobbyist of EICTA. You don't expect members of the administration to work for a lobby organisation. The question is who defines what they do. And here ENISA does mostly awareness raising efforts for imaginative audiences.
    http://www.enisa.europa.eu/pages/05_01.htm [europa.eu]
    The point is not what ENISA is but what it is not! Ask European IT security experts what they think about ENISA and their consultant puppets.
    - Re: (Score:2)
      
      by Mind Booster Noori ( 772408 ) writes:
      
      If your point is that "their work gets no attention" of even "their work is useless", I might agree with you. But if you're saying they're lobby puppets, then I want proof, that is all.
      - Re: (Score:2)
        
        by Elektroschock ( 659467 ) writes:
        
        You don't know Enisa. But I do know for whom Ebert works for.
        
        Re: (Score:2)
        
        by Mind Booster Noori ( 772408 ) writes:
        
        Prove.
tl;dr (Score:2)

by AmiMoJo ( 196126 ) writes:

Unfortunately privacy just isn't an important political issue.
Privacy? (Score:2)

by Wowsers ( 1151731 ) writes:

Dear citizen of the EUSSR,
Here is the privacy you can expect from an ID card:
NONE!
Thank you for your tax money to aid the state oppression of Europe's citizens. We knew you'd never consent to having ID cards, that's why we sneaked in ID laws under disguise of other laws (see UK as an example of how state oppression is pushed through).
Have a nice day.
Want to know how to make a card private? (Score:2)

by mlts ( 1038732 ) * writes:

OK, this is rough thought, but this is one way off the top of my head to make privacy as integral as part of the structure as security.
First of all, start with your average smart card, have your user private key on it and a PIN. The key stored can be revoked by whatever the EU's CA is and reissued.
Now, start adding certificated by whatever certifying agencies. For example, a county adds a certificate that this user is born in their county. A university adds a certificate that the user got a B. S. in chai

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

"Privacy Baseline" For European EID Cards 24

"Privacy Baseline" For European EID Cards More Login

"Privacy Baseline" For European EID Cards

Hey guys! (Score:3, Insightful)

Re: (Score:2)

Re: (Score:2)

Re: (Score:3, Interesting)

Re: (Score:1)

Re: (Score:2)

Re: (Score:1, Insightful)

ENISA (Score:3, Interesting)

Re: (Score:2)

Re: (Score:2)

Re: (Score:2)

Re: (Score:2)

Re: (Score:2)

tl;dr (Score:2)

Privacy? (Score:2)

Want to know how to make a card private? (Score:2)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot