Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Privacy News

"Privacy Baseline" For European EID Cards 24

giles hogben writes "This paper from the European Network and Information Security Agency looks at the roll-out of privacy features in electronic identity card technology (PDF) over Europe. It includes numerous tables for easy comparison but doesn't make too much comment on the relative privacy-merits of different cards. Readers can draw their own conclusions though ..."
This discussion has been archived. No new comments can be posted.

"Privacy Baseline" For European EID Cards

Comments Filter:
  • Hey guys! (Score:3, Insightful)

    by fuzzyfuzzyfungus ( 1223518 ) on Tuesday February 03, 2009 @12:24PM (#26712641) Journal
    Here is the list of eID privacy features you asked for. Don't worry, it's not like you get to choose whether you carry one or not, and which one you carry, so don't get too excited. Have a great day!
  • ENISA (Score:3, Interesting)

    by Elektroschock ( 659467 ) on Tuesday February 03, 2009 @01:31PM (#26714123)

    What you have to understand that ENISA is a completely useless EU agency [enisa.org] residing in Greece. It was installed by the lobby, and is back mostly by BSA members as Symantec, Microsoft,...

    This year the Commission attempted to rewind it by merging its competences into a new regulatory institution for the Telecom sector. However the Telecom package debate lead to the rejection of the regulatory authority and thus to the survival to ENISA.

    In other words, this institutione is owned by the industry lobby. It is just an advisory institution and its guidance is bullshit so far. It has no competence to propose laws or anything.

    The studies carried out so far are of low quality and target imaginary audiences. For them Enisa experts have trivial recommendations. And Enisa openly says it lacks expertise and asks the vendor lobby for input. Enisa is a placebo institution for IT security. Anything that comes out of the body is suspicious.

    • Funny, according to their website [europa.eu] (which is not what you linked, BTW) none of their members seem to be part of any lobby, much less representatives of entities such as Symantec, Microsoft and so on. I could be wrong, but I'll have to ask you to please back up your statements with evidence...
  • Unfortunately privacy just isn't an important political issue.

  • Dear citizen of the EUSSR,

    Here is the privacy you can expect from an ID card:

    NONE!

    Thank you for your tax money to aid the state oppression of Europe's citizens. We knew you'd never consent to having ID cards, that's why we sneaked in ID laws under disguise of other laws (see UK as an example of how state oppression is pushed through).

    Have a nice day.

  • OK, this is rough thought, but this is one way off the top of my head to make privacy as integral as part of the structure as security.

    First of all, start with your average smart card, have your user private key on it and a PIN. The key stored can be revoked by whatever the EU's CA is and reissued.

    Now, start adding certificated by whatever certifying agencies. For example, a county adds a certificate that this user is born in their county. A university adds a certificate that the user got a B. S. in chai

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...