IPC - Office of the Information and Privacy Commissioner/Ontario | Discussion Papers http://www.ipc.on.ca en-us Biometric Encryption Chapter from the Encyclopedia of Biometrics http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=918 The following is a chapter on Biometric Encryption excerpted from the Springer Encyclopedia of Biometrics. Thu, 24 Dec 2009 00:00:00 GMT A Discussion Paper on Privacy Externalities, Security Breach Notification and the Role of Independent Oversight http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=916 Prepared for The Eighth Workshop on the Economics of Information Security University College, London, England June 24, 2009 Tue, 22 Dec 2009 00:00:00 GMT SmartPrivacy for the Smart Grid: Embedding Privacy into the Design of Electricity Conservation http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=912 (<a href="http://www.ipc.on.ca/english/Resources/News-Releases/News-Releases-Summary/?id=911">News Release</a>) Tue, 17 Nov 2009 00:00:00 GMT A Pragmatic Approach to Privacy Risk Optimization: Privacy by Design for Business Practices http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=909 This paper introduces Nymity’s Privacy Risk Optimization Process (PROP), a process that enables the implementation of privacy into operational policies and procedures, which results in <em>Privacy by Design</em> for business practices. The PROP is based on the International Organization for Standardization (ISO) concept that risk can be both positive and negative. Based on this concept, ISO also defines Risk Optimization as a process whereby organizations strive to maximize positive risks and mitigate negative ones. The PROP uses these concepts to implement privacy into operational policies and procedures. (<a href="http://www.ipc.on.ca/english/Resources/News-Releases/News-Releases-Summary/?id=908">News Release</a>) Tue, 10 Nov 2009 00:00:00 GMT Remote Home Health Care Technologies: How to Ensure Privacy? Build It In: Privacy by Design http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=903 (<a href="http://www.ipc.on.ca/english/Resources/News-Releases/News-Releases-Summary/?id=902">News Release</a>) Mon, 02 Nov 2009 00:00:00 GMT Privacy by Design: Essential for Organizational Accountability and Strong Business Practices http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=904 <br> Mon, 02 Nov 2009 00:00:00 GMT Get rid of it <strong><em>Securely</em></strong> to keep it Private - Best Practices for the Secure Destruction of Personal Health Information http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=900 This is joint publication between Commissioner, Dr. Ann Cavoukian and Robert Johnson, Executive Director of the National Association for Information Destruction (NAID). This publication was borne out of a particular Health Order (HO-006) which Commissioner Cavoukian issued this past summer regarding records containing personal health information being found scattered on the streets, in Ottawa, outside a medical centre housing a medical laboratory. The publication outlines a number of <em>Best Practices</em> that can be employed in the secure destruction of personal health information records. These include: developing a secure destruction policy that is clear, understandable and leaves no room for interpretation; segregating and securely storing records; determining the best methods of destruction; documenting the destruction process; considerations prior to employing a third-party service provider; disposal of securely destroyed materials; and ensuring compliance. Thu, 29 Oct 2009 00:00:00 GMT Youth Online - Beware of the "5 Ps' When Using Social Networks: <em>Focus!</em> http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=928 31st International Conference of Data Protection and Privacy Commissioners, Madrid, November 4-6, 2009 Thu, 22 Oct 2009 00:00:00 GMT Privacy by Design: The 7 Foundational Principles http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=883 <p>This useful sheet outlines The 7 Foundational Principles of <em>Privacy by Design - </em>a concept that Commissioner Cavoukian developed back in the 90’s, to address the ever-growing and systemic effects of Information and Communication Technologies, and of large-scale networked data systems. <em>Privacy by Design </em>asserts that the future of privacy cannot be assured solely by compliance with regulatory frameworks; rather, privacy assurance must ideally become an organization’s default mode of operation. <em>Privacy by Design </em>now extends to a “Trilogy” of encompassing applications: 1) IT systems; 2) accountable business practices; and 3) physical design and infrastructure. </p> <p>(Revised December 2009)</p> <p></p> Thu, 20 Aug 2009 00:00:00 GMT The Relevance of Untraceable Biometrics and Biometric Encryption: A Discussion of Biometrics for Authentication Purposes http://www.ipc.on.ca/english/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=879 Commissioner Cavoukian and Max Snijder, CEO, European Biometrics Forum co-authored this vision paper that discusses the need for secure storage and privacy protection for biometric reference data. Their discussion is meant to touch on the distinguishing features of the algorithmic process defined by BE, the terminology that best describes this process, and to provide a springboard for further thought leadership on the policies and guidelines needed to distinguish between conventional and untraceable biometrics schemes.<br> <br> (Updated August 2009)<br> Wed, 15 Jul 2009 00:00:00 GMT