Tag Archives: Sandra Särav

Privacy concerns over fingerprint collecting from e-residents

Biometric data of all individuals who have applied for or own Estonian identity cards, irrespective of whether they are national identity documents or digital identity documents meant exclusively for e-identification, are stored in digital database, archived and retained for 50 years (in case of e-residency, this is done to avoid conferring duplicate identities to one person).

From the perspective of e-residents, this is immaterial — the digital identity documents issued do not serve as travel documents, as has been established above. Nevertheless, due to the fact that under the Estonian Identity Documents Act the term “digital identity card” denotes both the e-IDs of nationals as well as e-residents’ e-ID cards, the requirement of biometric identifiers also applies to both.

Drawing on the aforementioned, the authors of the given chapter claim that the failure to differentiate between the two types of documents leads to unnecessary collection of biometric data that is in contradiction with the Data Protection Directive Article 6 principles of purpose and proportionality.

Biometrics as security technology cannot be “thrown in” for good measure, as Estonia seems to have done, without proper analysis of risks for the protection of fundamental rights and freedoms, not considering whether the purpose to be achieved could not be achieved by less intrusive means.

The practice is indeed questionable, since in case EU citizen applies for Estonian residency, the objective of “avoiding conferring duplicate identities to one person” is achieved by less intrusive means without fingerprints being collected.

Links:
http://link.springer.com/chapter/10.1007%2F978-3-319-26896-5_4

Interdisciplinary Cyber Research (ICR) workshop 2016

TTU_centre_for_digital_forensics_and_cyber_security

2nd of July, 2016 — Tallinn, Estonia

The aim of the workshop is to bring together young as well as established scholars undertaking research in various disciplines related to information and communication technologies such as computer sciences, political and social sciences, and law.

Agenda:
09:00 – Opening words, Ms Anna-Maria Osula & Prof Olaf Maennel
09:10 – Keynote, “On Artificial Intelligence and Steering the Future”, Mr Jaan Tallinn
10:05 – Keynote, “Artificial Intelligence: Will Judges and Lawyers Ever Enter the 20th Century (Never Mind the 21st Century)?”, Mr Stephen Mason
11:00 – Coffee Break

11:30 – 13:00 SESSION 1: Use and Abuse of the Internet
Maarja Pild, “Liability for Posting, Liking, Tagging, Sharing or Doing Nothing at All on Facebook”
Lolita Berzina, “Application of the Right to Be Forgotten and the Jurisdiction in Internet”
Eva Vīksna, “Taming the Online Environment – Protection of Copyright on the Internet”
Mari Kert-Saint Aubyn, “Case Study: Ukrainian Electrical Grid Hack”

11:30 – 13:00 SESSION 2: Technology and Emerging Threats
Hayretdin Bahsi, “Mission Impact Assessment of Cyber Threats”
Ismail Melih Tas, Basak Gencer Unsalver, “Our Proposed SIP – Based Distributed Reflection Denial of Service (DRDoS) Attacks & Effective Defense Mechanism”
Johann David Krister Andersson, “Using Internet Protocol Packet Visualization to Support Defence Exercise Debriefing”
Huishi Yin, “Implementation and Evaluation of Kano-like Models Using Data from Online Sources”

13:00 – Lunch
14:00 – 15:30 SESSION 3: Crime and Digital Technologies
Andra Siibak, “”People Who Defend Their Homeland”: Reasons and Motivations for Joining an Anti-Immigration Group on Facebook”
Tõnu Mets, “Admissibility of Digital Evidence”
Tiia Sõmer, “Visualising Cyber Crime based on the E-Crime Project: Mapping the Journeys of Cyber Criminals”
Margus Ernits, “How to Educate the Defenders of Cyberspace”

14:00 – 15:30 SESSION 4: Internet of Things
Michael Hua, “Security Analysis: NFC Tags and Signature RTD”
Petko Stefanov, “An Analysis of Security Flaws in the NFC Communication Protocol of Modern Mobile Devices”
Prescient Kannampuzha, “Security Investigation of a CAN Bus IoT Network Implementation and its Interface to the Internet”
Michael Bassi, “Engineering Change Management for Industrial Control System Security”

15:30 – Coffee break
15:50 – 17:00 SESSION 5: E-Governance
Gerli Aavik, “The Electronic Identification and Trust Service Regulation (EIDAS): An Analysis of its Compatibility with the Estonian E-Government System (EES)”
Sandra Särav, “E-Residency as the Estonian E-Government Éclat: How More Security Can Result in Less Privacy”
Nenin Hadzic, “Determining Specifications of Secure Database Architecture for Use within Australian Online Government”
Osura Jayasundara, “Recommendation of a Unified ID System for E-Government of Australia”

15:50 – 17:00 SESSION 6: Identity Theft and Verification
Torsten Schmickler, “Biometrics: the Future of Identity Verification”
Adrian Daniele, “Ethernet Device Anomaly Detection Using a Digital Fingerprint”
Olga Rodionova, “Medical Data Security of Wearable Fitness Devices”
Arnis Paršovs, “Security Analysis of Instant Messenger TorChat”

Registration deadline for non-authors is 27th of June 2016.

Links:
http://cybercentre.cs.ttu.ee/en/icr2016/