Tag Archives: Taavi Kotka

SK Annual Conference 2017

E-identity event SK Annual Conference 2017 will take place on November 2, 2017, Baltic Station old waiting area (Toompuiestee 37, Tallinn).

Agenda:
09:00-09:30 Registration and morning coffee
09:30-10:30 Overview of SK 2017, Kalev Pihl, SK
10:30-11:00 Smart-ID: fast start and future plans, Kaido Irval and Georg Nikolajevski, SK
11:00-11:15 Cofee Break
11:15-11:45 The future of authentication in SEB. When will the code cards disappear? Ragnar Toomla, SEB
11:45-12:15 DeepScan, Lauri Ilison, Nortal
12:15-13:00 Lunch
13:00-14:00 Keynote: The Future of Technology Through the Mind of a Hacker, Pablos Holman
14:00-14:45 Panel discussion, Pablos Holman and Taavi Kotka
14:45-15:00 Cofee Break
15:00-15:30 RSA (implementations) attack history and lessons, Arne Ansper, Cybernetica
15:30-16:00 eID year in retrospect, Anto Veldre, RIA
16:10-16:40 Round of question and answers
16:40-17:00 Summary of the day by digital world enthusiasts
17:00-18:00 Evening snack

Registration till October 20.

Links:
https://www.sk.ee/ettevottest/sk-aastakonverents/aastakonverents-2017

Data Protection Inspectorate allows to process personal data in privacy-preserving manner

sharemind-it-students-deployments

In Estonia, the Ministry of Education and Science keeps track of students and the Tax and Customs Board keeps track of working (by tracking income tax payments). If data scientists could access these databases, they could find the correlation between working during studies and not graduating in time. However, this data cannot be shared because of the Personal Data Protection Act and the Taxation Act (not to mention the relevant EU regulation). This prevents such studies from being performed.

Personal Data Protection Act actually permits processing of personal data for research purposes (see § 16), although data mining in privacy-preserving manner might have some advantages.

We used the Sharemind Application Server with its analytics package Rmind to perform the study in a privacy-preserving way. The privacy-preserving solution was checked by the Estonian Data Protection Inspectorate. Their response was that our solution does not process Personally Identifiable Information (PII) in the meaning of the law.

For actual privacy of the study the institutions are required to audit the code which is being run on the Sharemind server. In this case Tax and Customs Board had a person having skills and willingness to audit the code:

Furthermore, the Tax and Customs Board reviewed Sharemind’s source code to ensure that everything is performed according to the study plan.

The  findings of the study:

Our study showed relations between higher education and higher income, but we found no relation between working during studies and not graduating on time. Instead, it turned out that Estonian students of all fields work an equal amount. Also, our data showed clearly the reduction of employment during the financial crisis in 2008.

Links:
https://www.youtube.com/watch?v=Age06E1TWaA
http://sharemind.cyber.ee/stories_privacy-preserving-policy-decisions.html
http://news.err.ee/v/politics/education/01447de3-b5ef-4863-a42b-8275eb823cab/studies-majority-of-it-students-drop-out-of-university
http://eprint.iacr.org/2015/1159