Sunday, April 01, 2007

Security and privacy

Security and privacy are often seen to be in opposition: we're often asked to give up some of our privacy for safety. By letting the trusted good guys watch everything we do, presumably the bad guys won't have a chance to do anything bad.

The Royal Academy of Engineering has just released a report disagreeing with that view. They claim that it is possible to design systems that increase security without eroding privacy.

For many electronic transactions, a name or identity is not needed; just assurance that we are old enough or that we have the money to pay. In short, authorisation, not identification should be all that is required. Services for travel and shopping can be designed to maintain privacy by allowing people to buy goods and use public transport anonymously.

The Register has more, and the full report is here [PDF file].

No comments: