Security and Privacy Working Group - BDWG S&P
Submissions to the NIST BDWG Security and Privacy sub committee for inclusion into the first version of the Big Data Standards. The co-chair(s) asked that these contributions be added as an appendix, which were not included nor represented in the publication, in a meaningful way.

Gaps in BDWG workgroup stakeholder skills

Issue #1

Working Group(s) including the NIST workers claimed the standards being developed were focused on new capabilities introduced by the technology.  Not focused on any single vendor/supplier.  

Issue #2

Working group members including workers were unable to recognize when they were introducing new ways of doing what was already being done or in conflict with existing data standards. 

Issue #3

The many stakeholders contributing to the development of these standards were not representative of the existing stakeholders certified and none of the certifying agencies experts were invited.  Audio and Video experts and all of the standards practiced in the delivery of the surveillance technologies were not included in the early versions. 

  • Justice Systems - would not meet the criteria for "valid(ity) nor meet the audit worthy criteria for use as evidence
    • Police departments most requested facial recognition capability-an ability to edit the video or image used during the identification of a criminal. 
      • Police have acquired the capability which allows a person to be applied to a situation with or without the persons involvement. 
    • The underlying data appliance is OPEN by design-basic security features were not available when using the technology. 
    • No roadmap was planned in 2015 which is when I stopped participating- instead the expectation was that an add on application would serve the purpose.  Although, the bottom line is that having no security at the appliance provides nothing more than a perception of security and zero opportuntity to protect the privacy of any individual.  

First Issue

Who owns the data about an individual?  A person cannot be owned by any other person nor would any organization or agency own an individual.  The rational surrounding who collects and processes massive amounts of personal data(most often without the persons knowledge) self designation as an owner of the data about individuals is in conflict with the rights of the person. 

 

The individual must protect their reputation whether in physical sense as confirmed by the 4th amendment


The first draft of NIST BDWG Security and Privacy - using an approach where first all the research done by the National Network to End Domestic Violence.  a) Victims have rights beyond the human rights, civil rights and each persons recovery from victim to survivor depends on the protection of the rights in all technology transfers.  b) a data owner must have control and be aware of the threat against them. 

Justice

Technology Transfer

Prior Informed Consent - Sexually Explicit Content from Children

 

Safety Online

NEDV Projects

 

 

CONTEXT(Help)
-
Pattern Language Perspective »Pattern Language Perspective
Intimacy Gradient 1  »Intimacy Gradient 1
Technology Transfer - A Per Cloud Proposal »Technology Transfer - A Per Cloud Proposal
IT - Infrastructure as a Service »IT - Infrastructure as a Service
Big Data - Data Owners aka Big Data Controllers  »Big Data - Data Owners aka Big Data Controllers
Security and Privacy Working Group - BDWG S&P
7 Steps tp Privacy »7 Steps tp Privacy
Domestic Violence - National Network to End Domestic Violence »Domestic Violence - National Network to End Domestic Violence
1st contribution to the draft report »1st contribution to the draft report
First Draft Report »First Draft Report
+Comments (0)
+Citations (0)
+About