The Future of Privacy
Is there a future for privacy?
The target of this session is to illuminate security of personal data from a strategic point of view: Risks, controls & measures, and future trends. At the end of this discussion process there could be a set of expert statements concerning now and future challenges for improving the security of personal data. This set of statements we can use for a public OWASP privacy-campaign. During OWASP Summit 2011 there was already a session concerning privacy (see(1)) - the widespread results of this workshop may serve as a basis for this session.
You may say: Privacy is not a principal point in the work of OWASP. But let me counter:
- Privacy is a very important topic for really everyone, it’s a topic of information security - so it should be for OWASP too.
- Improving privacy in future will be primarily a software challenge - especially for web applications and IoT. That is OWASP.
- OWASP is well known by experts, but not in the public. I think OWASP should have more weight in public discussion. And a privacy campaign might be a tool to raise public attention.
- Personal data risk assessment: Definition and categorization of assets, criticality, vulnerabilities, threat vectors, risks. Which work is already done, what has still to be worked out?
- Privacy-“triage”: which kinds of data are already “lost”, which can still be saved?
- Which technical solutions we will be needed in future - not what is technical possible but what is needed from the viewpoint of individuals?
- Which are the upcoming challenges of web application security for improving privacy / protection of personal data?
- Who are the stakeholders of these technical developments
- Which driving forces can be used for kick-off development processes?
- OWASP Privacy statements
- Concept of a campaign and compliance of OWASP community and foundation, road map
- Everyone who cares about privacy.
References: (1) OWASP Summit 2011 Working Session “Privacy” ( https://www.owasp.org/index.php/Talk:Summit_2011_Working_Sessions/Session073 )
Back to list of all Working Sessions and Tracks
Edit this page here