{"id":1182,"date":"2011-03-31T04:26:26","date_gmt":"2011-03-31T12:26:26","guid":{"rendered":"\/?p=1182"},"modified":"2011-03-31T14:27:11","modified_gmt":"2011-03-31T22:27:11","slug":"malcolm-compton-on-power-imbalance-and-security","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=1182","title":{"rendered":"Malcolm Compton on power imbalance and security"},"content":{"rendered":"<p>Australia&#39;s <a href=\"http:\/\/www.crn.com.au\/News\/252868,ex-commissioner-calls-for-privacy-restructure.aspx\" class=\"broken_link\">CRN reports<\/a> that former Australian Privacy Commissioner <a href=\"http:\/\/www.openforum.com.au\/blogs\/malcolm-crompton\">Malcolm Crompton<\/a> has called for the establishment of a formal privacy industry to rethink identity management in an increasingly digital world:<\/p>\n<p style=\"PADDING-LEFT: 30px\">Addressing the <em>Cards &amp; Payments Australasia<\/em> conference in Sydney this week, Crompton said the online environment needed to become \u201csafe to play\u201d from citizens\u2019 perspective.<\/p>\n<p style=\"PADDING-LEFT: 30px\">While the internet was built as a \u201ctrusted environment\u201d, Crompton said governments and businesses had emerged as \u201cdigital gods\u201d with imbalanced identification requirements.<\/p>\n<p style=\"PADDING-LEFT: 30px\">\u201c<strong>Power allocation is where we got it wrong<\/strong>,\u201d he said, warning that organisations\u2019 unwarranted emphasis on identification had created money-making opportunities for criminals.<\/p>\n<p>Malcolm puts this well.\u00a0 I too have come to see that\u00a0the imbalance of power between individual users and Internet\u00a0business\u00a0is one of the key factors\u00a0blocking\u00a0the emergence of\u00a0a safe Internet.\u00a0<\/p>\n<p>CRN <a href=\"http:\/\/www.crn.com.au\/News\/252868,ex-commissioner-calls-for-privacy-restructure.aspx\" class=\"broken_link\">continues<\/a>:<\/p>\n<p style=\"PADDING-LEFT: 30px\">Currently, users were forced to provide personal information to various email providers, social networking sites, and online retailers in what Crompton described as \u201ca patchwork of identity one-offs\u201d.<\/p>\n<p style=\"PADDING-LEFT: 30px\">Not only were login systems \u201cincredibly clumsy and <a href=\"http:\/\/www.itnews.com.au\/News\/252613,bank-security-experts-play-up-social-risks.aspx\">easy to compromise<\/a>\u201d; centralised stores of personal details and metadata created honeypots of information for identity thieves, he said&#8230;<\/p>\n<p style=\"PADDING-LEFT: 30px\">Refuting arguments that metadata \u2013 such as login records and search strings \u2013 was unidentifiable, Crompton warned that organisations hording such information would one day face a <a href=\"http:\/\/www.itnews.com.au\/News\/232868,facebook-slammed-for-deceptive-approach.aspx\">user revolt<\/a>&#8230;<\/p>\n<p style=\"padding-left: 30px;\">He also recommended the use of cloud-based identification management systems such as Azigo, Avoco and OpenID, which tended to give users more control of their information and third-party access rights.<\/p>\n<p style=\"padding-left: 30px;\">User-centricity was central to Microsoft chief identity architect Kim Cameron\u2019s \u2018Laws of Identity\u2019 (<a href=\"https:\/\/www.identityblog.com\/stories\/2005\/05\/13\/TheLawsOfIdentity.pdf\">pdf<\/a>), as well as Canadian Privacy Commissioner Ann Cavoukian\u2019s seven principles of \u2018Privacy by Design\u2019 (<a href=\"http:\/\/www.ipc.on.ca\/images\/Resources\/7foundationalprinciples.pdf\" class=\"broken_link\">pdf<\/a>).<\/p>\n<p>Full article <a href=\"http:\/\/www.crn.com.au\/News\/252868,ex-commissioner-calls-for-privacy-restructure.aspx\" class=\"broken_link\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u201cYou can make money for one year, three years, five years by exploiting people, but you can\u2019t grow without trust\u201d<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,17,40],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1182"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1182"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1182\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1182"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1182"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1182"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}