9 June 2016

Is data privacy an absolute right?

According to William Hague, there can be no absolute right to privacy. Do you agree?

dc smallSpeaking at Infosecurity Europe, Hague discussed the government’s stance on strong encryption and how Snowden helped in the fight against terror. Whilst, there are clear motivations for preventing terrorism through data surveillance, there are also strong arguments to protect our personal and business data – especially when data is stored or transferred across the globe.

Whilst there seems to be a focus on security when it comes to Snoopers’ Charter, there are still huge holes in the government’s online presence. For example, the EU registration site.

We are all aware of the technical issues with the website as the registration period for the referendum drew nearer. As a note, the rush of traffic should have been irrelevant. It’s a high bandwidth, big data site, it should have been ready.

When looking into this, it appears that the website is hosted with a San Francisco-based CDN provider. And, although the website is delivered by the CDN so we can’t say where precisely the data is stored, the move to host with an American provider certainly raises data security questions in my head.

The American data privacy and security laws are shaky at best. Does this mean that the US government could access the Gov.UK data under the NSA’s authority?

There’s a case raging still with Microsoft and their Irish data centres. The American Department of Justice has demanded data from the Ireland-based DC, a request refused by Microsoft. However, two judges have already backed the DoJ and the case is reaching its second appeal, having been ongoing since 2013. This case could be pivotal in the Safe Harbour and data regulation negotiations. Should Microsoft’s appeal fail, the Privacy Shield / Safe Harbour ruling would effectively collapse and we’d see a huge industry shift.

Aside from the security, it’s a real shame to see the government hosting with an American provider. There is a raft of fantastic British hosting providers who could’ve made data security guarantees and delivered the speed and performance this high traffic site needs.

Perhaps it would be too much to ask for the government to practice what they preach when it comes to buying British?

However, it’s too late for conjecture on that matter. What does concern me is the security of our data. With Snoopers’ Charter undecided, America’s level of data protection undecided and the NSA’s access to European data undecided – there are significant doubts around our privacy abroad and the protection of British data.

It’s certainly a controversial topic. What do you think? Are you concerned about your data?

Back to Blog