In December 2020 the European Commission published a proposal to repeal the current NIS Directive (European Directive on Network and Information Systems) and to replace it with a new Directive: the so-called NIS-2 Directive. This post will give an update on the status of negotiations of NIS-2, and will outline the aspects we already know and don’t know about the upcoming Directive’s final form.
Cyber Talk: Contact tracing apps: balancing public health and personal privacy – 30 June 2020
30 June 2020 – Cyber Security Coalition
A strategic weapon against Covid-19 infections spiking, will be contact tracing apps for nipping new outbreaks in the bud. However, such an app is fraught with privacy issues. Bart Preneel presented an extremely clear and extensive explanation how these apps should and can be made both effective and respectful of privacy!
Starting with a quick overview how apps have been used in the battle against Covid-19, Bart Preneel focused on how to apply apps to contain the pandemic, by providing information on contacts of people before they show symptoms. Basically, you want to know who was near an infected person for a significant period of time. Say, closer than 1,5 m for about 15 minutes. Those people should be contacted to get them tested. Using the Bluetooth technology in mobile phones can capture this information.
Two developments are key. The development of the Exposure Notification API by Google and Apple allows for the basic exchange of data between phones for use by contact tracing apps. Even more important is the Decentralized Privacy-Preserving Proximity Tracing protocol (DP-3T), of which Bart Preneel is a co-developer. He explains how D3-PT as foundation of contact tracing apps instills trust in users and allows for cross-border interoperability. An extensive explanation of the working of such an app is given!
Actually, Belgium’s being rather late in the contact tracing app game is somewhat of an advantage, as our country can benefit from the efforts of other countries. And learn from mistakes made in other countries (e.g. France).
Contact tracing is a sensitive topic, with dangers in both manual and technological approaches, and plenty of unreliable information. Consider this presentation of Bart Preneel as a ‘single source of truth’!
Other blog posts
Ransomware – today’s universal cyberworry – is but one aspect of a crime: cyber extortion. Orange Cyberdefense provides some insights into this scourge, based on its ‘Security Navigator 2022’-report.
The Cyber Security Coalition and top cybersecurity trainer SANS Institute joined forces to provide specially needed insights and recommendations on successful cloud security, as well as how to handle cyber security in these times of war.
It is easy to drown in the sea of dire warnings about the danger of AI, in particular to our privacy. The main point is that AI in good trust is possible, but requires solid, long term and well-structured approaches. This session of the Privacy focus group offers some crucial insights and welcome examples.
On computer security day we pay tribute to Ada Lovelace, the forgotten mother of the computer. Often described as the first computer programmer — before computers were even invented — Ada was a real visionary. Imagine what she might have achieved had Babbage actually built his “computer” and she hadn’t died at the age of 36.