Circular reasoning around Breyer, both affecting trust #45
Labels
legal
Questions or comments regarding data protection/legal topics
privacy risk
Questions or comments regarding privacy issues and concerns
Comments
lbarman
added
legal
This was referenced Apr 8, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The Breyer case invites two types of circular reasoning eventually affecting trust:
For the purpose of increasing trust in the deployment of the system, new laws could be rushed through so as to curtail commercial offerings around Bluetooth tracking (see #43 and #9), at least for the duration of COVID. The opportunity is too great that I would kick myself not to mention it to the authors to slip into their paper.
For the purpose of decreasing trust in the deployment of the system, an actor might want to leverage the interplay between security and data protection (see #44) to actually carry out an attack and therefore force a shift in the data protection assessment (this would then most likely lead to political footballing around whether it would be legal to collect such data under the exact pretense used, delegitimize those deploying the system, etc). In current times, it is my belief that such a trust attack would actually be quite likely.
In other words, the very existence of this trust attack actually increases the chance that some re-identification attack is conducted, which should in turn - via Breyer again! - affect the data protection assessment in the first place.
The text was updated successfully, but these errors were encountered: