From: | Moreno Andreo <moreno(dot)andreo(at)evolu-s(dot)it> |
---|---|
To: | pgsql-general(at)lists(dot)postgresql(dot)org |
Subject: | Re: [SPAM] Re: Key encryption and relational integrity |
Date: | 2019-04-02 15:50:20 |
Message-ID: | 114d039f-9bb6-ae57-dc4d-97e0c926f849@evolu-s.it |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Il 01/04/2019 20:48, Rory Campbell-Lange ha scritto:
> On 01/04/19, Moreno Andreo (moreno(dot)andreo(at)evolu-s(dot)it) wrote:
> ...
>> I'm not forced to use pseudonimysation if there's the risk to get
>> things worse in a system. I've got to speak about these"two opposing
>> forces at work" to a privacy expert (maybe choosing another one, as
>> Peter suggested :-) ) and ask him if it could be used as a matter of
>> declining pseudonymisation because of "pseudonimysation puts at risk
>> overall performance or database integrity"
> How to interpret the pseudonymisation conditions is ... complicated.
Yes, it is indeed... :-)
> The
> UK's Information Commissioner's Office (ICO) writes that
> pseudoanonymisation relates to:
>
> “…the processing of personal data in such a manner that the personal
> data can no longer be attributed to a specific data subject without
> the use of additional information, provided that such additional
> information is kept separately and is subject to technical and
> organisational measures to ensure that the personal data are not
> attributed to an identified or identifiable natural person.”
>
> and that this "...can reduce the risks to the data subjects".
>
> The concept of application realms may be relevant to consider here. An
> application may be considered GDPR compliant without pseudonymisation if
> other measures are taken and the use case is appropriate.
That could be my case, so I'll have to discuss the strategy and measures
to be adopted with a privacy consultant.
>
> On the other hand, a copy of a production database in testing which has
> been pseudonymised may, if compromised, still leak personal data. As the
> ICO states:
>
> “…Personal data which have undergone pseudonymisation, which could
> be attributed to a natural person by the use of additional
> information should be considered to be information on an
> identifiable natural person…”
>
> https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/what-is-personal-data/what-is-personal-data/
>
> If leakage occurs pseudonymisation has achieved nothing.
That's another aspect of the question.
Thanks for the clarification,
Moreno.-
From | Date | Subject | |
---|---|---|---|
Next Message | Magnus Hagander | 2019-04-02 18:08:15 | Re: CVE-2019-9193 about COPY FROM/TO PROGRAM |
Previous Message | Andres Freund | 2019-04-02 15:31:25 | Re: CVE-2019-9193 about COPY FROM/TO PROGRAM |