Slashdot Mirror

← Back to Stories (view on slashdot.org)

Passport May Violate Euro Privacy

Posted by timothy on from the if-you-have-nothing-to-hide dept.

good-n-nappy writes: "More shocking news about Passport. The EU thinks Passport may violate privacy. Of course, Microsoft claims that all data is supplied voluntarily (for now... cue evil laugh). Too bad we in the U.S. will likely have to continue sacrificing privacy for national security." Part of a continuing series.

2 of 20 comments (clear)

  1. Re:Excuse the ignorance... by linuxbert · · Score: 4, Informative

    Your right, the idea is a good one, infact, the CC companies have a Secure online trasaction standard (SET) that is used to authenticate cards, but not have individul mechants deal with the card information.

    The problem with passport, is that some people dontlike all there shopping habits and personal information tied up in a big repository, that could be sold at the drop of a hat.

    Microsoft also has a history of changing policies to benifit them, and take away rights from the user, and there is also the concern of your dataa being kept by microsoft as a result of thier track record on privacy and security of systems

    if visa offered this thier intentions would be to lessn fraud and increase thier profits. id say visa is trust worthy, and has a vaild point, so sign up now, but what is MS's reasons for doing this?

  2. UK Data Protection Act. by Martin+Spamer · · Score: 5, Informative

    The UK Data Protection Act 1998 (http://www.hmso.gov.uk/acts/acts1998/19980029.htm ) governs how 'data-holders' make capture and process personal data.

    This Act is an EU treaty obligation ( http://www.privacy.org/pi/intl_orgs/ec/final_EU_Da ta_Protection.html ) and replaces a similar act from 1984

    The UK Government can be rightly criticised on many aspects of IT legislation, however the Data Protection is not one.

    The Act codifies 'Eight Principals'.

    1. fairly and lawfully processed;
    2. processed for limited purposes;
    3. adequate, relevant and not excessive;
    4. accurate;
    5. kept no longer than necessary;
    6. processed in accordance with the data subject's rights;
    7. secure;
    8. not transferred to countries without adequate protection.

    It seem likely to me that the MS-Passport violates several of these, though most notable numbers 7 and 8.

    The Data Protection Registra/Commissioner.

    http://www.dataprotection.gov.uk