Big Data Challenges and opportunities for governments

Size: px
Start display at page:

Download "Big Data Challenges and opportunities for governments"


1 Big Data Challenges and opportunities for governments Paper Authors: Simona Candrian Route St. Thérèse 2a, 1700 Fribourg Richard Conrardy Chemin du Sonnenberg 5, 1700 Fribourg Course Name: Electronic Government Chair of Information Management Examiner: Prof. Andreas Meier Supervisor: Luis Teran Date of submission: Fribourg 01.Dec. 2013

2 Contents List of figures Introduction Architecture of Big Data Sources of Big Data Enterprise Data Public Data Sensor Data Social Media Transactions Data Warehouses OLAP and OLTP Security risks Cryptography Diffie-Hellman key exchange Block-cipher Baby step giant step algorithm Public acceptance and concerns Psychological aspect Problems for democracy and juridical process Proposed solutions by other authors Concerns in Switzerland Comparative Study Cases NSA all your database belongs to the US Prism Bullrun Tempora P a g e

3 5.1.4 XKeyscore Muscular The five eyes Study Case 2: Swiss Secret Service - Statutory reform of the law What the Federal Intelligence Service is and what they do The reform and the main changes Critique Voices Switzerland - Open Government Project About the project Benefits and chances of Open Data Risks of open data Summary of the interview with Armin Grossenbacher What we could achieve By the people, for the people Of the people How to convince the Swiss citizens a proposal for an information campaign Conclusion Limitations...34 Limitations for the implementation of the proposed project...34 Limitation of this study...35 References...36 Appendix...39 Proposed Flyer for a PR-Campaign P a g e

4 List of figures Figure 1 Knowledge, the kernel of data... 4 Figure 2 The sources of big data... 5 Figure 3 Transaction and analysis of data... 8 Figure 4 The Diffie-Hellman key exchange...11 Figure 5 The balance of privacy and knowledge...12 Figure 6 Private Data in Internet whom do the Swiss citizens trust?...15 Figure 7 The programs linked to XKeystroke...19 Figure 8 The five eyes...20 Figure 9 FIS Sources...21 Figure 10 Tools of the PR-Campaign...32 Figure 11 The wheels that provide openness P a g e

5 1 Introduction Information is the currency of democracy - Thomas Jefferson For some people we live in an age of wonder where internet advertisement shows up at exactly the right time with exactly the right product. For some we live in an age of conspiracies where google, the NSA and the illuminati all work together to brainwash citizens. The truth is out there and can be found through one thing, data, Big Data to be exact. We re in the age of information and information is the product of raw data. Data suffers from an image problem. In itself it is neutral, it consists of unorganized facts and figures that may or may not have some relation between them. In light of recent post-snowden revelation, people are afraid of Big Data and try not to provide any data. As a student of information management this is a pity. Trough data we gain information: contextualized, condensed data. When information is truly understood we gain knowledge. Governments could benefit greatly from collecting data. They are in a position to unify data collection and they have the funds to analyze this data and to gain information. This work will illustrate an ideal data and information flow which will lead to a smarter society. Governments of the people, by the people, for the people should not fail to gain the big data challenge. Knowledge Information Data Figure 1 Knowledge, the kernel of data 4 P a g e

6 2 Architecture of Big Data Everyone with an electronic device is producing data and lots of it. Figure 2 gives a broad overview of possible sources. We d like to show what is possible and what is acceptable in data collection. Tracking electronic devices is just one of many approaches. We will provide a quick overview of the architecture behind Big Data, but we will not discuss data analysis algorithms. Online processing software will be discussed as it will explain later how data and information transfer is possible. Through showing the possibilities of Big Data we d like to advertise data sharing to governments. Towards this goal we will provide a discussion about the public trust. 2.1 Sources of Big Data Do not seek for information of which you cannot make use. Anna C. Brackett Public Data Enterprise Data Big Data Sensor Data Transactions Social Media Figure 2 The sources of big data Data is collected by many means and by many people or even machines. 5 P a g e

7 2.1.1 Enterprise Data Enterprise data is huge, every company produces a huge mass of data. For example their customer databases show who buys which product from what location and how they access it. Government could use such data to analyze how many people use which data interface, and what products are particularly popular in which region, thus giving their national industry a boost, helping their citizens get what they need faster and reducing the carbon footprint all around Public Data Public data is already owned by the government. It consists of data of the population in general Sensor Data People transport more and more sensors with them. They might be as subtle as a light sensor in a laptop to adjust background lighting of the screen. However nowadays more portable devices such as smartwatches or fitness devices even carry a big load of sensors such as accelerometers, pedometers, GPS or heart rate monitor. This is probably the most interesting data, but the hardest to get as it heavily interferes with people s privacy. However on the other hand being able to get heart rate data real time for example could help runners suffering from a heart attack, or even only getting GPS data could tell us about how people are traveling (going 80 km/h on a train line is clearly taking the train, while going 7km/h on the same line is clearly going by foot). However there are even more sensors in machines not connected to humans. For example every computer measures the temperature of its CPU, or automated doors collect indirect data on how many people enter through a certain entrance or exit. ABI research gave a prognostic that by 2020 around 30 billion devices will be wirelessly connected to the internet of things Social Media People do not only amass personal data, they also produce public data by sharing something on the internet. Analyzing twitter posts could for example give an idea of the word pool of the population, and could thusly serve to measure the language skills or compare them between regions. The content could also be analyzed over key-words to seek for patterns. This is already done over google-searches however the interpretations of this data is kind of vague. If a lot of people 6 P a g e

8 are talking about ice-cream, it might correlate with a heat-wave or diabetes, but it is a long shot nonetheless Transactions Whenever two entities communicate through an electronic device, the communication itself produces data. The data is thus more than the sum of the information exchanged. The most important part here however will be money transactions, the government could have a direct knowledge on how people spend their money, and how much they gain and a tax declaration would thus be superfluous. This data is already collected by banks and shops alike, however as the data is precious it is not easily shared. 2.2 Data Warehouses Knowledge is of two kinds. We know a subject ourselves, or we know where we can find information upon it. Samuel Johnson A Data Warehouses (DW) is a database which can be analyzed (see OLAP) to gather intelligence (see BI) however it is not meant to keep track of the latest company transaction (see OLTP). Thus its performance is not diminished by too many systems that need to access it. A DW consists thusly of two units, the data base which stores facts / data and relations (relational database) and metadata which gives information about the data. The second block inside a DW is the management system, it manages the queries and manipulations on the data base through programming langues as for example SQL. In addition to this it can have special functions such as recovery, reorganization and safety or data protection. The use of this kind of structure over a simple storing is that you can separate data and business logic that the data will not be easily manipulated, redundancy (and thus costs) are controlled, multiple users can access the data at the same time and data protection is easier to apply. To redefine a data warehouse with these concepts A data warehouse is a subject oriented, integrated, non-volatile, and time variant collection of data in support of management s decisions. (Inmon, 1996) 7 P a g e

9 What this means is that data is classified according to subjects (as for example clients, products, addresses, birthdays, etc.). SQL thus makes it easy to find every client who lives in a certain street born between 1980 and Integration means that data is standardized, certain citizens might enter their date of birth as 9/23/74, while other say it s , the data warehouse will represent this data all in the same way to reduce redundancy of having two representations and to allow for an OLAP to show the date the American way and the European branch might want it displayed in their way. Same standardization can for example be applied to units and currencies (if attention is paid to market fluctuations). Non-volatility means that data in general never gets deleted or changed, DW are read only, except when current information gets inserted. Data gets transformed and standardized before it enters the DW. Analytics need to be based on historic data to see the initial causes of a problem that arose much later. DW thus are time variant, they save the data from different times and do not overwrite it, data thus always contains a time dimension and data is usually saved over 5 to 10 years OLAP and OLTP Data OLTP DW OLAP Figure 3 Transaction and analysis of data Online analytical processing systems are strongly related to business intelligence and need a DW to be established. They are used to perform analytics over a large pool of data to support business decisions. In general an OLAP system is based on SQL and provides more usability, 8 P a g e

10 while multidimensional data can be described in 3D-Datacubes, programs like Microstrategy use embedded tables. Other possibilities venture into NoSQL, which offer broader possibilities, while a third option is graph databases like Neo4j. Online transactional processing systems on the other hand are on the side that delivers information on a day to day basis. In our case this would be in the hands of civilians to give the input they want into the data warehouse to create big data. In the case of big data, OLTP is vastly automatized as for example sending app-usage automatically to the state. In Big Data the challenge will largely be the quantity of OLTP users, and the amount of data analyzed by an OLAP. While OLAP system do not need to have a high availability, the OLTP systems have to be available at all time to collect the necessary data. Figure 3 provides a short overview, OLTP transfer data from many users to one data warehouse, inside this data warehouse OLAP act upon this data warehouse to gain information. 3 Security risks 3.1 Cryptography Cryptography is the term to lock data so that it can only be used by someone who knows a certain passphrase, a key. A major boon in internet communication has been the paper published by Withfield Diffie and Martin Hellmann in Directly afterwards in 1977 the RSA algorithm was published by Ron Rivest, Adi Shamir and Leonard Adleman. Before giving and idea how these algorithms work, we will give a very short idea why they are secure. Multiplication of any kind of numbers is a very easy mathematical operation, easily reproduced by any computer, multiplying prime numbers, say P 1 and P 2 is not only an easy operation but it is a bijection, a function giving an exact pairing between two sets, in this case the set of subsets of prime numbers and the set of numbers. Prime numbers are also useful in that the mod P n group is a division ring (or skew field) if and only if P n is a prime number. 997*983*941 is thus very easy, the result being found in a matter of milliseconds. However the inverse operation of asking the factorization (unto prime numbers) of is much, much more costly in mathematics. This unevenness of this operation is exploited in all asymmetrical keys. The problem is however that computers improve fast, according to Moore s 9 P a g e

11 law the number of transistors double every 2 years. Thus the keys (the prime numbers) have to get bigger from time to time, currently the transition from 1024 bits to 2048 bits is being made, as 1024 bit maybe broken too easily. One huge problem with algorithm however is that it relies on this mathematical problem (discrete logarithm problem) that hasn t been solved yet. Unlike other problems that have been proven unsolvable (zeros of a general polynomial of n th degree, with n > 5) the RSA problem could be solved in the future and in fact weaken all of the internet security. The asymmetrical encryption is costlier than the symmetrical one, which is why the first is used to share a key that the second one uses. Then a block cipher is used to encrypt data using the key created by the Diffie-Hellman key exchange Diffie-Hellman key exchange The two partners Alice and Bob (standard names in cryptography) want to exchange information securely. They agree to use p=23 prime number and g an arbitrary base that will help to encrypt their message. The private key of Alice could be a=6, and Bob could choose b=15. She sends Bob the public key A=g a mod p. Bob does the same with his number. A=8, B=9, a rather easy computation. Alice now calculates the key, k=b a mod p, which is the same as A b mod p, k=2. This only works because they work over a division ring as p is a primer number. For the algorithm to be safe the prime numbers will of course be a lot larger. The key will afterwards serve to encrypt pages in a symmetrical way as the Diffie-Hellman algorithm would be slow for a constant communication, and symmetrical cryptography is a lot more cost effective Block-cipher Like the Diffie-Hellman key exchange a part of the block cipher is public. It s a function (or algorithm) with a paired inverse function. E encrypts, and D decrypts and both functions take two arguments, one variable of n bits and one parameter of k bits, and the image of the function is an n-bit output. To make things easier everything is represented in binary code, the most basic of computer languages. The parameter, K of k bits, which is the key from the Diffie- Hellman key exchange and the plain message P of n bits, which is for example a letter written in binary. The function E is thus defined as follows: E K (P):= E(K,P):{0,1} k * {0,1} n {0,1} n 10 P a g e

12 And the inverse function with the encrypted message C E K -1 (C):=D K (C)=D(K,C):{0,1} k * {0,1} n Asymetric encryption Symetric encryption Diffie- Hellmann key exchange Figure 4 The Diffie-Hellman key exchange Baby step giant step algorithm In the Diffie-Hellmann key exchange scheme, the weak point is the asymmetric encryption, once that key is broken, security is gone. As stated previously the encryption is broken yet, however there are faster methods than straight forward brute force algorithms. The baby step giant step algorithm only needs the square root of the original time (which is by far not fast enough to break code). Suppose we have a cyclic (ⱻn, s.t. x n =1) group G with G =n and a generator α, for every β in this group, then the discrete logarithm problem is, given α x =β, find x. In the baby step giant step algorithm we use the square root of n as step (m=, rounded up). Now we calculate the giant steps α j for every j<m, next we compute α m. Now we compare β to the α j. If β is in one of the lists, we get im+j = x. If it is not, then we calculate β:=β α m and restart the algorithm. In this way we don t need to go through every n, but rather through m which is the square root of n. 11 P a g e

13 4 Public acceptance and concerns Driven from every other corner of the earth, freedom of thought and the right of private judgment in matters of conscience, direct their course to this happy country as their last asylum - Samuel Adams Privacy Knowledge Figure 5 The balance of privacy and knowledge The main negative aspect of gaining knowledge through data is the loss of privacy. In recent years the concerns to lose privacy have increased due to negative occurrences in the past and in present. This chapter shows up the main concerns of the society with regard to this loss of privacy. First, the psychological aspects of the being-observed-concern will be pointed out, then in a second part the negative consequences for the democratic process will be mentioned and a third part shows up specifications for Switzerland. 4.1 Psychological aspect The psychological concerns can partly be explained culturally. Besides the fear that the information could be used against us, there is an embarrassment if strangers know too much about us, it s similar to the embarrassment if a stranger sees us naked. Even though, there are no practical consequences, the situation itself evokes a discomfort. It is a harm without a rational basis. Although people don t like to expose themselves in front of foreigners, an examination by a doctor is alright because people trust that his interest is only professional. Therefore it should be the same for exposing private data. If we know that the purpose is very 12 P a g e

14 professional and doesn t harm us we will be more likely to accept the disclosure of our data. If it is for the defense of the country and nothing else. It is still a diminished privacy for an increased security but it would easier be accepted (cf. Posner 2008, pp ). Besides, Posner 2008 compares the revealing of information with other well-known situations. People are usually not concerned if they have to give information to a stranger in order to apply for a job or in order to get a driver s license. It is seen as inevitable in order to get something. Now it could be argued that, if the government announces that it is going to tap all phone calls, it is a citizen s decision if he wants to use a phone or not. Same situation as it is his decision to legally drive a car or not. If he decides to buy and use the phone, he agrees that the government could listen (cf. Posner 2008, pp ). Although it is a exaggerated way of view, it reflects the modern custom to reveal information in order to get anything. The digital storage of this data is then a logical consequence. Posner calls it new culture of technology (Posner 2008, p.249). The here mentioned, psychological problematic leads to problems for the democratic process in a country. They will be presented below. 4.2 Problems for democracy and juridical process Due to the psychological concerns, the feeling of being watched leads to problems for the democratic process. It is called chilling effect if people are inhibited or discouraged of the legitimate exercise of natural and legal rights, such as free speech. If people are concerned that the government is listening and that they could be punished for unpopular political viewpoints, they don t dare to speak openly anymore. That s dangerous for democracy. As a big part of the communication is now through electronic devices there are more possibilities for tapping and the danger is therefore even higher. Problematic can as well be the Hawthorne Effect, which implicates that the people behave different with just the feeling of being observed, doesn t matter if the government really is observing (cf. Hughes 2012, pp ). The chilling effect can also be elevated by uncertainty about government activities created by limited government accountability (Hughes 2012, p. 406) or because the technologies and programs used by the government are not enough known. Hughes analyzed three model cases, where citizen sued against the American government because they felt a loss of privacy. He based the analyze on the chilling effect, divided in three parts. First: how much the perceived freedom was limited. 13 P a g e

15 Second: the degree of social utility the chilled activities had. A high degree could be the exploration of political ideas for example. Third: objectivity of the chilling effect. The fear of punishment by the government should be reasonable and realistic in order to have a chance to win in the court. The more objective the perceived harm is, the better (cf. Hughes 2012, p. 406). The American government justified their actions in all cases with the Congressional Authorization to Use Military Force in the War on Terror (Hughes 2012, p. 420). With that, the government got right in all the three cases. The plaintiffs problem is basically to show evidence that they were targets of warrantless surveillance. The plaintiffs said that they feared to communicate openly because they perceived the surveillance. This was not enough concrete for the judges with regard to national security. With the argument of restrictions of individual privacy rights, all the plaints were refused, that s why Hughes proposes to argue with the affect of human rights (cf. Hughes 2012, pp ). 4.3 Proposed solutions by other authors In order to diminish the problematic, propositions for solutions have been done. According to Posner, to get the trust of the citizen, the aims and the instruments of collecting their data has to be clearly defined and communicated (cf. Posner 2008, pp ). In order to gain more transparency it could as well help to maintain an open government. With this, citizen see what really happens with their information and realize that usually their data becomes not more than a statistic. And they can use it as well, if they have need. This describes basically the idea of open government data. As the data is collected from the citizen they should also be able and be allowed to see and use it. With this, the trust towards collecting data methods can increase. Citizens see what happens to their data and they can eventually profit from the information. Tauberer mentions three main important parts for open Government: 1. Universal availability: the government data should be easy to find and easy for further use as well as be free of charge. 2. Data quality: data should be published in machine-processable formats and with respect for analysis and reuse (Tauberer 2011, p.10). 3. Authority and process: should include feedback by the citizens (cf. Tauberer 2011, p.10). 4.4 Concerns in Switzerland In Switzerland there is no recent case of surveillance ant the trust in the government is higher than in other countries. However, the daily news about the surveillance scandal by the US government increases the worries for data security in internet. It will as well remind some Swiss 14 P a g e

16 Social Media Search Engines Provider Insurances Online Shops Governmental Administration Banks citizen of earlier scandals like the Secret File Scandal in The federal Department of Justice and Police together with the Swiss Federal Police, collected data of Swiss citizen and foreigners. More than files have been kept illegally and secretly. The objective was to watch and detect left activists but as well ecologists, feminists or critics of the army (cf. SF DRS 1989). Another issue in order to lose trust was the revealing of Onyx around the year Onyx is an interception system maintained by the Swiss Federal Intelligence Service. It is supposed to monitor foreign communication but still, if a Swiss person communicates with someone abroad it can as well be listened. s, telephone calls or Fax can be automatically analyzed with the help of keywords. illegale Volksbeschnüffelung (Engeler 2005) illegal snooping of the citizen were the titles in the newspapers (cf. Engeler 2005). Those are some revealing that are responsible for the concerns of Swiss citizen. A recent study of Comparis analyzed the concern levels of Swiss people concerning their data in internet. They conclude that almost every second citizen feels observed in the internet. But interesting for this paper is that they are not much worried about the surveillance of the government but especially of criminals and social media. Compared to other internet tools, the governmental administration s services are the second most trustworthy, right after banking tools. Besides, it shows that for example German citizen seem to be much more concerned. 45% have mentioned not to feel safe surfing the internet (cf. Comparis 2013, pp. 1-2). Figure 6 Private Data in Internet whom do the Swiss citizens trust? Average on a 10-point-scale (1=no trust at all, 10= high degree of trust) 15 P a g e

17 Source: Comparis 2013 Additionally, the survey asked if the respondents use special methods to increase the data security. Surprisingly only one in eleven said that he uses encryption of mails. However, every third person uses post letters for delicate personal information (cf. Comparis 2013, p. 2). Finally it can be stated that the concerns are existent and that they can be psychological explained. It was as well shown that this can lead to problems for democracy. However, in Switzerland the worries are not very big concerning governmental surveillance. That s why there is a potential for a positive Big Data approach by the government. 5 Comparative Study Cases "So computers are tools of the devil?" thought Newt. He had no problem believing it. Computers had to be the tools of somebody, and all he knew for certain was that it definitely wasn't him. Terry Pratchett Data collection is a very popular subject in recent months. However unlike for normal companies, there is no such thing as a good publicity for secret services. They are for good reason shy. As of the writing of this paper, new revelations about secret data collection is put into newspaper weekly. Most of this is about the NSA and affiliated services. In this chapter we will present what has been uncovered, give an overview of what is known about the Swiss secret services data collection plans and also give a good example of data collection for the public good in form of the open government project. 5.1 NSA all your database belongs to the US The recent NSA scandal is an iceberg of an example where data collection went out of bounds. Much has been revealed, but what still lurks under the water is unclear. Almost daily new shocking revelations disturb trust. After 9/11 Americans lost trust in their governments to protect them on their own soil, now Americans lost trust in their Government to keep out of their private life. European businesses and citizens lost trust into their government to protect them from the American secret service, and politicians have lost what little trust they had. So what is this all about? The revelations all started with one man, Edward Snowden, a programmer who worked with a corporation affiliated with the NSA. During the year 2013 he leaked very sensitive documentation about NSA surveillance programs to various newsgroups. 16 P a g e

18 During the year 2013 (even during the writing of this paper) more and more comes out. Till of this paper a wiretap on Angela Merkel, into UN embassies and between google and yahoo datacenters have been discovered. We will try to give an overview of the different programs and discuss some of the implication Prism One of the first surveillance programs to be revealed is the prism project. Edward Snowden described it as to hack network backbones, like huge Internet routers, basically that vies us access to the communications of hundreds of thousands of computers without having to hack every single one. Internet is in general decentralized by the nature of it. However there is a kind of implicit hierarchy, some networks that are called tier 1, link big businesses (Microsoft, Facebook, Google, Apple etc.) or governments together in a very direct way. Linked to this tier 1 is a tier 2 network, most internet providers belong to this level. Through Prism, the NSA intercepted information entering and leaving the tier 1 network, but they still had to deal with encrypted connections (https:\\...). However as of June 2013 the NSA is said to have the means to break encryption. It is not known how, either they have the computational power, or they have algorithms not known to the public that are faster than the 17 P a g e

19 known ones. It is however unlikely that they completely solved the discrete logarithm problem (by decrypting as fast as encryption is taking) Bullrun Through Prism the NSA gained access to data, some of it encrypted. Project Bullrun (named after a major battle of the American civil war) breaks encryptions, this is its only goal. According to the Guardian Https, VOIP and ssl are said to be severely weakened by this project. The NSA also provided help building encryption algorithms and is said to have built in backdoors to help their decryption schemes. Christopher Soghoian, principal technologist and senior policy analyst at American Civil Liberties Union commented on this Backdoors expose all users of a backdoored system, not just intelligence agency targets, to heightened risk of data compromise. So it might very well be, that other groups exploit backdoors leveraged into software by the NSA. Tor, a network built for anonymity has been hacked by the FBI, showing that other governmental institutions profit as well from the cracking and hacking abilities of the NSA Tempora Tempora is a GCHQ built system, but the information gained is shared with the NSA. Tempora is a huge information buffer that can save all of the internet traffic for up to 3 days, this buffer is important for the UK as the big internet fiber cables run through their territory to the rest of the world XKeyscore In the programs mentioned above the NSA (and GCHQ) collects vast amount of data. XKeyscore is the user interface that helps to analyze this data. The Data comes from three sources, the F6 special collection service providing data from embassies and consulates. Angela Merkel, Chancellor of Germany was tapped by the F6 network according to Spiegel which lead (or as of this article) is leading to a huge political fallout and PR disaster. The FORNSAT (foreign satellite collection) intercepts data from other countries transmitted through their satellites. The third cover-all program is the Special Source Operations division which handles wire taps and any other data not collected by FORNSAT and F6. 18 P a g e

20 F6 XKeyscore FORNSAT SSO Figure 7 The programs linked to XKeystroke Glenn Greenwald, a Guardian journalist, claimed that even low-level analysts were able to use the XKeyscore and access highly sensitive material such as s, phone calls or browsing histories, and all this without even asking the supervisor Muscular The wires that run through the UK to the US are not only tapped for the Tempora project, but a very recently discovered project called muscular is tapping the private fibre cables of google and yahoo that link their datacenters. Unlike other internet traffic, servers and clouds, big enterprises have their own cables or lease them to transfer data from one datacenter to the other. Over these lines data is not encrypted as it is not accessible by the internet. The NSA with help from the GCHQ has tapped into these lines, thus rendering all client to server encryption useless. This program is unlike others as it didn t breach or court order access to front end servers. Google and Yahoo were not even aware of this program, but now that they are they add encryption to these lines The five eyes Each of the Five Points is a finger. When I close my hand it becomes a fist. And, if I wish, I can turn it against you - Bill the Butcher Gangs of New York Unlike the ten rings from Ironman, the five eyes is a very real secret organization (5eyes, 2013). Five countries, bound by a common tongue and by a similar law system are in this most exclusive club, sharing information and helping each other spying upon the world the British US Communication Agreement launched this undertaking, Canada joined 1948 and 19 P a g e

21 Australia and New Zealand joined 1956, they were especially useful to spy upon Asia. Figure 8 shows which countries are responsible for spying upon which parts of the planet. US UK Australia Canada New Zealand Middle East China Russia Carribean Africa Europe European Russia South Asia East Asia Russia China Latin America (assets) Southeast Asia Western Pacific Figure 8 The five eyes 5.2 Study Case 2: Swiss Secret Service - Statutory reform of the law At the beginning of the year a new version of the law of the intelligence service (Nachrichtendienstgesetz=NDG) was presented. This study case will mainly treat the changes that follow the reform and their consequences. First an introduction in the Federal Intelligence Service in general will be given What the Federal Intelligence Service is and what they do Their actions are mainly preventive in order to help to maintain the security in Switzerland. If there are exceptional developments or an emerging crisis their task is to warn the responsible person. In order to fulfill this task the Federal Intelligence Service (FIS) is the only Swiss institution that is allowed to gain information which is not publicly accessible, Which governmental or nongovernmental players are trying to keep secret and The collection of which may entail the infringement of basic rights (personal rights) protected under human rights law or under constitutional law (the Federal Intelligence Service FIS 2013, p. 7). This very specific gained information will then complete the public available information in order to give a full view. 20 P a g e

22 The actions are controlled on various levels to make sure that legality and proportionality aspects are respected. a) The Federal Department of Defence, Civil Protections and Sport s (DDPS or VBS in german) check if the activities are appropriate and effective, b) an Independent Control Authority reviews the proportionality and the legality, c) the Federal Data Protection Commissioner makes sure that the processing of personal data from inside the country is legal and finally d) the Federal Council pronounces the central mission, authorizes collaboration with foreign services and elects the members of the Independent Control Authority (cf. The Federal Intelligence Service FIS 2013, pp ). All that in order to make sure the special authorities the FIS has, won t be abused. In their brochure the FIS mentions six data collecting tools Figure 9 FIS Sources Source: The Federal Intelligence Service FIS 2013, p. 24 HUMINT: Gaining information through the use of persons who have access to sensitive information OSINT: Collection and processing of unclassified information. Mostly out of internet, electronic databases, media products and printed publications COMINT: Surveillance of communication, the links and the contents. Some of the international communication is recorded with those electronic means Defence Attachés: they form a crisis-resistant network including partners worldwide that can early detect crisis and give confidential information 21 P a g e

23 IMINT: Imagery Intelligence evaluates commercial satellite images to collect information Intelligent units in the cantons: the police departments in the cantons give independently information about relevant occurrences Partner services: Collaboration with foreign Intelligence Services are regularly done in order to fill up knowledge gaps. The cooperation is informal and is based on mutual trust and the principle of mutual taking and giving. The brochure makes clear that there is no obligation to hand out any information (cf. The Federal Intelligence Service FIS 2013, pp ). The options of surveillance are not heavy restricted outside Switzerland, the surveillance of communication by electronic means is allowed and used. Inside Switzerland the restrictions have reached farer by now. Mail and telephone monitoring, surveillance on private premises and the infiltration of computers and networks are not currently permitted for the collection of information within Switzerland. (The Federal Intelligence Service FIS 2013, p. 27). That s exactly the point where the law reform gets involved The reform and the main changes With the reform, the Federal Council aims to better adapt the laws to the technological developments. Most important and highest potential for concerns is the allowance to use programs that can transmit data from a computer without notice by the owner. The fundamental changes are: - No more difference for foreign and domestic surveillance - New measures to gain information about terrorism, attacks against important infrastructure or preservation of higher national interests will be allowed - Differentiated data-administration which intend to store data sorted by thematic, source or sensibility - An additional control instance should secure that the proportionality and legality aspects are respected. The new data collection measures have to be authorized by the Federal Administrative Court and the head of the DDPS (cf. Nachrichtendienstgesetz-Bericht zum Vorentwurf 2013, pp. 2-3). The most controversial point are the newly allowed measures to gain information. On a first reform 2010 those measures haven t been authorized but they have been revived for this reform. They include: - surveillance of the Postal and Telecommunications Traffic, - observing not-open areas by technical monitoring devices and - secret scanning of data processing 22 P a g e

24 systems (cf. Nachrichtendienstgesetz-Bericht zum Vorentwurf 2013, p. 7). Those three points have now been extended or modified by following points: use of tracking devices to detect location and movement of people, - use of monitoring devices to track private communication as well as to observe and track happenings in private area. enter computer systems and networks to find information or to disturb any flow of information (cf. Nachrichtendienstgesetz- Bericht zum Vorentwurf 2013, p. 11). The report to the reform mentions later on the problematic for the preservation of the fundamental rights for the Swiss citizens. Serious encroachments upon basic rights can occur on behalf of this law reform. Affected are mainly the privacy right, the personal freedom and the freedom of expression and information. The principals of proportionality and high public interest should legitimate the encroachments in those basic rights (cf. Nachrichtendienstgesetz-Bericht zum Vorentwurf 2013, p. 15). Slightly different to this information is the message that gives the Fedeal Councillor Ueli Maurer during the media conference about the new reform the 7 th March He points out that the freedom of the citizen will be respected and that the new law will only be applied for few and very specific cases. Approximately ten per year. Still, 16 new jobs are needed for this. They also mentioned that they know that with the Intelligence Service it s always about the balance between personal freedom and surveillance by the government but with this reform they say that they have decided in favor of freedom (cf. Tages Anzeiger Online 2013, pp. 1-4). The reform is now in process and by 30 th June 2013 the procedure of the consultation was completed. The parties and the cantons do mainly approve the proposal and the draft law is now back with the DDPS in order to fulfill the proposed adjustments (cf. Bundesverwaltung 2013, p. 1). The reform won t be applied before Critique Voices Although Federal Councillor Ueli Maurer and Markus Seiler (Head of FIS) underline the respect for the citizen s freedom, the newspapers wrote critically after the media conference and mentioned some concerns. Particularly Blick online rates the performance of the two officials as not very concerning and it asks critically if the reform would really lead to more security (cf. Blick Online 2013, p. 1-2). A student of the University of Zürich wrote a semester thesis about this problematic of the new law. He analyzed the online comments about the statutory reform and summarized on this base the possible effects on the society. As the comments were more often negative, he mentions 23 P a g e

25 several negative effects that people are worried of and its justification. Some of them are presented below: - Abuse of the program by third parties: Especially if terrorist get to hack the program it can definitely be extremely dangerous - Safe storage of the tracked data: apparently the regulation for the storage is not yet finally defined. That s why the author see s a real problematic in this point. - Additional costs for the taxpayers: that s seems to be justified as the new jobs and programs have to be paid - Surveillance of innocent co-users: some people are concerned that data will be collected of citizen that share a computer with somebody who is being observed. Apparently an additional measure will be done to ensure the safety of co-users - Some worry if proofs found by random can be used in court. But there is a clear law that says that also if proof was found not legally it can be used if it is a serious crime - The trust in the government suffers: some comments say that apparently the government is scared upon its citizens. That s why it spies and why it doesn t reveal its methods and information - Dilution of Swiss values: some comments argue that the new law is a reaction of surveillance in other countries and the swiss government just wants to keep pace. Although it doesn t correspond to Swiss values and it wouldn t really be necessary in this country (cf. Bänziger 2013, pp ). Although those concerns evidently exist it can summarizing be said that, the general response isn t very negative. The media didn t response very much and neither very negative to this thematic. Besides, the parties are mainly in favor for the new law. This shows that probably the officials of the new law could convince that it is necessary and that they really don t want to harm the freedom of the citizen, that they will only do what is really needed in order to provide security for the country. 5.3 Switzerland - Open Government Project It is a capital mistake to theorize before one has data -Sherlock Holmes-A study in Scarlett The Swiss Federal Archives and their project partners, for example the Federal Office for Statistics (BFS) have launched a pilot project for open governmental data in September P a g e

26 This study case treats in a first part the main objectives and the contents of this project. In a second part the chances and risks of the project and in a third part the exclusive interview with Armin Grossenbacher which will show up interesting further aspects About the project The project follows an international development for a more efficient egovernment. Several administrations have already implemented a similar project. Besides, the countries of the G8 Summit 2013 have signed an Open Data Charter with which they assure to implement open data projects (cf. Bericht des Bundesrates 2013, p. 2). The pilot project in Switzerland started in September 2013 and goes on for half a year. After that the project will be evaluated and a decision for changes and a carry-on of the project, will be taken. The project is about access and reuse of data that was anyway collected within the administration s activity. But only data that is unproblematic to publish considering Data protection, copyright and information security will be provided. Therefore the contents are so far: Swiss municipal boundaries, population statistics, up-to-date camera images of weather in Switzerland, historical documents and a directory of Swiss literature (cf. Bericht des Bundesrates 2013, p. 6) Benefits and chances of Open Data With the reuse of information there is a potential for additional economic and political value. The economic benefits are based on a greater efficiency in data retrieval for economy, science and administration. Out of measures in the EU, the economic potential is estimated for 0.6 to 1.8 billion of Swiss francs. The better access to data favors innovations and new business ideas can easier be developed. Political benefit results out of more transparency and with it more acceptance and legitimation of the taken decisions. If citizen have the same level of information like the government they can better participate in the political process. Besides, a holistic political information is a prerequisite for a democracy. There is as well a chance for innovation for new available content and innovative instruments to present them. Eventually, more citizen can be reached and complicated thematic can be presented in a more understandable way (cf. Bericht des Bundesrates 2013, pp. 9-12). 25 P a g e

27 5.3.3 Risks of open data Regulations for Data Protection and Copyrights are not yet finally discussed. Although there is an anonymization, It s often possible to gain information of specific persons if data are being put together. Anomymization is fulfilled if there is no attribute based on a person. The data is no longer considered as personal data and is therefore not affected by the data protection law. However, the anonymization isn t given if the conclusion about a specific person can be done without a big effort. The data is then considered as personal data and this is affected by much more regulation (cf. Bericht des Bundesrates 2013, pp. 9-12). In order to control the issue with data security, four points to diminish this problem have been formulated: 1. consequent checking if the data fulfill the requests for data security 2. restrictive publishing 3. aggregation and anonymization of data 4. observing the open data market and the use of simulation processes (cf. Bericht des Bundesrates 2013, pp ). As second risk, the financing and shouldn t be underestimated. The presentation of the data costs and some data that was sold before is now supposed to be for free. The costs will be bearded by the state or alternative ways of financing have to be found (cf. Bericht des Bundesrates 2013, pp. 9-12). As solution, it will be discussed if some data will be available for money. Although it isn t real open data anymore it could be necessary in order to cover the marginal costs. On the other hand, studies show that one franc invested in open data for geo-information, leads to a macroeconomic benefit of 4 francs. An access of data free of charge will lead to clearly higher second use and therefore it s probably worth it to offer the information for free (cf. Bericht des Bundesrates 2013, p. 16). Another issue is the decision for publishing data. Which data can be published and who decides it. Primarily the distribution right of the specific sector has to be considered. There is for example a law for geographic data, which defines what data can be used, under what circumstances and for what price. If there is no sectorial right, the general rules for information activities for governments have to be applied. With this law the decision is taken with balancing the private versus the common interests. In order to carry on the open data project, it will be analyzed if the sectorial rules will be harmonized into one overall law. They will as well check if for some parts an obligation to publish will be implemented. Besides, they will have to check if they will regulate the rights of use with licenses or with laws (cf. Bericht des Bundesrates 2013, pp ). 26 P a g e

28 5.3.4 Summary of the interview with Armin Grossenbacher Thanks to an interview conducted with a responsible of the Federal Office for Statistics (BFS), Armin Grossenbacher, some interesting insights could be gathered. The BFS is part of the open data project and is therefore able to give interesting information. A first interest was in the methods they use to get to the information. He explained that the office gets a clear task, often by the parliament and then they perform a well structured research. This can be a written survey but as their mission is to disturb the citizen as less as possible the use of registers is forced. Those registers are maintained by the local administrations and getting standardized in order to have comparable data. After asking directly if they use any new electronic technologies to gather information, he said that by now they don t use any unstructured data collection methods. But it could be a method to facilitate the data collection without bothering the citizen and he knows that there are international organizations that work on such methods. But for the moment the office doesn t seem to do efforts to change something for the data collection, instead their main focus is to best diffuse the data. The open data project is just one within other projects. They take care on the website, the mobile website, there is a tablet version, a tool for online data research, an online atlas or the possibility to ask directly for a specific information. The whole information service is for free. As well, for the data exchange between the local and national administration they use a special secure data exchange. With those practices the Swiss government is one of the best developed governments concerning open government data. Together with some northern countries and Canada they have programs to improve the service constantly. After asking if they feel the increasing concerns by the citizen to disclose their data, he mentions that they are aware of the problem. In particular in the nineties, when it was still common to have compulsory annual popular uprising. After the secret file scandal (for details see chapter 3.4) several people refused to answer the questions. Since then, they had to conduct the surveys on a voluntary basis and started to really use the regional registers. The return rates are usually on a sufficient level.1 1 Summary of the interview with Armin Grossenbacher. It was conducted by phone the 28 th of November and lasted for about 30 minutes. 27 P a g e

29 To conclude it can be seen that Switzerland has realized that it is worth to give the collected data back to the citizen and the aim seems to be to do it the best way. Biggest problematic for the open data project so far, is that the short-term benefits are not yet assumed as worth the effort. The next chapter gives an overview of what could be learned out of the three analyzed study cases. 6 What we could achieve Get wisdom, because it is better than gold: and purchase prudence, for it is more precious than silver. - The Bible, the Book of Proverbs 16:16 We have seen what is, and what might possible today. Data is protected, protections are broken. Some data is open, some not. But what would be the holy grail of open data? Where could we be in 5-10 years? In Europe there is a city-wide project, the smart-city (Smart City, 2013). Its goal is to smarten up medium-sized cities such as Luxembourg or Salzburg or Trier. It seems interesting to put this idea not only on top of cities, but also have smart countries running it. Smart economy Smart people Smart mobility Smart country Smart environment Smart governance Smart living 28 P a g e

30 Smart Mobility could mean that interregional busses would not leave or move unless there is someone using it. Busses today travel often with almost no occupancy into very distant regions. Knowing exactly how many people there are, it could be computed what bus to take for that day, or how much fuel is truly necessary (just as for planes). Maybe a certain bus doesn t need to start at all because there is no demand. Car sharing could be a lot more common and thus the number of cars in a city could be greatly reduced and thanks to data about need and availability people wouldn t risk being there without a car. This concept is partly used with bicycles but they need to rely on stations, cars do not and thus information isn t as easy as announcing information about one station. Smart living is particularly interesting as the households get more and more smart appliances. Everything gets controlled by smartphones and thus already have the ability to compute. A dishwasher could run during the night to save cost and given a city that knows who is able to wash at night, it could direct certain dishwasher to wash at a certain time at night so that energy consumption evens out. Electric cars and laptops and a lot of other supplies have batteries, they as well could be directed to charge during a specific time. Sensors such as humidity (built into some smart devices) could be given to meteorology station for more accurate predictions. Switzerland prides itself for the democracy. People vote directly not through an intermediary. As we showed before open data is already a great service the government offers. Governing however is more, it grants rights to people and here the distinction must be made between providing data and intelligence or even knowledge. Only a few people are able to do this transition themselves and to inform themselves through raw data. Smart Environment is very important in Switzerland. Travels could be motivated to give GPS data to the state to help with cartography or give information about certain situations in the forest. For example the spread of a foreign species could be tracked indirectly. Sensors in certain remote areas could provide people with the necessary information to plan a trip. Smart economy seems obvious but is not. Google recently asked cities to open up their data (Forbes, 2013). Big companies are already collecting and looking for this information. By helping those companies get information about a certain country, they can improve their service (and marketing strategy) for this country, thus give more incentive to buy the product. Small (national) economies would be able to react faster to a given national data and thus national economy would get the helping hand it needs. 29 P a g e

31 Last but not least, smart people. Here it is very important that either that data gets changed or the citizens change. People today, when confronted to data, tend not to understand the ramifications. Everyone distributing information has an agenda, political or otherwise. People either need to learn to gather knowledge themselves from data, or they need someone to do it for them, this would be the goal of a neutral, government funded, office. 6.1 By the people, for the people How could this big open data be achieved? First the technical point will be discussed, for this it must be cleared what data is accessible, this has already been discussed under 2.1 Sources of Big Data. From this data it needs to be looked at what data is needed. This is the most important part, as profitability is entirely dependent on this step. We suggest that data that is already pulled by companies or (allegedly) pulled by secret services is of economic interest, GPS data, and internet usage would for sure be of great use. This could include everything, from sms chats to mails over to bank records. Everything is of interest. However a cost-benefit analysis of the volume of information (in byte) and it s informational use must be done beforehand as for example home videos might not contain enough information, and is not very easy to analyze. Sensors could of course deliver data such as temperature, or movement while companies have a different kind of information such as business plans, financial data or personal information about the working habits of their workers. Every data-source should be assessed. The next step naturally would be to ask for this data and to provide a way to give it. Here a data warehouse is needed on the governmental side as they need to store this data. The size is not unfeasible as shown by google or yahoo who own petabytes of data. To deliver the data an OLTP service would be needed. This could be an app or another piece of software. Deliverance should be stocked until Wi-Fi is available just like with other big downloads. Now to perhaps the most important part, allowing the user to decide what data is given. The app should be very specific on what data is shared, offer explanations where needed and might even some sort of privacy threat level to inform users how sensitive that data risks to be. The user should have the possibility to send all this data as linked data, such that the GPS-signal can be linked to a web-search at a certain time, or the user should have the possibility to send data unlinked to assuage privacy concerns. It should be allowed to the users to delete all his data from the data warehouse. 30 P a g e

32 6.2 Of the people Under Swiss law, private information may only be used in a way the owner agreed to. Thus it is of vital importance to decide beforehand how this data will be made public. What the government should provide is information, so under no circumstances should it just open up their data warehouse. OLAP systems should treat the data in some way (similar to what the Bundesstatistikamt does now) to distill useful data. It is beyond the possibilities of this paper to explain what analysis or queries could be run over such a data but statistics by google, NSA or serve as good examples. This data should of course anonymize every single person included and only deliver what is needed for that particular statistic. The needs of the national industry should be evaluated over time to assess what statistics are of interest and serve the public good. 6.3 How to convince the Swiss citizens a proposal for an information campaign If Big Data wants to be collected from the people without any damage in trust, a good work in communication has to be done. A nation-wide campaign should be launched in order to best inform the citizen. The aim will be to get the trust of the people for the project. They need to be convinced that their privacy won t seriously be affected and that the knowledge gain is worth it. The main message has to be that they will all profit if they let us take a tiny bit of information. If you give us a tiny piece of cake and the other do as well, we give you back a fantastic wedding cake. The communicated profits would be easier and faster administration processes possibility to use the statistics for their interests indirect profit from a higher budget in other governmental sections because of the savings in administration Any potential concerns should be minimized with the clear mention of them. It will be communicated for example that the data will be stored and used anonymously, or that people will be informed about what kind of data will be taken and how it will be analyzed and stored. If there are concerns or questions the citizen are asked to call the free-of charge hotline. It has to be clear that with this project the government is not spying like the NSA, but that they want to legally gather information in order to create value for everybody. Please see a proposed flyer for such a campaign in the appendix. 31 P a g e

33 Different tools should be used to communicate the project. Some important ones are shown in the following diagram: Press Conference in order to get articles in the main newspapers Free-ofcharge hotline for questions and concerns Information stands in all mayor train stations: present for 2-5 days Information flyers at divers events Brochure in the letterboxes PR- Campaign Website with all the information Figure 10 Tools of the PR-Campaign 7 Conclusion Whenever the people are well informed, they can be trusted with their own government; that whenever things get so far wrong as to attract their notice, they may be relied on to set them to rights. Thomas Jefferson In light of recent revelation, it is harder than ever to gain peoples trust as a government. But it was for this very reason that this subject was chosen. People saw but the dark side of government collecting data, and government are very slow to openly collect data and offer it to the public. Data is still private, which means privately owned by companies not by citizens. While TomTom worked together with Swisscom to get real time traffic information from people with Swisscom contracts (Tomtom, 2913), Google is grabbing terabytes of data from its customer and is still asking cities for more data (Forbes, 2013). Just like fresh air is losing its status as a non-economic good, data is more and more privatized and monopolized. This oligopoly of information, like most oligopolies, makes it tough for newcomers to join the market. 32 P a g e

34 People are barely aware of the economic uses of data, and this is probably one of the causes they are afraid of people collecting it, because if they can t see an economic use, they are afraid of some malicious use. Empowering the people is at the root of democracy, and while it is almost impossible of empowering the people to deny data to companies, it should be possible to offer them the possibility to make that data available to other companies as well. However who would guarantee the safety of this data? A neutral entity that everyone trusts is necessary, the principles are eerily similar to trust issues on the internet. This leviathan must be the country as its goal is the wellbeing of its citizens. The problem with this axiomatic trust is that it is naïve and unrealistic, however all is not lost as countries can profit just as much from marketing as companies. It is the firm belief of the authors that there is hope regain the trust of the citizens. Figure 11 gives a very brief overview over the mechanisms at work. The government needs the trust of the people, the people need to know what they offer will be used for the good of them or their peers (and not the upper crust). When this base of trust is established, a further step is needed. The government has to make sure it is capable of delivering what it promises, and needs to convey security, security that they can safeguard the data given to them. When this is given, then the citizens can be expected to share their data with the government. The government is then in charge to process and analyze this data and to spread wisdom through processed data. This puts the government in charge of further anonymizing data, so that no citizen will suffer negative consequences from sharing his data. 33 P a g e

35 Wisdom Security Trust Figure 11 The wheels that provide openness 8 Limitations Limitations for the implementation of the proposed project Convincing people to give up a part of their privacy is extremely difficult. To ask kindly for their data will be difficult as well. This can be noted with the surveys that need people to answer. The rate of response gets lower and lower. If it will be communicated that the data can be given optionally but that the refusing people have higher potential to be observed secretly, then it isn t free of choice anymore. This dilemma shows why the trust by and collaboration with citizen is the hardest part to maintain. If Big Data is finally collected the capacity of the storing and analyzing systems have to be given. It will be a huge amount of data and this demands good systems. The capacity limits need to be known. In order not to lose trust of the people the systems have to work absolute reliably. A bigger mistake and a problem with revealed personal information could destroy the trust very quickly. And with it the whole project in the worst case. 34 P a g e

36 The costs for such a project aren t negligible. It has to be calculated and as best as possible be proved that the effort is worth it. Limitation of this study The main limitation affects the two study cases about the NSA and the Swiss Secret Services. As only public available sources could be considered for this study, there are obviously aspects that haven t been covered. It s obvious that secret services won t make public all their tools and methods. Therefore the most innovative tools are probably not mentioned in this paper. Especially for the NSA case, the revealing of the scandal is in full progress and it is possible that in some months a different view of the case will be given. Another limitation is that the concerns of citizen are assumed through other studies and older literature. It would be important to maintain a specific survey for this matter. After that it can be assumed if a Big Data project could be successful and besides, a more suitable campaign could be created. 35 P a g e

37 References [5eyes.] Tagesschau, available: accessed 20 th November [Bänziger 2013] Bänziger, Michael: Die Überwachung gesellschaftlicher Kommunikation in der Schweiz durch staatliche Behörden - Die aktuellen Gesetzesrevisionen in der Schweiz und ihre Folgen für die Gesellschaft, available: published 26th June 2013, accessed 7th November [Blick Online 2013] Blick Online: Was taugt das neue Nachrichtendienst-Gesetz von Ueli Maurer? Viagra für die Spione, available: published 8th March 2013, accessed 7th November [Bundesamt] Bundesrecht, available: accessed 17th of November [Bundesverwaltung 2013] Bundesverwaltung: Nachrichtendienstgesetz Bundesrat legt weiteres Vorgehen fest, available: published 23th October 2013, accessed 7th November [Comparis 2013] Comparis: Fast jeder zweite Onliner fühlt sich überwacht, available: rauens-index pdf, published 12th November 2013, accessed 19th November [Engeler 2005]: Engeler, Urs Paul: Was sagen Sie jetzt? available: accessed 18 th November [Forbes] Article of forbes published on engadget, available: accessed 20 th of November P a g e

38 [Hughes 2012] Hughes, Sunny Skye: US Domestic Surveillance after 9/11: An Analysis of the Chilling Effect on First Amendment Rights in Cases Filed against the Terrorist Surveillance Program. Canadian Journal of Law and Society, Vol. 27, No. 3, pp [Inmon] Building the Data Warehouse (1996), Inmon,W.H., John Wiley & Sons. [Nachrichtendienstgesetz-Bericht zum Vorentwurf 2013] Nachrichtendienstgesetz - Bericht zum Vorentwurf, available: published 8th March [Posner 2008] Posner, Richard A.: Privacy, Surveillance, and Law. The University of Chicago Law Review, Vol. 75, No. 1 (Winter 2008), pp [SF DRS 1989] SF DRS: 11. Dezember 1989: Debatte im Nationalrat zum Fichenskandal, available: accessed 18th November [Smart city] available: accessed 20th November [Tages Anzeiger Online 2013] Tages Anzeiger Online: Wir können und wollen nicht alles überwachen, available: published 8th March 2013, accessed 7th November [Tauberer 2011] Tauberer, Joshua: Inventing Open Government. XRDS, Vol. 18, No. 2 (Winter 2011), pp [The Federal Intelligence Service FIS 2013] The Federal Intelligence Service FIS: Brochure, available: 9.downloadList DownloadFile.tmp/ndbbrochuree.pdf, published 25th February P a g e

39 [Tomtom] available: f253bbbe0617/tomtom_utilise_la_localisation_des_clients_de_swisscom_pour_son_service_d e_trafic_par_gps#.upiy_8t3gao accessed 24th of November P a g e

40 Appendix Proposed Flyer for a PR-Campaign 39 P a g e

DRAFT VERSION. Big Data. privacy principles under pressure. September 2013

DRAFT VERSION. Big Data. privacy principles under pressure. September 2013 DRAFT VERSION Big Data privacy principles under pressure September 2013 2 Contents Summary... 6 1 Introduction... 8 1.1 Problems for discussion... 8 1.2 Definitions... 9 1.2.1 Big Data... 9 1.2.2 Personal

More information

Cyber Security Perspectives 2013

Cyber Security Perspectives 2013 Cyber Security Perspectives 2013 Quotes contributing partners JAYA BALOO, CISO KPN Philip of Macedon, the father of Alexander the Great said that the way to get into an impenetrable fortress was to send

More information

Information Security trends 2015. A Swedish perspective

Information Security trends 2015. A Swedish perspective Information Security trends 2015 A Swedish perspective Publication MSB851 - May 2015 ISBN 978-91-7383-572-5 2 3 Preface The development of information technology creates national and global challenges

More information

Law and Policy in Internet Surveillance Programs: United States, Great Britain and Germany 1

Law and Policy in Internet Surveillance Programs: United States, Great Britain and Germany 1 stiftung neue verantwortung Impulse 25/13 Law and Policy in Internet Surveillance Programs: United States, Great Britain and Germany 1 Many Europeans are outraged about US government surveillance programs

More information

Is There a Security Problem in Computing?

Is There a Security Problem in Computing? 1 Is There a Security Problem in Computing? In this chapter: The risks involved in computing The goals of secure computing: confidentiality, integrity, availability The threats to security in computing:

More information

Implementation of Customer Relationship Management in the Cloud

Implementation of Customer Relationship Management in the Cloud University of Halmstad School of Business and Engineering Bachelor Degree Implementation of Customer Relationship Management in the Cloud - The example of SMEs through a multiple case study analysis -

More information

Motivations of hybrid wireless community participants: a qualitative analysis of Swiss FON members

Motivations of hybrid wireless community participants: a qualitative analysis of Swiss FON members Motivations of hybrid wireless community participants: a qualitative analysis of Swiss FON members Giovanni Camponovo Department of Management and Social Sciences University of Applied Sciences of Southern

More information

Information systems. Learning outcomes. Credit value:?

Information systems. Learning outcomes. Credit value:? Credit value:? Unit 3 Information systems 3 Information systems Organisations can exploit information to do better at planning, monitoring and controlling their business activity. However, it is easy to

More information

Computer Science and Artificial Intelligence Laboratory Technical Report. MIT-CSAIL-TR-2015-026 July 6, 2015

Computer Science and Artificial Intelligence Laboratory Technical Report. MIT-CSAIL-TR-2015-026 July 6, 2015 Computer Science and Artificial Intelligence Laboratory Technical Report MIT-CSAIL-TR-2015-026 July 6, 2015 Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications

More information

Impact of Mobile Technologies on Enterprises: Strategies, Success Factors, Recommendations

Impact of Mobile Technologies on Enterprises: Strategies, Success Factors, Recommendations Reports & Publications Impact of Mobile Technologies on Enterprises: Strategies, Success Factors, Recommendations A study by Stefan Stieglitz and Tobias Brockmann published by the Vodafone Institute for

More information

Big Data Privacy Workshop Advancing the State of the Art in Technology and Practice

Big Data Privacy Workshop Advancing the State of the Art in Technology and Practice Big Data Privacy Workshop Advancing the State of the Art in Technology and Practice co- hosted by The White House Office of Science & Technology Policy & Massachusetts Institute of Technology MIT Big Data

More information



More information

Creating secure software. Runar Moen

Creating secure software. Runar Moen Runar Moen Master s Thesis Master of Science in Information Security 30 ECTS Department of Computer Science and Media Technology Gjøvik University College, 2013 Avdeling for informatikk og medieteknikk

More information


THE FUTURE OF CYBER-SECURITY _ THREATS AND OPPORTUNITIES THE FUTURE OF CYBER-SECURITY _ THREATS AND OPPORTUNITIES Global Corporate Venturing Cyber-security is growing as the digital world continues to expand. In this five-part supplement, Global Corporate Venturing

More information

Privacy and Internet Governance

Privacy and Internet Governance BERLIN JUNE 2014 # 7 Privacy and Internet Governance GOVERNMENT & PARLIAMENT PRIVATE SECTOR Industry Association, Geneva George Salama SAMENA Telecommunications Council, Dubai Nick Ashton-Hart Computer

More information

Business plan for the mobile application 'Whizzbit'

Business plan for the mobile application 'Whizzbit' Business plan for the mobile application 'Whizzbit' Tom Leleu Promotoren: prof. ir. Ludo Theunissen, dhr. Pascal Vande Velde Masterproef ingediend tot het behalen van de academische graad van Master in

More information


GUIDELINES FOR PUBLIC FINANCE DATA DISSEMINATION AND ACCESS The Twining project, an institutional cooperation between Italy and Turkey, is co-financed by the European Union and the Republic of Turkey. EU TWINNING PROJECT Improving Data Quality in Public Accounts

More information

Due diligence for joint ventures, mergers and acquisitions in China

Due diligence for joint ventures, mergers and acquisitions in China Due diligence for joint ventures, mergers and acquisitions in China There are many ways to enter the Chinese market, including the establishment of a representative office, outsourcing production, founding

More information

Making Smart IT Choices

Making Smart IT Choices Making Smart IT Choices Understanding Value and Risk in Government IT Investments Sharon S. Dawes Theresa A. Pardo Stephanie Simon Anthony M. Cresswell Mark F. LaVigne David F. Andersen Peter A. Bloniarz

More information

Rolling out trust management. to cloud-based service ecosystems

Rolling out trust management. to cloud-based service ecosystems DEPARTMENT OF COMPUTER SCIENCE SERIES OF PUBLICATIONS C REPORT C-2013-2 Rolling out trust management to cloud-based service ecosystems Sini Ruohomaa, Lea Kutvonen UNIVERSITY OF HELSINKI FINLAND Contact

More information

Knowledge Management in an IT-Help Desk environment

Knowledge Management in an IT-Help Desk environment Viðskipta- og raunvísindasvið School of Business and Science Knowledge Management in an IT-Help Desk environment Final Year Project 2010 Gunnar Ingi Ómarsson Institutionen för kommunikation och information

More information

JOURNAL. The role of Big Data & Data Security in M2M. Interview with Michael Curry. ISSUE 22 // JULY 2014 » PAGE 4

JOURNAL. The role of Big Data & Data Security in M2M. Interview with Michael Curry. ISSUE 22 // JULY 2014 » PAGE 4 ISSN 1868-9558 JOURNAL ISSUE 22 // JULY 2014» PAGE 4 Big Data security by Rohde & Schwarz» PAGE 16 Wearables Smart protocols for smart technology by Rutronik The role of Big Data & Data Security in M2M

More information

ABC of Knowledge Management

ABC of Knowledge Management ABC of Knowledge Management Freely extracted from the NHS National Library for Health for the FAO as a knowledge organization initiative at Creator: NHS National

More information

Us and Them: A Study of Privacy Requirements Across North America, Asia, and Europe

Us and Them: A Study of Privacy Requirements Across North America, Asia, and Europe Us and Them: A Study of Privacy Requirements Across North America, Asia, and Europe ABSTRACT Swapneel Sheth, Gail Kaiser Department of Computer Science Columbia University New York, NY, USA {swapneel,

More information

GSR discussion paper. Big Data - Opportunity or Threat? Work in progress, for discussion purposes

GSR discussion paper. Big Data - Opportunity or Threat? Work in progress, for discussion purposes GSR discussion paper Big Data - Opportunity or Threat? Work in progress, for discussion purposes Comments are welcome! Please send your comments on this paper at: by 20 June 2014. The views

More information

Evaluating the Human Factor in Information Security. Master thesis. Theodoros Nikolakopoulos. UNIVERSITY OF OSLO Department of Informatics

Evaluating the Human Factor in Information Security. Master thesis. Theodoros Nikolakopoulos. UNIVERSITY OF OSLO Department of Informatics UNIVERSITY OF OSLO Department of Informatics Evaluating the Human Factor in Information Security Master thesis Theodoros Nikolakopoulos Network and System Administration Oslo University College Spring

More information

Module 9: IS operational and security issues

Module 9: IS operational and security issues file:///f /Courses/2010-11/CGA/MS2/06course/m09intro.htm Module 9: IS operational and security issues Overview Firms that make extensive use of information systems must contend with a number of ongoing

More information

Big data and positive social change in the developing world: A white paper for practitioners and researchers

Big data and positive social change in the developing world: A white paper for practitioners and researchers Big data and positive social change in the developing world: A white paper for practitioners and researchers Rockefeller Foundation Bellagio Centre conference, May 2014 Please cite as: Bellagio Big Data

More information

The Way We Pay. Transforming the Canadian Payments System

The Way We Pay. Transforming the Canadian Payments System The Way We Pay Transforming the Canadian Payments System Table of contents Message from the Chair... 2 Introduction... 3 Chapter 1: Engaging dialogue... 4 Chapter 2: Falling behind... 8 Chapter 3: Fundamental

More information

1 Duhigg, Charles. "How Companies Learn Your Secrets. New York Times, February 16, 2012.

1 Duhigg, Charles. How Companies Learn Your Secrets. New York Times, February 16, 2012. Big Data in Private Sector and Public Sector Surveillance Recent years have seen an explosion in the popularity of big data. This popularity is attributable to a variety of reasons, including the easier

More information