beta Discussing the Digital Government Declaration

[...] * Provide guidance to public agencies in adopting a security by design approach and risk management plans to ensure privacy and security of data stored. Technological advancements such as blockchain can allow public administrations to manage data within a secure infrastructure and to automatically share them with other agencies and departments. The final goal of ensuring privacy and security of data stored will be to allow individuals and organisations to gain direct control over all the information the government keeps about them.
nmeyne
The last sentence sounds very much like self-sovereign individual and organisational identity. Good. So if that is the final goal, then it should drive the roadmap and transition plan.
nmeyne, 15/06/2017 16:19
nmeyne
see https://www.smtngood.eu/blog/ for more...
nmeyne, 15/06/2017 16:20
Gencat
Driving robust identification and authentication systems that are easy for the general public to use. For procedures and services that do not require a maximum security level, it is worth using the systems for validating people’s identity by entering one-time codes in a mobile device, such as those used regularly for banking and other services. Use of Mobile Connect as a digital authentication standard: www.gsma.com/identity/mobile-connect.
Gencat, 20/06/2017 13:44
Van Hoegaerden
Application of the GDPR than also needs strong monitoring. E.g. the the right to see data erased after the period of administrative use
Van Hoegaerden, 21/06/2017 14:33
Van Hoegaerden
The is a need to monitor the outcome rather that monitor the output.
Van Hoegaerden, 21/06/2017 14:42
Juhani Lemmik
Not just to gain control over the information the government keeps about them, but also to allow citizens to have access to logs about who (which government body, which official) has accessed their data with what purpose.
Juhani Lemmik, 05/07/2017 17:49
Stuart Mackintosh
Compare against other industries - in the early days, they are unsafe and the general public do not have confidence in them, but after legislation and best practice implemented, become foundations for new businesses and marketplaces to be built upon. Consider the introduction of electricity and the motor car - both caused physical harm and risk, but as the industry matures, people become less frightened and start to understand their characteristics. Only when this is understood can good security judgements be made by non-experts in public sector and business to keep their users safe.
Stuart Mackintosh, 13/07/2017 16:49