Feeds

Anonymity is the enemy of privacy, says RSA grand fromage

There's only one letter between RSA and NSA, after all

Build a business case: developing custom apps

RSA Europe 2013 A dogmatic allegiance to anonymity is threatening privacy, according to Art Coviello, executive chairman of RSA.

Coviello cast anonymity as the "enemy of privacy" because it gives "free reign to our networks to adversaries" with "no risk of discovery or prosecution."

The head of EMC's security division told delegates at the RSA Conference Europe that security and privacy need to be aligned like two poles of a magnet in a trusted environment for internet commerce to flourish.

An imbalance between privacy and security was causing customers decisions to deploy Big Data technologies that could give them a much clearer picture of hacking attacks, Coviello claimed.

"Customers are caught in a Catch-22. They're afraid to deploy technology for fear of violating workers' privacy" even though security intelligence tools are ultimately the best way to protect personal information, Coviello argued.

The security leader's remarks follow on from criticism at the same show last year that privacy concerns were hampering intelligence-sharing efforts. The combined pitch caused one French wag to note that there's only one letter of difference between the NSA and RSA.

Mindful of such unflattering comparisons, Coviello admitted Big Data systems could be "misused”. He said: "Big Brother, ethics aside, will stifle innovation.”

Anonymising services and technologies that offer anonymity, such the Tor network and VPNs, have been in the news recently because of law enforcement action and intelligence agency leaks. Coviello's line was a controversial one to peddle to European audiences in the wake of the latest Snowden revelations, which put figures on the extent of NSA's dragnet spying on the phone calls of French, German and Spanish citizens.

"Many privacy advocates hold the polar opposite view to Coviello, believing anonymity online is a fundamental ingredient for online privacy," writes security consultant and blogger Dave Whitelegg. . "Art's perspective also highlights the difference in attitudes towards privacy harboured between the United States and Europe,” added Whitelegg. “The European Union was built on its citizens' rights, including the right to privacy, a right the EU wishes to see exercised online, whereas the US view tends to be 'privacy is dead', believing the right to online privacy has been given up and the privacy fight lost."

Less controversially, Coviello added that security industry needs to act less like a police headquarters that simply responds to attacks and more like beat cops who know their environment and can recognise and respond to anomalies. Big Data technologies were key moving away from a purely reactive security model to an intelligence-driven approach.

“When we understand the context of people’s ‘normal’ behaviour or how information flows on our networks, we can more clearly and quickly spot even a faint signal of any impending attack or intrusion, ” Coviello explained, “This is what makes intelligence-driven security future-proof. It eliminates the need for prior knowledge of the attacker or their methods.” ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?