Re: [SPAM] Re: Key encryption and relational integrity - Mailing list pgsql-general

From Moreno Andreo
Subject Re: [SPAM] Re: Key encryption and relational integrity
Date
Msg-id 114d039f-9bb6-ae57-dc4d-97e0c926f849@evolu-s.it
Whole thread Raw
In response to Re: Key encryption and relational integrity  (Rory Campbell-Lange <rory@campbell-lange.net>)
List pgsql-general
Il 01/04/2019 20:48, Rory Campbell-Lange ha scritto:
> On 01/04/19, Moreno Andreo (moreno.andreo@evolu-s.it) wrote:
> ...
>> I'm not forced to use pseudonimysation if there's the risk to get
>> things worse in a system. I've got to speak about these"two opposing
>> forces at work" to a privacy expert (maybe choosing another one, as
>> Peter suggested :-) ) and ask him if it could be used as a matter of
>> declining pseudonymisation because of "pseudonimysation puts at risk
>> overall performance or database integrity"
> How to interpret the pseudonymisation conditions is ... complicated.
Yes, it is indeed... :-)
>   The
> UK's Information Commissioner's Office (ICO) writes that
> pseudoanonymisation relates to:
>
>      “…the processing of personal data in such a manner that the personal
>      data can no longer be attributed to a specific data subject without
>      the use of additional information, provided that such additional
>      information is kept separately and is subject to technical and
>      organisational measures to ensure that the personal data are not
>      attributed to an identified or identifiable natural person.”
>
> and that this "...can reduce the risks to the data subjects".
>
> The concept of application realms may be relevant to consider here. An
> application may be considered GDPR compliant without pseudonymisation if
> other measures are taken and the use case is appropriate.
That could be my case, so I'll have to discuss the strategy and measures 
to be adopted with a privacy consultant.
>
> On the other hand, a copy of a production database in testing which has
> been pseudonymised may, if compromised, still leak personal data. As the
> ICO states:
>
>      “…Personal data which have undergone pseudonymisation, which could
>      be attributed to a natural person by the use of additional
>      information should be considered to be information on an
>      identifiable natural person…”
>
>
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/what-is-personal-data/what-is-personal-data/
>
> If leakage occurs pseudonymisation has achieved nothing.

That's another aspect of the question.

Thanks for the clarification,

Moreno.-






pgsql-general by date:

Previous
From: Andres Freund
Date:
Subject: Re: CVE-2019-9193 about COPY FROM/TO PROGRAM
Next
From: Magnus Hagander
Date:
Subject: Re: CVE-2019-9193 about COPY FROM/TO PROGRAM