> Does the law require protection from a determined DBA, or just casual
> viewing by the DBA? *If* it's the latter, you could do something like
> this:
The EU directive (and therefore the laws of indiviual countries) requires
that if someone gets access to your *DATABASE* they cannot get personal
details of individuals out of it. That is all. It is intended to protect
people against the kind of idiotic organisations that put their customer
lists in an Excel sheet on their extranet without a password.
This thread has covered many interesting and diverting issues, but the
fundamental issue of legal compliance is more than satisfied by:
1) Encrypting 'personal information' stored in a DB
2) Keeping the keys on a different server than the DB
3) Making reasonable efforts [1] to keep those keys secrets
M
[1] As far as I can tell from discussions with the Data Protection
Registrar, you do not have to protect them against someone rooting the app
server (since that is essentially impossible without silly investments in
specialised hardware or other excessive costs).
