Digital Agenda for Europe
A Europe 2020 Initiative

Which is the topic that you would like to be discussed or that needs further attention?

Article

Whether you are a speaker or a participant to the workshop, or if you are simply interested to the topic, leave here your ideas, thoughts, and open questions, helping us to prepare the ground for a rich discussion in Dublin!

Which is the issue that you will bring up or would like to discuss the most during the workshop?

up
31 users have voted.
Interesting

Comments

 's picture

When we use the internet in our daily activities some communications are public, e.g. posting in a blog or on a social network, while others are very confidential, e.g. interacting with your bank. Currently, it is still very difficult to know who is monitoring this personal internet activity, what exactly is being monitored and what use is being made of the monitored data. In an open, safe and secure cyberspace one would expect to have some knowledge and control on what and how personal internet activity is being monitored. In the workshop it would be interesting to discuss whether the current status is satisfactory or if some changes are required to consider that cyberspace is sufficiently open and secure.

up
33 users have voted.
Interesting
 's picture

When you speak about personal activities do you refer to both the "public" actions and the more confidential ones? 

When speaking about getting this specific knowledge and control of what is monitored...at which level are we speaking? about provisions at the legal/regulatory level, or at the software design level? Or both?

up
32 users have voted.
Interesting
 's picture

Discussing about cyberspace, I would like to see a debate (at least in the morning session) on security vs privacy.
If I use e-banking, I purchase a book online or I buy a flight on the internet, I expect the transaction to be safe for my money (malicious links would not be tolerated in an e-shop), and I expect privacy protection when it comes to which type of book I buy, or which destination I chose for my flight (no data sold to third parties).

I am a customer. If I pay, I expect something in return from the provider: a product, safety and my right to privacy.
On social media and on (free) online newspaper, I am not a customer. If I don’t pay, can I expect in return safety and the right to privacy?

Further questions that might arise from this point are:
- To what extent can social media providers be accountable for users to post infected links or scams?
- To what extent can the users claim for their online behavior to be kept private if they don’t pay for social media, or for reading an online newspaper?

up
37 users have voted.
Interesting
 's picture

- To what extent can social media providers be accountable for users to post infected links or scams?

Social media providers cannot be accountable, from a legal prospective, for users posts containing links or scams. From an ethics prospective they can only act preventive and disallow specific links, which could affect their diffusion and/or act retrospectively by auditing all links.

- To what extent can the users claim for their online behavior to be kept private if they don’t pay for social media, or for reading an online newspaper?

Prior to using a social media service user consents to its terms and agreements. Afterwards,she has no real control over her personal data. Users should claim for privacy of their online behavior prior to subscribing to such a service. In other words, choose services having the privacy aspect in mind as well. Such a shift could allow for the creation of similar services.

up
34 users have voted.
Interesting
 's picture

It is good to remind that social media companies cant be legally accountable for users behaviours. It is also true that social media companies don't want their platform to be reckoned unsafe by users. Same thing is true for the consent that users give to Terms and Conditions: quite difficult to have a social media company fully agreeing with the ideal level of privacy users claim.
In other words it is all true that users agree on Terms and Conditions and that providers cant be accountable for user generated content (although there are legislations trying to change this). I would summarise it all in the following question: how do we expect the balance between security and privacy to evolve on social media where users are the product rather than the customer?

up
32 users have voted.
Interesting
 's picture

The cyber security strategies should also focus on reduction of software vulnerabilities by building more secure software in the first place. This does not mean that firewalls, antiviruses, intrusion detection tools or security event and information management (SIEM) are obsolete or inefficient – it just means that these mechanisms are not sufficient, if your software is full of flaws and bugs. We need a holistic and integrated view on the cybersecurity by addressing security requirements engineering, secure architectures and services, security assurance, secure software development lifecycle, etc.

up
25 users have voted.
Interesting
 's picture

In part to respond to @npasical:
It goes without saying that cyber security strategies have to look at constant improvement of software vulnerabilities and bug fixing. On the other hand, we lack awareness on the risks of internet. The first and most important layer of security online is the user’s behavior: spam, scam and malicious links can be anywhere but it is up to us all to be prudent online. As much as it may have been repeated already billion times, we would not disclose personal info to strangers or believe in someone who wants to give us 1 million dollars, so why do we do that online?
The #da13trustsec debate should also touch upon users’ education and rising awareness for a safer use of internet.

up
36 users have voted.
Interesting
 's picture

When choosing a service provider for managing information, today is really difficult to know at what extent it is secure. EU cyber security strategy recommends the development and implementation of security labeling and kite marks of ICT services... I would like to know more about this idea.

up
38 users have voted.
Interesting
 's picture

I would like to see a discussion regarding the human element in online security. Many individual differences have an impact on how a user perceives and responds to risky behaviours and threats. Cognitive strategies are employed everyday when making decisions, and errors in decision making online can result in problems at individual, group and societal levels.

There is a large quantity of literature relating to human cognition and behaviour in offline settings, and a growing quantity of data available regarding online behaviour. However, such data is rarely applied to online security, where it could arguably be of assistance in ensuring a safer and more open cyberspace.

up
33 users have voted.
Interesting
 's picture

This perspective indeed was missing, good point! Actually you are saying of approaching cybersecurity (also) from a cognitive/ behavioural point of view, in the same way as we approach offline security considering the psychological dimension of crime. To do that, we should start using and applying all data already available about online behaviour in this perspective, as we do with the respective data for offline behaviour. 

up
30 users have voted.
Interesting