).jpeg)
“The fact that even the City of Antwerp is anything but infallible shows that safeguards in all layers of the system are crucial,” clarifies privacy expert Bavo Van den Heuvel. He is co-founder of Cranium, an international consultancy firm that provides advice on privacy, data protection and security.
Van den Heuvel links this reality to the still-palpable fallacies regarding data protection. “It remains too often an afterthought, something people think about after they have built a system. However, we always advocate involving security from the beginning. It is the only way to - hopefully - arrive at an inherently secure system.”
Lots of promising innovations
Yet Van den Heuvel stresses that there is also a lot of promising innovation in the pipeline within the privacy field . “Every hacking is actually a learning moment for us as security professionals. So, in practice, hacking is more valuable than any cyber security marketing campaign.”
One such technology generating high expectations is differential privacy. Simply said, this technology adds noise to the given source data, making identification (especially for players with bad intentions) more complex.
The use of synthetic data is also gaining importance. “This is data generated specifically to be used during the testing phase of new systems; it is very similar to the real data. Because security in this phase is much lower than in production environments, it is risky business to begin with using all your real data,” Van den Heuvel explains.
Context calls for greater efforts
These kinds of innovations are not only necessary in the constant race against hackers, they are also a crucial by-product of the many initiatives being launched - certainly at the European level - to further facilitate the international exchange of data.
“I am referring, for example, to the European Identity Wallet, which should eventually enable European citizens to identify themselves digitally anywhere in Europe. While it will enable a further opening of the market, in terms of security it is far from straightforward. This is because the regulations surrounding identity cards differ from country to country, and are therefore not exactly the same from a security perspective,” Van den Heuvel clarifies.
‘Spotify for data’
Plenty of evolutions can also be noted at the Belgian level. “This can certainly be linked to the efforts of the Cyber Security Coalition, which ensures an open communication culture where everyone can share their concerns.”
A clear example is the creation of the Flemish Data Utility Company, explains Van den Heuvel. “The idea behind it is that citizens themselves will be able to exchange their data in a secure way with certain authorities or organisations. Think, for example, of an energy provider, to whom you will give access to a specific part of data from your personal data vault, enabling them to work out a personalised proposal for you that takes into account much more data than ever before.”
This kind of evolution can trigger a broader mindshift around data sharing, according to Van den Heuvel. “You get into a logic of buying and selling: a very valuable trend because it makes trying to obtain data illegally much less interesting. It amounts to the creation of a kind of Spotify model for data, and we know that this model has pretty much ruled out illegal music downloading,” he concludes.
(photo: Iris Walravens)