Difference between revisions of "CEN-CENELEC-ETSI Activities"
IreneKamara (talk | contribs) |
|||
| Line 3: | Line 3: | ||
[[File:CEN CENELEC.jpg]][[File:ETSI.jpg]] | [[File:CEN CENELEC.jpg]][[File:ETSI.jpg]] | ||
== <span style="font-size: larger; line-height: 1.2 | == <span style="font-size: larger; line-height: 1.2">CEN-CENELEC JWG8 on Privacy Management of Security Products and Related Services</span> == | ||
{| | {| style="width: 900px" border="1" cellpadding="1" cellspacing="1" | ||
|- | |- | ||
| Context | | Context<br/> | ||
| | | | ||
The European commission has issued in early 2015 a mandate to European Standardisation Organisations (or ESOs), CEN, CENELEC, ETSI) to work on a roadmap of standards covering the privacy management of security products and related services | The European commission has issued in early 2015 a mandate to European Standardisation Organisations (or ESOs), CEN, CENELEC, ETSI) to work on a roadmap of standards covering the privacy management of security products and related services | ||
<span style="line-height: 1.6 | <span style="line-height: 1.6">Consequently, CEN/CENELEC has decided to launch a joint working group JWG8, the secretariat of which will be managed by AFNOR (France).</span> | ||
The objective if to define a roadmap and work plan for October 2015 | The objective if to define a roadmap and work plan for October 2015 | ||
| Line 50: | Line 50: | ||
== <span style="font-size: larger; line-height: 1.2 | == <span style="font-size: larger; line-height: 1.2">CEN/TC225 - AIDC technologies</span> == | ||
<span style="line-height: 1.6 | <span style="line-height: 1.6">As stated in Wikipedia : ''Automatic identification and data capture (AIDC) refers to the methods of automatically identifying objects, collecting data about them, and entering that data directly into computer systems (i.e. without human involvement). Technologies typically considered as part of AIDC include bar codes, Radio Frequency Identification (RFID), biometrics, magnetic stripes, Optical Character Recognition (OCR), smart cards, and voice recognition. AIDC is also commonly referred to as “Automatic Identification,” “Auto-ID,” and "Automatic Data Capture."''</span> | ||
=== <span style="font-size: 18.2520008087158px; line-height: 29.2032012939453px | === <span style="font-size: 18.2520008087158px; line-height: 29.2032012939453px">Data Protection, Privacy and Information Aspects of RFID</span> === | ||
{| | {| style="line-height: 20.7999992370605px; width: 900px" border="1" cellpadding="1" cellspacing="1" | ||
|- | |- | ||
| Context | | Context | ||
| Line 70: | Line 70: | ||
<font color="#333333">[http://standards.cen.eu/dyn/www/f?p=204:110:0::::FSP_PROJECT:38350&cs=117C4B4C6C024833E3B87802F882742D0 EN 16570]: « Information technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems».</font> | <font color="#333333">[http://standards.cen.eu/dyn/www/f?p=204:110:0::::FSP_PROJECT:38350&cs=117C4B4C6C024833E3B87802F882742D0 EN 16570]: « Information technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems».</font> | ||
Here is a powerpoint presentation of TC225 : [http://docbox.etsi.org/Workshop/2013/201301_SECURITYWORKSHOP/03_CENCENELEC_Standardization/CEN_TC225_M436_DESSENNE.pdf http://docbox.etsi.org/Workshop/2013/201301_SECURITYWORKSHOP/03_CENCENELEC_Standardization/CEN_TC225_M436_DESSENNE.pdf] | Here is a powerpoint presentation of TC225 : [http://docbox.etsi.org/Workshop/2013/201301_SECURITYWORKSHOP/03_CENCENELEC_Standardization/CEN_TC225_M436_DESSENNE.pdf http://docbox.etsi.org/Workshop/2013/201301_SECURITYWORKSHOP/03_CENCENELEC_Standardization/CEN_TC225_M436_DESSENNE.pdf] | ||
|- | |- | ||
| Line 84: | Line 84: | ||
A dedicated Project Team has been appointed to draft the EN 16571 on PIA for RFID applications | A dedicated Project Team has been appointed to draft the EN 16571 on PIA for RFID applications | ||
<ul style="line-height: 18.9090900421143px;"> | <ul style="line-height: 18.9090900421143px;"> | ||
<li><span style="line-height: 20.7999992370605px | <li><span style="line-height: 20.7999992370605px">Project Leader: Claude Tételin ([http://www.centrenational-rfid.com/index_gb.cfm French RFID National Centre])</span></li> | ||
</ul> | </ul> | ||
Editing team | Editing team | ||
<ul style="line-height: 18.9090900421143px;"> | <ul style="line-height: 18.9090900421143px;"> | ||
<li><span style="line-height: 20.7999992370605px | <li><span style="line-height: 20.7999992370605px">Paul Chartier ([https://www.convergent-software.co.uk/ Convergent Software Limited], UK), editor</span></li> | ||
<li>Sandra Hohenecker ([https://www.gs1-germany.de/ GS1 Germany])</li> | <li>Sandra Hohenecker ([https://www.gs1-germany.de/ GS1 Germany])</li> | ||
<li>John Borking ([https://www.european-privacy-seal.eu/EPS-en/Home EuroPriSe])</li> | <li>John Borking ([https://www.european-privacy-seal.eu/EPS-en/Home EuroPriSe])</li> | ||
| Line 96: | Line 96: | ||
|- | |- | ||
| Comments | | Comments<br/> | ||
| | |||
|} | |||
== <span style="font-size: larger; line-height: 1.2">ETSI </span>Cloud Standards Coordination final report v.1.0 == | |||
{| border="1" cellpadding="1" cellspacing="1" width="1071" | |||
|- | |||
| Context<br/> | |||
| | |||
<span style="color:#2C3439">The </span><span style="font-size:13px; color:#20272B">overall objective of the Cloud Standards Coordination initiative led by ETSI is to identify a detailed map of the standards required to support a series of </span><span style="font-size:13px; color:#36568B"><u>[http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0529:FIN:EN:PDF policy objectives]</u></span><span style="font-size:13px; color:#20272B"> defined by the European Commission, in particular </span><span style="color:#2C3439">in critical areas such as security, interoperability, data portability and reversibility</span><span style="font-size:13px; color:#20272B">.</span> | |||
|- | |||
| URL | |||
| [http://csc.etsi.org/phase2/UserNeeds.html http://csc.etsi.org/phase2/UserNeeds.html]<br/> | |||
|- | |||
| Comments<br/> | |||
| | | | ||
[Irene Kamara] | |||
The report includes the collection and classification of over 100 cloud computing Use Cases, many of which have a personal data protection focus (e.g. UC SD 3.3.3. Processing Sensitive Data) | |||
|} | |} | ||
| |||
Revision as of 23:48, 5 July 2015
This page focuses on activities related to privacy carried out in the European Standardisation Organisations (ESOs)
CEN-CENELEC JWG8 on Privacy Management of Security Products and Related Services
| Context |
The European commission has issued in early 2015 a mandate to European Standardisation Organisations (or ESOs), CEN, CENELEC, ETSI) to work on a roadmap of standards covering the privacy management of security products and related services Consequently, CEN/CENELEC has decided to launch a joint working group JWG8, the secretariat of which will be managed by AFNOR (France). The objective if to define a roadmap and work plan for October 2015 |
| URL |
Mandate page: http://ec.europa.eu/growth/tools-databases/mandates/index.cfm?fuseaction=search.detail&id=548 JWG8 page: http://www.cencenelec.eu/standards/Sectors/DefenceSecurityPrivacy/Privacy/Pages/default.aspx |
| Members of JWG8 |
Working group structure
Editing team
|
| Comments |
[Antonio Kung]
|
CEN/TC225 - AIDC technologies
As stated in Wikipedia : Automatic identification and data capture (AIDC) refers to the methods of automatically identifying objects, collecting data about them, and entering that data directly into computer systems (i.e. without human involvement). Technologies typically considered as part of AIDC include bar codes, Radio Frequency Identification (RFID), biometrics, magnetic stripes, Optical Character Recognition (OCR), smart cards, and voice recognition. AIDC is also commonly referred to as “Automatic Identification,” “Auto-ID,” and "Automatic Data Capture."
Data Protection, Privacy and Information Aspects of RFID
| Context |
In December 2008, the European Commission addressed the Mandate M/436 to CEN, CENELEC and ETSI in the field of ICT as applied to RFID systems. The Mandate M/436 was accepted by the ESOs in the first months of 2009. The Mandate addresses the data protection, privacy and information aspects of RFID, and is being executed in two phases. Phase 1, completed in May 2011, identified the work needed to produce a complete framework of future RFID standards. The Phase 1 results are contained in the ETSI Technical Report TR 187 020, which was published in May 2011. Phase 2 is concerned with the execution of the standardisation work programme identified in the first phase. This second phase ended in July 2014 with the publication of different technical reports and the publication of two European standards: EN 16571: « Information technology - RFID privacy impact assessment process» and EN 16570: « Information technology - Notification of RFID - The information sign and additional information to be provided by operators of RFID application systems». Here is a powerpoint presentation of TC225 : http://docbox.etsi.org/Workshop/2013/201301_SECURITYWORKSHOP/03_CENCENELEC_Standardization/CEN_TC225_M436_DESSENNE.pdf |
| URL |
Mandate page: M/436 CEN/TC225 page: CEN/TC225 |
| Members of CEN/TC225 |
A dedicated Project Team has been appointed to draft the EN 16571 on PIA for RFID applications
Editing team
|
| Comments |
|
ETSI Cloud Standards Coordination final report v.1.0
| Context |
The overall objective of the Cloud Standards Coordination initiative led by ETSI is to identify a detailed map of the standards required to support a series of policy objectives defined by the European Commission, in particular in critical areas such as security, interoperability, data portability and reversibility. |
| URL | http://csc.etsi.org/phase2/UserNeeds.html |
| Comments |
[Irene Kamara] The report includes the collection and classification of over 100 cloud computing Use Cases, many of which have a personal data protection focus (e.g. UC SD 3.3.3. Processing Sensitive Data) |