Want to read more? Join my Patreon community

How not to build a data security system

Posted at 17:00 on 14 Dec 2018 by Pandora / Blake

Information security expert Alec Muffett has posted an essay analysing the data security proposals of the BBFC with regards to Age Verification - including some damning commentary on the fact that all parties responsible for implementing AV are blithely ignoring the legal sensitivity of the data involved under the Data Protection Act:

The UK Government has passed the Data Protection Act (DPA) which guarantees sensitive “…processing of data concerning an individual’s sex life or sexual orientation” — §86.7e — and yet apparently nobody wishes to consider that if a person regularly age-verifies in order to access “ireallylikegayporn.com”, the resulting metadata trail will clearly constitute “data concerning [their] sex life or sexual orientation”. 


He explains why the April 2019 deadline for enforcement is so rushed as to preclude any sensible security consultation, and gives a good analysis of the deficiencies of the proposed data security mechanisms for AV with reference to the benchmark provided by credit card security standards.

Keep reading »

Tags: age verification, BBFC, Digital Economy Act, privacy, security

0 comments

« November 2018

January 2019 »

Want to read more? Join my Patreon community
Become a Patron!

Browse archive

2018

Find Pandora online

Feminist porn

Spanking porn

Spanking blogs

Sex and Politics blogs

Toplists & directories