GSME proposals regarding mobile theft and IMEI security
|
|
- Janice Ray
- 6 years ago
- Views:
Transcription
1 GSM Europe The European interest group of the GSM Association GSME proposals regarding mobile theft and IMEI security The question of mobile theft and ways of combating it has started to receive increased attention recently in some EU Member States. Various means have already been put in place in the past to secure mobile handsets, including means to prevent the use of the handset after theft. However, with the increase of the phenomena, the attraction of new mobile terminals with colour screens and other new features and the impact it has on security in general, some governments have decided to reinforce - or are in the process of reinforcing - the measures taken so far. It should be noted that there are EU countries were mobile theft does not show the same statistical figures and the issue is therefore not being addressed by public authorities. In any case mobile theft has a global dimension because of the trade of stolen phones which crosses national borders. Discussions on mobile theft were held in the meetings of the TCAM Committee in 2002 and GSM Europe has written to Commissioner Liikanen in December 2002 highlighting the need for the IMEI number to be regulated through the application of article 3.3.d of the RTTE Directive. A draft decision was tabled by DG Enterprise at the TCAM Committee in March In order to discuss the matter again in more depth at the next TCAM in June, DG Enterprise will organise a hearing early June on ways to combat theft and is interested to hear private sector representatives views on the matter. GSM Europe welcomes the opportunity that is given to examine in more detail ways of combating mobile theft. It is of the opinion that the international mobile equipment identifier (IMEI) is a key element in the discussions : an IMEI that resists tampering can appreciably increase the efficiency of the various technical solution that exist to combat mobile theft without precluding any solution as such. This paper therefore does not discuss the pro and cons of each technical solution but rather concentrates on IMEI as a tool for making existing anti-theft solutions more efficient. It is up to governments in close co-operation with manufacturers and operators to decide which anti-theft solution is the best response to tackle mobile theft where appropriate. As long as these solutions are not satisfying, any regulatory intervention in this respect should be prevented.
2 Various possibilities of securing mobile handsets Options for securing mobile handsets are numerous but it is possible to classify them into three families : 3 external interfaces Network interface GSM, 3G bluetooth, IR, USB,... User interface Sim card interface * Network Family : The interface is between a network/server (GSM, 3G, bluetooth, IR) and the handset The handset sends an identification number to the network/server The network/server is in a position to restrict the access to some mobile services (GSM, 3G) according to the identification value Common identification for this family : identification number of the terminal (IMEI) There is only an identification of the handset and not an authentication of the user. 2. Mobile User Family The interface is between the user and the handset The user authenticates himself to the handset The user proves he has the right to use the handset since he is the only one knowing the authentication value 2
3 Common authentication values for this family : Personal Identifier Number (PIN), password, secret key + ciphering component, biometrics (e.g. fingerprint) The handset can restrict the access to its services according to the authentication value. 3. Smart Card Family The interface is between the simcard - or any other external component - and the handset The handset is programmed for a restricted use : the handset compares if its own descriptive data corresponds to the data stored on the external component (e.g. data stored in the smart card); Common descriptive data for this family : country code, network code, service code, user s IMSI value. It should be noted that in the case of the Network Family, it is the network that checks the incoming identifier/ security parameter whereas for the Mobile User and Smart Card Families, it is the handset that checks the security parameter and there is no interface with the network. A list of possible methods to secure mobile phone handsets is attached. Annex 1 indicates to which family the anti-theft option corresponds and describes the effectiveness and possible security attacks. A necessary link between the hardware and the software of the handset Based on the analysis of the various methods listed at annex, it seems that for any anti theft solution to be efficient it needs to resist handset cloning attacks, i.e. the complete reload of handset software which allows the duplication of the security mechanism and its associated data. When you have one mobile handset with an anti-theft solution inactivated (e.g. mobile pin code off) and another handset with the anti theft solution activated (mobile pin code on), cloning the first on the second will have as a result that the anti-theft solution of the second handset becomes inactivated To resist cloning attacks there needs to be a robust link between the handset s hardware and the handset s software. Without any relation between the hardware and the software, data and software can be exchanged between handsets. In this case, handsets behave like floppies in which software and data are stored. This link between the hardware and the software must materialise, at one moment in time, as a constant data (functionally equivalent to a serial number) and needs to be stored in a dedicated and 3
4 secure confident area (OTP, ASIC, crypto processor, ). Once stored and secured, the data can be used as a confidence root to build the entire security controls and integrity measures of the handset. The hardware/software link does not preclude the choice of the anti-theft measure to be put in place it only reinforces the effectiveness of the anti-theft measure used. GSM Europe proposes that this link should be based on a secure IMEI number which is already attributed to most mobile terminals as it was used historically for type approval purposes. It is necessary for manufacturers to ensure as much as possible that IMEI resist tampering. One can add that besides improving the whole range of anti-theft measures, a secure IMEI will be useful for the delivery of new mobile services in the future and will also be a valuable asset for tracking criminals or persons guilty of fraud. A secure IMEI in every handset As of today most handsets placed on the market have an International Mobile Equipment Identifier (IMEI). As of 1 st June, ETSI TS is applicable. This technical specification indicates that the IMEI shall not be changed after the Mobile Equipment s final production process. It shall resist tampering, i.e. the manipulation and change, by any means (e.g. physical, electrical and software). This requirement is valid for new GSMEs type approved after 1 st June 2002 the manufacturer is also responsible for ascertaining that each IMEI is unique. In practice, operators find that various types of handsets placed on the market after June 2002 do not have a secure IMEI. In fact, the standard is applied on a voluntary basis and some manufacturers (mostly non EU manufacturers) do not apply the standard. In addition, the ETSI standard does not give details about the technical means that need to be used to secure IMEIs. The level of security therefore varies greatly from one manufacturer to another. Commission decision on the application of article 3.3.d GSME therefore proposes that Article 3.3.d of the RTTE Directive be activated and that a Commission Decision is drafted as follows : Mobile Telecommunications Terminal Equipment shall be so constructed that its use after theft can be prevented. As a part of this, the equipment shall have a publicly available Mobile Equipment Identifier which shall resist tampering. 4
5 This provision is sufficiently open to allow the development of various anti theft solutions (SIM lock, blacklisting of stolen phones, mobile pin code ) according to the importance of the phenomena in each Member State. It highlights however the importance of a mobile equipment identifier which is not an anti-theft solution as such but a prerequisite for strengthening the various anti theft solutions available. As such, IMEIs should be implemented in the handset device in a way that its modification becomes economically unattractive. Process of detection and correction of IMEI anomalies GSM Europe believes that an additional significant improvement of IMEI security is possible by putting in place - in addition to the Commission Decision - a process engaging operators and manufacturers so as to detect weaknesses in IMEI - once the equipment is placed on the market - and improve the level of security accordingly during the life cycle of the product. 1. Once an operator detects a weakness on a specific mobile equipment model placed on the market, the operator alerts a relevant body (for example the GSM Association); The burden of proof lays with the operator. The anomaly is discussed and validated by this relevant body (for example GSMA TWG). 2. The GSM A formally addresses a notice to the manufacturer which has a week to give details on his planning to correct the anomaly; 3. 1 month after the formal notice, the manufacturer reports to the GSM A on the status of his action and details on the timing when the equipment with secure IMEI will leave the factory; 4. 2 months after the formal notice, equipment placed on the market have to present an IMEI of which the level of security is improved compared to the weakness initially identified; 5. If no correction is applied to eliminate the identified weakness and/or if no formal answer is given by the manufacturer to the GSMA, the GSM Association refers the case to the authorities which are to carry out the surveillance tasks related to the operation of the RTTE Directive. The relevant Member State is then in a position to activate Article 9 of the Directive (e.g. prohibition of placing the mobile equipment in question on the market). It is necessary that this IMEI process is carried out in the context of a broader regulatory framework of the RTTE Directive : the Directive (and subsequent Commission Decision on Article 3.3.d) sets the objective (each ME has an identifier which shall resist tampering) and in case of obvious infringement of this rule from the part of the manufacturer the relevant safeguards of the RTTE Directive can be activated by the Member States. GSME, London, June
INSPIRE status report
INSPIRE Team INSPIRE Status report 29/10/2010 Page 1 of 7 INSPIRE status report Table of contents 1 INTRODUCTION... 1 2 INSPIRE STATUS... 2 2.1 BACKGROUND AND RATIONAL... 2 2.2 STAKEHOLDER PARTICIPATION...
More informationITU Workshop Combating grey devices. Audrey Scozzaro Ferrazzini Standardisation and Industrial Policy Lead, EMENA Government Affairs 28 June 2016
ITU Workshop Combating grey devices Audrey Scozzaro Ferrazzini Standardisation and Industrial Policy Lead, EMENA Government Affairs 28 June 2016 Security solutions Qualcomm s vision Theft Deterrence Enterprise
More informationLIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 26 September 2008 (30.09) (OR. fr) 13567/08 LIMITE ENFOPOL 170 CRIMORG 150
COUNCIL OF THE EUROPEAN UNION Brussels, 26 September 2008 (30.09) (OR. fr) 13567/08 LIMITE ENFOPOL 170 CRIMORG 150 NOTE from : Presidency to : Working Party on Police Cooperation No. prev. doc.: 11784/08
More informationPolicy. London School of Economics & Political Science. Remote Access Policy. IT Services. Jethro Perkins. Information Security Manager.
London School of Economics & Political Science IT Services Policy Remote Access Policy Jethro Perkins Information Security Manager Summary This document outlines the controls from ISO27002 that relate
More informationECC Recommendation (17)04. Numbering for ecall
ECC Recommendation (17)04 Numbering for ecall Approved 22 November 2017 ECC/REC/(17)04 Page 2 INTRODUCTION ecall is a service designed for automotive vehicles to provide quick emergency response in case
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationElectronic Commerce Working Group report
RESTRICTED CEFACT/ECAWG/97N012 4 December 1997 Electronic Commerce Ad hoc Working Group (ECAWG) Electronic Commerce Working Group report SOURCE: 10 th ICT Standards Board, Sophia Antipolis, 4 th November
More informationToward Horizon 2020: INSPIRE, PSI and other EU policies on data sharing and standardization
Toward Horizon 2020: INSPIRE, PSI and other EU policies on data sharing and standardization www.jrc.ec.europa.eu Serving society Stimulating innovation Supporting legislation The Mission of the Joint Research
More informationThird public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy
Third public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy 14 February 2017 Amsterdam Gerhard Menzel European Commission - DG MOVE Scope:
More informationThe importance of Whois data bases for spam enforcement
The importance of Whois data bases for spam enforcement Chris Fonteijn Chairman OPTA Joint meeting GAC/GNSO Marrakech, Monday 26 June 2006 1 Introduction My name is Chris Fonteijn and I am chairman of
More informationPUBLIC COUNCIL OF THE EUROPEAN UNION. Brussels, 26 May /03 LIMITE SIRIS 47 CATS 34 ASIM 31 COMIX 330
Conseil UE COUNCIL OF THE EUROPEAN UNION Brussels, 26 May 2003 9808/03 LIMITE PUBLIC SIRIS 47 CATS 34 ASIM 31 COMIX 330 NOTE from : Presidency to : COREPER/Member States meeting within the Council/Council
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationIMEI Security Technical Design Principles
IMEI Security Technical Design Principles Enabling stolen mobile device blocking V4.0 August 2016 Table of Contents 1. Introduction... 1 2. Device Identity Security... 1 3. Design Principles... 2 4. IMEI
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationEuropean Framework for C-ITS Security 6 th of March 2018 Gerhard Menzel European Commission
European Framework for C-ITS Security 6 th of March 2018 Gerhard Menzel European Commission Key EU Policy Milestones to deliver C-ITS in Europe by 2019 Cooperative Intelligent Transport Systems A European
More informationWhite Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security
White Paper The Impact of Payment Services Directive II (PSD2) on Authentication & Security First Edition June 2016 Goode Intelligence All Rights Reserved Published by: Goode Intelligence Sponsored by:
More informationENISA s Position on the NIS Directive
ENISA s Position on the NIS Directive 1 Introduction This note briefly summarises ENISA s position on the NIS Directive. It provides the background to the Directive, explains its significance, provides
More informationImplementation and functioning of caller location in Europe. Cristina Lumbreras Technical Director, EENA
Implementation and functioning of caller location in Europe Cristina Lumbreras Technical Director, EENA Agenda Introduction Legislation Fixed telephony Mobile telephony Non-voice access to 112 VoIP Conclusions??
More informationITU-T SG 11 Workshop Global Approaches on Combating Counterfeiting and Stolen ICT Devices
ITU-T SG 11 Workshop Global Approaches on Combating Counterfeiting and Stolen ICT Devices ITU-T SG 11 Meeting, July 2018 23 rd July, 2018 CONTROL SYSTEM IN COLOMBIA FOR STOLEN MOBILE DEVICES OR WITH ALTERED/DUPLICATE
More information3GPP TS V ( )
TS 22.016 V10.0.0 (2011-03) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; International Mobile station Equipment Identities (IMEI)
More informationA STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT
A STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT Seungjae Shin, Mississippi State University, 1000 HWY 19N Meridian MS 39307, sshin@meridian.msstate.edu, (601)484-0160 Jerry Cunningham,
More informationEuropean Standards- preparation, approval and role of CEN. Ashok Ganesh Deputy Director - Standards
European Standards- preparation, approval and role of CEN Deputy Director - Standards 1 European Standarization why?, 2010-10-14 CEN-CENELEC 2010 2 What standards do enhance the safety of products allow
More informationMarket Surveillance Action Plan
Ref. Ares(2015)402331-02/02/2015 MEMORANDUM Date 12 November 2014 1(8) Spectrum Department Market Surveillance Action Plan 2013-2015 1 Legal basis According to Section 1 of the Ordinance (2007:951) with
More informationOutcomes of the ITU Workshop. Global approaches on combating counterfeiting and stolen ICT devices. (23 July 2018, Geneva)
Outcomes of the ITU Workshop Global approaches on combating counterfeiting and stolen ICT devices (23 July 2018, Geneva) Appreciation The workshop convener appreciated all speakers and moderators for their
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationETSI TS V6.2.0 ( )
TS 100 508 V6.2.0 (2000-07) Technical Specification Digital cellular telecommunications system (Phase 2+); International Mobile station Equipment Identities (IMEI) (GSM 02.16 version 6.2.0 Release 1997)
More informationACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS
ACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS Accreditation is continuously gaining recognition as an important technical tool in the delivery of objectives across an increasing range of policy
More informationSECURING CORPORATE ASSETS WITH TWO FACTOR AUTHENTICATION
SECURING CORPORATE ASSETS WITH TWO FACTOR AUTHENTICATION Introduction Why static passwords are insufficient Introducing two-factor Authentication Form Factors for OTP delivery Contact information OTP generating
More informationValérie Andrianavaly European Commission DG INFSO-A3
Security and resilience in the Information Society: towards a CIIP policy in the EU Valérie Andrianavaly European Commission DG INFSO-A3 valerie.andrianavaly@ec.europa.eu Network and information security:
More informationNetwork and Information Security Directive
Network and Information Security Directive Provisions + ENISA s activities Dr Evangelos Ouzounis Head of Secure Infrastructure and Services Unit, ENISA European Union Agency for Network and Information
More informationTECHNICAL REPORT Electronic Signatures and Infrastructures (ESI); Guidance on the use of standards for cryptographic suites
TR 119 300 V1.2.1 (2016-03) TECHNICAL REPORT Electronic Signatures and Infrastructures (ESI); Guidance on the use of standards for cryptographic suites 2 TR 119 300 V1.2.1 (2016-03) Reference RTR/ESI-0019300v121
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationVdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe
Author Date VdTÜV-WG Cybersecurity October, 3 rd 2015 VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe VdTÜV e.v. welcomes the Communication on a
More informationElectronic registered delivery services (ERDS) in light of the eidas regulation. Warsaw Common Sign Conference 2015
Electronic registered delivery services (ERDS) in light of the eidas regulation Warsaw Common Sign Conference 2015 ! 1. e-delivery and the eidas regulation - EU legislative framework - French legislative
More informationEUROPEAN COMMISSION DIRECTORATE GENERAL FOR INTERPRETATION
EUROPEAN COMMISSION DIRECTORATE GENERAL FOR INTERPRETATION RESOURCES AND SUPPORT DIRECTORATE Management of Technical Infrastructure Brussels, 23 January 2013 M/516 EN Ref. Ares(2013)136537-04/02/2013 REQUEST
More informationReference Offer for Wholesale Roaming Access
Reference Offer for Wholesale Roaming Access Published on the grounds of Article 3 of Regulation (EU) No 531/2012 of the European Parliament and the Council of 13 June 2012 Whereas, Regulation (EU) No
More informationEUROPEAN COMMISSION DIRECTORATE-GENERAL INFORMATION SOCIETY AND MEDIA
Ref. Ares(2011)514527-12/05/2011 EUROPEAN COMMISSION DIRECTORATE-GENERAL INFORMATION SOCIETY AND MEDIA Electronic Communications Policy Implementation of Regulatory Framework (I) Brussels, 6th May 2011
More informationSubmission. to the. Australian Communications and Media Authority. on the. Planning for mobile broadband within the 1.
Submission to the Australian Communications and Media Authority on the Planning for mobile broadband within the 1.5 GHz mobile band Submission by: Australian Mobile Telecommunications Association and Communications
More informationETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)
ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive) July 2013 Executive Summary ETNO supports the European Commission s global approach to cyber-security
More informationGSMA TAC Allocation and IMEI Programming Rules for Device Brand Owners and Manufacturers
GSMA TAC Allocation and IMEI Programming Rules for Device Brand Owners and Manufacturers Training Guide February 2018 v1.0 Copyright 2018 GSMA Introduction About this document This is a practical training
More informationComputer Security Policy
Administration and Policy: Computer usage policy B 0.2/3 All systems Computer and Rules for users of the ECMWF computer systems May 1995 Table of Contents 1. The requirement for computer security... 1
More informationThe commission communication "towards a general policy on the fight against cyber crime"
MEMO/07/199 Brussels, 22 May 2007 The commission communication "towards a general policy on the fight against cyber crime" The use of the term cyber crime in this communication There is no agreed definition
More informationA MODEL FOR INTERCONNECTION IN IP-BASED NETWORKS
Electronic Communications Committee (ECC) within the European Conference of Postal and Telecommunications Administrations (CEPT) A MODEL FOR INTERCONNECTION IN IP-BASED NETWORKS Vilnius, October 2005 Page
More informationPrivileged Account Security: A Balanced Approach to Securing Unix Environments
Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationComprehensive Study on Cybercrime
Federal Ministry of Justice and 17 August 2016 Consumer Protection German Comments on the Comprehensive Study on Cybercrime (Draft February 2013) The United Nations Office on Drugs and Crime (UNODC) invited
More informationINCREASING TRUST IN CALLING LINE IDENTIFICATION AND ORIGINATING IDENTIFICATION
Electronic Communications Committee (ECC) within the European Conference of Postal and Telecommunications Administrations (CEPT) INCREASING TRUST IN CALLING LINE IDENTIFICATION AND ORIGINATING IDENTIFICATION
More informationBasics of GSM in depth
This document will be helpful for the telecom engineers who deal with GSM as well as for the fresher /interested readers. This document has some advantages over other GSM texts in that it quickly gets
More information2016 Global Identity Summit Pre-Conference Paper Biometric Interoperability 2021
2016 Global Identity Summit Pre-Conference Paper Biometric Interoperability 2021 Paper development coordinated by Brian Pittack, DHS/Immigrations and Customs Enforcement This is a community-developed document.
More informationHow Next Generation Trusted Identities Can Help Transform Your Business
SESSION ID: SPO-W09B How Next Generation Trusted Identities Can Help Transform Your Business Chris Taylor Senior Product Manager Entrust Datacard @Ctaylor_Entrust Identity underpins our PERSONAL life 2
More informationeidas Regulation eid and assurance levels Outcome of eias study
eidas Regulation eid and assurance levels Outcome of eias study Dr. Marijke De Soete Security4Biz (Belgium) ETSI eidas Workshop 24 June 2015 Sophia Antipolis eidas Regulation Regulation on electronic identification
More informationTwo-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Digital Interconnect Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively
More informationGSMA Embedded SIM 9 th December Accelerating growth and operational efficiency in the M2M world
GSMA Embedded SIM 9 th December 2013 Purpose of this Reference Messaging Pack Appropriate slides may be selected to used for within different presentations for multiple audiences To provide consistent
More informationDIGITAL IDENTITY TRENDS AND NEWS IN CHINA AND SOUTH EAST ASIA
DIGITAL IDENTITY TRENDS AND NEWS IN CHINA AND SOUTH EAST ASIA 1 SECURING DIGITAL IDENTITY THE KEY TO ASIA S VAST POTENTIAL IN E-COMMERCE We are living through an exciting time for digital commerce in Asia.
More informationOPINION ON THE DEVELOPMENT OF SIS II
OPINION ON THE DEVELOPMENT OF SIS II 1 Introduction In an attempt to ensure that the second-generation Schengen information system SIS II complies with the highest standards of data protection, the Joint
More informationCOMMENTS BY THE CONFEDERATION OF SWEDISH ENTERPRISE ON:
31 March 2017 COMMENTS BY THE CONFEDERATION OF SWEDISH ENTERPRISE ON: Proposal for a Regulation of the European Parliament and of the Council introducing a European services e-card and related administrative
More informationElectronic signature framework
R E P U B L I C O F S E R B I A Negotation Team for the Accession of Republic of Serbia to the European Union Working Group for Chapter 10 Information society and media Electronic signature framework Contents
More informationA comprehensive approach on personal data protection in the European Union
A comprehensive approach on personal data protection in the Justice Date 1 Main legal instruments on EU level Data Protection Directive 95/46/EC Directive 2002/58/EC on privacy and electronic communications
More informationETSI TS V ( ) Technical Specification
TS 122 016 V10.0.0 (2011-05) Technical Specification Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; International Mobile Equipment Identities
More informationPrivacy Notice - General Data Protection Regulation ( GDPR )
THIS PRIVACY NOTICE APPLIES TO ANY PERSON WHO INSTRUCTS AN INDIVIDUAL BARRISTER AT 12 OLD SQUARE CHAMBERS EITHER DIRECTLY OR THROUGH A SOLICITOR OR WHO ASKS THE INDIVIDUAL BARRISTER FOR A REFERENCE Privacy
More informationLL-C (Certification) Services Overview
LL-C (Certification) Services Overview Who is LL-C (Certification)? LL-C (Certification) is an international certification body operating in more than 40 countries with experience in the field. Provides
More informationStrategy for information security in Sweden
Strategy for information security in Sweden 2010 2015 STRATEGY FOR SOCIETAL INFORMATION SECURITY 2010 2015 1 Foreword In today s information society, we process, store, communicate and duplicate information
More informationPOMONA EUROPE ADVISORS LIMITED
POMONA EUROPE ADVISORS LIMITED Personal Information Notice Pomona Europe Advisors Limited (Pomona, we/us/our) wants you to be familiar with how we collect, use and disclose personal information. This Personal
More informationOpen letter from Access regarding document acquired through freedom of information request 5 messages
Estelle Masse Open letter from Access regarding document acquired through freedom of information request 5 messages Estelle Masse To: cecilia.malmstrom@ec.europa.eu,
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More information16474/08 JJ/ap 1 DGH4
COUNCIL OF THE EUROPEAN UNION Brussels, 28 November 2008 16474/08 PROCIV 185 COCON 40 COSDP 1097 DEVGEN 255 ENV 912 FORETS 74 ONU 105 RECH 396 RELEX 969 SAN 300 TELECOM 212 NOTE from : Council Secretariat
More informationThe telephone supports 2 SIM cards. All functions are available for both SIM cards and have independent settings.
Samsung C6112 telephone for protection of conversations against control via a GSM service provider as well as via active and semi-active GSM interception complexes, catchers. The telephone supports 2 SIM
More informationResilience, Responsibility, Responsiveness Towards a Future-oriented, Sustainable World Economy. B20 Recommendations on Digital Trade
Resilience, Responsibility, Responsiveness Towards a Future-oriented, Sustainable World Economy B20 Recommendations on Digital Trade Dr. Stormy-Annika Mildner, B20 Sherpa April 25, 2017 B20 Structure Members
More informationCEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
CEN Identification number in the EC register: 63623305522-13 CENELEC Identification number in the EC register: 58258552517-56 CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
More informationUlster University Standard Cover Sheet
Ulster University Standard Cover Sheet Document Title Portable Devices Security Standard 1.5 Custodian Approving Committee Deputy Director of Finance and Information Services (Information Services) Information
More informationIntroductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht
Introductory Speech to the Ramboll Event on the future of ENISA Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht BRUSSELS 22 ND MARCH 2017 www.enisa.europa.eu European Union Agency For Network
More informationBiometrics problem or solution?
Biometrics problem or solution? Summary Biometrics are a security approach that offers great promise, but also presents users and implementers with a number of practical problems. Whilst some of these
More informationWorkshop Numbering for ecall 31. January Johannes Vallesverd CEPT ECC WG NaN Chairman
Workshop Numbering for ecall 31. January 2017 Johannes Vallesverd CEPT ECC WG NaN Chairman Organisation map 1 Current and future activities of WG NaN in relation to ecall M2M numbering resources MNC flexibility
More informationOur Privacy Policy gives you detailed information on when and why we collect your personal information, how we use it and how we keep it secure.
Junction.co.uk Privacy Policy www.junction.co.uk is owned and operated by Cambridge Junction. We are committed to safeguarding your privacy online and to this end have developed the following Privacy Policy
More informationETNO-GSMA Position Paper on the BEREC Guidelines for the implementation of the Open Internet provisions of the TSM Regulation (2015/2120)
ETNO-GSMA Position Paper on the BEREC Guidelines for the implementation of the Open Internet provisions of the TSM Regulation (2015/2120) Introduction In addition to the GSMA and ETNO papers delivered
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationSecuring Multiple Mobile Platforms
Securing Multiple Mobile Platforms CPU-based Multi Factor Security 2010 Security Workshop ETSI 2010 Security Workshop Navin Govind Aventyn, Inc. Founder and CEO 1 Mobile Platform Security Gaps Software
More informationKSi Malta Privacy Policy
KSi Malta Privacy Policy CONTENTS KSi Malta Privacy Policy 6 Details about the data controller & Scope 6 How information is collected from you 7 Legal basis of data processing 8 What information we collect
More informationTERMS AND CONDITIONS FOR THE USE OF THE WEBSITE AND PRIVACY POLICY
TERMS AND CONDITIONS FOR THE USE OF THE WEBSITE AND PRIVACY POLICY Trademarks-Intellectual Property Rights Xtrade BLZ (hereinafter called the Company or we or us) is the owner of the Copyright in the pages
More informationEU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017
EU Cloud Computing Policy Luis C. Busquets Pérez 26 September 2017 The digital revolution is built on data Most economic activity will depend on data within a decade Potential of the data-driven economy
More informationWorkday s Robust Privacy Program
Workday s Robust Privacy Program Workday s Robust Privacy Program Introduction Workday is a leading provider of enterprise cloud applications for human resources and finance. Founded in 2005 by Dave Duffield
More informationCognizant Careers Portal Privacy Policy ( Policy )
Cognizant Careers Portal Privacy Policy ( Policy ) Date: 22 March 2017 Introduction This Careers Portal Privacy Policy ("Policy") applies to the Careers portal on the Cognizant website accessed via www.cognizant.com/careers
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593
COUNCIL OF THE EUROPEAN UNION Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593 LEGISLATIVE ACTS AND OTHER INSTRUMTS Subject : Council Resolution on a European approach towards a
More informationCybersecurity Policy in the EU: Security Directive - Security for the data in the cloud
Cybersecurity Policy in the EU: The Network and Information Security Directive - Security for the data in the cloud Microsoft Commitment to Cybersecurity Security at the heart of our products and services
More informationThe WAP Roadmap. Short Term Goals for WAP
The WAP Roadmap Authors: Alastair Angwin, WAP Specification Committee / IBM UK Laboratories (alastair_angwin@uk.ibm.com) Bill Coan, WAP Specification Committee / AT&T Wireless Services / Global Operators
More informationEuropean Commission Directorate General Enterprise and Industry INSTITUTIONAL FRAMEWORK ON
OVERVIEW OF THE EUROPEAN INSTITUTIONAL FRAMEWORK ON STANDARDISATION Maria Marini DG Enterprise and Industry, Standardisation Unit International relations in the field of Standards Directorate t General
More informationETSI TS V8.0.0 ( )
TS 101 180 V8.0.0 (2000-05) Technical Specification Digital cellular telecommunications system (Phase 2+); Security mechanisms for the SIM Application Toolkit; Stage 1 (GSM 02.48 version 8.0.0 Release
More informationRevision of BREF documents in light of the Industrial Emissions Directive
Revision of BREF documents in light of the Industrial Emissions Directive 11th International Conference Thermal treatment of waste from plans to implementation Bydgoszcz, 4./6.11.2014 Edmund Fleck ESWET
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)
COUNCIL OF THE EUROPEAN UNION Brussels, 24 May 2013 Interinstitutional File: 2013/0027 (COD) 9745/13 TELECOM 125 DATAPROTECT 64 CYBER 10 MI 419 CODEC 1130 NOTE from: Presidency to: Delegations No. Cion
More information13967/16 MK/mj 1 DG D 2B
Council of the European Union Brussels, 4 November 2016 (OR. en) 13967/16 'I/A' ITEM NOTE From: To: General Secretariat of the Council No. prev. doc.: 11911/3/16 REV 3 No. Cion doc.: 11013/16 Subject:
More informationMarket Surveillance Action Plan
Ref. Ares(2016)386697-25/01/2016 MEMORANDUM Date 12.11.2014 1(9) Spectrum Department 2016-2018 Market Surveillance Action Plan 1 Legal basis According to Section 1 of the Ordinance (2007:951) with instructions
More informationNEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?
NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT? What the new data regulations mean for your business, and how Brennan IT and Microsoft 365 can help. THE REGULATIONS: WHAT YOU NEED TO KNOW Australia:
More informationNon Person Identities After all, who cares about me? Gilles Lisimaque & Dave Auman Identification technology Partners, Inc.
Identities Non Person Identities After all, who cares about me? Gilles Lisimaque & Dave Auman Identification technology Partners, Inc. Device Identifiers Most devices we are using everyday have (at least)
More informationRegulating Cyber: the UK s plans for the NIS Directive
Regulating Cyber: the UK s plans for the NIS Directive September 2017 If you are a digital service provider or operate an essential service then new security and breach notification obligations may soon
More informationFAQ of BIPT for the attention of the consumers relating to the compulsory identification of prepaid card users. Contents
FAQ of BIPT for the attention of the consumers relating to the compulsory identification of prepaid card users Contents 1. What does the new regulation relate to?... 3 1.1. What will change?... 3 1.2.
More information15412/16 RR/dk 1 DGD 1C
Council of the European Union Brussels, 12 December 2016 (OR. en) 15412/16 ENFOPOL 484 ENV 791 ENFOCUSTOM 235 OUTCOME OF PROCEEDINGS From: General Secretariat of the Council On: 8 December 2016 To: Delegations
More informationQuestion 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:
Cybercrime Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Organizations can prevent cybercrime from occurring through the proper use of personnel, resources,
More informationETSI TS V6.1.0 ( )
TS 102 224 V6.1.0 (2004-12) Technical Specification Smart cards; Security mechanisms for UICC based Applications - Functional requirements (Release 6) 2 TS 102 224 V6.1.0 (2004-12) Reference RTS/SCP-R0282r1
More informationDirective on Security of Network and Information Systems
European Commission - Fact Sheet Directive on Security of Network and Information Systems Brussels, 6 July 2016 Questions and Answers The European Parliament's plenary adopted today the Directive on Security
More informationCEREMP Registration User Manual for Market Participants in Denmark
CEREMP Registration User Manual for Market Participants in Denmark 1 st Edition SEPTEMBER-2014 Danish Energy Regulatory Authority Carl Jacobsens Vej 35 2500 Valby, Denmark Page 1 of 41 Contents INTRODUCTION...
More information