Skip site navigation (1) Skip section navigation (2)

Re: Database Encryption (now required by law in Italy)

From: Dave Ewart <Dave(dot)Ewart(at)cancer(dot)org(dot)uk>
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: Database Encryption (now required by law in Italy)
Date: 2004-03-05 12:12:54
Message-ID: 20040305121254.GK13042@nemesis.ox.icnet.uk (view raw or flat)
Thread:
Lists: pgsql-admin
On Friday, 05.03.2004 at 12:52 +0000, Silvana Di Martino wrote:

> Deciding which data are relevant is not easy. The law stipulates that all of 
> the "personal data" have to be encrypted and that "personal data" are the 
> data that allow a "spy" to infer any of the following information about a 
> person:
> - identity
> - age
> - health status
> - political orientation
> - religious faith
> - address
> - phone number
> - email address
> - and a few more...

Interesting - of course some of the above, such as age, political
orientation and religious faith are NOT personal data if the other
identifying information is absent (e.g. you know that someone aged 35 is
a Communist and a Christian - not terribly helpful on its own).

The exception to that rule is where there are very few people having the
characteristics in question.

But as you say, encrypting 'the whole database' in some way is probably
safest ...

If you find any 'automated' front-end to do this at the database-level,
rather than something like loopback at the filesystem level or at the
field level for specific fields, I think there would be a lot of
interest.

Dave.
-- 
Dave Ewart
Dave(dot)Ewart(at)cancer(dot)org(dot)uk
Computing Manager, Epidemiology Unit, Oxford
Cancer Research UK
PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370


In response to

Responses

pgsql-admin by date

Next:From: Silvana Di MartinoDate: 2004-03-05 12:51:54
Subject: Re: Database Encryption (now required by law in Italy)
Previous:From: Dave EwartDate: 2004-03-05 12:08:02
Subject: Re: Database Encryption (now required by law in Italy)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group