WHEN STATES CAN'T BE TRUSTED

摘要

Information security (IS) discussions normally concern tasks related to ensuring exclusive control by the organization primarily responsible for creating, using, and/or storing the information. This is particularly true when the responsible organization is a State. States collect and maintain many types of data about persons and real and financial assets within their borders or having some other association with their countries. The discussion in this paper focuses upon another aspect of IS: the risk of responsible organizations employing their control of information to gain unfair advantage over individuals, groups, and assets. States are normally assumed to be benevolent shepherds of those within their jurisdictions. However, exploitation by States is more common than usually assumed. An associated problem relates to globalization. It is increasingly common for persons and assets to interact and/or travel across jurisdictions. This increases the need for sharing information. Approaches and potential problems for addressing these issues are outlined.