Aug 24
Danish DPA Data Protection Digital Markets Act EU-US cooperation EDPB hits Meta, the EU General Court explains the nature

Google releases security keys to withstand quantum attacks, UK’s supervisory authority (ICO) opens first phase of biometric guidance for consultation.

Google releases security keys to withstand quantum attacks, UK’s supervisory authority (ICO) opens first phase of biometric guidance for consultation.

Konstantin Tiazhelnikov Konstantin Tiazhelnikov
  • August 24, 2023 -

As part of its efforts to deploy quantum resistant cryptography, Google has now announced the release of the first quantum resilient security key to withstand quantum attacks.

In a nutshell, quantum attacks refer to a category of cryptographic attacks that leverage the principles of quantum mechanics to compromise the security of classical cryptographic systems. In other words, classical cryptographic systems, which rely on mathematical problems that are difficult to solve, could be potentially broken by powerful enough quantum computers. Once a sufficiently powerful quantum computer becomes available, it could potentially render existing cryptographic systems vulnerable to attacks that were previously considered impractical due to the computational effort required. This phenomenon is often referred to as the “quantum threat” to cybersecurity.

According to the Google’s press-release, “while quantum attacks are still in the distant future, deploying cryptography at Internet scale is a massive undertaking which is why doing it as early as possible is vital. In particular, for security keys this process is expected to be gradual as users will have to acquire new ones once FIDO has standardized post quantum cryptography resilient cryptography and this new standard is supported by major browser vendors”.

***

The UK’s data protection watchdog, ICO, has published draft biometric data guidance for public consultations that will last until 20 October. According to ICO, “The draft biometric data guidance explains how data protection law applies when you use biometric data in biometric recognition systems”. The guidance is then “for organisations that use or are considering using biometric recognition systems. It is also for vendors of these systems. It is for both controllers and processors”.

The guidance covers such issues like “what biometric data is; when it is considered special category data; its use in biometric recognition systems; and the data protection requirements you need to comply with”. The guidance does not, however, cover “requirements of the data protection regimes for law enforcement purposes or the security services”.

See more related posts »

Related blog posts

DP News – Week 18. Dutch supervisory authority issued Guidelines on data scraping, CNIL published a self-assessment tool for Binding Corporate Rules (BCR), The Council of the European Union adopted a data transfer framework with Japan, Norway’s supervisory authority (Datatilsynet) released the 2023 annual report.
  • May 2, 2024 -

DP News – Week 17. EDPB released the 2023 annual report, outlined its 2024-2027 strategy and issued an information note on the EU-US Data Privacy Framework redress mechanism, Finnish DPA has decided on retention periods in the recruitment process.
  • April 25, 2024 -

DP News – Week 16. EDPB opinion: Pay-or-Consent models clash with GDPR consent requirements, EU Commission requested a risk assessment from TikTok, ICO launched a privacy notice generator, Catalan Data Protection Authority fines occupational health center for email confidentiality breach, Dutch chipmaker investigates data breach amidst security concerns.
  • April 18, 2024 -