Privacy Shield

2017-12-27 by Drs. Andor Demarteau

The niner noteworthy stories of 2017 (week 31)

These are the noteworthy stories, in no particular order, that peaked my interest for this week.

Corporate profits to take more hits from Ukraine cyber attack
New Anthem data breach by contractor affects more than 18,000 enrollees
Steve Bannon wants Facebook, Google ‘regulated like utilities’
Cnil issues first fine for data protection violations
‘Anonymous’ browsing data can be easily exposed, researchers reveal | Technology
EU privacy watchdog: Privacy shield should be temporary
Amber Rudd claims “real people” don’t care about end-to-end encryption
Can cellphones handle vehicle-to-vehicle comms better than radio networks?
Once-Rejected FAA Software Upgrade May Prevent Planes From Landing on Taxiways

Filed Under: Noteworthy Series Tagged With: Aviation, Cryptography, Data Breach, E-Privacy Regulation, GDPR, InfoSec, Privacy, Privacy Shield

2017-12-20 by Drs. Andor Demarteau

The niner noteworthy stories of 2017 (week 24)

These are the noteworthy stories, in no particular order, that peaked my interest for this week.

Ransomware-as-a-service schemes are now targeting Macs too
Top university under ‘ransomware’ cyber-attack
Found: “Crash Override” malware that triggered Ukrainian power outage
Russia struck at election systems and data of 39 US states
‘How foul-mouthed hackers messed up my life’
Identity theft can be thwarted by artificial intelligence analysis of a user’s mouse movements
Trump Puts U.S.-EU Privacy Shield At Risk
NGO to Israeli High Court: Block state from public biometric campaign
German minister calls for expanded use of face recognition software

Click here to find out why

Filed Under: Noteworthy Series Tagged With: Biometrics, Cryptography, GDPR, InfoSec, IOT, Privacy, Privacy Shield

2017-03-09 by Drs. Andor Demarteau

The niner noteworthy stories of 2017 (week 9)

These are the noteworthy stories, in no particular order, that peaked my interest last week.

‘Cloudbleed’ post-mortem points to huge data leak, but no evidence of exploitation
Amazon typo knocked websites offline
Master spy behind Snoopers’ Charter wants to gag leakers, journalists
Europe’s data protection rules set a high bar for consent – and UK ICO welcomes your thoughts
Global cybercrime prosecution a patchwork of alliances
MWC 2017: ‘22,000 hackable webcams in Barcelona’
Ransomware for Dummies: Anyone Can Do It
Visa, Mastercard beef up mobile payment tech at Mobile World Congress
It’s Schrems, round two

Click here to find out why

Filed Under: Noteworthy Series Tagged With: GDPR, InfoSec, Privacy, Privacy Shield

2017-01-04 by Drs. Andor Demarteau

The niner noteworthy and the 12 recaps of 2016 (day 10)

Except for one article, all others deal with data protection and privacy laws related to the European Union. Not too surprising as the general data protection regulation and the EU/US privacyshield have been dominating the privacy news over the last year.
Apart from those major topics I will be looking at how Florida is handling data from citizens with a drivers license as well as what the Donald may have in store for cross-atlantic data transfers.
besides this, there are already some pointers to the semi-final instalment of this series which will focus on online surveillance.

In chronological order:

Is Ireland ready to police the data world?
Privacy Shield challenged by Irish privacy advocates
The GDPR will set the benchmark for global privacy contracting – and here’s why
How the ICO will be supporting the implementation of the GDPR
Florida May Be Breaking Law In Selling Personal Info To Companies
CNIL just published the results of their GDPR public consultation: what’s in store for DPOs and data portability?
Germany: Data Protection Officer must not have a conflict of interests
EU to Closely Monitor Trump on Data Transfer Compliance
Critics: Germany’s GDPR implementation riddled with holes, illegalities

Click here to continue reading

Filed Under: Noteworthy Series Tagged With: GDPR, Privacy, Privacy Shield

2017-01-03 by Drs. Andor Demarteau

The niner noteworthy and the 12 recaps of 2016 (day 9)

Privacy professionals

are all lawyers

, at least that is a one-liner I have heard often enough from people within the International Association of Privacy Professionals. And yes I’m somewhat irritated about that statement.
Data protection has, if lawyers like it or not, a very large technical aspect that if not taken care of will mean that their legal work means absolutely nothing for the privacy protection of our society.
In this instalment I will be looking at data protection from a technology point of view including: the privacy aware usage of drones, biometric voice prints and how a piece of software can render them useless, health data in the hands of one of the biggest privacy violators on the web, fitness bands and their privacy impact, issues with Apple iMessage and iCloud syncing of call data.
But the legal site has it’s place too in this 12 recaps series.
Check out day 10: Legal privacy, here.

In chronological order:

Realizing the potential of drones, yet preserving our privacy
iMessage Preview Problems
Ad Industry to FCC on Privacy Rules: You Got It Wrong
Fitbit, Jawbone, Garmin and Mio fitness bands criticized for privacy failings
Adobe Voco ‘Photoshop-for-voice’ causes concern
FYI Apple fans – iCloud slurps your call histories
TfL to track Tube users in stations by their MAC addresses
IETF plants privacy test inside DNS
Google secures five-year access to health data of 1.6m people

Click here to continue reading

Filed Under: Noteworthy Series Tagged With: GDPR, InfoSec, Privacy, Privacy Shield

2016-04-29 by Drs. Andor Demarteau

EU/US Privacyshield: one common goal but 180 degree difference in vision

We are registering the start of this century when social media more or less didn’t exist yet, nobody heard of big data and Edward Snowden was still a young man.
At that time it wasn’t hard to see how the European Union and the USA made a gentlemen’s agreement on the processing of personal information in the USA even though the country offered a privacy protection level nowhere close to becoming adequate according to European privacy laws (data protection directive 95/46/EC) on the promise they would behave themselves and companies could be trusted with a self-certification system on which the American FTC (Federal Trade Commission) would keep a close eye. They called it “safe harbour” which lasted for around 15 years.

The adequacy of American data protection hasn’t changed in all these years and with the expected growing protection against unlawful data processing only increasing in the GDPR it will not change in the favour of the American views on privacy anytime soon either.
So why is the privacy shield more a cloak than a protective measure?
Read my analyses here

Filed Under: Noteworthy Series Tagged With: GDPR, Privacy, Privacy Shield