Privacy

Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.

Half of EU members sidle up to EC: About the data-sharing rules. C'mon. Chill out

Alexander J Martin, The Register,  Monday, May 23, 2016

Ministers from half of the European Union's 28 member states have signed a letter asking the EU Commission to drop its “barriers to the free flow of data”. The letter was sent to the EU's digitally focused folk ahead of Wednesday, when the commission will publish the findings of its inquiry into online platforms (“search engines, social media, knowledge and video sharing websites, app stores, etc.”) which took place after the publication of the EU's Digital Single Market Strategy last year. Essentially something of a cry against the EU's data protection legislation, the letter is signed by ministers from Belgium, Bulgaria, Czech Republic, Denmark, Estonia, Finland, Great Britain, Ireland, Latvia, Luxembourg, Lithuania, Poland, Slovenia and Sweden.

How to handle the new US-EU data regulations

Jamie Carter, Tech Radar,  Monday, May 23, 2016

After a long wait while bureaucrats worked out the details of new EU data protection law, the European General Data Protection Regulation (GDPR) is here – or at least, it will be in two years. In the wake of Safe Harbour and Privacy Shield, the latest data sharing agreement between the EU and the United States, the GDPR affects all businesses processing personal data, but how?

Views on Global Surveillance Laws From Lothar Determann of Baker & McKenzie

George Lynch, Bloomberg BNA,  Monday, May 23, 2016

The proliferation of surveillance laws around the world have placed multinational companies between the demands of privacy-conscious consumers and increasing data access requests from governments, leaving them to figure out how to comply. Bloomberg BNA Privacy & Data Security News Senior Legal Editor George R. Lynch posed a series of questions to Lothar Determann, a partner in the Global Privacy & Information Management Working Group at Baker & McKenzie LLP in Palo Alto, Calif. on global surveillance laws and how multinational companies should navigate the maze.

Future of Privacy Forum and ConnectSafely Release Educator’s Guide to Student Data Privacy

Melanie Bates, Future of Privacy Forum,  Monday, May 23, 2016

Today, the Future of Privacy Forum (FPF) and ConnectSafely are releasing the Educator’s Guide to Student Data Privacy. Technology tools and applications are changing the way schools and teachers educate students across the country. New resources are making it easier for teachers and students to communicate in and outside of the classroom making learning a 24/7 activity. When schools use technology, a student’s personal information is often collected and shared for the purpose of furthering their education. The Educator’s Guide will help teachers utilize technology in the classroom responsibly and protect their students’ privacy, explaining among other things...

Shields Up!: Getting Ready for the Privacy Shield

Lewis Barr, Janrain,  Thursday, May 19, 2016

In the wake of last year’s European Court of Justice’s ruling invalidating the Safe Harbor framework, EU adoption of the Privacy Shield framework is still on schedule for June despite criticisms of the framework from both sides of the pond. This means if your organization intends to rely on the framework as a means of legitimizing personal data transferred from the EU to the US, there is no time like the present to take the necessary actions that will allow you to raise the shield soon after its adoption. If you need extra motivation to roll up your sleeves now, the framework gives organizations a nine-month grace period to bring third party contracts into compliance if they certify their adherence to the Privacy Shield Principles (“Principles”) within two months of their adoption.

Privacy shield rejection highlights need for proactive corporate privacy approach

Joanna Belbey, TechCrunch,  Wednesday, May 18, 2016

Though no revisions are imminent for the EU/US Privacy Shield, the rejection should signal to companies they must re-think privacy. Across industries ranging from banking and financial services to retail and e-commerce, competitive advantage and market share will be won and lost depending on an organization’s ability to exhibit how they protect customer data, as well as partner, employee and corporate information.

Google's extra-secure Allo chat uses familiar encryption tech

Jon Fingas, Engadget,  Wednesday, May 18, 2016

Does the extra-private messaging in Google's Allo seem familiar? Your eyes don't deceive you: You really have seen it before. Open Whisper Systems has confirmed that Allo uses its Signal protocol for end-to-end encryption when you're in Incognito Mode. Yes, that means that Google and Facebook-owned WhatsApp are sharing the same underlying security technology. Not that there's much reason to complain. The protocol is strong enough that privacy advocates like Edward Snowden approve, and its open source nature makes it relatively ubiquitous.

Amazon CEO Jeffrey Bezos: Debate between privacy and security is ‘issue of our age’

Hayley Tsukayama, Washington Post,  Wednesday, May 18, 2016

Amazon chief executive Jeffrey Bezos said Wednesday his company is wholly aligned with Apple in its fight against government investigators who asked Apple to break its own encryption programs so they could gain access the iPhone used by one of the San Bernardino, Calif., terrorists. Bezos said his company is also embracing that kind of technology that would make it difficult for government officials to gain access to any personal information on its devices — even when those authorities have a warrant. Such measures prevent device-makers from accessing their own customers' data. Amazon's most popular devices include its Kindle readers and tablets, as well as the voice-controlled speaker called the Echo. The conflict between privacy and national security is an "issue of our age" that requires greater debate, he said.

Lack of Trust in Internet Privacy and Security May Deter Economic and Other Online Activities

Rafi Goldberg, NTIA,  Tuesday, May 17, 2016

NTIA’s analysis of recent data shows that Americans are increasingly concerned about online security and privacy at a time when data breaches, cybersecurity incidents, and controversies over the privacy of online services have become more prominent. These concerns are prompting some Americans to limit their online activity, according to data collected for NTIA in July 2015 by the U.S. Census Bureau. This survey included several privacy and security questions, which were asked of more than 41,000 households that reported having at least one Internet user.

EU’s data privacy regulations put the pressure on IT

Cindy Waxer, Computerworld,  Monday, May 16, 2016

European Union authorities are requiring companies that handle EU citizens' data to comply with some of the strictest data privacy regulations in the world -- or pay a steep price.