Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.
Viet Dinh and Jeffrey Harris, Bancroft PLLC, Wednesday, July 29, 2015
Bancroft has published a white paper entitled “Toward A Modern Statutory Framework For Law Enforcement Access To Electronic Communications.” The paper identifies several deficiencies in the current statutory framework governing when law enforcement officials can access consumers’ electronic communications. As the authors explain, the current statutory framework is more than 30 years old and has failed to keep pace with developments in commerce and technology. The authors then analyze the relative merits of several recent legislative proposals that are intended to address these issues (the LEADS Act and Email Privacy Act), and offer suggestions about how to further improve this legislation.
Caron Beesley, B2C, Tuesday, July 28, 2015
The feds aren’t the only government targets vulnerable to attack, state and local agencies are also stewards and defenders of a large amount of financial, healthcare, and other personally identifiable information (PII). And while some agencies have made major investments and taken big strides in securing their systems, NASCIO reports that a whopping 76% of state CISOs feel that their budgets remain insufficient to tackle the increasingly sophisticated cyber threats that business and governments are routinely facing.
Sarah Perez, Tech Crunch, Tuesday, July 28, 2015
Google has announced a change to its user consent policy which will affect website publishers using Google products and services, including Google AdSense, DoubleClick for Publishers and DoubleClick Ad Exchange, as well as whose sites or apps have visitors arriving from the European Union. Under the new policy, publishers will have to obtain EU end users’ consent before storing or accessing their data, says Google.
Natalia Drozdiak, Wall Street Journal, Tuesday, July 28, 2015
Europe’s data-protection watchdog is advising European Union lawmakers to slap strict fines on businesses violating new data-privacy rules that will tighten guidelines on how companies — including U.S. firms operating in Europe — manage their customers’ data. The European Parliament, representatives of the national governments and the European Commission — the bloc’s executive body — are trying to hammer out the final version of the law by year-end in so-called trilogue negotiations.
Noah Shachtman, The Daily Beast, Monday, July 27, 2015
The head of the FBI has spent the last several months in something of a panic, warning anyone who will listen that terrorists are “going dark”—using encrypted communications to hide from the FBI—and insisting that the bureau needs some kind of electronic back door to get access to those chats. It’s an argument that civil libertarians and technology industry executives have largely rejected. And now, members of the national security establishment—veterans of both the Obama and Bush administrations—are beginning to speak out publicly against FBI Director Jim Comey’s call to give the government a skeleton key to your private talks. “I hope Comey’s right, and there’s a deus ex machina that comes on stage in the fifth act and makes the problem go away,” retired General Michael Hayden, the former head of the CIA and the NSA, told The Daily Beast. “If there isn’t, I think I come down on the side of industry. The downsides of a front or back door outweigh the very real public safety concerns.”
Peter Ferrara, TownHall.com, Thursday, July 23, 2015
And in the struggle between security and privacy, there can be no security without privacy. But what good is privacy without security? In 1986, when electronic and digital information was in its infancy, Congress passed the Electronic Communications Privacy Act (“ECPA”) to extend the age old protections of the Fourth Amendment to the newly emerging technology. But today the technology has exploded to create vast, unforeseeable, transnational realms of data communication and storage.
Andrew Jones, Venture Beat, Wednesday, July 15, 2015
Consumers want more personalized messages … but also increased data privacy. Those seemingly paradoxical findings come from Gigya’s 2015 State of Consumer Privacy & Personalization report, published today. The two trends are not new, yet continue to be at odds with one another: Personalization requires customer insight, while increased data privacy would seek to limit the availability and accessibility of customer data. The new research from Gigya, a customer identity management provider, found that 96 percent of American consumers are concerned about data privacy. Yet the study also found that consumers are frustrated with non-relevant messages, causing them to unsubscribe from emails, stop visiting the companies’ websites, and even stop buying from (or even advocate against) the companies.
Frances McLeod, Corporate Counsel, Wednesday, July 08, 2015
As Europe edges toward new data-privacy legislation, tech companies like Google and Facebook won’t be the only corporate entities that will have to exercise greater care in handling data. The Data Protection Regulation that the European Commission, European Parliament and Council of the European Union are currently working toward finalizing by the end of this year will introduce a plethora of issues that will affect how corporations, as well as their risk management advisors and data analysts, use data. And executives at multinationals doing business in E.U. countries or employing citizens from those countries will no longer be able to skirt rigorous policies and procedures around data privacy and protection.
Michael Brown, MSP Mentor, Wednesday, July 08, 2015
One critical component of building trust is transparency. Merely claiming your services are secure and reliable isn’t enough. Transparency gives customers information about not just what you can promise, but also how you’re going to fulfill that promise. How can you achieve transparency? How can you tailor your cloud approach to build trust? Proactively answer some questions about your services. When it comes to data, security, and availability, you should be ready to answer such questions as...
Grant Gross, IDG News Service, Tuesday, July 07, 2015
Google’s refusal to implement the EU’s controversial right to be forgotten rules in the U.S. amounts to an unfair and deceptive business practice, a frequent critic of the search engine giant said. Consumer Watchdog will file a complaint against Google with the U.S. Federal Trade Commission Tuesday, said John Simpson, director of the group’s Privacy Project. The complaint will ask the FTC to rule that Google, by declining to delete search engine links on request from U.S. residents, is an unfair business practice that violates the U.S. FTC Act.