Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.
Government-as-a-Platform – Former White House CIO argues the case for sharing data with private sector
Derek du Preez, diginomica, Friday, May 22, 2015
Government-as-a-Platform is at the forefront of the public sector’s agenda. Just a year ago and barely anyone had even heard of the term, but it seems that you can’t go to an event today without it being the topic of a lot of conversations. Which is a good thing, considering that there are very few (if any) examples of living, breathing, all-encompassing government platforms.
The Chertoff Group (White Paper), Friday, May 22, 2015
The transition to a global Internet economy has been accompanied by a significant change in the nature of law enforcement activity. Evidence that formerly was available within the boundaries of a single jurisdiction and could be collected through the operation of domestic law now is often collected, stored, and processed globally by transnational companies. As a result significant potential exists for the disruption of law enforcement activities because those who hold relevant evidence may be subject to conflicting legal obligations, unilateral actions by a single jurisdiction, and significant economic pressures. This white paper outlines the scope of the problem, surveys existing technical, legal, and policy conflicts and identifies potential responses to the changing dynamic.
Law Office of Bradley S. Shear
Thursday, May 21, 2015
While many think of state and local governments as just repositories of public records, they also store massive amounts of highly sensitive personal information, including tax returns, family services files, student records and health data. And as state and local governments move more data to the cloud, privacy concerns become paramount. It is imperative governments establish robust privacy standards for cloud storage to prevent the misuse of personal data. Moving forward, governments should require their vendors to follow the recently adopted International Standards Organization (ISO) 27018 cloud privacy guidelines. These standards foster transparency while increasing security and data privacy. Without adherence to ISO 27018, government entities — such as public schools, which collect, process, and archive tremendous amounts of student data — could have their data used for non-educational purposes.
Cunningham Levy LLP
Wednesday, May 20, 2015
A strange — and strangely unnoticed — trend is emerging in the evolving global response to massive 2013 leaks about US surveillance activities. While our European cousins talk privacy reform, the United States is actually moving ahead with it, albeit more slowly than many would like. As the American side of the Atlantic inches toward self-restraint, many European governments are seeking sweeping new spying powers. Europe is at risk of falling behind the US in privacy reform.
Civil Rights, Privacy, and Media Rights Groups Release Principles for Law Enforcement Body Worn Cameras
The Leadership Conference on Civil and Human Rights, Friday, May 15, 2015
Today, a broad coalition of civil rights, privacy, and media rights organizations released shared civil rights principles for the use of body worn cameras by law enforcement. As body worn cameras come into greater use by law enforcement across the country, the signers are urging police departments to follow certain principles to ensure that the cameras are a tool of public accountability and transparency. Video footage that documents law enforcement interactions with the public — whether gathered through body worn cameras or citizen video of police activities — can have a valuable role to play in the present and future of policing. At the same time, the arrival of new video equipment does not guarantee that a police agency will better protect the civil rights of the community it serves.
Cory Bennett, The Hill, Thursday, May 14, 2015
Sens. Orrin Hatch (R-Utah) and Ed Markey (D-Mass.) reintroduced a bill on Wednesday to restrict education companies from selling or using student data to target ads. The measure would also require private companies to meet certain data security requirements when handling student information.
Sam Schechner, WSJ Digits, Wednesday, May 13, 2015
The squabbling over Europe’s right to be forgotten may have scarcely begun. One year after the European Union’s top court ruled that people could ask Google and other search engines to remove links in search results for their name, the Calif.-based search giant has set up a detailed process to comply, removing hundreds of thousands of links. But a bigger fight is continuing to simmer over how broadly the new European right should apply—one that could end up back in court.
Friday, May 08, 2015
The U.S. Court of Appeals for the 2nd Circuit just issued a 97-page ruling limiting the NSA's power to sweep up data about people's phone calls. The court held that the USA Patriot Act Section 215 doesn't authorize the kind of sweeping collection of phone call metadata that the NSA has been engaging in.
Eric Peters, The American Spectator, Thursday, May 07, 2015
The LEADS act would bring Fourth Amendment protections to our private email. Who gets to read your mail? Under what conditions? In the pre-Internet days, these questions were answered easily. Defined, legally. Private correspondence was just that — private, between the letter writer and the intended recipient. Absent a court order — based on probable cause — no else was legally entitled to have a look.
Thursday, May 07, 2015
Contrary to common belief, the problem is not security. Consumer tech and cloud data centers are no more vulnerable to hackers and accidental breaches than traditional enterprise IT shops. On the contrary, greater scale and scope of cloud operations require resources to deploy the best security expertise and tools available. This attribute will arguably make the cloud a safer platform for enterprises to secure their most valuable information than in-house facilities.