Privacy

Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.

Facebook Told by France to Stop Collecting Non-User Data

Stephanie Bodoni, Bloomberg Business,  Tuesday, February 09, 2016

Facebook Inc. was given three months by France’s privacy watchdog to stop storing data on people who don’t have an account with the social network as the company continues to draw objections from regulators throughout Europe. The operator of the world’s largest social network can track online users across all the sites they visit without obtaining clear consent, France’s data protection regulator, CNIL, said in a statement late Monday. “The seriousness of the failures” and the company’s more than 30 million Facebook users in France forced it to make the decision public, the regulator said.

Distrust of US surveillance threatens data deal

Katie Bo Williams, The Hill,  Monday, February 08, 2016

If the European working group is not satisfied with the assurances from the Commerce Department, the consequences could be dire. Businesses fear a chilling of transatlantic trade, valued at $1 trillion in 2014. The most likely outcome, experts say, would be a patchwork of country-to-country regulations that would make it extremely expensive for companies to comply.

Swords and shields

The Economist,  Friday, February 05, 2016

Perhaps even more important, the Privacy Shield may stop the slide towards the fragmentation of cyberspace along national lines. Since its inception, the internet has struggled to stay a borderless space for ideas and commerce. Countries such as China have established what they see as sovereignty over their computers and networks, protecting themselves from threats such as “information weapons” (also known as “news”). Others are itching to follow. If America and the EU, with their shared history, interests and values, could not reach agreement over safeguarding their citizens’ data, there would be little hope for anyone else.

Email privacy legislation moving forward in House

Mario Trujillo, The Hill,  Thursday, February 04, 2016

The House Judiciary Committee will vote next month on email privacy legislation that has failed to move despite widespread support in recent years. Committee Chairman Bob Goddlatte (R-Va.) on Wednesday said the legislation is necessary to update a 1986 law to explicitly require the government to obtain a warrant when it is seeking to access emails or other electronic communications. “It’s clear that the law needs to be modernized and updated to ensure it keeps pace with ever-changing technologies so that we protect Americans’ constitutional rights and provide law enforcement with the tools they need for criminal investigations in the digital age,” he said in a statement.

The massive new privacy deal between U.S. and Europe, explained

Andrea Peterson, The Washington Post,  Wednesday, February 03, 2016

The details are still emerging, but officials say the pact will include several assurances from the U.S. side...

Commission, Commerce announce new EU-US data transfer agreement

Jedidiah Bracy, The Privacy Advisor / IAPP,  Tuesday, February 02, 2016

Called the EU-U.S. Privacy Shield, the new agreement "will protect the fundamental rights of Europeans when their personal data is transferred to U.S. companies,” said Commissioner Věra Jourová. “For the first time ever, the United States has given the EU binding assurances that the access of public authorities for national security purposes will be subject to clear limitations, safeguards, and oversight mechanisms.”

Safe Harbor Out--Stronger US, Corporate Obligations In

Lisa Brownlee, Forbes,  Tuesday, February 02, 2016

A new European Commission-U.S. data transfers framework deal, called Privacy Shield, has been reached. This framework is intended to replace the invalidated Safe Harbor arrangement. Privacy Shield was announced and detailed in outline form today by the EC. Provisions as outlined reveal substantial new future U.S. compliance obligations, including for U.S. corporations.

How Europe is fighting to change tech companies' 'wrecking ball' ethics

Julia Powles and Carissa Véliz, The Guardian,  Monday, February 01, 2016

Facebook, Google, Amazon and other internet behemoths are involved in a form of technological innovation that is acting as a “wrecking ball”, the president of the European parliament declared in Brussels this week. “The aim is not just to play with the way society is organised, but instead to demolish the existing order and build something new in its place,” said Martin Schulz. “The internet lost its innocence long ago.”

How Europe Protects Your Online Data Differently Than the U.S.

Mark Scott and Natash Singer, New York Times,  Monday, February 01, 2016

Your digital footprint can quickly extend far and wide and be used in multiple ways. Your interactions on Facebook shape the ads you see there. The kinds of films and music you stream may allow online companies to make inferences about your political leanings or religious beliefs. And your health insurer may analyze details about your online shopping habits. How much control do you have over how companies collect and use your information? And what mechanisms are in place to protect your data against misuse?

The Morning Risk Report: Big Data Raises Growing Privacy Risk Concern

Stephen Dockery, Wall Street Journal,  Friday, January 29, 2016

Jay Cline, a data protection and privacy leader from PwC, said that “big data is the newest privacy risk … Privacy used to be a two-dimensional risk, but that’s all changing.” The PwC experts argued that “recognizing the importance of big data and privacy means having policies to handle the creation and capture of data from start to finish” and “it also means knowing when to stop.” “Current technologies might exceed the amount of data that’s appropriate to gather,” they said.