Privacy

Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.

Colorado student data privacy bill on its way to becoming law

Joey Bunch, The Denver Post,  Thursday, May 5, 2016

The prohibition includes assembling a profile through algorithms that could make a student personally identifiable, while still allowing companies to get the information they need to develop software that benefits education. "We applaud the leaders that worked to bring together all sides and develop a data privacy policy that aims to protect our students while ensuring the valuable data necessary to advance policy is not stifled," Gov. John Hickenlooper said.

Microsoft CEO Satya Nadella: Why the U.S. needs better laws to balance privacy and national security

Todd Bishop, GeekWire,  Wednesday, May 4, 2016

Microsoft CEO Satya Nadella is calling for the U.S. government to establish a better framework of laws to create a “new equilibrium” between the privacy of personal data and the need for national security.

On the importance of data privacy to cloud deals: Some benchmarks

Paula Barrett, IAPP Privacy Perspectives,  Tuesday, May 3, 2016

The report demonstrates that deals are in fact failing because of data privacy concerns, with both customers and suppliers choosing to walk away because of data-related concerns. Indeed amongst other notable statistics the top three reasons were data privacy and security related. Meanwhile, the commercial appetite for cloud surges and the regulatory position gets ever more complex. So this report provides some hard evidence to help customers and providers understand the importance these issues now carry and hopefully act accordingly to achieve successful conclusions.

With Microsoft’s trusted Cloud, startups and ISVs are building a safer, secure digital world

Sindu Mv, YourStory.com,  Monday, May 2, 2016

A trusted Cloud partner bridges the gap between innovation and security concerns. The right partner, technology, and processes, can help the most complex enterprise move to the Cloud with confidence. Against this backdrop, Microsoft brought together eminent security leaders for an exclusive event on April 20, to help organisations in India understand cyber risks based on industry standards and to remediate current security gaps. The summit reiterated Microsoft’s commitment to helping organisations deal with security challenges. Leaders including; Capt. Raghu Raman, President Risk, Security & New Ventures – Reliance Industries and former CEO of NATGRID; Burgess Cooper, Partner – Information & Cyber Security – E&Y, spoke extensively on cyber security. Kevin Turner set the tone of the summit with his keynote address, highlighting how we are a part of the fourth industrial revolution and how digital disruption is driving massive business disruption. He also emphasised how Microsoft is differentiating with security and privacy.

The Supreme Court May Have Just Derailed Europe Safe Harbor Agreement

Mark Sullivan, Fast Company,  Monday, May 2, 2016

The court made changes to the Federal Rules of Criminal Procedure that will allow U.S. law enforcement to remotely hack and search computers of unknown location, computers whose location has been obscured by digital means, and even computers of cybercrime victims. The European Union has been extremely sensitive to U.S. government cybersurveillance since Edward Snowden revealed massive government surveillance programs in 2013. On Thursday, the Supreme Court gave federal agencies far wider latitude to hack and search into computers around the world, and the decision could have a chilling effect on digital trade relations between the U.S. and Europe. The court made changes to the Federal Rules of Criminal Procedure that will allow U.S. law enforcement to remotely hack and search computers of unknown location, computers whose location has been obscured by digital means, and even computers of cybercrime victims. The European Union has been extremely sensitive to U.S. government cybersurveillance since Edward Snowden revealed massive government surveillance programs in 2013. The warrant rules changes Thursday could revive those fears, and endanger a painstakingly struck Safe Harbor agreement between the U.S. Commerce Department and the European Commission. The two sides agreed on a legal framework for a new Safe Harbor agreement February 2, but that framework still awaits final approval by the E.U.

EU Disdains U.S. Surveillance, but Seeks Easier Access

George Lynch, Bloomberg BNA,  Monday, May 2, 2016

The catchphrase “do as I say, not as I do,” seems appropriate to some for how the European Union approaches government surveillance of personal data in the U.S. versus the EU. In response to terrorism and refugee concerns, some EU member states have been passing laws to give their law enforcement and national security officials easier access to personal data. At the same time some EU officials continue to voice objections to U.S. efforts to do the same. Throughout it all, companies have begun to worry that these new EU surveillance laws might affect data sharing within Europe and their ability to maintain the trust of privacy-minded customers, attorneys and analysts told Bloomberg BNA.

Microsoft & Google alleviate cloud fears with data privacy and security certifications

James Nunns, CBR,  Friday, April 29, 2016

Security continues to be a hot topic for public cloud vendors as concerns around meeting regulatory demands, and securing data against breaches remain a core consideration around whether or not to move to the cloud. As vendors such as Microsoft create more cloud-based services it is necessary for them to prove the security of them. Both Microsoft and Google have received boosts in this area by achieving certifications for security and privacy standards. Microsoft for starters, has revealed that its Azure ML service for predictive analytics with machine learning has achieved the standard ISO 27001 and the EU Model Clauses, as well as others.

Email privacy bill passes Congress with flying colors

Mariella Moon, Engadget,  Wednesday, April 27, 2016

The US House of Representatives has unanimously passed the Email Privacy Act, which updates the 1986 Electronic Communications Privacy Act (ECPA). Under ECPA, authorities are allowed to request for old emails with only a subpoena instead of a warrant. The new bill's advocates argue that ECPA is incredibly outdated at this point in time and the subpoena loophole should be closed.

Secretly Searching The Cloud

Larry Elkin, Palisades Hudson,  Wednesday, April 27, 2016

...the government wants to make data providers its agents in gathering intelligence and cloaking its activities. It attacks companies like Microsoft and Apple for having business motives for imposing encryption and resisting sweeping demands for data and secrecy – as though the business motive of protecting customers’ privacy is somehow suspect.

Privacy and the digital economy are at odds

Livemint,  Tuesday, April 26, 2016

Allowing tech companies to continue innovating and creating this public good while protecting user rights will not be easy. And it will be complicated further by multiple factors: shifting perceptions of digital privacy with millions of users showing little concern about signing their data over as long as they get a good deal for it; sovereignty and security concerns about US government access to the data that has elevated data flows to the realm of diplomacy and brought about deals like the US-EU Privacy Shield agreement.