Privacy

Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.

A Breakthrough in Trans-Atlantic Data Flow and Privacy

Justin Antonipillai and Ted Dean,  Wednesday, July 20, 2016

Privacy Shield, as you may know, will guide how US and EU companies will protect the privacy of personal data of EU individuals that gets transmitted to our nation, and speed digital commerce across the Atlantic. Commerce has the lead on the US side to carry out the framework, working with other US agencies and our EU counterparts. For more details, see the Privacy Shield materials – Secretary Pritzker’s remarks, fact sheet and FAQs, and a guide for companies to sign up – posted July 12 on Commerce.gov. Also see our testimony to the European Commission on March 17, and my (Justin) speech to the TRUSTe Privacy Risk conference on June 8 in San Francisco.

Microsoft wins a signal court victory for cloud privacy against the U.S. government

Jeff Gould by Jeff Gould, SafeGov.org
Tuesday, July 19, 2016

To the surprise of many, Microsoft has just won a historic court case defeating efforts by the U.S. government to seize private data held by the firm’s customers overseas. According to a U.S. Appeals Court ruling, Federal prosecutors cannot use search warrants to grab the content of email messages from data centers located outside the United States, even when these facilities are owned and operated by a U.S. cloud provider such as Microsoft.

It's Time to Update the 30-Year-Old Electronic Communications Privacy Act

Julie AndersonKaren Evans by Julie Anderson, AG Strategy Group
Karen Evans, KE&T Partners
Tuesday, July 19, 2016

Many Americans may not understand why this decision is relevant to their daily lives: The federal government asserted tech companies own individuals’ personal information such as emails and photographs, and not the individuals themselves. This would give your personal information less privacy protection than the family notes you place in your dresser drawer at home. Multiple branches of government have important responsibilities in remedying this problem. The Court of Appeals has acted. Now, it’s time for Congress to modernize an outdated law.

A Key Win by Microsoft

Tracy Mitrano by Tracy Mitrano, Mitrano & Associates
Sunday, July 17, 2016

Mark the Second Circuit decision in the Microsoft case as a turning point. The win for Microsoft is a victory for U.S. innovation, manufacturing and Internet companies, privacy advocates, and legal due process. The Court held that the Electronic Communications Privacy Act (“ECPA,” and specifically in this case, Title II, Stored Communications) does not extend beyond the United States and its territories. Its reasoning does yet more.

Microsoft Just Won a Big Victory Against Government Surveillance -- Why It Matters

Daniel J. Solove by Daniel Solove, TeachPrivacy
Friday, July 15, 2016

Yesterday, Microsoft won a huge case against government surveillance, a case with very important implications: In the Matter of a Warrant to Search a Certain E‐Mail Account Controlled and Maintained by Microsoft Corporation. Why does it matter how the government seeks to obtain data stored abroad? It matters because the US government was seeking to use to obtain data stored in Ireland in a way that would violate Irish law. Had the government used the MLAT process, the government would have had to seek the information by going to a judge in Ireland. Although the MLAT process is clunkier and more difficult than just using ECPA, following the MLAT process is important to avoid at least three very troubling consequences.

Privacy Shield Marks a Promising Step Forward – Not the End of the Road – on Privacy posted by Chris Hopfensperger in Privacy

Chris Hopfensperger, BSA TechPost,  Thursday, July 14, 2016

Looking ahead, though, much more remains to be done. As a start, international policymakers need to create a durable framework to govern the new age of data-related investigations, and Members of Congress must continue to rebuild trust among technology users by improving the US privacy regime.

Privacy Shield Moves Forward, Company Certifications to Begin August 1

Martin Braun, Reed Freeman Barry Hurewitz, Benjamin Powell and Heather Zachary, Mondaq,  Wednesday, July 13, 2016

The European Commission formally adopted the EU-US Privacy Shield on Tuesday, ending months of legal uncertainty with a new framework for governing transatlantic data transfers after the Privacy Safe Harbor framework was invalidated in 2015. According to the Commission, Privacy Shield shifts from being a system based on self-regulation to "an oversight system that is more responsive as well as proactive" via stronger efforts by the US Department of Commerce, the US Federal Trade Commission and European Data Protection Authorities. The US Department of Commerce is now encouraging companies to review the framework, and it will begin accepting voluntary certifications beginning on August 1.

EU Heralds Privacy Shield as Trans-Atlantic Pact Takes Effect

Stephanie Bodoni, Bloomberg,  Tuesday, July 12, 2016

“The EU-U.S. Privacy Shield is a robust new system to protect the personal data of Europeans and ensure legal certainty for businesses,” EU Justice Commissioner Vera Jourova said in a statement on Tuesday, the first day of the new pact. “It brings stronger data protection standards that are better enforced, safeguards on government access, and easier redress for individuals in case of complaints.”

EU-U.S. Privacy Shield: Progress for privacy rights

John Frank, Microsoft EU Policy Blog,  Monday, July 11, 2016

We at Microsoft welcome the new EU-U.S. Privacy Shield decision, which the European Commission is expected to announce on 12 July. It sets a new high standard for the protection of Europeans’ personal data. Microsoft regards privacy as a fundamental right and we believe the Privacy Shield advances this right. This is an important achievement for the privacy rights of citizens across Europe, and for companies across all industries that rely on international data flows to run their businesses and serve their customers. The successful and rigorous negotiations also demonstrate progress between Europe and the United States on a vital issue for transatlantic coordination. While we rely on different legal frameworks, we share the same privacy values on both sides of the Atlantic.

People don’t use technology they don’t trust

Koh Buck Song, Microsoft Asia Pacific News Center,  Friday, July 8, 2016

In the Asia Vision Series features we dive into key industry trends and issues with our subject matter experts and visionaries the region. In part 1 of 3 of this interview, Koh Buck Song, author and editor of more than twenty books and former political supervisor for Singapore broadsheet The Straits Times, speaks with Jeff Bullwinkel, associate general counsel and director of Corporate, External and Legal Affairs (CELA), Microsoft Asia Pacific & Japan. Bullwinkel is a former federal prosecutor with the US Department of Justice, as well as Microsoft’s most senior legal counsel in Asia. He shares the reasons behind his passion for law and driving policies around trust in technology.