Cerys Wyn Davies, Out-Law.com, Monday, July 25, 2016
US businesses intending to sign up to the new EU-US Privacy Shield within the first two months of it becoming operational can do so without first having to update arrangements for sharing data with others. However, they will only have a limited time in which to put new contracts in place.
The Chertoff Group
Monday, July 25, 2016
Sadly, however, today threats to the free flow of information across the globe come, not only from authoritarian countries but, also, from misguided actions of Western nations that ought to know better. The latest example of this unfortunate trend is the U.S. government's effort to force Microsoft to provide it with data that Microsoft stored in a data center in Ireland. In December 2013, Microsoft received a warrant from a magistrate in the Southern District of New York directing the company to turn over content and non-content information relating to a user associated with the company's Dublin, Ireland data center. Microsoft produced the non-content material associated with the user stored on its U.S. servers, but objected to the order for content data stored in Ireland. The government's view was that the U.S. government can compel the company, a U.S. based cloud provider, to disclose a user's content data stored outside the United States. Happily, that argument has not carried the day. The United States Court of Appeals for the Second Circuit recently issued a decision rejecting the government's request and allowing Microsoft to refuse to produce the data.
Law Office of Bradley S. Shear
Friday, July 22, 2016
The unanimous 3-0 ruling is a victory for not only personal privacy rights but also for the theory that people’s rights in the physical world should be extended to the digital world. This decision will have a tremendous impact on international technology service providers, social media platforms, apps, law enforcement, and individual users of mobile and cloud-based services.
Planet Biometrics, Thursday, July 21, 2016
Law enforcement officials have commended plans to install face recognition on body-worn police cameras that could directly check against warrant records in the cloud.
Mark Gibbs, Network World, Thursday, July 21, 2016
A new survey by the Ponemon Institute finds that enterprise-wide encryption strategies are accelerating but there are risks to consider.
Justin Antonipillai and Ted Dean, Wednesday, July 20, 2016
Privacy Shield, as you may know, will guide how US and EU companies will protect the privacy of personal data of EU individuals that gets transmitted to our nation, and speed digital commerce across the Atlantic. Commerce has the lead on the US side to carry out the framework, working with other US agencies and our EU counterparts. For more details, see the Privacy Shield materials – Secretary Pritzker’s remarks, fact sheet and FAQs, and a guide for companies to sign up – posted July 12 on Commerce.gov. Also see our testimony to the European Commission on March 17, and my (Justin) speech to the TRUSTe Privacy Risk conference on June 8 in San Francisco.
David Chernicoff, Datacenter Dynamics, Wednesday, July 20, 2016
By the end of 2016, as part of the DCOI, there will be a freeze on new data centers or significant data center expansions without direct approval of the Office of Management and Budget’s Office of the CIO (OFCIO). Agencies will be required to use the following guidelines, in the order listed below, as part of their consolidation efforts...
Tuesday, July 19, 2016
To the surprise of many, Microsoft has just won a historic court case defeating efforts by the U.S. government to seize private data held by the firm’s customers overseas. According to a U.S. Appeals Court ruling, Federal prosecutors cannot use search warrants to grab the content of email messages from data centers located outside the United States, even when these facilities are owned and operated by a U.S. cloud provider such as Microsoft.
Many Americans may not understand why this decision is relevant to their daily lives: The federal government asserted tech companies own individuals’ personal information such as emails and photographs, and not the individuals themselves. This would give your personal information less privacy protection than the family notes you place in your dresser drawer at home. Multiple branches of government have important responsibilities in remedying this problem. The Court of Appeals has acted. Now, it’s time for Congress to modernize an outdated law.
Rochelle Eichner, Microsoft Azure Government Blog, Tuesday, July 19, 2016
The Criminal Justice Information Services Division (CJIS) Implementation Guidelines is designed to provide insight into the CJIS security controls applicable to Microsoft Cloud services, and provide guidance to law enforcement agencies on where to access detailed information to assist in CJIS audits. This document provides guidelines and resources to assist CJIS Systems Agencies (CSA) and law enforcement agencies (LEA) in implementing and utilizing Microsoft Government Cloud features. The CJIS Implementation Guidelines are applicable for Azure Government, Office 365 Government and Dynamics CRM Online Government.