Marty Loughlin, Datanami, Monday, June 27, 2016
Implementing the uniform policies and practices of governance with semantic technologies ingrains them within business functions and supporting IT systems at such a granular level that well governed, trustworthy data becomes an implicit by-product of simply using data.
David Meyer, Fortune, Saturday, June 25, 2016
The officials said the Commission had agreed on “additional clarifications” with the U.S. on American mass surveillance powers, the role of the “ombudsperson” who will adjudicate complaints from EU citizens about their data being abused, and the transfer of EU citizens’ data to other companies.
Julia Fioretti, Reuters, Friday, June 24, 2016
The European Union and the United States have agreed changes to a data transfer pact that is key to transatlantic business, including stricter rules for companies holding information on Europeans and clearer limits on U.S. surveillance. The revised EU-U.S. Privacy Shield was sent for review by European member states overnight. They are expected to hold a vote in early July, several EU sources said, at which point it will enter into force.
Mary Jo Foley, ZD Net, Thursday, June 23, 2016
Within minutes of each other on June 23, Microsoft and Amazon both announced they've gotten FedRAMP's highest authorization for their respective government cloud offerings. Both the Azure Government cloud and Amazon's AWS GovCloud were among the cloud offerings that received a Provisional Authority to Operate (P-ATO) from the authorization board under the Federal Risk and Authorization Management Program (FedRAMP) High baseline. This is the highest level for FedRAMP accreditation, and means those clouds have met the U.S. government's most rigorous security requirements.
Scott Charney, Microsoft on the Issues, Thursday, June 23, 2016
Today, I am pleased to share a new white paper about cybersecurity norms for nation-states and the global information and communications technology (ICT) industry, “From Articulation to Implementation: Enabling Progress on Cybersecurity Norms.” This publication is a reflection of our ongoing efforts to advance trust in the global ICT ecosystem through development of “rules of the road” for nation-states engaged in cyber operations, as well as industry actors impacted by these activities. Our goal is to contribute to the development of frameworks and practices that protect people and companies from the effects of state-sponsored cyber operations.
Frederic Lardinois, TechCrunch, Wednesday, June 22, 2016
Microsoft today announced a new project that aims to help enterprises protect their data as it moves between servers and devices. The new Azure Information Protection service builds on the Azure Rights Management service and the company’s recent acquisition of Israeli security firm Secure Islands. The new service will go into public preview in the next month. “Organizations must protect their data at the source in a world where information travels beyond the boundary of the corporate network and potentially across many devices outside of company control,” Microsoft explains in today’s announcement. “These realities make it more critical than ever to have solutions that prevent data loss and track information at the file level regardless of where data resides or with whom it is shared.”
EPIC, Wednesday, June 22, 2016
Several states have recently enacted new student privacy laws. Colorado and Connecticut’s laws impose strict requirements on those who collect student data. Connecticut also requires that parents are notified each time a school district enters into a contract that involves student data. North Carolina enacted a student privacy law modeled after California's Student Online Personal Information Protection Act. The National Association of State Boards of Education reported that 38 states considered student privacy legislation in 2016. Ten of those states passed student privacy laws. EPIC has urged the enactment of a comprehensive student privacy bill of rights. EPIC's State Policy Project is monitoring privacy bills nationwide.
Ehren Halse, JD Supra, Wednesday, June 22, 2016
On June 6, 2016, during a speech at a Cybercrime Symposium co-organized by the Centers for Strategic and International Studies and the Department of Justice’s (“DOJ”) Computer Crime and Intellectual Property Section, Assistant Attorney General Leslie Caldwell continued to push for access by law enforcement to encrypted data. In her remarks, Caldwell highlighted that public policy makers – and not the private sector – should decide whether, and to what extent, law enforcement should have access to encrypted data that could be evidence in criminal investigations.
Amanda Ziadeh, GCN, Wednesday, June 22, 2016
Agencies are adopting a growing range of cloud solutions, but more-robust open standards would better support hybrid clouds and integrate cross-vendor workflows. “A lot of the discussion around infrastructure as a service needs to move in the direction of platform as a service and software as a service,” the International Trade Administration’s CIO Joe Paiva said at a recent MeriTalk government cloud event. “You need to make those platform as a services work together.”
Cunningham Levy LLP
Wednesday, June 22, 2016
Everyone agrees that the current international order for sharing evidence in criminal prosecutions is broken. This is at the heart of the litigation Microsoft is pursuing against the Department of Justice (DOJ) over data stored in Ireland, after a New York judge ordered Microsoft to retrieve and give the government the contents of communications of a customer. Microsoft, and the many companies and organizations supporting its position, asked the court to prohibit the DOJ from getting communications content from overseas via a U.S. warrant. The government’s alternative would be to use the antiquated and slow mutual legal assistance treaty (MLAT) process. While this case awaits a decision by the U.S. 2nd Circuit Court of Appeals in New York, all sides agree that, whatever the outcome of the decision, it will not begin to solve the larger — and critical — international data-sharing issues.