Jonathan Brandon, Business Cloud News, Thursday, November 20, 2014
The USA Freedom Act, which was proposed in a bid to end mass surveillance and give more transparency and oversight to how digital communications are monitored by the US intelligence community, died on the floor of the US Senate this week, falling just two votes shy of the 60 votes it needed to pass. Some analysts believe the result will stoke further debate around Safe Harbour and other data sharing agreements with the US.
Matt Reilly, The Hill, Thursday, November 20, 2014
Google is the king of online search, mobile, and mapping. It runs nearly 80 percent of all searches in the U.S., and its share of search advertising is even higher. Google’s Android runs 85 prercent of all smartphones shipped worldwide today, and the vast majority of smartphones, whether Android-powered or not, run Google Maps and Google’s location-based services as a default. And importantly, it controls the vast amount of consumer data that is produced by those services. FairSearch.org has released a revealing new report that cracks the code of Google’s abuse, titled The Google Playbook. It explains how the Internet behemoth has entrenched its dominance and abused its role as de facto gatekeeper of the Internet ecosystem.
Angelique Carson, IAPP, Wednesday, November 19, 2014
The two women on stage in Brussels this morning at the IAPP Data Protection Congress seemed to agree more than disagree about what’s essential to both the U.S. and EU. The U.S. Federal Trade Commission’s (FTC's) Julie Brill and Article 29 Working Party Chairwoman Isabelle Falque-Pierrotin, who also chairs France’s data protection authority, the CNIL, politely agreed they’re both concerned about the potential risks involved in big data, that the Internet of Things could mean individuals lose rights to their own data and that the right to be forgotten, while great in concept, has some kinks to work out. But the relatively benign chat took a bit of a left turn in the end when the elephant in the room finally stomped its feet: What about Safe Harbor?
Marty Heinrich, Federal Times, Tuesday, November 18, 2014
Chief concerns over cloud storage include vulnerability to hacking and theft, privacy and ownership of information that resides outside of agency firewalls, lack of portability standards, weak records management capability, and insufficient due diligence before migration. The following are recommendations for creating policies to minimize risk surrounding the management of information stored in cloud environments ...
Ajay Patel, SmartData Collective, Monday, November 17, 2014
Sovereignty isn’t usually the first word that comes to mind when thinking about data. With all the recent data fiascos, privacy is what’s at the forefront of most consumers’ minds. But data sovereignty relates to data privacy, and businesses need to understand this concept when choosing where they store their digital information. Unfortunately, the laws and regulations protecting digital information can be extremely complex. They are dependent on different governments and jurisdictions, and data stored in certain countries may or may not be subject to subpoena by another country’s government (or even the host country’s government).
Henry Kenyon, InformationWeek Government, Monday, November 17, 2014
The Department of Defense is getting ready to deploy a new cloud computing policy that allows the armed services more say in selecting service providers. Besides allowing commercial vendors to support DoD operations, the move also allows the military to be more efficient in adopting mobile devices and other related technologies, said the department's acting chief information officer.
Peter Swire, Just Security, Monday, November 17, 2014
In response to Apple and Google’s announcements that they would encrypt their smartphones by default, former FBI General Counsel Andrew Weissmann recently argued in Just Security that “Congress needs to assess whether the growing inability to access such means of communication, with a court order, is coming at too great a cost.” He emphasized “the vital role lawful electronic interception plays in thwarting crime – including devastating terrorist attacks.” My previous writings show a series of arguments against federal agencies’ claims that they need backdoors because new crypto and other technologies means they are “going dark.”
Chris Strohm, Bloomberg, Friday, November 14, 2014
Trade groups representing Facebook Inc, Microsoft Corp. and Apple Inc. are pushing the Senate to pass legislation limiting National Security Agency spying before the Republican majority takes control of the chamber. A coalition of Internet and technology companies, which also include Google Inc. and Twitter Inc., support a bill the Senate plans to vote on Nov. 18 to prohibit the NSA from bulk collection of their subscribers’ e-mails and other electronic communications. Many of the companies opposed a Republican-backed bill the House passed in May, saying a “loophole” would allow bulk collection of Internet user data.
Stephanie Kanowitz, GCN, Friday, November 14, 2014
The Boston Marathon bombings of 2013 and the Ferguson, Mo., police shooting case have made clear the important role of video in law enforcement. What’s muddier, however, is how police departments can store exponentially growing terabytes of data and how they can do so according to federal security policies. A new partnership between Microsoft and VIEVU, a body-wearable camera maker, aims to solve that problem. Now, at the end of their shifts, officers remove their cameras and transfer the video they took wirelessly or via a direct connection to VIEVU’s Veripatrol software. Veripatrol sends the information to Microsoft’s soon-to-be-released Azure Government Cloud, where it is stored in compliance with policy approved by the FBI’s Criminal Justice Information Services (CJIS) Division.
William Jackson, GCN, Friday, November 14, 2014
“Security controls need to be reexamined in the context of cloud architecture, scale, reliance on networking, outsourcing and shared resources,” the authors write. “For example, multi-tenancy is an inherent cloud characteristic that intuitively raises concern that one consumer may impact the operations or access data of other tenants running on the same cloud.” NIST says recommended priority action plans for cloud security are: •Continue to identify cloud consumer priority security requirements, on at least a quarterly basis. •Periodically identify and assess the extent to which risk can be mitigated through existing and emerging security controls and guidance. Identify gaps and modify existing controls and monitoring capabilities. •Develop neutral cloud security profiles, technical security attributes and test criteria. •Define an international standards-based conformity assessment system approach.