As NSA reform dies, questions about Safe Harbour reform loom

Jonathan Brandon, Business Cloud News,  Thursday, November 20, 2014

The USA Freedom Act, which was proposed in a bid to end mass surveillance and give more transparency and oversight to how digital communications are monitored by the US intelligence community, died on the floor of the US Senate this week, falling just two votes shy of the 60 votes it needed to pass. Some analysts believe the result will stoke further debate around Safe Harbour and other data sharing agreements with the US.

Article 29 Chair To FTC's Brill: DPAs Want Answers on Safe Harbor

Angelique Carson, IAPP,  Wednesday, November 19, 2014

The two women on stage in Brussels this morning at the IAPP Data Protection Congress seemed to agree more than disagree about what’s essential to both the U.S. and EU. The U.S. Federal Trade Commission’s (FTC's) Julie Brill and Article 29 Working Party Chairwoman Isabelle Falque-Pierrotin, who also chairs France’s data protection authority, the CNIL, politely agreed they’re both concerned about the potential risks involved in big data, that the Internet of Things could mean individuals lose rights to their own data and that the right to be forgotten, while great in concept, has some kinks to work out. But the relatively benign chat took a bit of a left turn in the end when the elephant in the room finally stomped its feet: What about Safe Harbor?

EU mulls conferring binding powers on body of data privacy regulators

Julia Fioretti, Reuters,  Friday, November 14, 2014

A new body of European data protection authorities could have the power to adopt legally binding decisions in cross-border disputes over a company's misuse of personal data, according to a draft document seen by Reuters. Under a mechanism originally proposed in reforms of Europe's data protection laws, businesses operating across the 28-nation European Union would have to deal only with the data protection authority in the country where they are headquartered - even if alleged mishandling of data affects citizens in another country. A new proposal by Italy, which holds the rotating European presidency, gives all concerned authorities the chance to intervene in all stages of the decision-making process.

Police forces use private cloud to access Holmes database

Cliff Saran, Computer Weekly,  Friday, November 07, 2014

At least £2.5m savings could be made when 43 UK police forces start using a private cloud service supplied by Unisys to access the Home Office Large Major Enquiry System (Holmes). Unisys has been operating Holmes for the last 13 years. "This is the first time the system will be provided through a UK private cloud," said Forbes Gallagher, account director for police and criminal justice at Unisys.

UK government joins forces with insurers on cyber security

Warwick Ashford, Computer Weekly,  Thursday, November 06, 2014

The UK government has joined forces with the insurance industry to improve how UK businesses manage cyber security risk. The initiative builds on the government’s 10 Steps to Cyber Security guidance on managing cyber risk; and the Cyber Essentials Scheme to ensure basic cyber hygiene as part of the UK Cyber Security Strategy. The government believes working with the insurance industry to develop a comprehensive cyber security insurance model is the next step to encouraging private-sector firms to manage cyber risk.

GCHQ spy centre chief wants social media giants to 'tackle terrorists'

Antony Savvas, Computerworld UK,  Tuesday, November 04, 2014

The new head of UK "listening centre" GCHQ has called on social media companies like Facebook, Twitter and Google to co-operate more with the authorities to block terrorists using their networks. After the Snowden spying scandal US technology companies like Apple, Facebook, and Google said they were seeking to protect users' data and privacy with stronger encryption methods. But GCHQ's new head, Robert Hannigan, wants tech company co-operation in tackling organisations like Isis in Iraq and Syria from benefitting from their communications networks.

Biggest ever cyber security exercise in Europe today

European Commission,  Thursday, October 30, 2014

More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA). In Cyber Europe 2014 experts from the public and private sectors including cyber security agencies, national Computer Emergency Response Teams, ministries, telecoms companies, energy companies, financial institutions and internet service providers are testing their procedures and capabilities against in a life-like, large-scale cyber-security scenario.

Most cloud apps flout EU data protection rules – study

John Leyden, The Register,  Tuesday, October 21, 2014

Three in four cloud services do not conform to the current EU Data Protection Directive, according to a new study. Enterprise cloud visibility firm Skyhigh Networks found that nearly three-quarters (72 per cent) of the cloud services used by European organisations do not meet the requirements of the current privacy regulations, with data being sent to countries without adequate levels of data protection. The transfer of personally identifiable information outside Europe meant many services were operating at odds with the EU Data Protection Directive.

Cloud-Computing brings new challenges

Victoria Wagner Ross,,  Sunday, October 12, 2014

The NSA Prism spying scandal risks undermining trust in U.S. cloud computing businesses, the EC's vice-president, Neelie Kroes, has warned in a speech today. Kroes also reiterated calls for "clarity and transparency" from the U.S. regarding the scope and nature of its surveillance and access to data on individuals and businesses living and conducting business in Europe.

The Microsoft Warrant Case: Not Just An Irish Issue

John O'Connor, Mondaq,  Saturday, October 11, 2014

It is the opinion of Michael McDowell, a former Irish Attorney General, and now a pre-eminent senior counsel (barrister) before the Irish Supreme Court that such exemptions are 'only lawful where such disclosure is required or mandated by reference to Irish law and is subject to the jurisdiction and control of the Irish courts'. The ability therefore of the US Government to obtain a warrant, subject to US domestic law, that has effect in Ireland may, it is argued, be a breach of Irish sovereignty.