David McLaughlin, Bloomberg Business, Friday, September 25, 2015
Google Inc. is back under U.S. antitrust scrutiny as officials ask whether the tech giant stifled competitors’ access to its Android mobile-operating system, said two people familiar with the matter. The Federal Trade Commission reached an agreement with the Justice Department to spearhead an investigation of Google’s Android business, the people said. FTC officials have met with technology company representatives who say Google gives priority to its own services on the Android platform, while restricting others, added the people, who asked for anonymity because the matter is confidential.
Dibya Sarkar, Fierce Government IT, Friday, September 25, 2015
With FedRAMP and several agencies, DHS is developing recommendations for additional security controls to establish a "high confidentiality, high integrity high availability in cloud environments," he said during a congressional hearing in San Antonio on cloud adoption by agencies.
Julia Fioretti, Reuters, Thursday, September 24, 2015
The European Commission on Thursday launched an inquiry into the behavior of online companies such as Google, Facebook and Amazon to try to gauge whether there is a need to regulate the web. The public consultation seeks answers on a broad range of issues, from the contractual restrictions online groups may impose on other businesses, for example, companies seeking to display ads, to how proactive they should be in removing illegal content online.
James Bourne, Cloud Tech, Thursday, September 24, 2015
Even though the public sector is adopting cloud as a key part of its IT strategy, new research from Sungard Availability Services has revealed the sector is facing a large number of challenges in managing and operating cloud environments. According to the report, entitled ‘Digital by Design: Avoiding the cloud hangover in the UK public sector’, UK public sector organisations are spending over £300 million each year on ‘hidden costs’ associated with their cloud computing projects. The research, which polled 45 senior IT decision makers in the UK public sector, also found that more than three quarters (82%) of respondents had encountered some form of unplanned cloud spend.
John Ribeiro, CIO, Thursday, September 24, 2015
Microsoft announced three new tie-ups in China on the same day that the country's President Xi Jinping and a delegation visited its campus at Redmond, Washington. The seven deals with Chinese companies and government institutions will likely give Microsoft greater access to the country's large market. Other companies like Cisco Systems and Hewlett-Packard have also announced ties with Chinese companies, a market that has been proving complex for U.S. companies because of the strong backing of the government for local players.
Mark Scott, New York Times, Wednesday, September 23, 2015
The laws governing companies that share online customer data between Europe and the United States may soon become a lot tougher. A legal position published in Luxembourg on Wednesday by a senior adviser to Europe’s highest court said that a trans-Atlantic “safe harbor” agreement allowing companies to ship people’s data between both regions did not provide sufficient checks on how that information may be used.
Tracy Mitrano, Inside Higher Ed, Tuesday, September 22, 2015
Review the Business Associate’s Agreement (BAA) because there is vendor variation among them. Not all BAAs are alike. Some fully meet legal requirements to protect the institution, and others not so much. It is critical to test the veracity of the statements and commitments made in BAAs with third-party audits, for example a successful ISO audit w/27018 controls as a decent proxy for HIPAA privacy and security rule requirements. Careful attention to the quality of these documents will lower institutional risk and raise the bar among vendors. These efforts will continue an on-going process of harmonizing standards in cloud computing contracts. Make sure your legal counsel has seen the BAA, been in contact with the leading attorneys who set the bar for appropriate or consult NACUA or ACE documents designed for this purpose.
Jayne Friedland Holland, GCN, Saturday, September 19, 2015
What does this shift mean in terms of security? Both the CIA and the Department of Homeland Security have moved data to the cloud, where the CIA has said it believes data will be as safe as or safer than it was on the agency’s internal systems. Agencies may not realize, however, that the first risk they may face in moving to the cloud could be found in the terms and conditions of the cloud provider’s agreement. And while federal agencies now have the Federal Risk and Authorization Management Program (FedRAMP) framework to help ensure needs are met, state and local governments are still largely on their own.
Richard Salgado, Google Public Policy Blog, Friday, September 18, 2015
As the debate over electronic communications privacy escalates in Congress and around the country, I testified this week before the Senate Judiciary Committee to discuss this very issue. The hearing provided an important opportunity to address users’ very reasonable expectations of privacy when it comes to the content in their email and other online accounts. Google strongly supports legislation to update the Electronic Communications Privacy Act (ECPA), which was signed into law almost thirty years ago -- long before email accounts and the Web were part of our daily lives. As it is currently written, ECPA allows government agencies to compel a provider to disclose the content of communications, like email and photos, without a warrant in some circumstances. This pre-digital era law no longer makes sense: users expect, as they should, that the documents they store online have the same Fourth Amendment protections as they do when the government wants to enter the home to seize documents stored in a desk drawer.
Cory Bennett, The Hill, Friday, September 18, 2015
The House Judiciary Committee approved a bill Wednesday that would give European citizens the right to sue in U.S. courts over misuse of their personal data. The measure, known as the Judicial Redress Act, is seen as central to helping mollify European allies angered by the revelation of widespread U.S. surveillance programs. The bill is also the lynchpin in a recently signed deal between the U.S. and European Union that would allow law enforcement agencies on both sides to swap more data.