Microsoft says NSA spying hit trust in the cloud

Doug Drinkwater, SC Magazine UK,  Friday, October 10, 2014

A senior Microsoft spokesman says that government surveillance has damaged trust in the cloud and in the company itself, pushing the latter to focus more on data privacy and security. The firm's principal cyber-security strategist Jeff Jones was presenting at the IP Expo Europe exhibition in London on Thursday, where he suggested that the leaks from NSA whistleblower Edward Snowden had impacted the Redmond technology giant and the cloud computing market as a whole. He then suggested that that the leaks had ‘affected' cloud in the enterprise, as well as the company's own ambitions in this area, before adding that the growing distrust in the cloud had come at a time where ‘perceptual concerns' around cloud security were dissipating on deployment.

The Privacy Pillory and the Security Rack: The Enforcement Toolkit (Part 2)

Daniel J. Solove by Daniel Solove, TeachPrivacy
Thursday, October 09, 2014

Are privacy and security laws being enforced effectively? What kind of sanctions do privacy and security laws use for enforcement? In this post, I will discuss the various tools that are frequently used in the enforcement of privacy/security laws.

Interview: Brendon Lynch

Eleanor Dallaway, Infosecurity,  Thursday, October 09, 2014

I ask Lynch how attitudes to privacy have evolved during the decade he has spent in the privacy team at Microsoft. “At a fundamental level, people cared about their privacy then, as they do now,” he argues. “But the nature of technology and the data collection and use that’s occurring now is much greater, and therefore perhaps concerns and fears are now manifesting themselves in the realities of what’s happening today.” That reality, according to Lynch, is the “potential for a digital record of all human activity.” As technology intersects with people’s lives and activities, and devices become ever-more mobile, “sensors all around us” will create those digital records, he warns. Perhaps as a result of this so-called “trendline,” people are now starting to question how their information is being used, who they should trust, what control they have, and in some cases, what actions they can take to better protect their privacy. All of this whilst still taking advantage of an explosion in new productivity and connectivity capabilities.

Why Enforce Privacy and Security Laws? (Part 1 of a new series)

Daniel J. Solove by Daniel Solove, TeachPrivacy
Tuesday, October 07, 2014

How are privacy and security laws enforced? How should they be enforced? What enforcement works well? What doesn’t? What are the various agencies that are enforcing privacy laws doing? How do the agencies compare in their enforcement efforts? I plan to explore these questions in a series of posts. Collectively, I’ll call this series “Enforcing Privacy and Security Laws.”

Software group launches student privacy pledge

Julian Hattem, The Hill,  Tuesday, October 07, 2014

The software industry is making moves to beef up privacy protections for students. The Software and Information Industry Association (SIIA) joined with the Future of Privacy Forum, a think tank, to announce a new pledge for companies that make products for students in kindergarten through 12th grade. Under the pledge, a handful of companies have promised not to sell student information or target their ads based on students’ behavior. Companies will also only use data for specific educational purposes and will impose limits on how long that information is held.

Microsoft and Other Firms Pledge to Protect Student Data

Natasha Singer, New York Times,  Tuesday, October 07, 2014

The software industry is making moves to beef up privacy protections for students.The Software and Information Industry Association (SIIA) joined with the Future of Privacy Forum, a think tank, to announce a new pledge for companies that make products for students in kindergarten through 12th grade. Under the pledge, a handful of companies have promised not to sell student information or target their ads based on students’ behavior. Companies will also only use data for specific educational purposes and will impose limits on how long that information is held. A week after California enacted a landmark law restricting the ways education technology companies can use the information they collect about elementary through high school students, a group of leading industry players is pledging to adopt similar data protections nationwide. The 14 companies include: Microsoft; Houghton Mifflin Harcourt, the educational publishing house; Amplify, a developer of digital curriculums; and Edmodo, an online network for schools that allows teachers to assign homework and measure students’ progress. The pledge was developed by the Future of Privacy Forum, a think tank in Washington, in collaboration with the Software & Information Industry Association, a trade group.

Should Google Be a Signatory to Student Privacy Pledge?

Tracy Mitrano, Inside Higher Ed,  Tuesday, October 07, 2014

Google is not among the companies to sign the pledge, and that is no surprise. Anything that would challenge its business model, bring scrutiny to its algorithm, and openly admit that is continues to use data mining from enterprise contracts to improve its services is off corporate limits. The distinction lies here: the signatory companies are NOT advertising companies. They offer content and services that do not rely on data mining as the principle means to fuel their business model.

Google Ordered to Change Handling of User Data in Germany

Karin Matussek, Bloomberg,  Tuesday, September 30, 2014

Google Inc. was ordered by a German regulator to limit how it combines user data that could be used to find out customers’ personal preferences, including marital status or sexual orientation. The operator of the biggest Internet search engine was ordered to modify its privacy policies so users have the ability to determine how their data is used, Johannes Caspar, Hamburg’s privacy watchdog, said in an e-mailed statement today. The terms of Google’s 2012 privacy policy allow the Mountain View, California-based company to combine data it retrieves when customers use various services, including Gmail, Caspar said. “With that, one can compile detailed movement patterns, detect the social and financial status, and friendship, sexual orientation and the relationship status” of a person, the regulator said.

SafeGov Releases Results of Global Parents Surveys Relating to Student Online Privacy

Jeff Gould by Jeff Gould, SafeGov.org
Wednesday, September 17, 2014

Surveys of nearly 5,500 parents in 11 countries around the world, including Europe, Asia and North America, show that parents have high hopes for the contribution that Internet applications can make to their children’s education, especially when it comes to acquiring skills relevant to the modern global economy. At the same time, the vast majority of parents worry that internet companies are tracking and profiling their children’s online activities at school for advertising purposes, and they want such practices banned. Specifically, parents want stronger government regulations against online data mining in schools that isn’t directly related to improving academic performance, and they want schools to forbid such practices. The findings are based on a series of surveys conducted between 2012 and 2014 for SafeGov aimed at capturing global parents’ views on the benefits and risks of proliferating in-school access to internet applications such as email, document creation and group collaboration.

Apple takes 'very different view' on customer privacy, Cook says

Steven Musil, CNET,  Monday, September 15, 2014

"Our business is not based on having information about you. You're not our product," Cook said. "Our products are these, and this watch, and Macs and so forth. And so we run a very different company. I think everyone has to ask, how do companies make their money? Follow the money. And if they're making money mainly by collecting gobs of personal data, I think you have a right to be worried. And you should really understand what's happening to that data, and the companies -- I think -- should be very transparent."