Russian parliament approves Internet privacy bill

Jack Stubbs and Maria Kiselyova, Reuters,  Saturday, July 04, 2015

Russia's parliament gave its final approval on Friday to a law that would require Internet search engines to remove users' personal information from their results. The bill, passed by the State Duma lower house in its third reading, seeks to emulate European Union rules on the "right to be forgotten", under which search engines must take down certain results that appear under a search of a person's name. Under the new Russian legislation, Internet users will have the right to request the removal of information that is incorrect or "no longer relevant because of subsequent events or actions", TASS news agency reported.

EU data protection regulation closer, your next headache?

Giulio Coraggio, GamingTechLaw,  Tuesday, June 30, 2015

The new EU Data Protection regulation is now closer with the EU Council of ministers reaching an agreement on a general approach which still leaves some room for negotiations and further headaches… Data protection experts might have lost any hope to see the final draft of the new EU Privacy Regulation during their life after that any step forward was followed by a number of steps backwards. But after 3 years from the first draft, commentators are quite confident to see the EU data protection regulation finally approved by the end of the year. The approval by the EU Council of the latest draft of the EU privacy regulation does NOT mean that the regulation is now approved. Further discussions with the EU Parliament and Commission shall take place and a number of points of discussion appear still open.

When a Company Is Put Up for Sale, in Many Cases, Your Personal Data Is, Too

Natasha Singer and Jeremy Merrill, New York Times,  Monday, June 29, 2015

Of the 99 sites with English-language terms of service or privacy policies, 85 said they might transfer users’ information if a merger, acquisition, bankruptcy, asset sale or other transaction occurred, The Times’s analysis found.

Dealing With Data Privacy in the Cloud

Paul Trotter, CIO,  Monday, June 29, 2015

Our reliance on data and the potential pitfalls associated with managing it have given rise to the need for safeguards for the protection of information, particularly in Europe where the General Data Protection Regulation (GDPR) will soon come into force. GDPR is designed to harmonise the current data protection regulations across EU member states, with strict data compliance stipulations and the possibility of huge financial penalties for those who breach of the rules. While the regulation doesn’t deal specifically with cloud service providers, it does have implications for organisations that use cloud services to store data. And with many companies in need of guidelines on how to deal with new approaches to data management, it’s time to turn to the experts.

For Post-Snowden Cloud Startups, Privacy Proves A Hard Sell

Steven Melendez, Fast Company,  Friday, June 26, 2015

"Rather than feeling able to make choices, Americans believe it is futile to manage what companies can learn about them," the authors wrote. "Our study reveals that more than half do not want to lose control over their information, but also believe this loss of control has already happened."

Isabelle Falque-Pierrotin: Privacy Needs to Be the Default, Not an Option

Mark Halper, WIRED,  Friday, June 26, 2015

Isabelle Falque-Pierrotin has a wake-up call for the world’s digital citizens: Beware of the tech giants lurking behind your screens and keyboards. Falque-Pierrotin—current head of France’s CNIL (National Commission on Informatics and Liberty) and the “Article 29 Working Party,” a group of European Union data-protection advocates—believes we are sleepily handing over personal data in droves without truly understanding the consequences. Comprehensive privacy protection should be an enforced requirement, she argues, not just an “opt-in” afterthought.

Why the OPM Data Breach is Unlike Any Other

Nuala O’Connor, Center for Democracy & Technology,  Tuesday, June 23, 2015

...a breach of this magnitude should call into question how we define harm and the types of remediation available to individuals. Credit monitoring and identity-theft resources may have little utility for those whose data was breached, especially when the information that was taken goes beyond credit card numbers and into detailed dossiers of about individuals. How does one put the cat back in the bag when the records breached contain information such as past drug use, lie-detector tests you failed, or extramarital affairs? This is information routinely collected about candidates for top-secret clearance and it includes information about friends, relatives, and former employers connected to the individuals that were affected. Those individuals aren’t given any recourse whatsoever. Current structures just do not give adequate recourse in relation to the real harm and impact on lives.

US To China: Do As We Say, Not As We Do

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Thursday, June 18, 2015

Is America as authoritarian as China? Surely not. And yet sometimes the differences can be hard to discern. A case in point is their similar approaches to one aspect of criminal law, the lawful intercept rules for telecommunications; approaches that a new study by the American Enterprise Institute characterizes as the imposition of a double standard.

Privacy: The weak link for video security

Karen Evans by Karen Evans, KE&T Partners
Thursday, June 18, 2015

The collection and analysis of video data has become the norm. However, storing sensitive information is currently regulated by outdated security standards—or by no standards at all—that do not offer the necessary protections to prevent hackers or bad actors. Law enforcement, led by the IACP, is addressing this issue head-on with its recently released guidance on video data and cloud computing. The guidelines focus on law enforcement's operational needs and, most importantly, ensure the security of systems and video data. As the updated guidelines state: "Recent calls for the expansion of data collection by law enforcement officers through, for example, the use of body-worn cameras and other sensor devices, only serve to reemphasize the need for clearly articulated policies regarding cloud-based data storage."

IACP Releases Updated Guidance On Police Bodyworn Camera Video Data Storage

Bradley Shear by Bradley Shear, Law Office of Bradley S. Shear
Thursday, June 18, 2015

The International Association of Chiefs of Police (IACP) recently published their "Guiding Principles on Cloud Computing in Law Enforcement". These principles are much needed because as more digital video evidence is created by law enforcement, the proper safeguards must be in place to ensure that the data is stored in an appropriate manner for the legal justice system.