ACI_Q2_Ads_successful-728x90
BNA_15349_Privacy_Law_Asia_wp_ad_680x75_Ldbd
ACI_Q2_Ads_battletested-728x90
PrivacyTraining_ad300x250.Promo1-01
PPC_CIPM_300x250.FINAL-01
Certification_Ad_300x250final-01

(Jul 30, 2015) With the rollout Wednesday of Microsoft’s new operating system, Windows 10, many praised its new features while others expressed concerns about user privacy, Information Age reports. For those using Windows 7 or 8, the upgrade is free, but some are pointing out that comes with a privacy trade-off, as has been demonstrated in Microsoft’s new privacy policy and services agreement, the report states. Microsoft Deputy General Counsel Horacio Gutiérrez said the company’s new dashboard creates a “straightforward resource for understanding Microsoft’s commitments to protecting individual privacy with these services.” Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Getting to Accountability with Limited Resources

(Jul 29, 2015) With regulators around the world calling for organizations to be accountable with their privacy practices, often privacy officers struggle to manage such requirements with limited resources. The challenges faced by privacy officers can include “communicating a definitive privacy-management program, leveraging and motivating individuals throughout the organization and justifying the business case to obtain the necessary resources,” writes Nymity President and Founder Terry McQuay, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPM. In this post for Privacy Perspectives, McQuay discusses how privacy officers can implement successful privacy-management activities by using a resource-based approach. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

UN Gives U.S. Failing Grade on Privacy

(Jul 29, 2015) The U.S. scores very low on protecting its citizens’ privacy, according to a new United Nations Human Rights Committee Review. The committee’s midterm report cards for several countries, including Bolivia, Hong Kong, Norway, Portugal and the U.S., look at how well the countries have adhered to and implemented UN recommendations on the International Covenant of Civil and Political Rights. In several aspects of protecting privacy, the U.S. was graded “not satisfactory,” The Intercept reports. Specifically, the U.S. government has not established an adequate oversight system to ensure privacy rights are being upheld, the report states. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Keystroke-Monitoring Identified as Anonymity Threat

(Jul 29, 2015) Monitoring a user’s keystrokes, “a sort of digital fingerprint that can betray its owner’s identity,” has been identified by security researchers as a threat for Tor users, Ars Technica reports. “The risk to anonymity and privacy is that you can profile me and log what I am doing on one page and then compare that to the profile you have built on another page,” said security researcher Runa Sandvik. “Suddenly, the IP address I am using to connect to these two sites matters much less." Researchers Per Thorsheim and Paul Moore developed a Chrome plugin to ward off these attacks. "For oppressive regimes, this is most certainly of high interest," Thorsheim said. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Report Studies Impact of Drones on Data Security

(Jul 28, 2015) A study by Tractica indicates that as widespread interest in drone use grows so will the need for more sophisticated data analysis and protection, IT Canada reports. “There are many other IT considerations,” Tractica’s Bob Lockhart said in the report. “Just like other mobile devices, drones are targets for theft of data and intellectual property, and drone inputs could affect certifications such as ISO9001 or ISO27001 for information security.” Data storage policies should also be in place. “Drones could produce huge amounts of data for organizations that are not used to large data volumes, so organizations should have a data science program ready in advance, he said, and know where the data be stored and processed,” the report states. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Roundup: Kuwait, Russia, U.S. and More

(Jul 27, 2015) This week’s Privacy Tracker roundup highlights a controversial new antiterrorism law in Kuwait that would see mandatory DNA collection from all citizens, residents and visitors to the country. Also, Russia has passed a right-to-be-forgotten law, and Ireland is expected to pass a new law giving adopted individuals access to their birth certificates. In the U.S., another student privacy bill has been introduced while senators who have already proposed student privacy bills hope to work together to push a single bill forward. Also, there’s a new bill aiming to reform FISMA, and the courts have been busy deciding on Neiman Marcus, butt-dialing, a Florida healthcare privacy law and Facebook denying search warrants. (IAPP member login required.) Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

New Mindset, Budget Plan Helpful in Breach Prevention

(Jul 27, 2015) RSA Chief Technology Officer Zulfikar Ramzan believes breach prevention requires a proactive attitude and wise budgeting in favor of security, BankInfo Security reports. “Security practitioners need to eliminate the perimeter and adopt a prevention mindset to establish the security maturity of the organization in dealing with cyber threats," Ramzan said. “Learning to distinguish between an intrusion and breach and working out ways to respond to breaches are critical.” The current status quo of allocating money toward prevention ought to be similarly revised, he suggests, recommending “organizations allocate one-third of their budgets to each of those disciplines to build a better breach response framework,” the report states. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Hackers Could Use Cell Phones as Spycams

(Jul 27, 2015) Stagefright, a “multimedia playback engine” unique to Google Android phones, has a vulnerability so profound that “that attackers could send a text message with a malicious video file and infect the mobile device without a recipient actually clicking to open the file,” effectively rendering it a “spycam,” The Christian Science Monitor reports. Google has released a patch for the flaw, but “the fix won't help millions of users with older versions of the system that Google no longer supports,” the... Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Researchers Say They’ve Created Faster Onion Router

(Jul 27, 2015) A group of researchers claim they have created a better, faster alternative to the Tor network, Ars Technica reports. In a newly published paper, researchers from the Swiss Federal Institute of Technology and the University College of London describe an anonymizing network called HORNET (High-speed Onion Routing at the NETwork layer), saying it could be part of the next generation of Tor. The researchers state HORNET moves anonymized data at 93 gigabits per second and can be scaled to handle large quantities of users. Though the researchers said the system couldn’t fully protect against targeted attacks, widespread use could stymy mass surveillance, they claim. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Researchers’ Breakthrough Means Faces on CCTV, Infrared-Footage Identifiable

(Jul 27, 2015) The problem with infrared surveillance videos or CCTV videos thus far has been it can be difficult to recognize the people in them, MIT Technology Review reports. That’s because “the link between the way people look in infrared and visible light is highly nonlinear,” so matching images of people in such surveillance footage to how they look in real life has been an unresolved challenge, the report states. But Saquib Sarfraz and Rainer Stiefelhagen at the Karlsruhe Institute of Technology in Germany may have solved the problem by teaching a neural network to do the work. One way this has become possible is because of an increase in vast databases of facial images, the report states. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest