Government-owned company now stores Apple iCloud data in China

(Nov 29, 2018) Mashable reports that government-owned China Telecom took over the iCloud data from Guizhou-Cloud Big Data, meaning Apple iCloud data in China is now stored by a state-owned company. Apple had previously announced its first data center in China, in partnership with Guizhou-Cloud Big Data, to help the company comply with a government policy requiring foreign service providers to store data on Chinese citizens in the country. China Telecom’s takeover of the iCloud data has been met with concern ov... Read More

Report found Indian bank routinely shared customer data

(Nov 1, 2018) According to a bank document related to the Reserve Bank of India’s risk observation, Microsoft routinely shared customers’ financial information with U.S. intelligence agencies, Zee Business reports. The document, seen by DNA Money, found that this impacted banks that had migrated to Microsoft Office 365 cloud-based email service. While the article states banks were “fully aware” information was shared in this manner, customers may have not been informed. According to the RBI observation, Micro... Read More

McAfee report finds increase in sensitive data on the cloud

(Oct 31, 2018) Cybersecurity company McAfee released its Cloud Adoption & Risk Report, which analyzed anonymized cloud use to report on the current state of cloud developments and uncover risks, according to a news release. The report discovered nearly 25 percent of cloud data could be considered sensitive and, on average, an organization will experience more than 2,200 misconfiguration incidents per month. McAfee Cloud Security Business Senior Vice President Rajiv Gupta said, “Accidental sharing, collabor... Read More

IBM to acquire Red Hat in $34B cash deal

(Oct 30, 2018) In one of the biggest U.S. tech acquisitions, IBM announced it is acquiring open-source software company Red Hat in a $34 billion all-cash deal, ABC Action News reports. While the move still requires approval from shareholders and regulators, it is expected to finalize in the second half of 2019. IBM has said the move will allow the company to focus on helping businesses use multiple clouds at once. The company has plans to continue Red Hat’s existing partnerships, which includes Amazon, Microso... Read More

Announcing the new Cross-Border Data Forum

(Oct 16, 2018) With cloud computing, law enforcement investigations increasingly seek evidence that is held across borders, in a different country. As we describe in a separate IAPP post, this globalization of criminal evidence is prompting major legislative change and proposals. In 2018 alone, the United States passed the Clarifying Lawful Overseas Use of Data Act to address cross-border issues, and the European Union has proposed its new eEvidence regulation and directive.  To date, there has not been one f... Read More

Google explains deleting data on the cloud platform

(Sep 14, 2018) In a blog post for Google, Cloud Security and Privacy Product Manager Eric Chiang announced a new white paper explaining data deletion on the Google Cloud Platform. The white paper provides an overview of how customer data is stored and Google’s deletion pipeline and timeline and describes steps taken to prevent any data from being reconstructed. To provide ongoing transparency, "Data deletion on Google Cloud Platform" takes a step-by-step approach to deletion requests, data removal, logical del... Read More

India's draft cloud computing policy urges data localization

(Aug 6, 2018) Reuters reports on a draft cloud computing policy proposal that would require data generated in the country to be stored within its borders. As the government works to finalize an overarching data protection law, the policy would be the latest in a series aiming to support data localization in India. In addition to the recommendation of data localization, the draft states that the data “must be available for investigative agencies and national security agencies.” Headed by the co-founder of Indi... Read More

Confusion surrounds Dropbox sharing researchers' data

(Jul 25, 2018) ZDNet reports on the confusion stemming from Dropbox sharing information on academics with Northwestern University researchers. Dropbox had given the researchers data belonging to 400,000 users across 1,000 universities. The researchers first claimed Dropbox gave them raw data that was then anonymized, but the file-hosting service later released a statement claiming it had already anonymized the information before turning it over for the researchers’ project. Dropbox explained the way data was s... Read More

Google: Digital communication laws still need work despite progress

(Jul 24, 2018) Google Senior Privacy Policy Counsel David Lieber writes in a blog post about the U.S. government updating laws on accessing digital communications. Lieber writes Google is in favor of the Clarifying Lawful Overseas Use of Data Act and the ruling in the Carpenter v. United States case but adds more needs to be done to protect the data, such as passing the Email Privacy Act, and answers on the standards governments should meet before requesting sensitive information. “Policymakers shouldn’t wait ... Read More

Tech companies join forces to launch Data Transfer Project

(Jul 23, 2018) Google, Facebook, Twitter and Microsoft are joining forces to launch the Data Transfer Project. The open-source project will allow data subjects to transfer their information from one service to another safely by encrypting data at rest and in transit by using the service’s existing authorization mechanism. In a blog post announcing the joint venture, Microsoft Vice President for Corporate Standards Craig Shank writes the project will focus on making the data-portability tools easy to use while ... Read More