Senate reports reveal broad scope of Russian misinformation on social media

(Dec 18, 2018) A pair of reports prepared for the U.S. Senate Intelligence Committee found 10 million posts and messages were sent by Russian operatives across all social media platforms, The Washington Post reports. The reports found the operatives sought to sow dischord among American voters. The reports (here and here) found Russian agents used Facebook to target minority voters. Facebook Chief Operating Officer Sheryl Sandberg said in response her company has taken steps to combat the issue. Meanwhile, Twi... Read More

Signal tells Australian government it cannot add backdoor access

(Dec 17, 2018) Messaging app Signal said in a statement it cannot add backdoors to its product in order to comply with Australia’s Assistance and Access Bill, ZDNet reports. Signal Developer Joshua Lund wrote in a blog post the company does not have access to the keys that protect the “end-to-end encrypted contents of every message.” Lund added Signal expects interactions with the Australian government will end up in a situation where the app is banned in the country. “Although we can't include a backdoor in S... Read More

Irish DPC to investigate Facebook following another data breach

(Dec 14, 2018) Ireland’s data protection commissioner announced it will investigate Facebook for the number of data breaches it suffered in 2018 after the tech company revealed another incident that took place in September, the Financial Times reports. Facebook Engineering Director Tomer Bar said a flaw allowed third-party developers to access photos through the platform, potentially affecting up to 6.8 million users. “The Irish DPC has received a number of breach notifications from Facebook since the introduc... Read More

NPC to ramp up compliance enforcement

(Dec 13, 2018) The National Privacy Commission of the Philippines has intensified its monitoring efforts to ensure compliance to Republic Act No. 10173 or the Data Privacy Act of 2012, the Philippine News Agency reports. Speaking at a briefing, NPC Policy Review Division Chief Vida Zora Bocar said there were now guidelines on checking for compliance and mentioned the NPC will prioritize monitoring of sectors where data protection is essential, including banks and schools. The NPC is also reported to launch the... Read More

Australian governments agree to new cyber incident management arrangement

(Dec 13, 2018) At a recent meeting of the Council of Australian Governments, federal, state and territory governments agreed to new cyber incident management arrangements that will shape how they coordinate in the event of a national cyber incident, iTNews reports. The Australian Cyber Security Centre explained, “The CIMA is not an operational incident management protocol. The detailed operational plans that underpin the CIMA will be jointly developed and maintained by Australian governments.” It also noted th... Read More

Senators propose privacy bill establishing fiduciary duties for online companies

(Dec 13, 2018) Sen. Brian Schatz, D-Hawaii, introduced new federal privacy legislation Wednesday that has the support of 14 Democratic senators. The Data Care Act, unlike other draft federal bills, introduces a duty of care, loyalty and confidentiality. "Just as doctors and lawyers are expected to protect and responsibly use the personal data they hold," Schatz said, "online companies should be required to do the same." According to TechCrunch, Schatz said transparency and control are important, "but there's b... Read More

China allegedly behind Marriott data breach

(Dec 12, 2018) U.S. officials believe the hackers behind the Marriott data breach may work for China’s Ministry of State Security, The New York Times reports. American intelligence agencies have not reached a final conclusion about who conducted the cyberattack; however, cybersecurity firms brought in to examine the damage found computer code used previously by Chinese actors. Chinese Ministry of Foreign Affairs Spokesman Geng Shuang denied the country’s involvement in the attack. “China firmly opposes all for... Read More

Software update results in Google+ data breach affecting 52M users

(Dec 11, 2018) Ahead of CEO Sundar Pichai’s testimony in front of the U.S. House Judiciary Committee, Google revealed Google+ had another data breach, The Washington Post reports. A software update allowed third-party app developers to access the information of 52 million users without their consent for six days in November. The data included names, email addresses, occupations and ages. Google Vice President of Product Management for G Suite David Thacker wrote in a blog post the tech company discovered no ev... Read More

House Oversight reports reveal bipartisan divide over Equifax breach

(Dec 11, 2018) Republicans and Democrats on the U.S. House Oversight and Government Reform Committee released conflicting reports on the Equifax data breach, The Washington Post reports. The Republican report outlined the security measures at the center of the breach and called for a study of the Federal Trade Commission’s current regulatory powers and government cooperation with the private sector rather than mandates. Democrats seek new laws to raise financial penalties for data breaches and more powers for ... Read More

Congressional report says Equifax breach was 'preventable'

(Dec 10, 2018) The U.S. House Oversight Committee released a report Monday on last year's data breach of Equifax, saying the incident was "entirely preventable" and that the company mishandled its response, according to Politico. "Equifax failed to fully appreciate and mitigate its cybersecurity risks," the Congressional report states. Two factors led to the breach: The company's structure allowed gaps between IT policy development and operations, and the company grew too fast, creating a series of legacy syst... Read More