Therrien urges wireless providers to help fix SS7 vulnerabilities

(Oct 5, 2018) Within his Annual Report to Parliament, Privacy Commissioner of Canada Daniel Therrien calls for wireless network providers to help fix security vulnerabilities related to the SS7 system, CBC News reports. Therrien cited a report conducted by the CBC and Radio Canada where a hacker was able to exploit flaws within SS7 to intercept calls from a federal MP and track his location. Therrien notes European countries have already taken steps to address these issues, adding he has received “encouraging... Read More

Latest CJEU opinion may illuminate personal data risks

(Oct 3, 2018) The Court of Justice of the European Union ruled Oct. 2, 2018, that national authorities may access certain types of personal data from electronic communication providers in the course of a criminal investigation because it does not amount to a “sufficiently serious” interference with fundamental rights. The personal data at issue included surnames, forenames, and addresses. Collecting this personal information amounted to interference with fundamental rights enshrined in the Charter of Fundame... Read More

AT&T CEO calls for federal US privacy law

(Oct 3, 2018) AT&T CEO Randall Stephenson is calling for Congress to create a federal U.S. privacy law, The Hollywood Reporter reports. Stephenson said having industries comply with different rules across each state "is a disaster for an uncertain business model." The AT&T CEO believes Congress will not begin to act on a federal rule until after the November midterm elections. "Why doesn't it get done?" Stephenson said. "It doesn't get done because it's just not a priority right now, and I think until... Read More

What's next for ePrivacy? Looking at Austria's latest draft

(Oct 2, 2018) Since its proposal by the European Commission, the ePrivacy Regulation has been the topic of discussion among regulators, consumer groups, privacy advocates, and industry associations. At one point, there was talk of ePrivacy and the EU General Data Protection Regulation coming into force in lockstep. Clearly, that ship has sailed. However, though the pace of ePrivacy’s advancement has been slower than initially promised by policymakers, the Austrian presidency presses on and continues to releas... Read More

In push for US federal privacy law, state preemption will depend on the details

(Sep 27, 2018) A highly anticipated hearing was held by the Senate Commerce Committee Wednesday, in which privacy and legal executives from some of America's top technology companies testified on the prospects of a national privacy law. With agreement among industry that a federal law should preempt stricter state laws, the sticking point for stakeholders and lawmakers alike will involve the strength of, and details in, that potential law.  At the outset of Wednesday's industry hearing, Committee Chairman Joh... Read More

Dutch industry groups voice ePrivacy Regulation concerns

(Sep 27, 2018) A coalition of Dutch industry groups is voicing its concerns about the EU ePrivacy Regulation, Telecompaper reports. The groups, consisting of Nederland ICT, DDMA, the Mediafederatie and MKB Nederland, are asking the Dutch government to consider the regulation’s potential negative impact on small businesses. At the heart of the coalition’s complaints is the ePrivacy Regulation coming into conflict with the EU General Data Protection Regulation. With each providing a different legal basis for pro... Read More

India's Supreme Court rules Aadhaar constitutional with limits

(Sep 26, 2018) Aadhaar, India's controversial biometric identity system serving 1 billion citizens, is constitutional, according to a new ruling from the nation's Supreme Court. However, there are limits to its scope, according to BBC News, including mandatory use of it for bank accounts, mobile connections and school admissions. In a 3-2 vote, the court wrote, "Aadhaar gives dignity to the marginalised. Dignity to the marginalised outweighs privacy. ... One can't throw the baby out with the bathwater." Reacti... Read More

White House, industry reveal more details on US privacy framework

(Sep 25, 2018) Movement toward a U.S. privacy framework is gaining steam this week as lobbying efforts in Washington intensify ahead of the release of White House document outlining an initial approach to consumer privacy and a highly anticipated Congressional hearing Wednesday in which privacy professionals from several major tech companies will testify.  An "unpublished Notice by the National Telecommunications and Information Administration," an arm of the Department of Commerce, has appeared on the Federa... Read More

US privacy framework gains momentum ahead of Senate hearing

(Sep 25, 2018) Movement toward a U.S. privacy framework is gaining steam this week as lobbying efforts in Washington ramp up ahead of a White House document on its approach to consumer privacy and a highly anticipated Congressional hearing Wednesday in which privacy professionals from several major tech companies will testify. An "unpublished Notice" by the National Telecommunications and Information Administration, an arm of the Department of Commerce, has appeared on the Federal Register and includes a PDF r... Read More

Court rules GCHQ bulk collection violated human rights

(Sep 13, 2018) In a long-awaited decision out of Strasbourg, France, the European Court of Human Rights has ruled the U.K. Government Communications Headquarters bulk intelligence program violated privacy, the Guardian reports. In a detailed decision, the ECHR looked at three aspects of surveillance: bulk collection of digital communications, the sharing of intelligence with other agencies, and obtaining communications data from telecommunications companies. In a five-to-two vote, the judges found that the GCH... Read More