May
17

Living by the Numbers: Big Data Knows What Your Future Holds

From: Spiegel Online

By Martin U. Müller, Marcel Rosenbach and Thomas Schulz

Forget Big Brother. Companies and countries are discovering that algorithms programmed to scour vast quantities of data can be much more powerful. They can predict your next purchase, forecast car thefts and maybe even help cure cancer. But there is a down side.

May
17

What comes after the Cyber Security Strategy?

From: New Europe

By Nerea Rial

Three months ago, the European Commission launched its Cyber Security Strategy and proposed a directive on network and information security (NIS). However, there are still some questions that must be answered and challenges to be faced if Europe wants to offer a safe Internet to its citizens.

“The strategy has two overarching purposes. It provides a basis for greater cooperation between the different actors and, most importantly, shows the direction for future work,” said Cecilia Malmström, EU Commissioner for Home Affairs, at the Cybersecurity Conference which took place in Brussels on 16 May.

May
17

Parliamentarians can examine legal frameworks for e-commerce and cyber security (Namibia)

From: New Era

By Moses Amweelo

OUR national and homeland security team regularly advises clients on both compliance with current law and the development of proposed laws and treaties related to cyber security, critical infrastructure and e-commerce.

In the United States government, cyber-security regulation comprises directives from the Executive Branch and legislation from Congress that safeguards information technology and computer systems. The purpose of cyber-security regulation is to force companies and organizations to protect their systems and information from cyber-attacks. Cyber-attacks include viruses, worms, Trojan horses, phishing, denial of service attacks, unauthorized access (stealing intellectual property or confidential information) and control system attacks (Rise Is Seen in Cyber-attacks Targeting U.S. Infrastructure July 26, 2012 New York Times).

May
16

EU may consider ‘hack-back’ legislation

From: Infosecurity-Magazine.com

The European Union could soon consider a proposal that would give law enforcement the ability to engage in “offensive hacking,” i.e., compromise private infrastructure and systems to gather information via spyware, delete data or even take servers offline completely when there is probable cause to suspect cybercriminal activity.

Legislation [PDF] has already been introduced to the Dutch Parliament that seeks to implement this approach, along with a provision that allows for police to “hack back” at bad actors in foreign nations too. In addition, it could allow police to force suspects – outside of a court order – to decrypt data when asked.

May
16

Chinese military unit said to resume cyber spying

From: Los Angeles Times

By Ken Dilanian

WASHINGTON — A Chinese military unit that a private U.S. computer security company accused of launching more than 115 cyber attacks against American companies over seven years has resumed hacking after a three-month hiatus, the firm’s chief security officer said Wednesday.

The clandestine army unit, known as Unit 61398, “went quiet for a while — they changed the nature of their activities, they removed some of the tools that they had been using inside of different companies,” said Richard Bejtlich of Mandiant, which specializes in defending companies from cyber attacks and purging malware from computer networks that have been breached.

May
15

Fragmented legal frameworks hindering ‘m-health’ innovations in EU, says expert

From: Out-Law.com

Major companies are holding back on developing new technology to help with the provision of health care and services as a result of legal barriers in the EU, an expert has said.

Technology law specialist Matthew Godfrey-Faussett of Pinsent Masons, the law firm behind Out-Law.com, said that inconsistent regulation across different EU countries may be hindering innovations in electronic health (e-health), and in particular, mobile health (m-health).

M-health is a broad term that refers to the practice of using mobile technology to deliver services in the health sector. The applications vary widely, from engaging in patient records management through tablet devices, to recording patients’ heart rate, glucose or blood oxygen levels remotely through applications available on smartphones, to providing medical interventions and diagnostics.

May
15

EU threatens trade duties against China’s Huawei, ZTE – sources

From: Reuters

Ethan Bilby

BRUSSELS (Reuters) – The European Commission plans to send a formal warning to China that it is ready to levy trade duties against telecoms equipment makers Huawei Technologies Co Ltd and ZTE Corp over what it says are illegal subsidies, people close to the matter said.

EU trade chief Karel De Gucht is set to win support from the bloc’s executive on Wednesday to send the warning letter and show China’s new president, Xi Jinping, that Brussels is serious about countering what it says is state support.

May
14

Regulator to accelerate education drive for data reforms

Editor’s Note:  Europe’s experiences in regulating online privacy and security hold important lessons for US officials grappling with similar policy issues.  Europe’s experiences also highlight that governments on both sides of the Atlantic would benefit from coordinating the development of their cyber security regulatory regimes.

From: Marketing Week

By Russell Parsons

The UK’s data regulator is to step up efforts to educate the marketing community on changes to data protection laws after a report found widespread uncertainty about the impact of the pan-European proposals.

May
14

Common position of EU data protection authorities on the limitation of purposes for personal data processing

From: NautaDutilh

Vincent Wellens, Julien Hick and Jacqueline van Essen

Neither too general so as to be meaningless, nor too specific so as to be overly rigid”

On 2 April 2013, the Article 29 Working Party (“WP”), an advisory body composed of representatives of the European Commission, the EU data protection supervisor and the data protection authorities of all EU Member States, issued Opinion 03/2013 on Purpose Limitation (“Opinion”). The Opinion seeks to clarify the purpose limitation principle of Article 6(1)(b) of Data Protection Directive 95/46/EC (“DPD”) which, with a view to protecting data subjects from unexpected and excessive processing, sets a limit on the processing that a data controller may carry out in relation to personal data collected. The principle dictates that the purposes of the processing must be “specified, explicit and legitimate” and that any further processing cannot take place “in a way incompatible with those purposes”.

May
14

Banks must innovate around IT-security regulatory hurdles: NAB

From: CSO (Australia)

David Braue

udget and ROI requirements, tempered by increasingly tight privacy and regulatory controls, are forcing companies to consider new approaches to data-security protections, the head of IT security for the National Australia Bank (NAB) has advised.

Speaking to attendees at the recent Evolve 2013 security conference, Andrew Dell, head of IT Security Services Operations within the bank’s NAB Technology division, said the need to deliver cost-effective security solutions was pushing it to favour economies of scale in security planning. “If we want to fund a new security methodology we’ve typically had to put together a business case,” he explained. “It really is a complex piece of work for us to identify where we want to apply our funding to get a holistic defence.”

Older posts «