China Facial Recognition Database Leak Sparks Fears Over Mass Data Collection

From: Forbes

Kate O’Flaherty

A company that operates facial recognition systems in China has exposed the personal information of 2.5 million people after leaving a database unprotected, it has emerged.

It was discovered by Dutch cybersecurity researcher Victor Gevers, who works for the GDI Foundation, a non-profit dedicated to reporting security issues. He tweeted: “There is this company in China named SenseNets. They make artificial intelligence-based security software systems for face recognition, crowd analysis, and personal verification. And their business IP and millions of records of people tracking data is fully accessible to anyone.”

Read Complete Article

The Internet Became Less Free in 2018. Can We Fight Back?

Editor’s Note: Regulation in action.

From: Wired

Author: Emily Dreyfuss

As democracies around the world struggle to hold back the rising tide of authoritarianism, a similar crisis is unfolding online. Three factors converged this year to make 2018 the eighth straight year that global internet freedom declined, according to an annual report from the nonprofit Freedom House: increasing censorship in response to disinformation, the widespread collection of personal data, and a growing group of countries emulating China’s model of digital authoritarianism.

MENA companies will spend $1.9bn on cybersecurity in 2019

From: Oil and Gas Middle East

Attivo Networks shares its predictions for MENA cybersecurity in 2019

Carla Sertin

In 2018, organisations in the Middle East invested heavily in multiple solutions to build and strengthen their cyber defenses. This trend will continue in 2019 as well, as organisations steadily increase their cybersecurity investments. According to Gartner, the Middle East and North Africa (MENA) spending on enterprise information security technology and services is expected to reach $1.9bn in 2019, an increase of 9.8% over 2018. In view of this, Ray Kafity, Vice President, Middle East, Turkey & Africa at Attivo Networks, shares his predictions on top cybersecurity concerns and the kinds of threats that will put these investments to test (all  below quotes attributed to Ray Kafity).

French president Macron insists new regulations needed to protect us all from Facebook’s claws

From: The Register

While announcing new pilot project with antisocial network

Read Complete Article

Canada Post leaked personal data, orders of thousands of cannabis smokers

Editor’s Note: Shades of Ashley Madison?

From: ZDNet

The rollout of legal weed in Ontario is now beset by potential privacy issues.

By for Zero Day

On Wednesday, the Ontario Cannabis Store (OCS) revealed the security incident on Twitter, saying that an unnamed individual was able to access the order records of 4,500 customers, or roughly two percent of the firm’s customer base.

The compromised information included names or the initials of nominated signatories, postcodes, dates of delivery, OCS reference numbers, Canada Post tracking numbers, and OCS corporate names and business addresses.

New privacy rules will force Canadian companies to disclose data breaches

From: CBC

Experts say rules don’t go far enough

New privacy rules designed to better safeguard the personal data of Canadians and let them know when it has been breached kick in Thursday, but even security experts say they are far from perfect.

The legislation, known as the Personal Information Protection and Electronic Documents Act (or PIPEDA) does a lot of things, but most importantly from a consumer’s perspective, it requires Canadian companies to alert their customers any time their personal information may have fallen into the wrong hands.

Read Complete Article

Israel Securities Authority Turns to Blockchain for Improving Cybersecurity

From: cointelegraph

By Marie Huillet

The Israel Securities Authority (ISA) has started to use blockchain to improve the cybersecurity of its messaging system, online newspaper Times of Israel reports today, October 3.

The government regulator has reportedly embedded the technology into a system dubbed “Yael,” used to deliver messages and other information to entities that fall under ISA oversight.

Read Complete Article

Germany’s Position on International Law in Cyberspace

From: Lawfare

By Nele Achten

In February 2018, the German government’s network was attacked. Germany did not specify what kind of information was accessed by the foreign hackers, but it is publicly known that the hackers successfully attacked the IT system of the Ministry of Foreign Affairs. On March 18, 2018, the Head of the Federal Chancellery and Federal Minister for Special Tasks, Helge Braun, issued a public statement about this attack and explained that the government would examine the possibilities of cyber counterattacks. His statement heated the political debate about cybersecurity and parliamentary opposition groups raised concerns and questions in official inquiries to the federal government on March 23, May 4 and May 7. The questions covered many topics ranging from Russia’s potential influence on the domestic political debate to facts about specific cyber attacks to the domestic institutional framework for cyber defense to attribution and the international legal framework.

The Brazilian Data Protection Legal Framework

From: Mondaq

Article by Simone Lahorgue Nunes, Daniel Tardelli Pessoa, Allan Nascimento Turano, Júlio César Ferro and Rodrigo Dias | Levy & Salomao Advogados


On August 14, 2018, Law No. 13,709 (LGPD – Lei Geral de Proteção de Dados) was enacted, creating a personal data protection legal framework in Brazil. The LGPD is influenced by the EU General Data Protection Regulation (GDPR); individuals, private entities and public authorities are affected by its provisions.

Whacking the mole: how Australia scrambles to regulate Chinese technology

From: The Conversation

, Research Fellow, UNSW

Did you ever go to your local show as a child? Remember that infuriating game where to win you had to hit every mole which popped its head out of a hole? I imagine Australia’s government feels like it’s playing whack-a-mole in regulating Chinese information and communications technology right now.

A clearer policy on regulating information and communications technology in the context of national security threats may help. Though in this version of the game, the stakes are rather higher than cheap toys at the local show.

Read Complete Article