A company that operates facial recognition systems in China has exposed the personal information of 2.5 million people after leaving a database unprotected, it has emerged.
It was discovered by Dutch cybersecurity researcher Victor Gevers, who works for the GDI Foundation, a non-profit dedicated to reporting security issues. He tweeted: “There is this company in China named SenseNets. They make artificial intelligence-based security software systems for face recognition, crowd analysis, and personal verification. And their business IP and millions of records of people tracking data is fully accessible to anyone.”
Editor’s Note: Regulation in action.
Author: Emily Dreyfuss
As democracies around the world struggle to hold back the rising tide of authoritarianism, a similar crisis is unfolding online. Three factors converged this year to make 2018 the eighth straight year that global internet freedom declined, according to an annual report from the nonprofit Freedom House: increasing censorship in response to disinformation, the widespread collection of personal data, and a growing group of countries emulating China’s model of digital authoritarianism.
From: Oil and Gas Middle East
Attivo Networks shares its predictions for MENA cybersecurity in 2019
In 2018, organisations in the Middle East invested heavily in multiple solutions to build and strengthen their cyber defenses. This trend will continue in 2019 as well, as organisations steadily increase their cybersecurity investments. According to Gartner, the Middle East and North Africa (MENA) spending on enterprise information security technology and services is expected to reach $1.9bn in 2019, an increase of 9.8% over 2018. In view of this, Ray Kafity, Vice President, Middle East, Turkey & Africa at Attivo Networks, shares his predictions on top cybersecurity concerns and the kinds of threats that will put these investments to test (all below quotes attributed to Ray Kafity).
From: The Register
While announcing new pilot project with antisocial network
French president Emmanuel Macron has insisted that new laws are needed to limit and protect online content and the internet itself.
Speaking at the opening ceremony of the annual Internet Governance Forum (IGF) in Paris, Macron made repeated calls for additional regulation, and complained about the “false alternative” of self-regulation or government control.
Editor’s Note: Shades of Ashley Madison?
The rollout of legal weed in Ontario is now beset by potential privacy issues.
On Wednesday, the Ontario Cannabis Store (OCS) revealed the security incident on Twitter, saying that an unnamed individual was able to access the order records of 4,500 customers, or roughly two percent of the firm’s customer base.
The compromised information included names or the initials of nominated signatories, postcodes, dates of delivery, OCS reference numbers, Canada Post tracking numbers, and OCS corporate names and business addresses.
Experts say rules don’t go far enough
New privacy rules designed to better safeguard the personal data of Canadians and let them know when it has been breached kick in Thursday, but even security experts say they are far from perfect.
The legislation, known as the Personal Information Protection and Electronic Documents Act (or PIPEDA) does a lot of things, but most importantly from a consumer’s perspective, it requires Canadian companies to alert their customers any time their personal information may have fallen into the wrong hands.
The government regulator has reportedly embedded the technology into a system dubbed “Yael,” used to deliver messages and other information to entities that fall under ISA oversight.
By Nele Achten
In February 2018, the German government’s network was attacked. Germany did not specify what kind of information was accessed by the foreign hackers, but it is publicly known that the hackers successfully attacked the IT system of the Ministry of Foreign Affairs. On March 18, 2018, the Head of the Federal Chancellery and Federal Minister for Special Tasks, Helge Braun, issued a public statement about this attack and explained that the government would examine the possibilities of cyber counterattacks. His statement heated the political debate about cybersecurity and parliamentary opposition groups raised concerns and questions in official inquiries to the federal government on March 23, May 4 and May 7. The questions covered many topics ranging from Russia’s potential influence on the domestic political debate to facts about specific cyber attacks to the domestic institutional framework for cyber defense to attribution and the international legal framework.
On August 14, 2018, Law No. 13,709 (LGPD – Lei Geral de Proteção de Dados) was enacted, creating a personal data protection legal framework in Brazil. The LGPD is influenced by the EU General Data Protection Regulation (GDPR); individuals, private entities and public authorities are affected by its provisions.
From: The Conversation
Sarah Logan, Research Fellow, UNSW
Did you ever go to your local show as a child? Remember that infuriating game where to win you had to hit every mole which popped its head out of a hole? I imagine Australia’s government feels like it’s playing whack-a-mole in regulating Chinese information and communications technology right now.
A clearer policy on regulating information and communications technology in the context of national security threats may help. Though in this version of the game, the stakes are rather higher than cheap toys at the local show.