ACI_Q2_Ads_disaster-728x90
BNA_15349_Privacy_Law_Asia_wp_ad_680x75_Ldbd
ACI_Q2_Ads_battletested-728x90
PrivacyTraining_ad300x250.Promo1-01
TRUSTe_Webcon_TE_300x250_ad_June_2015-01
PSR15_300x250_ad-UPDATED-6-15-FINAL

(Jun 30, 2015) In the last post of this series on effective and efficient vendor management for The Privacy Advisor, K Royal, CIPP/E, CIPP/US, closes with an overview to help you do due diligence holistically. The checklist includes everything from risk assessment prior to hiring a third-party vendor to terminating a contract with one. “Take a look through this recap and mark where you're doing well and where you could use some improvements,” Royal writes. Miss any of the earlier chapters in this series? Find them here in the IAPP Resource Center. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Uniting Privacy and Customization

(Jun 30, 2015) “Computer scientists and legal experts from Trinity College Dublin and SFI's ADAPT centre are working to marry two of cyberspace's greatest desires” via “Privacy Paradigm,” an online privacy system that aims to both customize and protect data on popular sites and apps “so that users signing up would know exactly how private, or otherwise, their personal information would be,” Phys.org reports. “It's a grand target we're setting ourselves and the research is ongoing,” said Trinity Prof. Owen Conlan, “but the big-picture vision is to make the way online services use our personal—and often privacy-sensitive—information as transparent and easy to understand and manipulate as possible for ordinary users.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Entrepreneurs, MIT Reveal “Un-Decryptable” Prototype

(Jun 30, 2015) Two Bitcoin entrepreneurs and the MIT Media Lab have revealed a prototype for a system called Enigma, which allows data to be encrypted in a way that it “can be shared with a third party and used in computations without it ever being decrypted,” Wired reports. Enigma would allow untrusted computers to “accurately run computations on sensitive data without putting the data at risk of hacker breaches or surveillance,” the report states. “The actual data is never revealed, neither to the outside nor to the computers running the computations inside,” said MIT Media Lab’s Guy Zyskind, one of Enigma’s co-creators. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Study Finds VPNs Exposing Personal Data

(Jun 30, 2015) V3 reports that 11 out of 14 virtual private network (VPN) providers are exposing personal information through a vulnerability linked to IPv6, according to a study by the UK’s Queen Mary University in London. Since the Snowden revelations, VPN providers have seen an increase in users, the report states, with those users often seeking to avoid mass surveillance or to circumvent censorship. "There are a variety of reasons why someone might want to hide their identity online, and it's worrying that they might be vulnerable despite using a service that is specifically designed to protect them," said Gareth Tyson, co-author of the study. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Bitcoin’s Future Dependent on Emerging Rules

(Jun 29, 2015) Virtual currencies (VCs) are gaining the attention of regulatory bodies worldwide because they're growing in acceptance by retailers and consumers alike. The U.S. Internal Revenue Service, which subjects VC transactions to income tax liability for gains in value, just like property, is one of those regulatory bodies. But it's at the state, national and supra-national levels where authorities are starting to set out rules. One of those emerging rules, and the responses its generated from VC companies and industry forums, will impact the privacy and data protection of VC users, writes Thomas Shaw, CIPP/E, CIPP/US, in this exclusive for The Privacy Advisor. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Web Conference: For Security, Are Passwords a Thing of the Past?

(Jun 29, 2015) Are passwords really dead as a security measure? And if they are, what is the future of authentication and identity management? On Thursday, July 16, from 1 to 2:30 p.m., the IAPP will host a web conference on new and better methods beyond the password—including biometrics and federated identity management. In “Beyond the Password: Modern Online Authentication,” Christopher Pearson, CIPP/G, CIPP/US, general counsel and chief security officer at Viewpost, and James Shreve, CIPP/US, CIPT, attorney at BuckleySandler, will discuss innovative solutions like SQRL and what the future of authentication may hold. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Roundup: The EU, U.S., Canada, Qatar and More

(Jun 29, 2015) This week’s Privacy Tracker weekly legislative roundup includes a report on Qatar’s Ministry of Information and Communications Technology’s plans to introduce a digital privacy law, as well as information on Argentina’s Personal Data Protection Authority’s new rule, which includes guidance on complying with the Personal Data Protection Law. Plus, read about the latest legislative developments in the U.S., including how the passage of the USA FREEDOM Act may impact cross-border data transfers, and in Canada, where the Digital Privacy Act has received Royal Assent. And read about when you can expect guidelines on data protection enforcement in the EU. (IAPP member login required.) Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Bevy of Surveys Indicate Data Protection Woes

(Jun 29, 2015) An Online Alliance survey of 1,000 company sites indicates 46 percent “were found vulnerable to known online security threats,” finding a specific trend of weakness in Internet of Things sites, ITProPortal reports. These results come on the heels of an additional SANS Institute report suggesting, “Financial services organizations are still being breached too often, most frequently by those with insider access,” with 46 percent of respondents citing “abuse or misuse by internal employees or contr... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Is Data Mining Misunderstood?

(Jun 29, 2015) Data mining is less about privacy infringement and more about analyzing information, a distinction that Apple CEO Tim Cook missed in a recent address, Data Mining for Dummies author Meta Brown writes for Forbes. “Data mining is merely a form of data analysis. It’s an adaptation of statistical analysis designed to enable non-statisticians to analyze data in a quick and informal way,” she said. “And there’s the real key to privacy. The central privacy issue is not data mining, nor any other form o... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Churches Using Facial Recognition To Monitor Attendance

(Jun 29, 2015) Churches are joining the widening group of entities using facial-recognition software to track people, RT reports. In four months, approximately 30 churches around the world have started using a facial-recognition software called Churchix, according to Moshe Greenshpan, the CEO of Face-Six, which sells the technology. Churchix uses CCTV footage or photos to match churchgoers against a database of high-resolution pictures collected by a church. It can be used to monitor attendance, alert church officials if members stop coming to services or screen for people banned from the church, the report states. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest