ACI-001 Online Ad Campaign r7_response 728x90
ACI-001 Online Ad Campaign r7_CPO 728x90_15_05_04
PPC_CIPM_300x250.FINAL-01

PrivacyTraining_ad300x250.Promo1-01

(Apr 30, 2015) Greetings from Brussels. Early next week, I will be attending my first IAPP European KnowledgeNet meeting, which is being held in London. The meeting is a sell-out with over 120 registrants, so it promises to be a great event for all those in attendance. The program will focus on two themes, the first being “the growing importance of the fundamental rights to privacy and the protection of personal data.” UK Deputy Information Commissioner David Smith and Anya Proops, a London-based Barrister... Read More

Europe Data Protection Digest

Commission To Discuss Encryption; Allan Discusses Regulatory Concerns

(Apr 30, 2015) The European Commission will host meetings between technology companies and law enforcement agencies to discuss concerns that encryption technologies are helping terrorists and criminals. Separately, last week at the RSA Conference, privacy executives from leading tech companies suggested U.S. privacy protections are stronger than those in the EU. And EDPS Giovanni Buttarelli's comments on privacy and security not being mutually exclusive are detailed in a report from The Register. Meanwhile, Fa... Read More

Europe Data Protection Digest

Helen Dixon on Her Data Protection Priorities

(Apr 30, 2015) Irish Independent examines the priorities and concerns of Irish Data Protection Commissioner Helen Dixon in a Q&A. “I’ve heard this phrase before about companies sucking up with a Hoover the personal data of European citizens,” she said. “These are very emotive ways of describing what’s happening. Issues around how society is evolving in terms of uses of social media and online behavioural advertising are issues that won’t be resolved by regulators on their own,” Dixon also pointed out, adding, “They are political issues to some extent, they’re issues for society.” Dixon notes she has “a very positive relationship” with the other European regulators, noting “We have good cooperation with them.” Read More

Europe Data Protection Digest

CBP Publications Being Blocked in Court

(Apr 30, 2015) The Dutch Data Protection Authority, the CBP, is increasingly finding that organizations are going to court to stop its publications, NL Times reports. CBP President Jacob Kohnstamm is seeking an obligation for investigations to be published. “At this moment alone there are four cases in court. It creates a lot of pressure on our legal department. An obligation to publish would be a helping hand,” he said, noting such transparency could help raise awareness about data collection. “Businesses and governments increasingly do profiling,” he said, adding, “But we are not always aware of it. If I steal a purse, you will see it. If I steal data, it is not so visible.” Read More

Europe Data Protection Digest

MEPs Approve Mandatory Emergency Call Devices in Cars

(Apr 30, 2015) Members of the European Parliament (MEP) have agreed to back a proposal to mandate emergency calling devices in new vehicles beginning in 2018, The Irish Times reports. The system could prevent up to 10 percent of road deaths, according to the report, and will be free and automatically call an emergency number if the vehicle crashes. There were some data privacy concerns, but according to MEP Olga Sehnalová, the final draft met those concerns. She said MEPs “want a system that remains neutral in terms of normal operational activity and ensures that any information serves solely the purpose of saving human lives,” adding any other use of the data “would require the express authorization of the person concerned.” Read More

Europe Data Protection Digest

Could There Be a New Approach to BYOD?

(Apr 30, 2015) “Bring Your Own Device (BYOD), while well-intentioned, can make IT managers, CIOs and, especially, employees want to pull their hair out,” writes ZixCorp Chief Technology Officer Nigel Johnson. In this post for Privacy Tech, Johnson discusses the tension between employee privacy and employer security and how a new BYOD architecture can provide a solution to both issues. “There’s a better way,” Johnson writes. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Challenge: Starting Up a Privacy Program

(Apr 30, 2015) For new chief privacy officers (CPOs) challenged with creating privacy programs, step one is, of course, developing an internal policy. But policies themselves do not create the "culture of privacy" that is essential to a successful privacy program. In part two of this quarterly series for The Privacy Advisor, TeleSign CPO Stephen Bolinger, CIPP/E, CIPP/G, CIPP/US, CIPM, who spent years at tech giant Microsoft, shares some of the strategic and tactical decisions he has made along the way as a first-time CPO at a start-up, including how to create the privacy pros you need to help you get the job done. Editor’s Note: There’s more on building a privacy program in the IAPP Resource Center. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

RSA Survey Looks at Breach Responsibility

(Apr 30, 2015) Infosecurity Magazine reports on a new Tripwire survey gleaned from last week’s RSA Conference that found 41 percent of the 250 attendees said the “CIO, CISO or CSO” would be held responsible for a breach of an organization’s critical infrastructure while 35 percent believe they “should” be held responsible. “Cybersecurity liability is difficult to assign because you have to determine who knew about the risks, and then you have to figure out what they did, or did not do about them,” said Tripwire Senior Security Analyst Ken Westin, adding, “If the CEO is made aware of security risks and does not provide the resources or plans to fix them, they own some of the responsibility.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Facebook API Will No Longer Share Friends’ Data

(Apr 29, 2015) In a move that is pleasing many of its users, Facebook is shutting down its API that lets users share their friends’ data to third-party apps, TechCrunch reports. Facebook had already disallowed apps developed after April 20, 2014 to do so, and, starting this week, no apps will share data in such a way. A Facebook spokesperson said, “if people don’t feel comfortable using Facebook and specifically logging in Facebook and using Facebook in apps, we don’t have a platform, we don’t have developers.” Facebook came to the decision after extensive research and interviewing users, concluding users would feel better with more control over their data. The spokesperson said when users are confident, “they feel happier and use our stuff more, and that’s what we’re trying to achieve.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Survey: Breaches Spark CEO, Board Conversations

(Apr 29, 2015) A survey of 100 RSA Conference attendees found that 69 percent of their CEOs or boards of directors had queried their security teams regarding specific security policies in the wake of recent high-profile breaches, eSecurity Planet reports. “As more information is disclosed and media follow every detail of mega breaches, there’s an incredible amount to learn," said Netskope CEO and Cofounder Sanjay Beri. Almost two-thirds of respondents to the Netskope survey said they’ve either changed or plan to change cloud-specific security methods since the Anthem breach. “I’m encouraged knowing that recent high-profile data breaches have incited conversations between board-level decision-makers and security teams and action is being taken to prevent similar breaches,” Beri said. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest