fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " encryption "

Deidentification versus anonymization

Anonymization is hard. Just like cryptography, most people are not qualified to build their own.

Unlike cryptography, the research is far earlier-stage, and the pre-built code is virtually unavailable. That hasn’t stopped people from claiming certain datasets (like this ) are anonymized and (sadly) having them re-identified.

Full article: Deidentification versus anonymization

Germany mulls giving end-to-end chat app encryption

Government officials in Germany are reportedly mulling a law to force chat app providers to hand over end-to-end encrypted conversations in plain text on demand.

Ministry of the Interior wants a new set of rules that would require operators of services like WhatsApp, Signal, Apple iMessage, and Telegram to cough up plain-text records of people’s private enciphered chats to authorities that obtain a court order.

Source: Germany mulls giving end-to-end chat app encryption das boot: Law requiring decrypted plain-text is in the works • The Register

Big Tech condemn GCHQ proposal to listen in on encrypted chats

An international coalition of civic society organizations, security and policy experts and tech companies — including Apple, Google, Microsoft and WhatsApp — has penned a critical slap-down to a surveillance proposal made last year by the UK’s intelligence agency, warning it would undermine trust and security and threaten fundamental rights.

GCHQ’s idea for a so-called ‘ghost protocol’ would be for state intelligence or law enforcement agencies to be invisibly CC’d by service providers into encrypted communications — on what’s billed as targeted, government authorized basis.

If implemented, it will undermine the authentication process, introduce potential unintentional vulnerabilities, and increase risks that communications systems could be abused or misused. Users won’t be able to trust that their communications are secure, thereby posing threats to fundamental human rights, including privacy and free expression.

Source: Apple, Google, Microsoft, WhatsApp sign open letter condemning GCHQ proposal to listen in on encrypted chats | TechCrunch

Irish data regulator looking into Facebook password gaffe

Ireland’s Data Protection Commission (DCP) has confirmed it’s looking into the hundreds of millions of passwords that Facebook stored without encryption.

The social network notified the regulator that user passwords for Facebook, Facebook Lite and Instagram were stored in plain text in the company’s internal servers.

Source: Irish data regulator looking into Facebook password gaffe | IT PRO

HTTPS Isn’t Always as Secure as It Seems

A surprising number of high-traffic sites have TLS vulnerabilities that are subtle enough for the green padlock to still appear.

Transport Layer Security, or TLS, encrypts data between your browser and the web servers it communicates with to protect your travel plans, passwords, and Google searches from prying eyes. But new findings from researchers at Ca’ Foscari University of Venice in Italy and Tu Wien in Austria indicate that a surprising number of encrypted sites still leave these connections exposed.

Source: HTTPS Isn’t Always as Secure as It Seems | WIRED

Silicon Valley – Not Governments – Will Kill Encryption

It is Silicon Valley that will roll back the protections of encryption, not for the needs of governments to combat terrorists and criminals, but for their own profit-minded needs to continue mining, monetizing and manipulating their users.

The growing popularity of end-to-end encryption threatens to upend this uneasy truce between digital security and the ability of web companies to mine our personal data.

Full article: Silicon Valley – Not Governments – Will Kill Encryption

Facebook Promises Encrypted Messaging, but You Don’t Need to Wait

Facebook Messenger may offer end-to-end encryption, eventually, but Facebook can still use the service to collect your data. And you already have other choices for secure messaging. Consumer Reports has the details.

Full article: Facebook Promises Encrypted Messaging, but You Don’t Need to Wait – Consumer Reports

Is encrypted data personal data under the GDPR?

As businesses across the world have begun adjusting to life under the EU General Data Protection Regulation, an important question continues to crop up: Should encrypted data be treated as personal data?

The answer to this question has significant ramifications for the modern e-commerce world. At its most basic, encryption is a way of protecting the privacy of your data.

Full article: Is encrypted data personal data under the GDPR?

Zuckerberg posts Facebook mission statement on privacy and encryption

On Wednesday, Facebook CEO Mark Zuckerberg published a more-than-3,000-word blog post that seems to declare a major shift in Facebook’s strategy.

In it, he says he believes that “a privacy-focused communications platform will become even more important than today’s open platforms.” Zuckerberg explains that he wants Facebook to build a privacy-focused messaging and social networking platform.

Source: Zuckerberg: Facebook will shift focus to private networks instead of open ones | Ars Technica

Firms are focusing data encryption efforts in the wrong place

Businesses urgently need to review data storage infrastructures if they are to remain confident that they are meeting compliance regulations. Historically, companies have been concerned that it would be those outside the organisation who would be a threat to data security.

Full article: Firms are focusing data encryption efforts in the wrong place

1 2 3 10
>