Free tools and resources for Data Protection Officers!

Tag Archives for " security "

Using Wi-Fi to “see” behind closed doors is easier than anyone thought

With nothing but a smartphone and some clever computation, researchers can exploit ambient signals to track individuals in their own homes. They do this by measuring the change in the signal strength as they walk around outside the target building or room. Indeed, they have created an app that uses the smartphone’s built-in accelerometers to record this movement and then analyzes the change in signal strength as they move. In that way, it is possible to number-crunch the position of the transmitter, even in the presence of numerous reflections and distortions.

Source: Using Wi-Fi to “see” behind closed doors is easier than anyone thought – MIT Technology Review

Schools are using AI to track their students

Any US school that receives federal funding is required to have an internet-safety policy. As school-issued tablets and Chromebook laptops become more commonplace, schools must install technological guardrails to keep their students safe.

While some simply block inappropriate websites, others turn to Safety Management Platforms (SMPs) that use natural-language processing to scan through the millions of words typed on school computers. If a word or phrase might indicate bullying or self-harm behavior, it gets surfaced for a team of humans to review. But even in an age of student suicides and school shootings, when do security precautions start to infringe on students’ freedoms?

Source: Schools are using AI to track their students — Quartz

Apple to US Congress: “We are radically different” on privacy

Apple has responded to a letter from Congress asking it to detail its data security and privacy issues, saying that it is radically different from other tech firms. The letter was sent a month ago, actually, there were two; one was sent by the House Committee on Energy and Commerce to the Apple CEO, Tim Cook, the other to Alphabet CEO Larry Page.

Source: Apple to US Congress: “We are radically different” on privacy

Crypto-Security – the Good, the Bad, and the McAfee

If you’ve been following the news over the past few days then you might have noticed our coverage on reported acquisition of unauthorised hacker access to the recently released Bitfi hardware wallet.

There is a burning need for a standardization of security expectations and delivery across different areas of the industry – with a focus on preventing all risks to investors and the public with regards to funds and data sanctity.

Read article: Op-Ed: Crypto-Security – the Good, the Bad, and the McAfee

5 Lessons Learned on Data Breach Management

The GDPR mandates controllers and processors to have technical and organizational measures in place to ensure an appropriate level of security for personal data. They should have the ability to detect, address and report data breaches in a timely manner. Many internal procedures were drafted in anticipation of the entry into force of the GDPR. Now, two months after GDPR Day, here are five lessons learned from data breach management, as, yes, numerous personal data breaches have occurred since then, of which authorities were notified, in pretty significant numbers and in a variety of sectors.

Read article: 5 Lessons Learned on Data Breach Management after 2 Months of GDPR: Friday Is Calling – Publications – Mayer Brown

Facial recognition system to be used in 2020 Tokyo Olympics

A facial recognition system will be used across an Olympics for the first time as Tokyo organizers work to keep security tight and efficient at dozens of venues during the 2020 Games. The NeoFace technology developed by NEC Corp. will be customized to monitor every accredited person – including athletes, officials, staff and media – at more than 40 venues, games villages and media centres.

Source: Facial recognition system set to be used in Olympic security | CTV News

Nice is building “safe city”, rising privacy concerns

After terrorist attack of July 14, 2016, French city of Nice has turned itself into a testing ground for surveillance technology. Growing opposition to cutting-edge security highlights how the use of systems like facial recognition and artificial intelligence to fight crime is on a collision course with advocates of data privacy.

Read full article: Two Years Ago Terror Struck. Now They’re Unsure of the Response – Bloomberg

Use of facial-imaging software for anti-fraud measures is legal, Minister says

The use of facial imaging software by the Irish Department of Employment Affairs and Social Protection to detect potential identity fraud is “compliant with the law”, Minister for Employment Affairs and Social Protection Regina Doherty has said responding to parliamentary questions.

The Minister said the EU regulation “clarifies that the processing of certain personal data, such as photographs, should not systematically be considered as biometric data unless such personal data is processed through a specific technical means allowing the unique identification or authentication of a natural person”.

Source: Use of facial-imaging software for anti-fraud measures is legal, Minister says

Thermostats, Locks and Lights: Digital Tools of Domestic Abuse

Internet-connected home devices that are marketed as the newest conveniences are also being used to harass, monitor and control. Abusers — using apps on their smartphones, which are connected to the internet-enabled devices — would remotely control everyday objects in the home, sometimes to watch and listen, other times to scare or show power. Victims feel like they are loosing their home.

The gadgets can be disabled through reset buttons and changing a home’s Wi-Fi password, but their makers said there was no catchall fix. Making it easy for people to switch who controls the account of a smart home product can inadvertently also make access to the systems easier for criminal hackers.

Source: Thermostats, Locks and Lights: Digital Tools of Domestic Abuse – The New York Times

Implementing appropriate security under the GDPR

Security of processing is a foundational principle of the GDPR. Under Article 5(1)(f), personal data shall be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).”

Read full article: Implementing appropriate security under the GDPR

1 2 3 22
>