Download free GDPR compliance checklist!

Tag Archives for " security "

Crypto-Security – the Good, the Bad, and the McAfee

If you’ve been following the news over the past few days then you might have noticed our coverage on reported acquisition of unauthorised hacker access to the recently released Bitfi hardware wallet.

There is a burning need for a standardization of security expectations and delivery across different areas of the industry – with a focus on preventing all risks to investors and the public with regards to funds and data sanctity.

Read article: Op-Ed: Crypto-Security – the Good, the Bad, and the McAfee

5 Lessons Learned on Data Breach Management

The GDPR mandates controllers and processors to have technical and organizational measures in place to ensure an appropriate level of security for personal data. They should have the ability to detect, address and report data breaches in a timely manner. Many internal procedures were drafted in anticipation of the entry into force of the GDPR. Now, two months after GDPR Day, here are five lessons learned from data breach management, as, yes, numerous personal data breaches have occurred since then, of which authorities were notified, in pretty significant numbers and in a variety of sectors.

Read article: 5 Lessons Learned on Data Breach Management after 2 Months of GDPR: Friday Is Calling – Publications – Mayer Brown

Facial recognition system to be used in 2020 Tokyo Olympics

A facial recognition system will be used across an Olympics for the first time as Tokyo organizers work to keep security tight and efficient at dozens of venues during the 2020 Games. The NeoFace technology developed by NEC Corp. will be customized to monitor every accredited person – including athletes, officials, staff and media – at more than 40 venues, games villages and media centres.

Source: Facial recognition system set to be used in Olympic security | CTV News

Nice is building “safe city”, rising privacy concerns

After terrorist attack of July 14, 2016, French city of Nice has turned itself into a testing ground for surveillance technology. Growing opposition to cutting-edge security highlights how the use of systems like facial recognition and artificial intelligence to fight crime is on a collision course with advocates of data privacy.

Read full article: Two Years Ago Terror Struck. Now They’re Unsure of the Response – Bloomberg

Use of facial-imaging software for anti-fraud measures is legal, Minister says

The use of facial imaging software by the Irish Department of Employment Affairs and Social Protection to detect potential identity fraud is “compliant with the law”, Minister for Employment Affairs and Social Protection Regina Doherty has said responding to parliamentary questions.

The Minister said the EU regulation “clarifies that the processing of certain personal data, such as photographs, should not systematically be considered as biometric data unless such personal data is processed through a specific technical means allowing the unique identification or authentication of a natural person”.

Source: Use of facial-imaging software for anti-fraud measures is legal, Minister says

Thermostats, Locks and Lights: Digital Tools of Domestic Abuse

Internet-connected home devices that are marketed as the newest conveniences are also being used to harass, monitor and control. Abusers — using apps on their smartphones, which are connected to the internet-enabled devices — would remotely control everyday objects in the home, sometimes to watch and listen, other times to scare or show power. Victims feel like they are loosing their home.

The gadgets can be disabled through reset buttons and changing a home’s Wi-Fi password, but their makers said there was no catchall fix. Making it easy for people to switch who controls the account of a smart home product can inadvertently also make access to the systems easier for criminal hackers.

Source: Thermostats, Locks and Lights: Digital Tools of Domestic Abuse – The New York Times

Implementing appropriate security under the GDPR

Security of processing is a foundational principle of the GDPR. Under Article 5(1)(f), personal data shall be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).”

Read full article: Implementing appropriate security under the GDPR

London cops’ facial recognition doesn’t work

London cops’ facial recognition kit has only correctly identified two people to date – neither of whom were criminals – and the UK capital’s police force has made no arrests using it. Police’s automated facial recognition (AFR) technology has a 98 per cent false positive rate.

Source: Zero arrests, 2 correct matches, no criminals: London cops’ facial recog tech slammed • The Register

Why a DNA data breach is much worse than a credit card leak

Why would hackers want DNA information specifically? And what are the implications of a big DNA breach? One simple reason is that hackers might want to sell DNA data back for ransom. Or hackers could threaten to revoke access or post the sensitive information online if not given money.  But there are reasons genetic data specifically could be lucrative.

“This data could be sold on the down-low or monetized to insurance companies. You can imagine the consequences: One day, I might apply for a long-term loan and get rejected because deep in the corporate system, there is data that I am very likely to get Alzheimer’s and die before I would repay the loan.”

Source: Why a DNA data breach is much worse than a credit card leak – The Verge