Tag Archives for " US "

Is a Service Provider’s Privacy Shield Certification Good Enough?

The GDPR imposes two requirements when a company (referred to in the GDPR as a “data controller”) uses a service provider (referred to in the GDPR as a “data processor”).

The first requirement is that if a data controller is based in the EEA and is transferring personal data to a processor that is based outside of the EEA, the parties must take steps to ensure that the jurisdiction in which the data is going affords the data “an adequate level of protection.” When the GDPR refers to an “adequate level of protection” it is not talking about the security of the data. Instead, it is referring to the protections afforded by the laws of the country to which the data will be transferred.

Source: Bryan Cave – GDPR: The Most Frequently Asked Questions: Is a Service Provider’s Privacy Shield Certification Good Enough?

U.S. Customs Wants to Use Your Face As a Boarding Pass

By 2022, the agency plans to use biometrics to identify 97 percent of travelers flying out of the country.

Getting through an airport without a passport or boarding pass may only seem possible in the nostalgic memories of 20th-century travelers, but an initiative at Customs and Border Protection could make that bygone convenience a modern reality.

Source: U.S. Customs Wants to Use Your Face As a Boarding Pass – Nextgov

Article 29 Working Party Comments on FATCA

Article 29 Working responded to a letter on effect of U.S. Foreign Account Tax Compliance Act (FATCA) on European citizens who, due to U.S.
citizenship law, are either “accidental Americans” or dual European/US nationals.

At the moment all EU Member States have now signed individual intergovernmental agreements (IGAs) with the US. These IGAs provide the legal basis for the processing of the personal data of American nationals in the context of FATCA. In addition, EU data protection authorities have been monitoring the measures taken by European governments
to implement FATCA at national level.

Source: ARTICLE29 Newsroom – Letter of the Chair of the ART 29 WP to FATCA – European Commission

US Attorney General Sessions Announces New Cybersecurity Task Force

Attorney General Jeff Sessions has ordered the creation of the Justice Department’s Cyber-Digital Task Force, which will canvass the many ways that the Department is combatting the global cyber threat, and will also identify how federal law enforcement can more effectively accomplish its mission in this vital and evolving area.

Source: Attorney General Sessions Announces New Cybersecurity Task Force | OPA | Department of Justice

The Argument Against a Mobile Device Backdoor for Government

The ‘responsible encryption’ demanded by law enforcement and some politicians will not prevent criminals ‘going dark’; will weaken cyber security for innocent Americans; and will have a hit on the U.S. economy. At the same time, there are existing legal methods for law enforcement to gain access to devices without requiring new legislation.

These are the conclusions of Riana Pfefferkorn, cryptography fellow at the Center for Internet and Society at the Stanford Law School in a paper published Tuesday titled, The Risks of “Responsible Encryption”.

Source: The Argument Against a Mobile Device Backdoor for Government | SecurityWeek.Com

Europe’s New Data Privacy Rules Nourish U.S. Privacy Tech Sector

That situation is changing radically, with the looming May 25 deadline for enforcement of the European Union’s General Data Protection Regulation (GDPR)—a sort of Magna Carta for the right of individuals to control the use of their own data. The sweeping new EU privacy protections apply to any company anywhere that holds data on any EU citizen—not just businesses located within the 28 EU member nations. And the maximum fine for violations—as much as 4 percent of a company’s global annual revenue—tends to concentrate the mind wonderfully on compliance.

Source: Xconomy: Europe’s New Data Privacy Rules Nourish U.S. Privacy Tech Sector

A Strong Privacy Policy Can Save Your Company Millions

Cyberattacks are on the rise, with over 1,000 data breaches occurring at U.S. organizations in 2016 alone, most often through hacking or external theft. And it isn’t only violated firms that are hurt by these incidents. Studying hundreds of data breaches, our research has found that they create significant ripples that affect other companies in the industry.

Source: Research: A Strong Privacy Policy Can Save Your Company Millions

Privacy policies can conflict with personalized learning, but they don’t have to

There does not have to be tension between implementing personalized learning for students and safeguarding those same students’ privacy through data protection policies, says a new report from the National Association of State Boards of Education (NASBE).

The report, “Advancing Personalized Learning through Effective Use and Protection of Student Data,” argues that state policymakers — legislators as well as school boards — can develop laws, regulations and policies that allow effective use of data by schools, teachers, parents and students. But a number of states have instead enacted policies that hamper the use of data that would improve personalized learning programs.

Source: Privacy policies can conflict with personalized learning, but they don’t have to, NASBE finds

Data breach at tax agency allowed companies to peek in on competitors’ data

A data mix-up on a state tax portal inadvertently made private data from about 16,500 business taxpayers viewable to other companies, potentially even competitors. The breach lasted from Aug. 7, 2017, through Jan. 23, 2018, and allowed some companies to view other business’s names, federal employer identification numbers, tax payments, and other data, according to the Massachusetts Department of Revenue.

Source: Yikes! Data breach at Mass. tax agency allowed companies to peek in on competitors’ data – The Boston Globe

1 2 3 20
>