Friday, December 20, 2013

One Privacy agreement to rule them all? That should be interesting. Clearly there are several strategic objectives in conflict even in this simple summary.
Mr Moraes’ draft conclusions acknowledge the importance of the Transatlantic Trade and Investment Partnership (TTIP) agreement for economic growth and jobs in both the EU and the US. But European Parliament should consent to the deal only if contains no references to data protection provisions, the draft text adds. “We need to ensure that strong data privacy protections are achieved separately from the TTIP”, Mr Moraes told MEPs involved in the Civil Liberties Committee inquiry.
Clear political signals that the US understands the difference between allies and adversaries are also needed, says the draft document, which urges the US authorities to draw up a code of conduct to guarantee that no espionage is pursued against EU institutions and facilities. [In short, let's go back to Secretary of State Henry L. Stimson, who famously said that: "Gentlemen do not read each other's mail." Words he likely had to eat while serving as Secretary of War from 1040-1945 Bob]
Suspend Safe Harbour and TFTP agreements
The European Commission should suspend the “Safe Harbour” principles (data protection standards that US companies should meet when transferring EU citizens’ data to the US) and re-negotiate new, appropriate data protection standards, the draft says.
The EU’s executive arm is also urged to suspend the Terrorist Finance Tracking Programme (TFTP) deal with the US until a “thorough investigation” is carried out to restore trust in the agreement. The draft also underlines that the consultations recently concluded by the Commission were based solely on US assurances. [What else? Bob]
Let’s go for an EU cloud
The draft also calls for the swift development of an EU data storage “cloud” to protect EU citizens’ data. Any of this data stored in US companies’ clouds can potentially be accessed by the NSA, it notes. An EU cloud would ensure that companies apply the high standards of EU data protection rules and there is also a potential economic advantage for EU businesses in this field, it adds.
Judicial redress for EU citizens
The draft welcomes the Commission’s wish to have the EU-US data protection framework agreement (the so-called “umbrella agreement”) approved by spring 2014, in order to guarantee judicial redress for EU citizens [Are we heading toward a global legal system? Bob] when their personal data is transferred to the US. At present EU citizens do not enjoy full and reciprocal judicial redress rights, because access to US courts is guaranteed only to US citizens or permanent residents. Completing these negotiations would restore trust in transatlantic data transfers, says Mr Moraes.
Reforming data protection rules and protecting whistleblowers
EU member states should start working immediately to achieve a Parliament/Council of Ministers agreement on the data protection reform by the end of 2014 at the latest, says the draft. The text calls for better legal protection of whistleblowers, but also points out that proper oversight “should not depend on journalists and whistleblowers”.
IT security: open source software could help
Disclosures by former NSA contractor Edward Snowden have revealed a huge weakness in the IT security of EU institutions, stresses Mr Moraes. The draft resolution proposes that Parliament’s technical capabilities and options should be properly assessed, including the possible uses of open source software, cloud storage and more use of encryption technologies.
Next steps
MEPs will now have the opportunity to table amendments to the draft resolution. It will be put to the vote by the Civil Liberties Committee at the end of January and Parliament as a whole on 24-27 February.
In the chair: Sophie in ‘t Veld (ALDE, NL) REF.: 20131216IPR31029
SOURCE: European Parliament Press Release

The UN General Assembly has unanimously called on a curb of supernormal surveillance of communications. The resolution drafted by Brazil and Germany was in response to revelations over the eavesdropping conducted by the US on a global scale.
All 193 UN member states agreed “to respect and protect the right to privacy, including in the context of digital communication.”
Read more on RT.

(Related) Can Google comply with every entity promulgating privacy laws or regulations?
Stephanie Bodoni reports:
Google Inc. (GOOG) was fined 900,000 euros ($1.2 million) by Spain’s data-protection watchdog for illegally collecting and using users’ personal data.
Google is guilty of “three serious violations” of Spanish data-privacy law for collecting personal information across nearly 100 services and products in Spain without in many cases giving details “about what data it collects, what it uses it for and without obtaining a valid consent,” the regulator said in a statement today.
Google was fined 300,000 euros for each of the three violations and ordered to take the “necessary measures without any delay to comply with the legal requirements,” said the authority.
Read more on Bloomberg News.
Of course, the fine is just petty cash to Google. The bigger and more interesting aspect is how they will respond to the order to comply with Spanish privacy law by changing their privacy policy.

“Hello, we're from the government and we're here to squelch you.” Actually a very tiny percentage of the billions and billions of ideas being posted every day. Still, it might be amusing to collect the “banned in 'country X'” data for review in other countries...
Carrie Mihalcik reports:
The number of requests Google receives from governments around the world to remove content from its services continue to rise at a rapid pace.
Google received 3,846 government requests to remove 24,737 pieces of content during the first half of 2013, a 68 percent increase over the 2,285 government removal requests the company received in the second half of 2012. Google released the updated numbers Thursday, which cover requests made from January to June 2013, as part of its Transparency Report.
Read more on CNET.

I'm giving good odds that when (not if) Congress does nothing, these lists will return.
If you missed Senator Rockefeller’s hearing on data brokers yesterday, Pam Dixon of the World Privacy Forum made a powerful point in her opening statement about how data brokers have no shame. She cited the fact that brokers were selling lists of rape victims’ names for 7.9 cents per name. It didn’t take look for the Internet and media to react.
The naming and shaming seems to have worked. Elizabeth Dwoskin reports:
A marketing company purporting to sell lists of rape and domestic violence victims removed the lists from its website Wednesday after being contacted by The Wall Street Journal.
Medbase200, a Lake Forest, Ill., company that sells marketing information to pharmaceutical companies, had been offering a list of “rape sufferers” on its website, at a cost of $79 for 1,000 names.
The company also removed lists of domestic violence victims and “peer pressure sufferers” that it had been offering for sale, until it was contacted by the Journal.
Read more on the Wall Street Journal. I think their headline suggesting that their inquiry was responsible for the broker’s reaction is a bit off. All credit goes to Pam Dixon for this one. You can view an archived copy of the hearing here.

Everything on the Internet is accessible forever. Are you surprised to learn that the pointers to data have a shelf life?
Missing Links: Access to Papers' Raw Data Plummets by 17% Each Year
Nature reported today on a study, newly published in the journal Current Biology, that tracked the raw data scientists have gathered that inform the conclusions they reach in their published papers. It was a treasure hunt for the past, basically: The large team of researchers looked for the data that informed 516 papers that were published between 1991 and 2011 in the field of ecology.
… The data-hunters' first task was to get in touch with the papers' authors. They were able to do so only in an astoundingly low 37 percent of cases. Which was in part because of the rapid evolution of contact information: "The likelihood of being able to find a working e-mail address, even after an extensive online search, declined by 7 percent per year," Nature writes.
… And when the researchers were able to get in touch with the authors, their discovery was even more dire: While data for almost all of the studies published as recently as 2011 were still accessible, the chances of them remaining accessible fell by a whopping 17 percent each year. Each year. For research from the not-that-distant early 1990s, data availability dropped to as little as 20 percent.

For those rare times Google is stumped. KWIM?
– are you looking For the meanings of acronyms or internet slang? Acronyms & Slang is the freshest, largest and most comprehensive dictionary of them all. It has more than 3,500,000 descriptions of acronyms, slang, abbreviations and initialisms sorted by categories, and every day even more are added. Check out the “trending terms” to see what’s new.

For my Ethical Hackers. This works on all similar “security.”
How to steal Bitcoin in three easy steps

No comments: