Tag: Europe

1
US, Russia and China don’t pledge to fight cybercrime
2
Facebook fined £500,000 over Cambridge Analytica scandal
3
Cambridge Analytica closes its doors
4
Excel skills of English Council leads to the exposure of “hidden” personal information
5
Facebook wants you to know that it’s accountable for your privacy
6
Update everything: Discovery of Wi-Fi flaw in connected devices
7
Gartner: Worldwide spending on information security to reach $93 billion in 2018
8
UK companies taking on cybersecurity-related insurance in soaring numbers
9
The EU-US Privacy Shield has been released
10
‘EU-US Privacy Shield’ agreed for trans-Atlantic data flow

US, Russia and China don’t pledge to fight cybercrime

By Cameron Abbott and Wendy Mansell

Fifty countries including Japan, Canada and many EU nations have come together with over 150 tech companies, pledging to fight against cybercrime. United State’s tech giants such as Facebook, Google and Microsoft have also joined the party.

The United States, Russia and China however have decided not to sign on. Each has no doubt very different reasons for this – the disappointment is mostly directed to the US. However it is a shame that Russia and China did not also feel the weight of the international community pressure to accept these principles.

The effort to combat cybercrime is being led by France, with French President Emmanuel Macron claiming that it is urgent that the internet is better regulated.

The countries and companies involved are fighting against illegal online activity like censorship, cyber interference in elections, hate speech and trade secrets theft.

The pledge has been made in a document titled the “Paris call for trust and security in cyberspace”.

Facebook fined £500,000 over Cambridge Analytica scandal

By Cameron Abbott and Sarah Goegan

The UK Information Commissioner’s Office (ICO) has issued a notice of intent to levy a £500,000 fine against Facebook for breaches of the UK’s Data Protection Act 1998. The ICO found that Facebook failed to protect its users’ data and be transparent about how that data was being harvested. This failure, ICO said, did not enable users to understand how and why they may be targeted by a political party or campaign.

The fine comes as part of a larger investigation by ICO into misuse of data in political campaigns, and responds to the highly publicised allegations that Cambridge Analytica used data obtained from Facebook to target voters in the 2016 US presidential election.

Read More

Cambridge Analytica closes its doors

By Cameron Abbott and Sarah Goegan

Cambridge Analytica, the data company embroiled in the Facebook privacy scandal, is closing down. The firm’s parent company, SCL Elections, announced that it and some of its affiliates including Cambridge Analytica had commenced insolvency proceedings in the UK, and would immediately cease all operations.

In a statement, Cambridge Analytica said it had been “vilified” and the subject of “numerous unfounded accusations” about its activities, which it says are legal and widely accepted in online advertising. It blamed negative media coverage of allegations the company improperly used the data of 87 million Facebook users (which you can read about here, here and here) for a mass exodus of clients.

Read More

Excel skills of English Council leads to the exposure of “hidden” personal information

By Cameron Abbott and Keely O’Dowd

The Kensington and Chelsea London Borough Council (Council) was recently fined £120,000 (approximately AUD$217,920) by the UK Information Commissioner’s Office (ICO) for the unauthorised processing of personal data belonging to 943 people who owned vacant properties in the Borough.

Read More

Facebook wants you to know that it’s accountable for your privacy

By Cameron Abbott and Samantha Tyrrell

Facebook has always been confronted with privacy-related scrutiny, including being the respondent in the proceedings that ultimately brought down the EU-US privacy shield. On 28 January 2018, Facebook revealed its “privacy principles” to users for the first time. Via a series of educational videos and a ‘Privacy Check Up’ function, Facebook has shared the core principles it uses to guide its approach to privacy. Facebook will also roll out a new hub which will allow users to more easily control their privacy settings.

Read More

Update everything: Discovery of Wi-Fi flaw in connected devices

By Cameron Abbott, Rob Pulham and Olivia Coburn

A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.

The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.

Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.

Read More

Gartner: Worldwide spending on information security to reach $93 billion in 2018

By Cameron Abbott and Olivia Coburn

Global spending on information security products and services will reach $86.4 billion this year, according to US-based technology research and advisory firm Gartner, Inc.

This figure is an increase of 7 per cent over 2016, and is expected to grow to $93 billion in 2018.

Read More

UK companies taking on cybersecurity-related insurance in soaring numbers

By Cameron Abbott and Allison Wallace

There was a 50% growth in the adoption of cybersecurity-related insurance in the UK between 2015 and 2016.

CFC Underwriting discovered the trend after polling industry representatives at the 2016 Cyber Symposium late last year.

The underwriter, which provides cyber insurance to more than 20000 clients globally, found the factors driving clients to purchase these kinds of policies included the “fear factor” of a cyber attack (23%) and the impending introduction of the European General Data Protection Regulation in 2018 (26%).

More than half of the respondents to the poll (53%) indicated they believed electronic computer crime will lead to an increase in insurance claims. Earlier figures released by CFC Underwriting revealed it handled over 400 claims on cyber policies in 2016, a 78% increase on 2015.

The EU-US Privacy Shield has been released

By Cameron Abbott and Meg Aitken

The European Commission has now officially released the EU-U.S. Privacy Shield, which sets out the key requirements and principles for trans-Atlantic data flow between Europe to the US.

Read our colleague’s article on the announcement here.

Alternatively, access the European Commission’s Press Release here.

‘EU-US Privacy Shield’ agreed for trans-Atlantic data flow

By Cameron Abbott and Meg Aitken

A new trans-Atlantic data transfer framework has been agreed between the European Commission and the United States this week. Known as the ‘EU-US Privacy Shield’, the new arrangement is intended to offer greater legal certainty for businesses and afford EU citizens increased protection when their data is transferred across the Atlantic to the US.

The new regulations will replace the US-EU Safe Harbor framework, which was invalidated by the European Court of Justice last October on the basis that the generalised access that public authorities had to the data and content of electronic communications violated fundamental privacy rights. Read our earlier blog post on the Safe Harbour decision here.

The key features of the new EU-US Privacy Shield are:

  • Stronger obligations on US companies to protect the personal data of EU citizens
  • More robust enforcement powers granted to both EU and US regulators, including greater monitoring and prosecution by the US Department of Commence and Federal Trade Commission (FTC)
  • Clearer conditions, limitations, redress avenues and safeguards for data transferred across the Atlantic
  • Expanded obligations for US companies to prove compliance
  • Several new avenues for EU citizens to lodge complaints about data misuse, including the establishment of a new independent privacy Ombudsman

The new Privacy Shield is still awaiting final approval from the College of Commissioners and will be subject to further review by the Article 29 Working Party before it is introduced. Much of the detail has not been released, so while the principles have been articulated, the impact on the obligations of affected companies is still far from clear.

Read the European Commission press release here for further details.

Our US and EU colleagues have drafted a more detail description which can be accessed here for further information.

Copyright © 2018, K&L Gates LLP. All Rights Reserved.