Standard Post with Image

U.S. Senators propose a bill for the security of internet devices purchased by Federal Agencies

A bipartisan group of U.S. Senators has proposed the introduction of a new legislation to defeat the exposures of every-day computer devices.  The bill comes after several warnings on cybersecurity risks of those devices. The bill requests vendors of internet-connected equipment to ensure the U.S. Government that their products are patched and in compliance with the industry security standards, prohibiting them to supply devices with fixed passwords or other security weaknesses.

The bill is available here

Find also the Reuters related press release here
Standard Post with Image

The European Commissioner for Digital Economy and Society appoints a new Cabinet

The European Commissioner for the Digital Economy and Society Ms. Mariya Gabriel has completed the list of her Cabinet members, published today in the Commissioner’s webpage. Ms. Lora Borissova is the new Head of Cabinet. Mr. Carl Buhr, is the Deputy-Head of Cabinet with privacy and cybersecurity in his portfolio. s., Mr. Eric Peters will be the expert responsible, among other subjects, for e-Commerce and online platforms including removal of illegal content. Ms. Alina Ujupan will be the expert responsible, among other subjects, for infringements, Horizon 2020 and growth agenda. Mr. Manuel Mateo will be the expert responsible, among other subjects, for copyright and fake news, while Ms. Andrea Almeida Cordero will be the expert responsible, among other subjects, for the overall assessment and support in policy and communications strategy

Visit Commissioner Mariya Gabriel’s webpage here
Standard Post with Image

EPIC questioned Google’s access to costumer’s data in front of the FTC

The Electronic Privacy Information Center (EPIC) has filed a request in front of the Federal Trade Commission (FTC) to investigate a new Google Inc. advert program that would be able to access costumers’ sensitive information, such as the credit and debit card purchase records, without explaining the modalities of the gathering nor advising consumers on how to opt out from this activity.  EPIC has questioned the data protection tools adopted by the tech giant that are considered as completely inaccessible and that, to the contrary, should be open to evaluation on their effective capacity to protect data from hacks or other data breaches.

The text of the EPIC complaint is available here
Standard Post with Image

FTC modifies its Safe Harbor Program concerning the COPPA Rule

The Federal Trade Commission (FTC) has modified its Safe Harbor Program Childrens’ Online Privacy Protection Rules (COPPA) program asking operators of commercial websites and online services to establish comprehensive privacy policies for children under the age of 13.  The same will apply with regard to general audience websites and online services that intentionally collect personal information from these subjects.  These modifications provide parents with notifications on companies’ information practices and seek their consent for the collection, use, and disclosure of their children information.  Additionally, the FTC’s COPPA Rule includes a safe harbor provision that allows industries to ask the Commission approval on their self-regulatory guidelines.  This should guarantee a level of protection equal or higher to the COPPA Rule.  Companies and organizations participating in the FTC-approved Safe Harbor Program will be subject to the review and disciplinary procedures provided in the Program guidelines rather than formal FTC investigations or the ones of law enforcement agencies.  The FTC will also require to its participants an annual internal assessment of third-parties collection of personal information from children on their websites or online services.

Find out more at the FTC website here
Standard Post with Image

BPH and ICRC jointly publish a handbook on data protection and humanitarian action

The Brussels Privacy Hub (BPH) and the International Committee of the Red Cross (ICRC) have released a handbook to address concerns regarding the application of data protection when carrying out the humanitarian actions.  The handbook is addressed to staff of international humanitarian organisations and NGOs who is involved in the processing of personal data (particularly those in charge of advising on and applying data protection standards) and is part of the Data Protection in Humanitarian Action project.  The Handbook has been created in collaboration with the data protection authorities and representatives of different humanitarian organizations.  The handbook scope is to increase awareness on the subject and to assist humanitarian organizations in ensuring their compliance with personal data protection standards in humanitarian activities.

The handbook is available at the Brussel Privacy Hub webpage