Adopting cloud computing can mean entrusting data to a third-party vendor. For agencies responsible for personally identifiable information or mission-critical applications, this raises a host of privacy concerns, chief among them the issue of data sovereignty and the question of determining appropriate government and commercial uses of private citizens’ data. This section of the SafeGov.org site analyzes the risks to privacy associated with cloud adoption and explores ongoing means to mitigate them.
Peter Vogel, Lexology, Wednesday, October 19, 2016
Companies that transfer their accounting records between countries should know whether the new EU Privacy Shield applies to data whether it contains Personal Identifiable Information (PII) or PCI credit card information. To learn more, please watch my recent video entitled “Data Transfer Agreements: What You Need to Know.” The video interview by SmartPros is part of a series of educational videos covering subjects in the accounting, financial services, legal, engineering and information technology industries.
Joseph Jerome, IAPP Privacy Perspectives, Monday, October 17, 2016
Move over big data and the internet of things — artificial intelligence is poised to be the next major trend that privacy pros should stay on top of. In the past month alone, we have seen the launch of a major industry effort to explore the policy ramifications of AI, and the U.S. Department of Transportation has released a policy roadmap for autonomous vehicles, suggesting that regulators and policymakers are eager to get into the AI game. Even the White House got involved this spring when it announced a series of workshops to explore the benefits and risks of AI.
Blake Montgomery & Mary Hossfeld, EdSurge, Monday, October 17, 2016
Never ones to pass up an opportunity to dig into topics that spark controversy and spotlight opportunity, EdSurge sat down with education technology lawyer Gretchen Shipley at our recent California Tech for Schools Summit.
POLITICO Staff, Wednesday, October 12, 2016
POLITICO recently convened a group of policymakers and stakeholders for a frank conversation about the U.S. perspective on U.S./EU data protections, Privacy Shield, and the future of trans-Atlantic data protection.
Tom Bergin, Reuters, Thursday, October 6, 2016
Yahoo's decision to scan clients' email accounts at the behest of the U.S. authorities has prompted questions in Europe as to whether EU citizens' data had been compromised, and could help derail a new trans-Atlantic data sharing deal. Ireland's Data Protection Commissioner, the lead European regulator on privacy issues for Yahoo, said on Wednesday it was making enquiries about the matter.
Karlin Lillington, Irish Times, Tuesday, October 4, 2016
Few people at Microsoft can have the detailed and nuanced understanding of the company’s friction points – exposed via its legal challenges and policy battles – as Microsoft’s number two in command, Brad Smith. Microsoft’s chief legal officer (and as of last year, president under chief executive officer Satya Nadella) has been 23 years with the Redmond, Washington technology giant. Thus, he’s been to the forefront of several of the defining international cases and the legal growing pains of technology’s post-1980s explosion, such as the huge US v Microsoft antirust case that convulsed the industry in the 1990s through early 2000s.
Peter Merkulov, Dark Reading, Tuesday, October 4, 2016
The IAPP-EY numbers strongly suggest that companies have decided to look for a middle ground. Rather than build their trans-Atlantic compliance programs on Privacy Shield's uncertain foundation, companies are collaborating with trading partners to take responsibility for protecting private data and establishing obligations that they can rely on, should Privacy Shield meet the same fate as Safe Harbor.
Bjorn Aannestad, Business 2 Community, Friday, September 23, 2016
Robin Wilton Interview: Robin is technical outreach director for identity and privacy in the Internet Society’s Internet Technology Office. He is a specialist in digital identity, IT security and public policy and is a member of the Kantara Initiative’s Board of Trustees. Robin also worked as a research analyst on Gartner’s Identity and Privacy Strategies team.
Fortunato Guarino, SC Magazine, Thursday, September 15, 2016
Any new regulation brings an inherent risk of non-compliance. To avoid issues, organisations need to understand exactly where any sensitive data is stored. Unfortunately, this is usually much easier said than done. The exponential increase in the amount of data produced makes answering even basic questions about how information is created, stored and managed difficult for many businesses to answer. This lack of insight creates a tremendous amount of risk. However, there are steps organisations can take to better manage data, reducing their risk of non-compliance, and mitigating potential damages in the event of a cyber-attack. The process starts with knowing which questions to ask.
Liam Tung, ZDNet, Wednesday, September 7, 2016
Microsoft has officially opened two new cloud regions, offering Azure and Office 365 from multiple datacenter locations in the UK for the first time. The new UK regions take to 28 the number of Microsoft generally-available regions for its cloud infrastructure and platform services. For UK enterprise customers, the regional services are also designed to provide a better option for meeting requirements to store certain data locally. The new cloud areas are made up of UK West and UK South, served from datacenters in London and Cardiff, the capital of Wales.