|
|
|
|
|
Cyber Daily: Contentious Data-Privacy Enforcement in EU | Moody's to Invest $250 Million in BitSight
|
|
|
|
|
|
Welcome back. Discontent among European privacy regulators has been brewing since the bloc's General Data Protection Regulation took effect in 2018. Some national watchdogs are criticizing their counterparts for taking too long to investigate high-profile cases.
Shy of four years old, GDPR might need to be changed so that decisions can keep pace with shifts in digital business, reports WSJ Pro's Catherine Stupp. The built-in dispute resolution process, in which regulators can object to the draft findings of the lead regulator in a case, drags out decisions, critics say.
The European Commission, the EU executive arm that drafted the GDPR legislation, has said it is too soon to draw conclusions about the level of fragmentation and it will explore whether to propose “targeted amendments” to the regulation.
While lengthy investigations might delay fines and sanctions for offending companies, having to undergo probes that last years can drain lots of resources.
Read on for more news.
|
|
|
Sponsored by Netscout
|
|
Why Are Carpet Bombing DDoS Attacks Difficult To Mitigate?
Although carpet bombing attacks are complex, building an understanding is the first step to detecting, mitigating, and lessening their impact.
Watch Video
|
|
|
|
|
|
|
|
|
Sharing enforcement of EU privacy rules among 27 national authorities has led to bottlenecks, regulators and privacy experts say. PHOTO: YVES HERMAN/REUTERS
|
|
|
|
Time for change? The European Union’s recent $270 million fine against WhatsApp was held up for months by disagreements among national authorities, ratcheting up tensions over how to enforce the bloc’s privacy rules.
The varied approaches to policing the EU’s strict General Data Protection Regulation are fueling calls to redesign how national authorities from the 27 EU countries can intervene in each others’ cases and to explore creating a broader EU-wide regulatory system.
Ireland’s Data Protection Commission fined Facebook's WhatsApp unit for failing to tell EU residents enough about what it does with their data.
Eight other regulators said the Irish authority’s proposed fine of up to 50 million euros, equivalent to roughly $59 million, was too low and disagreed with the Irish regulator’s analysis of the company’s data practices.
Read the full story.
|
|
|
|
|
PHOTO: JUAN IGNACIO RONCORONI/SHUTTERSTOCK
|
|
|
Exclusive: Debt-rating service Moody's Corp. plans to invest $250 million in cybersecurity-ratings firm BitSight Technologies, in part to build a platform for organizations to assess their cyber risk and related financial risk. As part of the partnership, BitSight will acquire VisibleRisk, a cyber risk rating joint venture created by Moody’s and Team8, a global venture group.
|
|
|
|
PHOTO: SERGIO FLORES/REUTERS
|
|
|
SEC's broad requests about SolarWinds hack prompt worry. The Securities and Exchange Commission's letters to public companies about fallout from the SolarWinds Corp. hack seek information about data breaches or ransomware incidents since downloaded corrupted SolarWinds software. (Reuters)
|
|
|
|
$600 Million
|
Amount the Internal Revenue Service says it needs to borrow from its enforcement unit and user fees to fund tech modernization projects needed in part to improve cybersecurity. (Federal News Network)
|
|
|
|
|
|
|
|
Data transfers were discussed at the U.S.-EU summit in Brussels in June; European Commission President Ursula von der Leyen, left, President Biden, center, and European Council President Charles Michel. PHOTO: OLIVIER HOSLET/SHUTTERSTOCK
|
|
|
|
U.S. and EU advance talks to preserve data transfers. In talks that will continue next week in Brussels after a round in the U.S. this summer, the two sides hope to avert a disruption of company data transfers by resolving a long-running conflict between strict EU privacy laws and U.S. surveillance measures. The negotiations are vital to Facebook and thousands of other companies. (WSJ)
👉 A U.S. delegation, led by officials from the National Security Council and including other branches, will meet with EU officials in the aim of nearing a deal on conditions to allow companies to continue storing and accessing personal information about Europeans on U.S. soil, according to people familiar with the matter. Talks are likely to continue after the Brussels negotiations, the people said.
|
|
|
PHOTO: PATRICK SISON
/ASSOCIATED PRESS
|
|
|
Privacy arms race: Facebook's WhatsApp on Friday said it would extend encryption on the messaging service to backups of chats shared on the platform when they are stored on Apple and Google’s cloud services. The new feature, which is expected this month, will let users create an encrypted backup of their chats—including images, videos and audio—and store that data on Apple’s iCloud or Google Drive. (WSJ)
|
|
|
-
Right now, WhatsApp messages are encrypted between sender and receiver, meaning that even WhatsApp itself is unable to read them as they pass through its servers. But when users back up their data to the cloud, these backups are readable by the cloud providers, said Riana Pfefferkorn, a research scholar with the Stanford Internet Observatory, an academic research group that studies internet abuse.
|
|
|
PHOTO: LUKAS COCH
/SHUTTERSTOCK
|
|
|
Australian police seek Covid-19 app data. Australia's data privacy watchdog is calling for law enforcement to be blocked from accessing contact-tracing data from the country's mobile app for investigations unrelated to Covid-19. Police in several states have requested such information, or have attempted to, in recent months. (Chief Privacy Officer Magazine)
|
|
|
|
|
|
|