China Facial Recognition Database Leak Sparks Fears Over Mass Data Collection
Feb 19th
From: Forbes
Kate O’Flaherty
A company that operates facial recognition systems in China has exposed the personal information of 2.5 million people after leaving a database unprotected, it has emerged.
It was discovered by Dutch cybersecurity researcher Victor Gevers, who works for the GDI Foundation, a non-profit dedicated to reporting security issues. He tweeted: “There is this company in China named SenseNets. They make artificial intelligence-based security software systems for face recognition, crowd analysis, and personal verification. And their business IP and millions of records of people tracking data is fully accessible to anyone.”
The Internet Became Less Free in 2018. Can We Fight Back?
Dec 26th
Editor’s Note: Regulation in action.
From: Wired
Author: Emily Dreyfuss
As democracies around the world struggle to hold back the rising tide of authoritarianism, a similar crisis is unfolding online. Three factors converged this year to make 2018 the eighth straight year that global internet freedom declined, according to an annual report from the nonprofit Freedom House: increasing censorship in response to disinformation, the widespread collection of personal data, and a growing group of countries emulating China’s model of digital authoritarianism.
MENA companies will spend $1.9bn on cybersecurity in 2019
Dec 26th
From: Oil and Gas Middle East
Attivo Networks shares its predictions for MENA cybersecurity in 2019
In 2018, organisations in the Middle East invested heavily in multiple solutions to build and strengthen their cyber defenses. This trend will continue in 2019 as well, as organisations steadily increase their cybersecurity investments. According to Gartner, the Middle East and North Africa (MENA) spending on enterprise information security technology and services is expected to reach $1.9bn in 2019, an increase of 9.8% over 2018. In view of this, Ray Kafity, Vice President, Middle East, Turkey & Africa at Attivo Networks, shares his predictions on top cybersecurity concerns and the kinds of threats that will put these investments to test (all below quotes attributed to Ray Kafity).
French president Macron insists new regulations needed to protect us all from Facebook’s claws
Nov 13th
Canada Post leaked personal data, orders of thousands of cannabis smokers
Nov 8th
Editor’s Note: Shades of Ashley Madison?
From: ZDNet
The rollout of legal weed in Ontario is now beset by potential privacy issues.
By Charlie Osborne for Zero Day
On Wednesday, the Ontario Cannabis Store (OCS) revealed the security incident on Twitter, saying that an unnamed individual was able to access the order records of 4,500 customers, or roughly two percent of the firm’s customer base.
The compromised information included names or the initials of nominated signatories, postcodes, dates of delivery, OCS reference numbers, Canada Post tracking numbers, and OCS corporate names and business addresses.
New privacy rules will force Canadian companies to disclose data breaches
Nov 1st
From: CBC
Experts say rules don’t go far enough
New privacy rules designed to better safeguard the personal data of Canadians and let them know when it has been breached kick in Thursday, but even security experts say they are far from perfect.
The legislation, known as the Personal Information Protection and Electronic Documents Act (or PIPEDA) does a lot of things, but most importantly from a consumer’s perspective, it requires Canadian companies to alert their customers any time their personal information may have fallen into the wrong hands.
Israel Securities Authority Turns to Blockchain for Improving Cybersecurity
Oct 4th
From: cointelegraph
The Israel Securities Authority (ISA) has started to use blockchain to improve the cybersecurity of its messaging system, online newspaper Times of Israel reports today, October 3.
The government regulator has reportedly embedded the technology into a system dubbed “Yael,” used to deliver messages and other information to entities that fall under ISA oversight.
Germany’s Position on International Law in Cyberspace
Oct 2nd
From: Lawfare
By Nele Achten
In February 2018, the German government’s network was attacked. Germany did not specify what kind of information was accessed by the foreign hackers, but it is publicly known that the hackers successfully attacked the IT system of the Ministry of Foreign Affairs. On March 18, 2018, the Head of the Federal Chancellery and Federal Minister for Special Tasks, Helge Braun, issued a public statement about this attack and explained that the government would examine the possibilities of cyber counterattacks. His statement heated the political debate about cybersecurity and parliamentary opposition groups raised concerns and questions in official inquiries to the federal government on March 23, May 4 and May 7. The questions covered many topics ranging from Russia’s potential influence on the domestic political debate to facts about specific cyber attacks to the domestic institutional framework for cyber defense to attribution and the international legal framework.
The Brazilian Data Protection Legal Framework
Sep 26th
From: Mondaq
Article by Simone Lahorgue Nunes, Daniel Tardelli Pessoa, Allan Nascimento Turano, Júlio César Ferro and Rodrigo Dias | Levy & Salomao Advogados
Introduction
On August 14, 2018, Law No. 13,709 (LGPD – Lei Geral de Proteção de Dados) was enacted, creating a personal data protection legal framework in Brazil. The LGPD is influenced by the EU General Data Protection Regulation (GDPR); individuals, private entities and public authorities are affected by its provisions.
Whacking the mole: how Australia scrambles to regulate Chinese technology
Sep 12th
From: The Conversation
Sarah Logan, Research Fellow, UNSW
Did you ever go to your local show as a child? Remember that infuriating game where to win you had to hit every mole which popped its head out of a hole? I imagine Australia’s government feels like it’s playing whack-a-mole in regulating Chinese information and communications technology right now.
A clearer policy on regulating information and communications technology in the context of national security threats may help. Though in this version of the game, the stakes are rather higher than cheap toys at the local show.