Entries with tag personal data.

Russian Parliament Passes Domestic Data-Storage Bill

All Russian residents’ personal data must now be stored inside Russia under legislation that the Russian State Duma recently passed. This means any social network or service that Russians use must reside on physical servers inside the Russian Federation. And companies cannot send residents’ personal data outside the country without meeting Russian guidelines. Organizations failing to meet the terms of the new law—which takes effect in September 2016—will have their access to the country restricted by the state telecommunications agency, Roskomnadzor. (Tech Crunch)(Lenta)

Microsoft, Google Promise to Sue US Government Regarding Surveillance Data

Microsoft and Google said they will sue the US government to disclose more information about government requests to them for their customers’ personal data. The announcement was made by Microsoft general counsel Brad Smith in a blog post. He stated the firms “remain concerned with the government’s continued unwillingness to permit us to publish sufficient data relating to Foreign Intelligence Surveillance Act (FISA) orders” for user information. He contends Microsoft has “a clear right under the US Constitution to share more information with the public.” The government has, since details of its surveillance program were leaked by former NSA contractor Edward Snowden, limited companies as to how much information they can disclose about requests for customer data, saying this could harm national security interests. The government recently turned down requests from several businesses asking for permission to disclose such information. The companies did this after receiving public criticism for allegedly being too willing to cooperate with the government in surrendering users’ personal data. (All Things D)(Microsoft on the Issues)

European Data Regulators Press Google on Privacy

Data regulators in France and Italy are among the latest European officials to require more transparency from Google regarding its collection and handling of large amounts of user data. Italy has requested additional data from Google and said it is considering sanctions for any breaches of its user privacy rules. The French data protection agency has already found Google in violation of its rules. The search giant now has three months to change its policies and practices or be subject to sanctions by France’s Commission Nationale de l'informatique et des Libertés, its data protection agency designed to ensure that the collection, storage, and use of personal data doesn’t violate privacy laws. The sanctions could include a fine of up to €150,000 (about $198,000) plus a second fine of €300,000 (about $395,000) if Google continues to not comply. Meanwhile, Spain initiated a sanction procedure against Google for infringement of Spanish data protection laws. The UK, Germany, and the Netherlands are also planning some type of action against Google. Additionally, 37 European data protection agencies  signed a joint letter expressing concern about Google Glass to company CEO Larry Page . The company is developing Google Glass as a wearable computer with an optical head-mounted display. (Reuters)(Fast Company)(The Guardian)

New European Regulations Require Companies to Disclose Breaches

Under new EU regulations, any ISP or telecommunications provider serving the European market that suffers a security or data breach that leads to theft, loss, or compromise of data must disclose it within 24 hours. They will be required to provide information about the breach’s exact nature and size, and disclose all details about the event within three days. They will also have to disclose the information that was compromised and any steps they took to resolve the matter. For breaches in which personal information or privacy were compromised, ISPs and providers will have to notify customers and the appropriate national data-protection authority. The European Commission said this will clarify existing regulations, ensuring that all customers are getting equal treatment. The commission also intends to give companies incentives for encrypting personal data and, with the European Network and Information Security Agency, plans to publish a list of these possible protections for data. Any company that encrypts personal data that experiences a data breach would be exempt from notifications. (SlashDot)(European Commission)

Showing 4 results.