Category: USA

Do Europeans care more about their data than Americans?

22. September 2016

Recode just published an interview with Margrethe Vestager, Europeans Commissioner for Competition, talking about her impression that Europeans care more about their data than Americans.

First, she elaborates that Europe has historically been more critical towards new technology practices such as data collection. In this context, Vestager said “I am an economist, so I know that there is no such thing as a free lunch” she went on “You pay with one currency or another — either cents, or you pay with your data, or you pay with the advertisements that you accept. And I think people are becoming more and more aware of the fact that their personal data do have a value.”

Vestager underlined her point of view that Europeans care more about their data than Americans by saying “What we see in Europe is that a huge proportion of citizens find that they are not in control” she added “They distrust the companies to protect their data, and I think that is very bad, because then there is a risk of withdrawing from all the benefits of our digital economy. And in order to build up trust I think it is very important that we enforce privacy rules, that we get privacy by design in new services, so that privacy is not just an add-on, that it is very basic.”

Therefore, according to Vestager the Europeans have a greater need to protect their data than Americans.

Persumed hacker attack on German politicians

This week, heise-online reported that after last years attack on the German Parliament, this year on the 15th and 24th August the offices of several members of Parliament as well as their employees were targeted again in a new attack.

Emails containing malware were sent to the respective politicians. The Emails were supposedly sent by Heinrich Krammer working for the NATO-Headquarter.

The German Federal Office for Information Security (BSI) stated that the attacks probably originated from Russia. The BSI believes that the attacks might be linked to the hacking of private emails from Hillary Clinton’s campaign team in the US earlier this year.

The BSI assumes that the hackers might have been looking for potentially damaging information which could be released a few weeks before elections next year in an attempt to influence the result.

 

Category: Data breach · USA
Tags: , ,

No class-action suit against Facebook for selling personal information to advertisers

7. September 2016

Facebook users claimed that the social network “automatically and surreptitiously” disclosed information to advertisers in case the users clicked on ads. They accused Facebook to pass on information such as how they are using the website. This approach could be seen as “contrary to Facebook’s explicit privacy promises.”

However, Facebook just defeated these accusations of a group lawsuit as a judge ruled that the plaintiffs did not have enough in common to pursue a class-action (Facebook Privacy Litigation, 10-cv-02389, U.S. District Court, Northern District of California).

In the past, lawsuits against Facebook and other internt companies concerning data protection issues were unsuccesful due to the fact that the plaintiffs have not been able to demonstrate how disclosures to third parties harmed them. In case the lawsuits went further, the respective company has won the case at later stages so that no class-action suits have been developed.

 

 

Category: Countries · USA
Tags: ,

“What’s at stake is individual control of one’s data when they are combined by internet giants”

1. September 2016

The concern due to WhatsApp sharing user information with Facebook is rising, especially in Europe.

As the Wall Street Journal reported, European privacy regulators are investigating WhatsApp’s plan to share the information of their users with its parent company Facebook.

The Article 29 Working Party representing the 28 national data protection authorities released a statement at the beginning of this week saying that its members were following “with great vigilance” the upcoming changes to the privacy policy of WhatsApp due to the fact that the new privacy policy allows WhatsApp to share data with Facebook, whereas the privacy policy only gives existing WhatsApp users the right to opt out of part of the data sharing. Therefore, the Article 29 Working Party concluded “What’s at stake is individual control of one’s data when they are combined by internet giants”.

Furthermore,

  • the ICO also issued a statement last week raising concerns due to the “lack of control”,
  • at the beginning of this week the consumer privacy advocates in the U.S. filed a complaint with the Federal Trade Commission due to the fact that WhatsApp promised that “nothing would change” when Facebook acquired WhatsAPP two years ago and on top of that
  • the Electronic Privacy Information Center and the Center for Digital Democracy turned to the Federal Trade Commission in order to get the confirmation that the upcoming changes to the privacy policy can be seen as “marketing practices” that are “unfair and deceptive trade practices”.
Category: Article 29 WP · EU · UK · USA
Tags: , , ,

Google Analytics joins EU-U.S. Privacy Shield

31. August 2016

On its blog Google Analytics announced on the 29th of August that they have self-certified to the EU-U.S. Privacy Shield.

The statement describes the EU-U.S. Privacy Shield as a new framework for transfers of personal data from Europe to the United States, which can be seen as a significant milestone for the protection of Europeans’ personal data, legal certainty of transatlantic businesses, and trust in the digital economy.

Therefore, Google has now committed that they comply with the Privacy Shield’s principles and furthermore that they will safeguard the transfers of personal data, whereas no action is required from their customers.

WhatsApp will share user information with Facebook

26. August 2016

Jan Koum, one of WhatsApp’s founders, stated shortly after selling WhatsApp to Facebook in 2014 that the deal would not affect the digital privacy of his mobile messaging service with millions of users.

However, according to the New York Times WhatsApp is about to share user information with Facebook. This week, WhatsApp published a statement saying that it will start to disclose phone numbers and analytics data of its users to Facebook. By doing so, it will be the first time that WhatsApp will connect the data of its users to Facebook.

Furthermoere, due to the fact that WhatsApp begins to built a profitable business after its previous little emphasis on revenue, it is now changing its privacy policy to the extent that WhatsApp wants to allow businesses to contact customers directly through its platform.

WhatsApp commented on the new privacy policy “We want to explore ways for you to communicate with businesses that matter to you, too, while still giving you an experience without third-party banner ads and spam”.

The new privacy policy will allow Facebook to use a users’s phone number to improve other Facebook-operated services like making new Facebook friend suggestions or better-tailored advertising.

However, WhatsApp underlines that neither it nor Facebook will be able to read users’ encrypted messages and emphasizes that individual phone numbers will not be given to advertisers.

Koum explained that “Our values and our respect for your privacy continue to guide the decisions we make at WhatsApp” and went on “It’s why we’ve rolled out end-to-end encryption, which means no one can read your messages other than the people you talk to. Not us, not Facebook, nor anyone else” and concluded “Our focus is the same as it’s always been — giving you a fast, simple and reliable way to stay in touch with friends and loved ones around the world.”

WhatsApp’s new privacy policy raises concerns due to the lack of data protection. Therefore, the president of the Electronic Privacy Information Center, Marc Rotenberg commented that it is about to file a complaint next week with the Federal Trade Commission in order to prevent WhatsApp from sharing users’ data with Facebook. Rotenberg justified this approach as “Many users signed up for WhatsApp and not Facebook, precisely because WhatsApp offered, at the time, better privacy practices” he explained “If the F.T.C. does not bring an enforcement action, it means that even when users choose better privacy services, there is no guarantee their data will be protected.”

 

EU-U.S. Privacy Shield – What does it mean in practice?

17. August 2016

Concerning U.S.-American Companies:

  • Annual self-certification that they meet the requirements
  • Displaying the privacy policy on their website
  • Replying in a reasonable period of time to any complaints
  • In case human resources data is processed: cooperation and compliance with European Data Protection Authorities

Concerning European Individuals:

  • More transparency about the transfer of personal data to the U.S. and an increase of the protection level of this data.
  • Cheaper and easier redress possibilities in case of complaints: either directly towards the company or with the support of the respective Data Protection Authority.

 

List of approved companies under the EU-U.S. Privacy Shield was released

16. August 2016

list was released last week containig about 40 companies that have been approved under the EU-U.S. Privacy Shield.

A spokesman of the Department of Commerce commented that this list would be updated continuously. He went on by saying that “There are nearly 200 applications currently involved in our rigorous review process.”

Nevertheless, the Wall Street Journal just released an article mentioning that due to the lack of legal uncertainty of the EU-U.S. Privacy Shield, companies demonstrate restraint in joining the agreement.

However, “we don’t expect a stampede to join it in the next few days, but rather a steadily growing wave over the long run, especially if European companies begin to favor Privacy Shield membership in competitive bids” concluded Jay Cline working with PwC.

Privacy Shield: the first applications were submitted

4. August 2016

Although companies began submitting their application to join the EU-U.S. Privacy Shield, the U.S. Department of Commerce did not immediately list their compliance.

Among others, Microsoft was one of the first businesses to certify that it complied with the new rules for transferring European Union citizens’ personal data to the U.S.

On its blog Microsoft published a statement by Vice President for EU Government Affairs John Frank saying “We expect it to be approved in the coming days”.  Furthermore, he said “Going forward, any data which we will transfer from Europe to the U.S. will be protected by the Privacy Shield’s safeguards.”

The process for joining the EU-U.S. Privacy Shield includes a self-certification, which is charged by the U.S. Department of Commerce. The fee for processing their annual applications and adding them to the register ranges from $250 for organizations with revenue under US$5 million up to $3,250 for those with revenue over $5 billion.

However, organizations also have to pay in order to join an arbitration service or in terms of data protection authorities dealing with complaints.

 

Category: EU · EU-U.S. Privacy Shield · USA
Tags:

Microsoft cannot be compelled to turn over customer emails stored outside the U.S.

27. July 2016

Last week the U.S. Court of Appeals for the Second Circuit held that Microsoft Corporation cannot be compelled to turn over customer emails stored outside the U.S. to U.S. law enforcement authorities.

The original case addressed a search warrant concerning the contents of all emails, records and other information regarding one of Microsoft’s email users. Although Microsoft generally complied, it refused to turn over the contents of the emails stored on a server in Ireland. Microsoft opinion was that U.S. courts are not authorized to issue such warrants. However, in April 2014 a judge in the U.S. District Court for the Southern District of New York held that Microsoft has to turn over the contents of the emails to U.S. law enforcement in case of search warrant is issued under the Stored Communications Act and although the data is stored outside of the U.S.

The Second Circuit ruled that “Congress did not intend the (Stored Communications Act’s) warrant provisions to apply extraterritorially…(and) the Stored Communications Act does not authorize a U.S. court to issue and enforce an Stored Communications Act warrant against a United States‐based service provider for the contents of a customer’s electronic communications stored on servers located outside the United States.”

Pages: Prev 1 2 3 4 5 6 7 8 9 10 11 Next
1 6 7 8 9 10 11