Archive

Archive for the ‘Privacy Laws’ Category

NY State vs Microsoft – Part 5

July 17, 2016 Leave a comment

(You can find the previous part 4 of this topic here)

This week there was another progression in the infamous and long running Microsoft vs State of NY case – the one if you remember where the New York, USA court is demanding that Microsoft Ireland aquise to a subpoena issued in the USA.

Well this week the Second Circuit court of appeals agreed with Microsoft USA that the USA had no jurisdiction over assets within Ireland:

§ 2703 of the Stored Communications Act does not authorize courts to issue and enforce against U.S.‐based service providers warrants for the seizure of customer e‐mail content that is stored exclusively on foreign server.

A great writeup of the case can be found at Lawfareblog.

This case can still be raised to the Supreme Court, but since there are other legal methods for the USA to request the assistance of the law authorities in other countries, the door is finally closing on trying to impose domestic law on USA companies with assets in other countries.

The current global data economy and the 1986 Electronic Communications Privacy act are woefully out of step, but this decision is the right one to support the global technology industry.

After all – if a court in the USA can compel the release of data from Ireland, surely a court in China can compel the release of data stored in the USA?

 

Advertisement
Categories: Cryptography, Privacy Laws Tags: ,

How could Apple help bypass an iPhone Pin?

February 17, 2016 Leave a comment

This week BBC news reported that Apple would not help the FBI bypass the pin on one of their phones

The FBI have apparently asked Apple to create two assistive technologies :

“Firstly, it wants the company to alter Farook’s iPhone so that investigators can make unlimited attempts at the passcode without the risk of erasing the data.

Secondly, it wants Apple to help implement a way to rapidly try different passcode combinations, to save tapping in each one manually.”

Ignoring who is right or wrong in this matter – these are not uncommon requests – I’ve been asked by various governments and “three letter agencies” in the past to do exactly the same thing, which I too have politely declined.

Reading between the lines, the FBI requests would indicate an admission that the actual cryptography within the iPhone is robust and correctly implemented – and that there are no discovered back doors which would allow the FBI access to the data without Apple’s help.

So we can assume that the FBI cannot usually access data stored on iPhones. What help can Apple give?

Read more…

Categories: Encryption, Privacy Laws Tags: , ,

Microsoft vs NY State – Stalemate, or fiasco continues?

September 8, 2014 2 comments

ny court

vsmicrosoft

Following on from the July report of the Southern District Court of NY’s attempt to compel Microsoft US to hand over personal emails from a server controlled by Microsoft Ireland, physically in Ireland (really!), Today Microsoft voluntarily offered themselves to be in contempt of court.

Ie, they know they’ve not done what the court asked, and they don’t intend to.

Bloomburg gave a brief summary of the event –  which is a follow on from the July storyRead more…

Categories: Privacy Laws Tags: ,

Microsoft vs NY Court’s data request. A turning point for privacy?

July 31, 2014 2 comments

ny court

vs

microsoft

An interesting case brewing courtesy of Microsoft and the Southern District court of NY reported by The Register this week

Here, we have a court order from NY requesting Microsoft produce some emails from a server physically located in Ireland, and managed by a local Irish Microsoft subsidiary.

While there is long standing and well understood that company records stored oversees must be delivered on demand, for example Microsofts financial records across the world would have to be delivered to a court requesting such, the law is a little less clear when it comes to data not strictly owned by a company, yet managed by it.  Read more…

Categories: Copyright Protection / DCMA, Privacy Laws Tags: ,

Excellent Blog on Security and Privacy Matters..

January 19, 2011 Leave a comment

I just wanted to post a short note on the excellent Hogan Lovells blog – It’s not gripping reading in the manner of Steven King or Grisham, but if your job or interests revolve around data protection, information security and privacy, the articles posted are well worth your time to read.

http://www.hldataprotection.com/

Categories: Copyright Protection / DCMA, Data Destruction, Data Loss, Privacy Laws Tags:

Got (wiki)Leaks? Call a McAfee (DL)Plumber…

November 30, 2010 Leave a comment

With the current news fracas regarding the latest WikiLeaks disclosures, which have reached a pretty interesting juncture with Congressman Peter King asking for WikiLeaks and it’s founder Julian Assange to be declared “Terrorists and spies”, I thought I’d add my fire to the flame and say quite bluntly –

McAfee can help you protect your information!

Yes, you would not believe it but monitoring for inappropriate disclosure of sensitive information is bread-and-butter stuff to us. Read more…

Categories: Data Leakage Prevention, Data Loss, PHI, PII, Privacy Laws Tags: , , ,

5 Steps To Data Protection Nirvana..

November 5, 2010 Leave a comment

This week as many of you know I’ve been working out of our South African office in Johannesburg, and in particular presented 4 sessions at the McAfee Executive Summit here.

ITWeb, who co-sponsored the event were kind enough to give me a writeup on their site which you can enjoy at your leisure.

Thankyou though to all the customers and partners who came to see us and made the event such a success!

Categories: Fines, Mastercard/McAfee/SafeBoot/Intel, PHI, PII, Privacy Laws, Speaking

Speaking on “Celebrations”, Seattle on 26th August…

August 4, 2010 Leave a comment

No, I’m not talking about weddings or the like, Celebrations is a rather beautiful boat that sails around Lake Washington. McAfee have booked her out for a private tour. Attendance is by registration only, but if you think you might like to come you should approach your McAfee account manager.

Bon Voyage!

Categories: Copyright Protection / DCMA, PHI, PII, Privacy Laws, Speaking

Speaking at “The Security Standard Conference”, NY on 13th September

August 4, 2010 Leave a comment

For those who follow me around, I’ll be speaking at “The Security Standard” on September 13th 2010. It’s only a short spot but I’ll be introducing some new information about McAfee’s unified DLP solution, and talking briefly about data protection regulations.

Categories: Encryption, PHI, PII, Privacy Laws, Speaking Tags: , , ,

Two Gulf States to Ban some BlackBerry Functions..

August 2, 2010 Leave a comment

Following on from a failed state-wide “hack” of the Blackberry system, where the state-controlled telco etisalat tried to distribute a “performance enhancing patch” to Blackberry users (which turned out to be a state-controlled back door program), The United Arab Emirates is threatening to block e-mail sending and IM delivery on Blackberries, and Saudi Arabia is threatening to block Blackberry-to-Blackberry IM.

According to BBC News:

Both nations are unhappy that they are unable to monitor such communications via the handsets. This is because the Blackberry handsets automatically send the encrypted data to computer servers outside the two countries.

Read more…

Categories: Encryption, Privacy Laws Tags: , , , , , ,