I missed this, progress on the new EU directive on data protection and implications on Safe Habor on the excellent Panopticon blog

To summarize seems they need to trash what has already been created and start again. Germany in the driving seat now, I think, which means there should be some action. Nevertheless excepted completion is this year, 2014. Concerns about the alignment of Safe Harbor with this directive, particularly considering the amount of personal data from EU citizens, e.g. Facebook, etc., that is held in the U.S.

I really like this. It came out last week just when I was mentally preparing to travel up to Mora for Tjejvasan on Tuesday 😉

Angela wants to try and keep EU data in the EU boundaries, especially personal data.

Concerns voiced by experts talk about the amount of work involved to redo all the router configuration tables, after all networks are configured to get packets from A2B as quickly as possible, it may not always be the most direct route. For example when it is often faster to take the motorway bypass when driving your car, than it is to take the small roads. Packet routing is working exactly the same, depending on traffic congestion, fastest routes are calculated. A redo of router configuration tables would be like removing option to take a faster route if one route is congested.

Cryptography expert states that it would be much more effective to encrypt packets, that way it would not matter where they go, even over hostile territory. Some issues here are that: 1) Cryptography has some overhead cost, this is like adding additional packaging for post, it makes the package larger and heavier; 2) How does a non-technical person know when to encrypt? After all it doesn’t make sense to send everything encrypted? 3) I love the evolutions with quantum computing, as it can solves many problems simultaneously, although each quantum processor must be designed with a purpose in mine…e.g. for security it could be the decryption of a specific algorithm. It’s extremely expensive, but imagine when NSA or criminal networks that have this kind of money start using quantum computing for intelligence and data-mining purposes?

I believe that we have enough networks in EU to route packets within the EU before they are sent outside of the EU. This also prepares us for the future when it will be much easier to decrypt even the most secure algorithms used today. So yes, it requires some work, but just as we in the EU would like to keep our cloud services in the EU, so would we like to keep our personal information, encrypted or not!

Wow, Germany courts have done it again! They are so good at protecting the personal privacy of their citizens! Read on, it connects to an individual’s ‘right to be forgotten’.

Google have been been over-ruled concerning how the ‘autocomplete’ function in the search dialog works. Basically this is generated by what other users have been searching for. The reason why this has become a case for personal integrity, and also a person’s reputation is because words associated with a particular person, either by rumor or otherwise, and thus searched by users impacts that person’s reputation.

The case in question was when the complainants’ names were typed into Google’s search bar, the autocomplete function added the ensuing words “Scientology” and “fraud”.The continuing association of their names with these terms infringed their rights to personality and reputation as protected by German law (Articles 823(1) and 1004 of the German Civil Code).

What does this mean for Google? Well once Google has been alerted to the fact that an autocomplete suggestion links someone to libellous words, it must remove that suggestion.

According to Panopticon blog this German ruling is extending the “frontiers of legal protection for personal integrity and how we allocate responsibility for harm. Google says that, in these contexts, it is a facilitator not a generator. It says it should not liable for what people write (scroll down to “Google and the ‘right to be forgotten’” here, in Spain a previous case), not for what they search for (the recent German case). Not for the first time, courts in Europe have allocated responsibility differently.”

Now this is a really interesting legal case. Facebook has a marketing and advertising business established as a separate legal entity in Germany. In December 2012, the Schleswig DPA issued orders against Facebook Inc. in the U.S. and Facebook Ltd. in Ireland, in which the DPA demanded that Facebook allow its German users to use pseudonyms.

So which law applies? Germany, Ireland, or US? In the end Germany lost. It was decided that the Irish DPU laws applied. The ruling stated that it was not considered a sufficient presence to warrant the application of German data protection law.

This is the dilemma, to increase surveillance in the name of personal safety or to not do this as it violates our right to personal privacy?

Remember what happened after the terror attacks on the twin towers in New York? A whole host of privacy invading legislation was passed in the U.S., that now requires visitors to go through the inconvenience and indignity of being fingerprinted like criminals and having our faces scanned. And there is no road back, it is a one-way street. Once a practice starts it becomes accepted over time as the norm.

The UK has dragged through legislation on the mandatory issue of ID cards. Although they have not succeeded in getting this through for all UK citizens, they will… they have started with all UK immigrants who today have no choice. Most youngsters need ID in order to get accepted in most bars, so it has become a norm among this age group. All in the name of personal safety, trying to control, and control something that is not controllable.

So now officials from Finland, Estonia and Germany have called for expanded monitoring powers on the Internet in wake of the Oslo tragedy. Apparently the guilty party for this attack published a Twitter message, a YouTube video and a 1,500 manifesto linking to the buildup to these terrible crimes. Read more here.

And we are back to the dilemma thing. As a mother I am screaming out for these “expanded monitoring powers”, but as a privacy advocate I am terrified by these developments as it gives justifications for increased invasions to our private space, that is getting smaller and smaller…..

I love what is going on in Germany during a few months now, in that almost 250,000 Germans have told Google to blur pictures of their homes on the Street View service. Which is quite right. The EU directive on data privacy gives the data subject the right to consent to any personal information being stored. I wonder why it is only happening in Germany and not elsewhere in the EU, after all it is our right as data subjects.

Interesting developments in Germany. They are passing laws that:
1) restrict data mining (on social networking sites) of potential candidates for jobs; and,
2) privacy in the workplace in favour of the employee

Read more here…

Next Page »