Story image

The continuous subtleties of data privacy and security

08 Feb 2017

The ongoing complexities and issues related to data privacy and security that spans jurisdictions around the globe were explored in a Comment piece in today’s US print edition of the financial times.

In “Virtual sovereignty can help you govern data“, Andrew Burt (chief privacy officer at Immuta) and Craig Mundie (former chief research and strategy officer at Microsoft) highlight that there are several dynamics involved in determining sovereignty and so control over data.

They include considering where the creator of the data existed at the time the data was formed. This location could very well differ to where the data is now stored.  And finally the third aspect could be the location from from where the inquiry is being undertaken.

For example, new data about a financial transaction is physically executed in the United Stares. Thus the data and the system used are subject to US federal and state jurisdiction. 

That data is then moved and housed in a cloud or server physically sitting in Ireland. Now that equipment and data is subject to that country’s and EU jurisdiction. 

Finally the Japanese state police, via Interpol, seek access to that data in support of a criminal money-laundering case.  Now the inquiry has to work through Japanese, Interpol, EU, US and Irish jurisdictions. Or does it?

So then the question arises- which takes precedence and why? And other questions emerge - why can’t entities harmonize their regulations in order to make them simpler? 

This draws out the point that countries have different views on privacy and security and so there won’t likely be any universal harmonization - perhaps just regional blocks that support similar conditions.

This will keep us all, and the lawyers, busy for a long time to come.

Article by Andrew White, Gartner blog network 

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.
Red Box gains compliance boost with new partnership
By partnering with Global Relay, voice platform provider Red Box is improving the security of its offerings for high-value and risk voice data.