Story image

The continuous subtleties of data privacy and security

08 Feb 17

The ongoing complexities and issues related to data privacy and security that spans jurisdictions around the globe were explored in a Comment piece in today’s US print edition of the financial times.

In “Virtual sovereignty can help you govern data“, Andrew Burt (chief privacy officer at Immuta) and Craig Mundie (former chief research and strategy officer at Microsoft) highlight that there are several dynamics involved in determining sovereignty and so control over data.

They include considering where the creator of the data existed at the time the data was formed. This location could very well differ to where the data is now stored.  And finally the third aspect could be the location from from where the inquiry is being undertaken.

For example, new data about a financial transaction is physically executed in the United Stares. Thus the data and the system used are subject to US federal and state jurisdiction. 

That data is then moved and housed in a cloud or server physically sitting in Ireland. Now that equipment and data is subject to that country’s and EU jurisdiction. 

Finally the Japanese state police, via Interpol, seek access to that data in support of a criminal money-laundering case.  Now the inquiry has to work through Japanese, Interpol, EU, US and Irish jurisdictions. Or does it?

So then the question arises- which takes precedence and why? And other questions emerge - why can’t entities harmonize their regulations in order to make them simpler? 

This draws out the point that countries have different views on privacy and security and so there won’t likely be any universal harmonization - perhaps just regional blocks that support similar conditions.

This will keep us all, and the lawyers, busy for a long time to come.

Article by Andrew White, Gartner blog network 

Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).