Category Archives: eu

European Governments Approve Controversial New Copyright Law

An anonymous reader quotes a report from Ars Technica: A controversial overhaul of Europe's copyright laws overcame a key hurdle on Wednesday as a majority of European governments signaled support for the deal. That sets the stage for a pivotal vote by the European Parliament that's expected to occur in March or April. Supporters of the legislation portray it as a benign overhaul of copyright that will strengthen anti-piracy efforts. Opponents, on the other hand, warn that its most controversial provision, known as Article 13, could force Internet platforms to adopt draconian filtering technologies. The cost to develop filtering technology could be particularly burdensome for smaller companies, critics say. Online service providers have struggled to balance free speech and piracy for close to two decades. Faced with this difficult tradeoff, the authors of Article 13 have taken a rainbows-and-unicorns approach, promising stricter copyright enforcement, no wrongful takedowns of legitimate content, and minimal burdens on smaller technology platforms. But it seems unlikely that any law can achieve all of these objectives simultaneously. And digital-rights groups suspect that users will wind up getting burned -- both due to wrongful takedowns of legitimate content and because the burdens of mandatory filtering will make it harder to start a new online hosting service.

Read more of this story at Slashdot.

(ISC)² Secure Summit EMEA will welcome hundreds of the best minds in cybersecurity

This year’s (ISC)² Secure Summit EMEA will take place in The Hague in April. In order to find out what elements set this event apart from other cybersecurity events, we sat down with Mary-Jo de Leeuw, Director of Cybersecurity Advocacy, EMEA at (ISC)². How has the fast-paced threat landscape influenced the program of this year’s (ISC)² Secure Summit EMEA event? The rapid pace of change has been fundamental in forming the agenda for this year’s … More

The post (ISC)² Secure Summit EMEA will welcome hundreds of the best minds in cybersecurity appeared first on Help Net Security.

Bank of Valletta suspended all operations in wake of cyber attack

Maltese Bank of Valletta (BOV) has been breached by hackers and has temporarily suspended all of its operations to minimize risk and review its systems. The bank shuttered its braches across the island, disabled ATMs, internet and mobile banking and prevented its customers from using BOV cards for effecting payments in stores, hotels, restaurants, etc. What is known about the attack? According to Times of Malta, the attack was detected shortly after the start of … More

The post Bank of Valletta suspended all operations in wake of cyber attack appeared first on Help Net Security.

88% of UK businesses breached during the last 12 months

The UK’s cyber threat environment is intensifying. Attacks are growing in volume, and the average number of breaches has increased, according to Carbon Black. Key survey research findings: 88% of UK organizations reported suffering a breach in the last 12 months The average number of breaches per organization over the past year was 3.67 87% of organizations have seen an increase in attack volumes 89% of organizations say attacks have become more sophisticated 93% of … More

The post 88% of UK businesses breached during the last 12 months appeared first on Help Net Security.

Huawei Would Accept EU Supervision To Lay 5G Network

An anonymous reader quotes a report from TechRadar: Huawei has said it is willing for its equipment and activities to be supervised by the European Union (EU) as it continues to fend off the threat of restrictions on the use of its kit in 5G networks. Last year it emerged the US, which has long frozen out the company from its own telecommunications infrastructure, had been encouraging other western nations to take similar action. The main basis for Washington's fears is a perception that Huawei is linked to the Chinese government and that the use of the company's equipment risks the possibility of backdoors that could be used for espionage. These fears are heightened by 5G because of the sensitive information these networks will carry. The US is concerned that if its allies continue to use Huawei kit, then America's security will be threatened. Now, Abraham Liu, Huawei's chief representative to EU institutions, has used a speech to mark the Chinese New Year to repeat the company's denials and to stress its willingness to cooperate with the EU and European governments. "Cybersecurity should remain as a technical issue instead of an ideological issue. Because technical issues can always be resolved through the right solutions while ideological issue cannot," he is quoted as saying. "We are always willing to accept the supervision and suggestions of all European governments, customers and partners." A number of European nations, including the UK and Germany, have expressed concern about the use of Huawei equipment in their telecoms infrastructure, however earlier this week, France rejected proposals that would increase checks Last week, Huawei pledged to spend about $2 billion over five years to resolve the security issues in the United Kingdom. However, they also claimed that the firm "has never and will never use UK-based hardware, software or information gathered in the UK or anywhere else globally, to assist other countries in gathering intelligence." They added: "We would not do this in any country."

Read more of this story at Slashdot.

Google Warns News Sites May Lose 45 Percent of Traffic If EU Passes Its Copyright Reform

Google's SVP of Global Affairs, Kent Walker, laid out Google's opposition to the EU's highly contested copyright reform rules. "Google warns Article 11 and Article 13 could have catastrophic effects on the creative economy in Europe by hampering user uploads and news sharing," reports The Next Web. From the report: Article 11 in its current form will limit news aggregators' abilities to show snippets of articles. According to Google's own experiments, the impact of it only showing URLs, very short fragments of headlines, and no preview images would be a "substantial traffic loss to news publishers." "Even a moderate version of the experiment (where we showed the publication title, URL, and video thumbnails) led to a 45 percent reduction in traffic to news publishers," Walker explained. "Our experiment demonstrated that many users turned instead to non-news sites, social media platforms, and online video sites -- another unintended consequence of legislation that aims to support high-quality journalism." "Article 11, called the 'link tax' by opponents, requires anyone who copies a snippet of text from a publisher's articles to have a license to do so," reports ZDNet. "Article 13 demands that online platforms filter and block uploads of copyright-infringing material." The European Parliament approved Article 11 and Section 13 in September. The finalized version may be passed in March or April of this year.

Read more of this story at Slashdot.

Four differences between the GDPR and the CCPA

By passing the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, the Golden State is taking a major step in the protection of consumer data. The new law gives consumers insight into and control of their personal information collected online. This follows a growing number of privacy concerns around corporate access to and sales of personal information with leading tech companies like Facebook and Google. The bill was signed by … More

The post Four differences between the GDPR and the CCPA appeared first on Help Net Security.

Free training course material on network forensics for cybersecurity specialists

Based on current best practices, the training includes performance indicators and means that will help those who take it increase their operational skills of tackling cyber incidents. Network forensics is more important than ever, since more and more data is sent via networks and the internet. When there is a security incident, network forensics can help reduce the time needed to go from Detection to Containment – an essential step in any major security incident. … More

The post Free training course material on network forensics for cybersecurity specialists appeared first on Help Net Security.

ENISA outlines top cyber threats and trends in 2018

In 2018, the cyber threat landscape changed significantly. The most important threat agent groups, namely cyber-criminals and state-sponsored actors have further advanced their motives and tactics. Monetisation motives contributed to the appearance of crypto-miners in the top 15 cyber threats. Advances in defence have also been assessed: law enforcement authorities, governments and vendors were able to further develop active defence practices such as threat agent profiling and the combination of cyber threat intelligence (CTI) and … More

The post ENISA outlines top cyber threats and trends in 2018 appeared first on Help Net Security.

Industry reactions to Data Privacy Day 2019

The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Privacy Day is observed annually on Jan. 28. Cindy Provin, CEO, nCipher Security These high profile policy developments are sending a signal that the days of using personal data for commercial advantage … More

The post Industry reactions to Data Privacy Day 2019 appeared first on Help Net Security.

GDPR-ready organizations see lowest incidence of data breaches

Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments, according to Cisco’s 2019 Data Privacy Benchmark Study. The study validates the link between good privacy practice and business benefits as respondents report shorter sales delays as well as fewer and less costly data breaches. Business benefits of privacy investments The GDPR, which focused on increasing protection for EU residents’ privacy and personal data, became enforceable … More

The post GDPR-ready organizations see lowest incidence of data breaches appeared first on Help Net Security.

France watchdog fines Google with $57 million under the EU GDPR

The French data protection watchdog CNIL announced a fine of 50 million euros ($57 million) for US search giant Google under GDPR.The French data protection watchdog CNIL announced a fine of 50 million euros ($57 million) for US search giant Google under GDPR.

On 21 January 2019, the CNIL’s restricted committee imposed a financial penalty of 50 Million euros against the company GOOGLE LLC, in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, inadequate information and lack of valid consent regarding the ads personalization.” reads the press release published by the CNIL.

The investigation conducted by the French watchdog was started with two complaints against Google by the non-profit organizations None Of Your Business (NOYB) and La Quadrature du Net (LQDN).
Both organizations filed a complaint against Facebook in May.

The CNIL condemned Google for the violation of transparency and consent rules under the EU GDPR,

The search engine giant made it difficult for its users to find and manage preferences on data processing purposes, data retention, in particular with regards to targeted advertising.

Google has intentionally disseminated this information among too many documents, access them required up to 6 separate actions.

Anyway, the CNIL confirmed that that information is “not always clear nor comprehensive.”

“Moreover, the restricted committee observes that some information is not always clear nor comprehensive.” continues the press release.

“Users are not able to fully understand the extent of the processing operations carried out by Google,” the Commission says. “Similarly, the information communicated is not clear enough so that the user can understand that the legal basis of processing operations for the ads personalization is the consent and not the legitimate interest of the company.”

Google French watchdog

Google was also condemned because it does not obtain its user’s explicit consent to process data for targeted advertising.

the user not only has to click on the button “More options” to access the configuration, but the display of the ads personalization is moreover pre-ticked. However, as provided by the GDPR, consent is “unambiguous” only with a clear affirmative action from the user (by ticking a non-pre-ticked box for instance).”

The French watchdog also noted that before creating an account, the user is asked to tick the boxes « I agree to Google’s Terms of Service» and « I agree to the processing of my information as described above and further explained in the Privacy Policy» in order to proceed with the operation. But in this way, the user gives his full consent for all the processing operations purposes carried out by GOOGLE, including ads personalization, speech recognition. However, the GDPR provides that the consent must be explicit and “specific” for each purpose, broader consent is not allowed.

Are 50 euros million a big fine?

Absolutely no in comparison to the fines allowed by GDPR that could be also of 4 percent of the company’s annual global revenue.

Google has contested the decision of the French watchdog, it said that it should not apply only to the global Google.com domain.

“People expect high standards of transparency and control from us. We’re deeply committed to meeting those expectations and the consent requirements of the GDPR. We’re studying the decision to determine our next steps.” reads a statement issued by the company.

Pierluigi Paganini

(SecurityAffairs – French watchdog, Google)

The post France watchdog fines Google with $57 million under the EU GDPR appeared first on Security Affairs.

Industry reactions to Google’s €50 million GDPR violation fine

On 21 January 2019, the French National Data Protection Commission (CNIL) imposed a financial penalty of €50 million against Google, in accordance with the GDPR. This is the first time that the CNIL applies the new sanction limits provided by the GDPR. The amount decided and the publicity of the fine are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent. Here are some reactions … More

The post Industry reactions to Google’s €50 million GDPR violation fine appeared first on Help Net Security.

Dutch Surgeon Wins Landmark ‘Right To Be Forgotten’ Case

AmiMoJo shares a report from The Guardian: A Dutch surgeon formally disciplined for her medical negligence has won a legal action to remove Google search results about her case in a landmark "right to be forgotten" ruling. The doctor's registration on the register of healthcare professionals was initially suspended by a disciplinary panel because of her postoperative care of a patient. After an appeal, this was changed to a conditional suspension under which she was allowed to continue to practice. But the first results after entering the doctor's name in Google continued to be links to a website containing an unofficial blacklist, which it was claimed amounted to "digital pillory." It was heard that potential patients had found the blacklist on Google and discussed the case on a web forum. The surgeon's lawyer, Willem van Lynden, said the ruling was groundbreaking in ensuring doctors would no longer be judged by Google on their fitness to practice. "Now they will have to bring down thousands of pages: that is what will happen, in my view. There is a medical disciplinary panel but Google have been the judge until now. They have decided whether to take a page down -- and why do they have that position?" Van Lynden said.

Read more of this story at Slashdot.

Tesla Model 3 Is Heading To Europe

The Tesla Model 3 has cleared its last regulatory hurdle in Europe and will soon go on sale in the continent home to Audi, BMW, and Mercedes-Benz. "Deliveries should start in February for the Long Range Battery version of the midsize sedan -- the same variant first sold in the U.S. -- according to Tesla, after Dutch vehicle authority RDW issued the OK," reports Bloomberg. From the report: The European launch is crucial for Tesla as it navigates what Chief Executive Officer Elon Musk called a "very difficult" road ahead. The company is cutting jobs so it can profitably deliver lower-priced versions of the Model 3, Tesla's first car targeted for the mass market. Musk has pointed to sales of the sedan in Europe and China as a main reason he isn't concerned about any potential setback caused by a halving of the U.S. federal tax credit, to $3,750, on Tesla purchases as of Jan. 1. With the Model 3, Tesla also has an opportunity to broaden its attack on the premium car market dominated by Germany's BMW AG, Daimler AG-owned Mercedes-Benz and Volkswagen AG's Audi. Tesla, based in Palo Alto, California, said in its third-quarter shareholder letter that "the midsized premium sedan market in Europe is more than twice as big as the same segment in the U.S." The Model 3 became the top-selling luxury car there last year, outstripping the Audi Q5, BMW 3 Series and other well-known models. Analysts and industry executives, however, have observed that competition with Tesla cuts across traditional categories.

Read more of this story at Slashdot.

Europe’s Controversial ‘Link Tax’ in Doubt After Member States Rebel

Copyright activists just scored a major victory in the ongoing fight over the European Union's new copyright rules. An upcoming summit to advance the EU's copyright directive has been canceled, as member states objected to the incoming rules as too restrictive to online creators. From a report: The EU's forthcoming copyright rules had drawn attention from activists for two measures, designated as Article 11 and Article 13, that would give publishers rights over snippets of news content shared online (the so-called "link tax") and increase platform liability for user content. [...] After today, the directive's future is much less certain. Member states were gathered to approve a new version of the directive drafted by Romania -- but eleven countries reportedly opposed the text, many of them citing familiar concerns over the two controversial articles. Crucially, Italy's new populist government takes a far more skeptical view of the strict copyright proposals. Member states have until the end of February to approve a new version of the text, although it's unclear what compromise might be reached. Further reading: EU Cancels 'Final' Negotiations On EU Copyright Directive As It Becomes Clear There Isn't Enough Support.

Read more of this story at Slashdot.