Data Protection

Tighter rules for university researchers

Confirmation that Canadian university researchers have collaborated with military scientists in China has prompted Innovation, Science and Industry Minister François-Philippe Champagne to promise tighter national-security requirements “shortly.” He also noted, however, that universities are a provincial jurisdiction. [node:read-more:link]

Secrecy classification overdone

U.S. National Security Director Avril Haines says that ongoing investigations into the handling of sensitive documents by former U.S. presidents and vice- presidents highlight problems with “over-classification” protocols. “We must keep certain information secret or we will not be able to do our job in the intelligence community,” she said, suggesting it is overdone. “It does have to meet a national security standard.” [node:read-more:link]

Greens mishandled membership data

Personal information on thousands of Green Party of Canada members and supporters were published online for an indefinite period of time in violation of the party’s own rules but the party closed down access to the Google Drive document January 26. Anne Cavoukian, a former Ontario information and privacy commissioner, called it an “appalling” breach of trust [node:read-more:link]

Home Depot shared consumer data

Federal Privacy Commissioner Philippe Dufresne disclosed January 26 that Home Depot shared details from customers’ electronic receipts with Meta, the corporate parent of the Facebook social media platform. The information included encoded email addresses and purchase details which the social media used to target the chain’s customers with specific advertising. [node:read-more:link]

RCMP’s China-linked deal suspended

Public Safety Minister Marco Mendicino’s office said today that the government has suspended a contract with a Toronto-area company, Sinclair Technologies, to supply the RCMP with communications equipment designed to prevent eavesdropping. The company’s corporate parent in B.C., Norsat International, is owned by a Chinese entity the U.S. considers an “unacceptable” national security risk. [node:read-more:link]

Tik Tok labelled a security threat

U.S. Treasury Secretary Janet Yellen says the globally popular Chinese-owned video-sharing app TikTok poses “legitimate national security concerns” due to the potential for the Chinese Communist Party to gain access to users’ data or expose them to propaganda. The globally-popular platform and its Beijing parent, Byte Dance, are being investigated by her department’s foreign investment committee. [node:read-more:link]

Mega-fine for Meta after hack

Facebook’s parent company, Meta, has been fined €265 million by Ireland’s Data Protection Commission after an inquiry showed that search and contact-importing tools for Messenger and Instagram was used to extract customer data between May 2018 and September 2019. A total of 533 million customers in 106 countries were affected. [node:read-more:link]

Apple discloses IOS vulnerabilities

Users of iPhones, iPads, iMacs and some older iPods are being advised to update their operating systems after Apple disclosed two vulnerabilities which could give hackers “full admin access” to the devices. Issued last week, the disclosure evidently received little attention outside of technical publications and Apple explained only that the problem has been discovered by an anonymous researcher. [node:read-more:link]

Russian hackers keeping busy

Microsoft has published new details about suspected Russian hackers who have carried out cyberespionage attacks against NATO government organizations, think tanks, and defence contractors since at least 2017. The company’s Threat Intelligence Center said August 15 that it has “taken actions to disrupt campaigns” launched by the group. [node:read-more:link]

CIA sued over surveillance in U.

The Central Intelligence Agency and its former director are the targets of a lawsuit filed August 15 in New York by a group of journalists and lawyers. They say they were placed under surveillance when they met in London with WikiLeaks founder Julian Assange and that the CIA’s activities violated their privacy rights by recording conversations and copying data from their phones and computers. [node:read-more:link]

Critical vulnerability blowing up the internet

With cybersecurity experts saying "the internet’s on fire", the federal government is warning all organizations to be on guard against a “critical internet vulnerability” that could be exploited by organized crime. A number of government departments took some services offline over the weekend to assess the threat posed by software used by an estimated two-thirds of web servers worldwide. [node:read-more:link]

Ukraine hit by massive cyberattack

The websites of seven Ukrainian government ministries and other services were rendered temporarily unavailable today by what the foreign ministry says was a huge cyberattack. A ministry official said that while it was too early to assign blame, “there is a long record of Russian cyber assaults against Ukraine.” The hackers said in Ukrainian, Russian and Polish that Ukrainians should “be afraid expect the worst.” [node:read-more:link]

Duclos and Tam summoned by Opposition

Opposition MPs on the House of Commons standing committee on information, privacy and ethics wants Health Minister Yves Duclos and Dr. Theresa Tam, the chief public health officer, to justify the Public Health Agency of Canada’s collection of data from millions of mobile phones to understand travel patterns during the coronavirus. The MPs fear that customers’ privacy could be compromised even though the PHAC is seeking anonymized data. [node:read-more:link]

Google slapped with huge Russian fine

A Moscow court fined California-based Google the equivalent of US$98.4 million today over the company’s failure to delete locally-banned content. The penalty, based on Google’s revenues, is part of a campaign against large western technology companies, including demands that Russians’ personal data be stored on domestic servers. [node:read-more:link]

U.S. blacklists more foreign companies

Citing national security and foreign policy concerns, the U.S. has added a dozen more Chinese companies to its restricted trade list as well as Japanese, Pakistani and Singaporean companies and the Moscow Institute of Physics and Technology. Eight of the Chinese companies allegedly assisted the military's quantum computing efforts and acquired or tried “to acquire U.S. origin-items in support of military applications.” [node:read-more:link]


Subscribe to RSS - Data Protection