US

Talks Intensify On Privacy Shield Replacement

By Dave McKay in compliance

April 3, 2021

EU and U.S. Data Flow Talks Cranked Up a Notch As I reported back in July 2020 in a blog titled CJEU Invalidates EU-US Privacy Shield Agreement, the EU-U.S. Privacy Shield agreement, which allowed data to be transmitted out of the EU to participating US companies, was ruled invalid by the Court of the European Union (CJEU). On March 25th, 2021, the EU Commissioner for Justice and the U.S. Secretary of Commerce made a joint statement on the state of the negotiations to find a solution that would permit the flow of personal data to recommence.

Continue reading

Story Behind Bizarre Strategic Command Tweet

By Dave McKay in cybersecurity

March 31, 2021

Gobbledegook Tweet Causes Panic An ominous tweet from the US Strategic Command—the agency responsible for looking after America’s nukes—simply said “;l;;gmlxzssaw”. Was it a message in a strange code, or maybe a glitch in the software? Had the account been hacked—and if so, what else had been hacked? Thankfully, this time, there’s no need for panic. It turns out a working-from-home manager had left his computer unattended and his young child mashed on the keyboard a few times.

Continue reading

UK Adequacy Decision Drafted

By Dave McKay in compliance

February 26, 2021

Post-Brexit EU-UK Adequacy Decision Has Been Drafted Before you can transmit personal data from a European Union country to a country not within the EU or the European Economic Area—known as a third country—there has to be an adequacy decision made by the European Commission. The third country must have a framework in place that both provides data protection and upholds the rights of the data subjects as well as—or better than—the EU’s General Data Protection Regulation.

Continue reading

FBI Warns US Hospitals About Ransomware

By Dave McKay in cybercrime

October 30, 2020

FBI: US healthcare system facing “increased and imminent” threat of attack The FBI, the Department of Homeland Security, and the Department of Health and Human Services warned that they had “credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers”. The attacks are ransomware attacks using the Ryuk ransomware strain. They suspect Russian-speaking threat actors are behind the attacks, which are believed to be financially, not politically, motivated.

Continue reading

CJEU Invalidates EU-US Privacy Shield Agreement

By Dave McKay in compliance

July 18, 2020

Privacy Shield No Longer Adequate The Court of Justice of the European Union has invalidated the EU-U.S. Privacy Shield agreement, which allowed data to be transmitted out of the EU to the US, if the receiving company operated under the strictures of the Privacy Shield scheme. If a country is not in the European Union (EU), and not within the European Economic Area (EEA), it is considered to be a third country.

Continue reading

Categories

Tags