Tag: data

EU watchdogs want privacy assurances from Trump

European Union data privacy watchdogs are demanding that a move by US President Donald (Prince of Orange) Trump to crack down on illegal immigration will not undermine a transatlantic pact protecting the privacy of Europeans’ data.

Trump wrote an executive order on January 25 aiming to toughen enforcement of US immigration law. It ordered US agencies to “exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.”

This basically killed off any agreement that the EU had on safe harbour data transfers. It means that if there is a US company running a cloud operation in the EU it has to turn over any data on anyone.

The EU’s data protection authorities said they would write to U.S. authorities “pointing out concerns and asking for clarifications on the possible impact of the Executive Order” on that framework, known as the Privacy Shield, as well as on another agreement protecting law enforcement data shared between the United States and the EU.

The EU-US Privacy Shield is used by almost 2,000 companies including Google, Facebook and Microsoft to store data about EU citizens on US servers and makes possible about $260 billion of trade in digital services.

It replaced a previous system thrown out by the top EU court on the grounds it allowed US spies unfettered access to data stored on US servers.

The European Commission press office has played down concerns over any threat to the privacy of Europeans’ data, saying the US Privacy Act had never protected Europeans’ data and so any changes to it would not affect EU-US data transfer agreements.

But it might be that the European court might see things differently.

Privacy group launches legal challenge against US data deal

Data centreAn Irish privacy group has issued a legal challenge against an EU deal which allows Euro data to end up in US hands.

The EU-US Privacy Shield commercial data transfer pact has been running for  two months but it was hammered out after the European Union’s highest court struck down the previous such framework over concerns about intrusive US surveillance.

The framework enables businesses moving personal data across the Atlantic a way of avoiding falling foul of tough EU data transferral rules.

Digital Rights Ireland has challenged the adoption of the “Privacy Shield” in front of the second-highest EU court, arguing it lacks adequate privacy protections.

It will be a year or more before the court rules on the case and it could still be declared inadmissible if the court finds the Privacy Shield is not of direct concern to Digital Rights Ireland.

More than 500 companies have signed up to the Privacy Shield so far, including usual suspects Google, Facebook and Microsoft.

EU brings in tough data control guidelines

European flagNew EU data protection rules which aim to give citizens back control of their personal data and create a high, uniform level of data protection across the EU was given the final nod by MEPs.

The reform also sets minimum standards on use of data for policing and judicial purposes.

The reform will replace the current data protection directive, dating back to 1995 when the internet was still a baby.

Jan Philipp Albrecht (Greens, DE), who steered the legislation through Parliament said that the general data protection regulation makes a high, uniform level of data protection throughout the EU a reality.

“This is a great success for the European Parliament and a fierce European ‘yes’ to strong consumer rights and competition in the digital age. Citizens will be able to decide for themselves which personal information they want to share”, said
“The regulation will also create clarity for businesses by establishing a single law across the EU. The new law creates confidence, legal certainty and fairer competition”, he added.
The new rules include provisions on:

  • a right to be forgotten.
  • “clear and affirmative consent” to the processing of private data by the person concerned.
  • a right to transfer your data to another service provider.
  • the right to know when your data has been hacked.
  • ensuring that privacy policies are explained in clear and understandable language.
  • stronger enforcement and fines up to 4 per cent of firms’ total worldwide annual turnover, as a deterrent to breaking the rules.

New rules on data transfers to ensure smoother police cooperation

The data protection package also includes a directive on data transfers for policing and judicial purposes. It will apply to data transfers across borders within the EU as well as, for the first time, setting minimum standards for data processing for policing purposes within each member state.

The new rules aim to protect individuals, whether victims, criminals or witnesses, by setting out clear rights and limitations on data transfers for the purpose of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and preventing threats to public security, while at the same time facilitating smoother and more effective cooperation among law enforcement authorities.

Parliament’s lead MEP on the directive Marju Lauristin said that the main problem concerning terrorist attacks and other transnational crimes is that member states’ law enforcement authorities are reluctant to exchange valuable information.

“By setting European standards for information exchange between law enforcement authorities, the data protection directive will become a powerful and useful tool which will help authorities transfer personal data easily and efficiently, at the same time respecting the fundamental right to privacy”, she concluded.

The regulation will enter into force 20 days after its publication in the EU Official Journal. Its provisions will be directly applicable in all member states two years after this date.

Member states will have two years to transpose the provisions of the directive into national law.

Of coure it does not apply to the UK and Ireland’s special status regarding justice and home affairs legislation, the directive’s provisions will only apply in these countries to a limited extent.

Denmark will be able to decide within six months after the final adoption of the directive whether it wants to implement it in its national law.

Governments bugging Facebook much more

bugSocial notworking site Facebook claims that government demands for its user data surged in the first half of 2015.

Facebook’s biannual report is one of the chief indicators of government interest in the company’s data. The social media giant is not allowed to publicise specific requests by law enforcement and spy agencies, but it is allowed to release statistics.

If you are worried about privacy, then the stats make chilling reading. Government requests for account data globally jumped 18 percent in the first half of 2015 to 41,214 accounts, up from 35,051 requests in the second half of 2014.

In the first half of this year, Facebook took down 20,568 posts and other pieces of content that violated local laws, more than doubling the number taken down in the second half of 2014. Such restricted content includes anything from Nazi propaganda in Germany to depictions of violent crimes.

Facebook’s user base has grown explosively to 1.55 billion people, up from 1.4 billion in the second half of last year.

The government often requests basic subscriber information, IP addresses or account content, including people’s posts online.

The bulk of government requests came from US law enforcement agencies. US agencies requested data from 26,579 accounts – comprising more than 60 percent of requests globally – up from 21,731 accounts in the second half of 2014.

France, Germany and Britain made up a large percentage of the requests and had far more content restricted in 2015. Some of the content taken down in Germany included Holocaust denial, Facebook said.

India and Turkey were responsible for most of the content taken down for violating local laws. India had 15,155 pieces of content restricted – nearly triple the amount in the second half of 2014 – while Turkey had 4,496, up from 3,624.

The number of Facebook users in India is up nearly 70 million since June 2014, to more than 190 million users.

Governments have increasingly relied on Facebook’s user data to help investigate criminal cases, which are responsible for most of the requests, Facebook said.

“Facebook does not provide any government with ‘back doors’ or direct access to people’s data,” Facebook wrote.

Car makers read the riot act to tech companies

Old carsWhile tech companies are rushing to make deals with car makers for high tech autos, a spat is developing over all that data the cars generate.

The technology companies want from the car makers –  besides stonking profits and mark-ups – is the data they collect on car users.

Apple and Google have been particularly clear that they want that data to do whatever they do with it — advertising, spamming and spying. However car makers are limiting the data they share with technology partners and are defending access to information about what drivers do in their cars.

It is not out of a desire to protect users’ privacy. The car makers are aware the vehicle data will one day generate billions of dollars in e-commerce, though they are just beginning to form strategies for monetising the information.

According to Reuters , which is always ready to defend Apple’s side of the story, some auto companies have specifically said they will not provide Apple and Google with data from the vehicle’s functional systems – steering, brakes and throttle, for instance – as well as information about range, a measure of how far the car can travel before it runs out of gas.

Don Butler, Ford Motor executive director of connected vehicle and services said the company needed to control access to that data to protect our ability to create value from new digital services built on vehicle data.

Ford is installing a proprietary system, Sync 3, in its cars that is designed to work with and supplement CarPlay and Android Auto.

General Motors has told investors earlier this year that it expects to realize an additional $350 million in revenue over three years from the high-speed data connections it is building into its cars.

Still to be answered, however, are questions concerning how comfortable consumers will be with sharing their personal information from the vehicle. In addition, state and federal regulators could impose limits on data-gathering and sharing.

In this case the carmakers have an answer – users have been giving this data to Apple and Google for years and don’t give a monkeys. At least now they are giving to people who are actually interested in their driving habits. I blame Microsoft, actually.

Submerge your supercomputer in liquid

Yellow-Submarine-HeaderA team of boffins have discovered that if you take your supercomputer and immerse it in tanks of liquid coolant you can make it super efficient.

The Vienna Science Cluster uses immersion cooling which involves putting  SuperMicro servers into a dielectric fluid similar to mineral oil.

The servers are slid vertically into slots in the tank, which is filled with 250 gallons of ElectroSafe fluid, which transfers heat almost as well as water but doesn’t conduct an electric charge.

The Vienna Science Cluster 3 system has a mechanical Power Usage Effectiveness rating of just 1.02, meaning the cooling system overhead is just 2 percent of the energy delivered to the system.

This means that 600 teraflops of computing power uses just 540 kilowatts of power and 1,000 square feet of space.

Christiaan Best, CEO and founder of Green Revolution Cooling, which designed the immersion cooling system. “It is particularly impressive given that it uses zero water. We believe this is a first in the industry.”

Most data centres cool IT equipment using air, while liquid cooling has been used primarily in high-performance computing (HPC). But cloud computing and “big data,” could make liquid cooling relevant for a larger pool of data centre operators.

The Vienna design combines a water-less approach with immersion cooling, which has proven effective for cooling high-density server configurations, including high-performance computing clusters for academic computing, and seismic imaging for energy companies.

SSDs can lose data in seven days

SSD+320+angle+right+1to1Solid State Drives (SSD) can start to lose their data and become corrupted if they are left without power for as little as a week, according to a new Joint Electron Device Engineering Council (JEDEC) report.

Seagate’s Alvin Cox, who is also chairman of the Joint Electron Device Engineering Council (JEDEC), wrote that the time that data will be retained on an SSD is halved for every 5 degrees Celsius (9 degrees Fahrenheit) rise in temperature in the area where the SSD is stored.

Consumer class SSDs can store data for up to two years before the standard drops, but when it comes to SSDs used by enterprises, the drives are only expected to retain data for a period of three months.

This could mean that all those people using SSDs in both consumer and enterprise applications could be in grave trouble if data storage is important and might be needed for longer than three months.

On the back of the report, security companies are warning that SSD users need to make sure to regularly back up their data and create drive images, or they will risk losing their data, which can have disastrous consequences.

The long term stability of SSDs has been questioned for a long time and had been the reason that ordinary hard drives have not disappeared overnight. But a three month turn around month corruption figure had not been widely known.

The technology to find a downed aircraft exists

Technology which means that planes cannot just “drop off the radar” like Malaysia Airlines Flight 370, exists, but airlines felt it was too expensive to bother with.

Medium reports how technology needed to stream crucial flight data to the ground is already on the market – only airlines balked at the $100,000 price tag.

Commercial airliners do transmit some information: radio transponders identify them when scanned by radar, and many are fitted with an Aircraft Communications Addressing and Reporting System, or ACARS, which periodically relays text-message like snippets of information about the aircraft’s status.

In the case of Flight MH370, the transponders seem to have stopped transmitting, and the airline has reportedly declined to comment about ACARS signals while the incident is being investigated.

Computer scientist Krishna Kavi, now at the University of North Texas, proposed streaming this data to cloud storage, in a system he dubbed the “glass box”.

The only problem is that transmitting data through satellites isn’t cheap, and if such a system were operating continuously, the cost would be prohibitive. Wired claimed it would cost “billions of dollars” to implement flight data streaming across the airline industry.

But most of the data is based on the maker of the existing black box technology L-3 which spun a false premise that all flight data would need to be streamed, all of the time.

Paul Hayes, safety and insurance director with Ascend, an aviation consultancy based said that systems could be designed to be triggered by unusual flight events, and only then start streaming flight data.

Such devices are already on the market, fitted to around 350 planes run by about 40 operators and they transmit data that help airlines plan maintenance, or work out how to minimise fuel consumption.

Richard Hayden, a director of FLYHT, the company that makes the system said that it transmits data via Iridium satellitesand can be programmed to start streaming flight data when a plane deviates from its flight plan, or instruments suggest something is going wrong.

If a plane is blown out of the sky by a bomb, or suffers a sudden catastrophic structural failure at cruising altitude it will not be much help but in those rare cases, conventional black boxes are really the only viable technology.

After the Air France disaster, the International Civil Aviation Organisation did consider installing the technology but the industry has concluded that the likely savings were too small. 

Carmakers steal your trip data

Carmakers have been collecting and keeping data about where drivers have been.

A US government watchdog has found that owners of those cars cannot demand that the information be destroyed.

The Government Accountability Office found major automakers have differing policies about how much data they collect and how long they keep it.

According to the Detroit News,  the carmakers collect location data in order to provide drivers with real-time traffic information, to help find the nearest gas station or restaurant, and to provide emergency roadside assistance and stolen vehicle tracking.

Toyota, Honda and Nissan were at the centre of the investigation along with navigation system makers Garmin and TomTom and app developers Google Maps and Telenav.

The report found automakers had taken steps to protect privacy and were not selling personal data of owners, but said drivers are not aware of all risks.

Senator Al Franken said more work needed to be done to ensure privacy protections for in-car navigation systems and mapping apps. He plans to reintroduce his location privacy legislation sometime this year.

As cars get smarter, there is more than just navigation systems creating interesting data. Event data recorders, known as “black boxes,” store data in the event of crashes. Transponders like EZ-PASS transmit location and are used in some instances by law enforcement and for research. Some owners also agree to monitoring of driving habits to qualify for lower insurance rates or to keep tabs on teen drivers.

A contractor that works with three of the companies told the GAO that when a consumer requests services, information such as location, vehicle information number and other information may be kept for up to seven years.