US and UK regulators impose new cyber security standards

The New York State Department of Financial Services (NYDFS) has committed this week to "strengthening cyber security standards for banks' third-party vendors" in the wake of a report highlighting deficiencies in US banks' oversight of suppliers' cyber security. The NYDFS has expressed the significance of cyber security and changes are due to be implemented in a matter of weeks. The UK's Financial Conduct Authority has also announced its focus on cyber security and will issue new guidelines to coincide with the EU Payment Services Directive which is currently undergoing final negotiations.

Europe force Germany to change privacy laws after Germanwings disaster

The European Commission (EC) has announced this week that it is to take legal action against Germany over safety failings in connection with the suicide crash of Germanwings Flight 4U9525 into the French Alps in March.  The European Union will bring an infringement action against Germany to require doctors and airlines to share medical information of pilots with aviation regulators.  Currently, Germany's data protection laws prohibit the sharing of such information.

EU action against Google announced

The EU issued Google with a "statement of objections" on Wednesday over alleged anti-competitive behaviour following a five year investigation likely to culminate in billions of euros of fines. Google is accused of promoting results from its own services over those of competitors. This comes in the wake of the recent Court of Appeal decision in the UK relating to Google's misuse of cookies in order to obtain user information.  Google is also facing enquiries into anti-competitive behaviour by authorities in India, Russia, Brazil, Argentina, Taiwan and Canada.

Unlimited fines available to UK Magistrates' courts for data breaches

A change to the Legal Aid, Sentencing and Punishment of Offenders Act 2012 (Fines on Summary Conviction) Regulations 2015 came into force on Monday removing the GBP 5,000 cap on fines for criminal offences under the Data Protection Act. Magistrates' courts can now give unlimited fines for obtaining or disclosing personal data without the consent of the data controller.
New UK Digital Rights Bill proposed

Leader of the UK's Liberal Democrat Party, Nick Clegg has called for a new Digital Rights Bill to be introduced if the party were to form a new coalition government after the forthcoming election.  The Bill would govern fundamental rights on the internet and follows several high-profile data breaches involving health and pension data. Current proposals contain prison sentences for data theft by public and private companies.

IBM launches health unit to deal with health app data

IBM has launched Watson Health, "a secure, cloud-based data sharing hub" to analyse the health data collected by apps and wearable fitness technology. It will allow information to be used for diagnostic purposes and to be shared with medical professionals but critics have raised concerns about the accuracy of such technology. The associated privacy issues are a key consideration for users, medical professionals and employers as consent must be freely given, especially if the data is being used to monitor employees.

India introduces advisory body to tackle cyber crime

Following vast increases in levels of cyber crime, India's Maharashtra government announced this week that it will set up a new bipartisan body to investigate security and cyber breaches in the country. In 2014, 2,736 cases of cyber crime were reported but not a single conviction has been brought.  The new unit aims to introduce the technical expertise to deal with this worrying trend.