ICO set to endorse UK privacy seal schemes
Following a recent public consultation, the UK's ICO indicated its intention to approve third-party "privacy seal" schemes by 2016. The consultation was in anticipation of the European Commission's new data protection regulation, which may include provisions to encourage the adoption of privacy seals, as well as trust marks and certification mechanisms, in order to build confidence among consumers about the handling of personal data. The ICO has issued a guide for organisations seeking to be approved as providers of a privacy seal scheme.
Finish banks under attack
OP Pohjola, one of Finland's largest banks, has suffered a DDoS attack. The attack, thought to be launched both from Finland and abroad, started on New Year's Eve and continued for several days. Although the bank tweeted on Sunday morning that services were operating normally, further attacks took place on Sunday afternoon preventing access to banking services for OP's customers. Two of Finland’s other big banks also suffered problems with Nordea also targeted by a DDoS attack and Danske Bank reporting that its online services were down due to internal system problems.
Cyber-attack on websites of Angela Merkel and the Bundestag
The websites of the Office of the German Chancellor Angela Merkel and the Bundestag were shut down on Wednesday following a cyber-attack. A group called CyberBerkut have taken responsibility for the DDoS attack which left the websites paralysed for several hours. A spokesperson from the Bundestag confirmed that the internal IT systems were not affected.
Lizard Squad to offer new hacking service
Lizard Squad, a hacking group, is now offering the opportunity for customers to overwhelm a server via a DDoS for a fee. The group is denying any potential liability for the consequences of using the tool, named "Lizard Stresser", by preventing the user from hiding their identity and location and is presented as an "opportunity to make your firewalls better, not to misuse against the law". The service is thought to incur charges of only USD6 to USD500 for each attack, to be paid in bitcoin.
FTC finalises Snapchat charge
Following the disclosure that "snaps" sent via the Snapchat app were not destructed as advertised, but instead stored on a directory accessible via a third-party app, the US FTC has approved a final order settling its charges against the company. The settlement does not include a fine but will prohibit Snapchat from misrepresenting the extent to which it maintains users’ information and the company will be required to implement a comprehensive privacy program, to be monitored by an independent privacy professional for the next 20 years.
Taiwan clears twelve smartphone manufacturers from data breaches
After an investigation by the Taiwanese regulators into twelve smartphone manufacturers accused of data security breaches, all the manufacturers were cleared from breaking local data protection laws. The manufacturers included Apple, Samsung, Sony and Xiaomi. The probe was prompted by reports that Xiomi phones sent user data to servers situated in mainland China and soon widened to cover the eleven other manufacturers.