Hammond details scope of email surveillance in UK

UK Foreign Secretary Philip Hammond confirmed that British authorities collect private emails and  social media messages sent to or from countries outside of the UK. Hammond said that although the  collection of this data was without ministerial sign off, none of the messages are individually  examined without a signed warrant from him granting permission. Hammond added that the public  should have confidence as Britain lacked the resources to analyse mass data.

New European Data Protection Supervisor nominated

Giovanni Buttarelli was voted for the post of European Data Protection Supervisor (EDPS) last week  by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs. Referred to as  the “privacy watchdog”, the EDPS’ main objective is ensuring that the European institutions,  bodies, agencies and offices respect the privacy of citizen data. The Committee’s nominations will  be voted on by the Parliament’s plenary session, and subsequently by the EU Council.

Alarming HIPAA results

In the phase one audits under the US Health Insurance Portability and Accountability Act (HIPAA),  in which organisations were randomly selected to be audited, only 11% of those investigated came  back with a clean  bill of health. The most common cause for a violation was listed as “entity  unaware of the requirement”. Those entities covered by HIPAA should ensure that they are familiar  with the requirements as the second phase of audits is scheduled to begin at the end of this year  and it is reported that it will carry financial penalties for  the first time.

FCC intends to fine carriers that breach consumer privacy

The US Federal Communications Commission (FCC) intends to fine TerraCom, Inc. and YourTel America,  Inc. USD 10 million for several violations of laws protecting the privacy of phone customers’  personal information. According to the FCC’s investigation the two companies apparently stored  sensitive information belonging to their customers on unprotected servers that anyone could have  gained access to. This is reportedly the FCC’s first data security case and the largest privacy  action in the FCC’s history.

Japan’s “Right to be Forgotten Case”

Earlier this month, a judge in Tokyo’s District Court granted a provisional injunction against  Google ordering the search engine to delete a particular set of search results. The plaintiff  claimed his privacy rights had been violated by the inclusion of news articles containing  information over 10 years old suggesting that he had a criminal past. The plaintiff alleged that  his claim for damages was “immediate and actual” as he had received death threats because of the  articles. The court’s written opinion has not been made public and it is as yet unclear whether the  Japanese courts will recognise the “right to be forgotten” as the European Court of Justice did in  May.

India’s Air Force asked not to use Xiaomi phones

India’s Air Force (IAF) has asked its personnel and their families not to use Xiaomi Redmi1s phones  due to fears that they are transferring data to their servers in China. Xiaomi is the world’s fifth  largest, and China’s number one, smartphone maker and is reported to be trying to make inroads into  India’s booming mobile phone market. Stressing that it does not collect any user data without  permission, Xiaomi said on Sunday that it will engage with Indian authorities to address the concerns.