Standard Post with Image

UN rapporteur asks Apple Inc. to justify the cancellation of VPN apps in China

David Kaye, a leading UN Human Rights expert, has asked more information to the tech giant from Cupertino on its recent withdrawal of the VPN apps from the Chinese App Store.  In late July, the Company from Cupertino released a statement announcing the removal of some VPN apps in order to respect the new Chinese Cybersecurity Law, leaving only domestic licensed VPNs for iOS users.  The controversial issue is represented by the fact that such apps provide their users’ data pursuant to a government request annulling any possibility for anonymous browsing.  David Kaye has asked Apple if its initiative has been requested by the Chinese government, if a previous legal analysis of the consequences of such action has been made, and if it raises concerns on China’s obligations under International Human Rights Law.

Find the UN Rapporteur enquiry here
Standard Post with Image

Nationwide Mutual Insurance Company agrees on a .5M settlement to solve a 2012 data breach

Nationwide Mutual Insurance Company has agreed with the General Attorney for New York to pay a settlement of .5M to repair a remarkable breach that has affected 1.27 million of users’ sensitive data collected to provide insurance quotes to consumers interested on its insurance plans.  The Insurance has demonstrated a notable lack of protection of the data collected through its processes.  After the breach, Nationwide had worked to limit the damages offering to the affected consumers free services to monitor and protect from identity-fraud and suggesting them to set up a fraud alert and to freeze their respective credit reports.

The text of the settlement can be consulted here
Standard Post with Image

U.S. Senate committees seek to strengthen cyber skills with two new bills

Two different Senate committees have proposed bills to boost the U.S. cyber proficiency.  The Small Business Committee has approved S. 1428, a bill permitting the Small Business Administration to organize cybersecurity counselling, training programs and request that a certain number of employees be certified on cyber related matters.  The second bill, S. 754, is in the course of being approved by the Commerce Committee and aims at easing and facilitating the cybersecurity awareness of students.

The two bills are available at the U.S. Congress website
Standard Post with Image

Colombian SIC submits a draft for data transfers accountability

The Colombian Superintendencia de Industria y Comercio has submitted a draft regulation on cross-border data flows.  The regulation will enable controllers to certify when a data transfer operation is adequate for the level of data protection provided in Colombia in accordance with the accountability principle.  The draft provisions would ease the flows of personal data between international businesses and Colombian controllers but would also entrust SIC to ensure that the recipient controller has adequate protections in place.

The draft regulation is available here
Standard Post with Image

U.S. Senators propose a bill for the security of internet devices purchased by Federal Agencies

A bipartisan group of U.S. Senators has proposed the introduction of a new legislation to defeat the exposures of every-day computer devices.  The bill comes after several warnings on cybersecurity risks of those devices. The bill requests vendors of internet-connected equipment to ensure the U.S. Government that their products are patched and in compliance with the industry security standards, prohibiting them to supply devices with fixed passwords or other security weaknesses.

The bill is available here

Find also the Reuters related press release here