Enhancing Enterprise Security By Combining Data Science With Domain Expertise

click on access

Organizations are recognizing that data scientists can play a valuable role in enterprise IT security. However, effective security requires a collaborative effort between data scientists and security professionals within an enterprise. While data scientists have a pivotal role to play, they cannot and should not operate in a vacuum. Leveraging Data Science to Mitigate Security … Read more

Monitoring Of Employee Email And Internet Use In Germany – Guidance From Data Protection Authorities

employee email

On February 5, 2016 the German data protection authorities, issued guidance (available in German) for private sector organisations explaining when and how an employer may monitor its employees’ work email account and Internet usage (“Guidance”).  German employers would be wise to structure their monitoring activities to comply with the Guidance.  1.  Threshold Question The applicable legal … Read more

Myth 4: Cloud Computing Causes Additional Issues Under Privacy Law Because Data Is Transmitted Internationally

cloud functions

Fact is for most companies that they are already transmitting data internationally, because they use the Internet (for example, to email spreadsheets to various office locations), or because they have subsidiaries, customers, suppliers or channel partners in other jurisdictions. In most cases, data transfers occur because data is needed in different jurisdictions, not because of … Read more

Myth 5: Data In The US Is Endangered By The USA Patriot Act/the USA Freedom Act

multiple devices

Fact is that the United States enacted the USA Patriot Act in October 2001 to fight terrorism and money laundering activities. The statute’s title – USA Patriot Act – stands for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act.   It was intended to clarify, simplify and strengthen investigative … Read more

Myth 8: Data Privacy & Security Law Compliance Is The Provider’s Responsibility

locked data

Fact is that data privacy and security laws primarily hold the data controller responsible for compliance – i.e., the customer in a service provider relationship. The customer has to ensure that the data made available to the service provider has been collected in compliance with privacy laws, data subjects have consented or received notice, filings have … Read more

Myth 10: Vendor Has And Should Accept Unlimited Liability For Data Security Breaches

notification

Fact is that service providers may not always be able to limit their liability vis-à-vis the data subjects in scenarios where they contract with corporate customers and not the data subjects themselves. If hackers gain unlawful access to information residing in a hosted database, the service provider may be liable directly vis-à-vis the data subjects … Read more

The GDPR Turned One: What Have We Learnt And What Is Ahead? (Part II)

check out the new plan

Please click here to read Part I of this article. Future GDPR Regulatory Landscape Higher Risk Of Enforcement On The Horizon?  In the GDPR’s first year we have seen a large number of complaints and data breach notifications to regulators but comparatively few enforcement actions and fines. There are likely several reasons why enforcement activity has been … Read more