The GDPR (General Data Protection Regulation) marks the biggest change in data protection law for 20 years. This includes: fewer data protection principles; the right to be forgotten; a new obligation to report data breaches; and an increase in fines of up to 4% of global turnover or 20 million euros (whichever is the greater) […]
David Smith is the UK’s Deputy Information Commissioner As well as providing Data Protection leadership across the ICO, he has direct responsibility for oversight of its Strategic Liaison Division which develops and manages the ICO’s relations with its key stakeholders. You may have seen my recent blog offering an update on progress on EU data protection regulation […]
The formal publication of the proposed EU-wide Data Protection Regulation is causing wide concern among boardroom members who fear potential fines of up to 2% of their global turnover. Legislators have delayed the progess of the proposed regulation until after the May 2014 European elections. So, what can business owners do to prepare for proposed […]
The European Parliament has approved the Network and Information Security Directive which aims to improve the security of information communications and technology systems across the EU. According to EU Commissioner Neelie Kroes, MEPs will now work with the EU Council on a final text for the directive, with the aim of reaching agreement by end-2014. […]
in the World Economic Forum "Global Enabling Trade Report" the US comes below most of the Nordic nations (including the UK and Germany) and just above France. The idea that an US-centric Internet might be a bastion of "freedom" or of "free trade", probably died with the Patriot Act , including its controls over money laundering.
The proposed General Data Protection Regulation (GDPR) continues to cause controversy, despite the political agreement reached this week on a compromise text in the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE). Despite over 4,000 tabled amendments made to date, the GDPR won’t provide a single framework for Data Protection in Europe. This will […]
Following on from E RADAR’s recent submission to government, Dr Daniel Dresner sets out his own wish-list for the draft EU Network and Information Security Directive. So. We need a directive about Network and Information Security? Brussels says so. And yes, it is necessary. We needed Tufty, the late Jon Pertwee, and the Green Cross […]
E RADAR has submitted its response to the UK Government’s consultation on the proposed EU Directive on Network and Information Security Online business is global business. The revolution of digital technologies has changed society and our economy fundamentally. The ease of accessibility and searchability of information contained in computer systems, combined with the practically unlimited […]
I have long been convinced about the many benefits of new digital services – and remain so. These are tools we all can enjoy and benefit from – more convenient, more efficient and offering a huge boost to our economy and society.
But recent allegations remind us how important privacy is. People will only use those services as much as they trust them. Trust that they or their data won’t be compromised, hacked into or spied on. Particularly if they’re sharing personal or sensitive information online.
To ensure that trust, we need networks and systems that are secure and resilient; and that calls for proper cybersecurity practice everywhere.
The fact is, too often, big ICT users like businesses or governments underestimate the risks they face. They need to not just become more aware of those risks – but to manage them. This is become truly urgent. Every week, we seem to hear about new incidents: loss of passwords, attacks on banks, hacking of websites or systems.
Technology is rapidly evolving; so are threats. A lot of businesses seem to think just using basic ICT security tools is enough – but in general it isn’t. Proper risk management practice means things like dynamically assessing and mitigating risks. It also helps to exchange information on threats and vulnerabilities – and perhaps, if there is actually an incident, to respond together. Those processes and practices need to be well-thought-through and fully embedded, not an afterthought or box-ticking exercise.
But how do we identify and embed such good practices, across the ICT value chain? We call in the experts. Our Cybersecurity Strategy, published in February, calls for a platform bringing together public and private stakeholders to do exactly that – and to ensure the kind of market where secure ICT solutions can be developed and taken up. And that platform had its first meeting just yesterday.
Featuring top experts from a range of organisations—from national governments to ICT companies; banks to service providers—the Platform is looking at exactly these areas: like how to provide incentives to manage and measure risks; how to exchange information about risks and incidents; and input to the Research and Innovation agenda.
They have my full support. Their findings will help ICT users prepare and work together better; and they will feed into Commission Recommendations on cybersecurity due in 2014, in areas from risk management to incident reporting. Ultimately, they will build a digital Europe that is more cyber-resilient, and less prone to hacking and security breaches.
And of course, this is in parallel with legislative work we are doing on the proposed Directive on Network and Information Security: ensuring that critical infrastructure and Internet enablers stay cybersecure. So I will be working closely with the European Parliament and Council to ensure this proposal is agreed as a matter of urgency; these days, protecting our networks and systems should be every politician’s top priority.
This matters. As more and more people – and more and more core economic sectors – get connected and start relying on digital systems, ensuring security is no longer just an issue for telecoms providers: it’s also something that matters to governments, banks, transport companies, energy grids, health providers and more.
So I hope that this platform gets to work straight away – I’m confident that soon it can raise the bar and raise awareness about the cybersecurity risks businesses and governments face – and help stimulate the solutions, too.
The lines are drawn on net neutrality as EU Commissioner Neelie Kroes sets out her plans to stop online throttling and line blocking. But in the US the issue is not so cut and dry. Jim Richardson discusses his concerns. If you’ve been paying attention to what’s going on with the web at all for […]