Après-moi, la deluge (where’s your data, reprise ad nauseam)

Austria’s supreme court is to decide soon whether to open the floodgates. If the court rules that Max Schrems et al can sue Facebook over its handling of their personal data, and if their suit is successful – or looks like it might be – then every law firm in Europe will be trying to … Continue reading Après-moi, la deluge (where’s your data, reprise ad nauseam)

Security training or MDM – you choose

IT service desk culture is full of sarcastic problem descriptions – PICNIC, ID-ten-T, PEBCAK. All of them serve as reminders that the root cause of many issues is user error, not systems failure. This is particularly true in information security, a point I’ve covered more than once before. So why bring it up again? Because … Continue reading Security training or MDM – you choose

Death of the internet or birth of better privacy?

Microsoft and Amazon have both revealed that they are building data centres in the EU. In Microsoft’s case, Deutsche Telekom will be the data “trustee”; I assume this is in part an anticipatory response to the ongoing Stored Communications Act lawsuit presently in progress in Dublin (in brief, a case to determine whether US government … Continue reading Death of the internet or birth of better privacy?

Snooper’s Charter – oppressive and useless in equal measure

The government wants ISPs to store everyone’s browser history. Not the least intrusive thing ever proposed, and a world first for a democracy. Should we be proud to be leading the pack in surveillance of our own population – again? (We’ve the most CCTV cameras per capita too, remember). Let’s count the ways in which … Continue reading Snooper’s Charter – oppressive and useless in equal measure

Told you so: supply chain failure costs CPS £200k

I published this note about supply chain security today. Less than 8 hours later we learn that the ICO has fined the Crown Prosecution Service £200k for failing to secure some laptops that held confidential information on victims of crime. The laptops were stolen from a residential flat being used by a film production company … Continue reading Told you so: supply chain failure costs CPS £200k

What’s worse – poor security or poor communications?

The TalkTalk saga grinds on. It’s abundantly clear that their security was inadequate. Even their CEO admits it, although she’s determinedly clinging on to her job – presumably some poor sucker in IT will eventually carry the can. After all, that’s what happened at Target. What’s interesting is not so much that they were hacked, … Continue reading What’s worse – poor security or poor communications?