Hard drives are a locked safe - but how many people have the key?
No. 4: Bringing you the news that matters in video privacy and security
A note from our Editor
Hi all,
Data privacy and security has never been more necessary than in today's society which is turning more and more to technology as a dependent. Whether it's having a video call with a family member, taking photos of key memories on our phones, having a video consultation with a doctor, or running a business from Google Drive; our whole lives are integrated with technology and it is as if our physical selves could cease to exist.
As a result, our hard drives filled with personal and professional data become a locked safe of secrets and treasures. But who has the key? Is it possible for a duplicate key to be made? Who can we trust to share it with? Everyone automatically assumes and believes that their information, and themselves, are safe. That what they want to be private is private, and what they need to be secure, is secure. However, the articles we have picked today highlight the dangers of a lack of control of our privacy and security, and the idea that not only is a breach entirely possible, but awareness is key.
You may decide that it is best that you prioritise privacy over security or vice versa, but that doesn't mean that you should neglect the importance of the other. In a way, these two concepts go hand in hand, either on a personal or a public scale. The question is then, where is the line drawn between what is our right to be private, and what needs to be surveilled and collected in order to be secure? The European Court of Justice has ruled that strict privacy laws must be followed when collecting data in the UK, whilst universities are surveilling students seemingly without their knowledge. Does this question then need to be answered on a case-by-case basis?
Whatever you believe is right for you and the public, it is clear that the ignorance surrounding our safes of personal data needs to be changed. Campaigns such as European CyberSecurity Month, and the new report to change Police mentality and approach, step in the right direction that will help educate, monitor, advise and protect our personal data in the technological public sphere.
Emma
News
Should universities be able to spy on students using surveillance software?
With online teaching being the main point of contact with students, at least 27 UK universities, including almost all of the 24 Russell Group institutions, have taken it a step further by monitoring student's online learning activity. The National Union of Students has shown concern as to how an explanation for this kind of surveillance has rarely been explicitly expressed. As of yet, students do not seem to be worried about this level of surveillance. However, there seems to be growing concern around the blurriness of the line drawn between personal data, and the monitoring of study, and how this affects a student's academic record and mental health.
Data breaches and Unprotected Personal Data: Privacy Fears of the Telehealth Industry
With increasing use of Telehealth and Telemedicine across the world, particularly during the pandemic where video conferencing and calling from either a professional, social or health perspective has impacted our lives greatly, there is greater concern needed for how safe our information actually is, particularly in the hands of the emerging Telehealth market. Babylon Health has proved this fear correct, as they suffered an embarrassing and worrying data breach after one patient discovered he could access other patients' video consultations. Although this article was published in June 2020, it serves as a necessary reminder to the increasing privacy and security concerns of the Telehealth industry.
A more recent, shocking security breach has meant that Finland's largest private psychotherapy system has faced hackers threatening to publish private medical records if patients do not pay a blackmail fine. At Vastaamo, the company that treats around 40,000 patients and manages 25 centres across the country, three of its employees were reported to having been approached by the blackmailer via email at the end of September. The whole country is in disarray and fear over their personal records being released, including those of children.
In the US, whilst many Americans still trust that their data is being protected, a recent study showed that 67% of Telehealth consumers would sever ties with health care providers over unprotected personal health data. Many seem to be growing increasingly worried about the lack of fixed measures in places with regards to data privacy and security during such an unprecedented time, with fears over leaked information to not only employers, but further to insurance companies and employee benefit providers without consent.
The ICO puts Experian Ltd. in Line
An investigation into Experian Ltd., Equifax and TransUnion's uses of personal data showed that they had been trading and enhancing people's data without their knowledge, for direct marketing purposes. In further detail, this data was being used by political parties, commercial business and charities to sell products to those who could afford it. The Information Commissioner's Office (ICO) therefore found that significant data protection laws were being flouted, and Experian has been given an enforcement notice to make changes within nine months or risk further action, including a hefty fine.
ICO
The Police's Future Operating Environment of 2040
This report, published with the intent to prepare and be prepared for the inevitable technological advancements that will follow in the next 20 years, outlines three practical resources that the police can use to adapt their own practices to the coming age. It analyses 10 key trends that are affecting and will affect policing, four scenarios that force the police to consider how they can improve, and five future challenges that must be tacked today.
#ThinkB4UClick
The end of October marks the end of European Cybersecurity Month; an awareness campaign with a specific goal in mind: to help both the general public and businesses to minimise any and all cybersecurity risks. This may range from phishing, online shopping fraud, business email compromise, to e-privacy, cyberbullying and cyber stalking. Their #ThinkB4UClick has become a great slogan for their online twitter presence this year, as they have focused on providing up-to-date online security information during the pandemic and its impact on the increased digitalisation that is seen throughout everyday life.
AI Snippet of the Week
One small step across the crater, one giant leap for AI
A world first' for artificial intelligence has been discovered, as the AI known as an "automated fresh impact crater classifier" becomes Nasa's new assistant to detect craters on Mars. It has been trained with 6,830 images of the Red Planet and has managed to find craters that are only four meters in diameter, believed to have been formed between March 2010 and May 2012. JPL computer scientist Kiri Wagstaff says that 'this paves the way for an exciting symbiosis of human and AI 'investigators' working together to accelerate scientific discovery'.
Policy Updates
EU's Court of Justice lays down the law with regards to National Privacy and Surveillance
As of the 6th October 2020, The European Court of Justice (CJEU) has made it clear that all states must stick to privacy safeguards defined by EU law. This means that the UK's "Snooper's Charter", that allows CSPs to retain and continually collect all personal data for "national security purposes" is now illegal, unless proven extremely necessary in court.
Privacy International led the fight for all data retention strategies to be incompatible with fundamental privacy rights, including freedom of expression and data protection. Check out Privacy International's episode on their podcast: Technology Pill, aptly named Judgment Day, for further information on their victory in the EU's top court.
To subscribe to our fortnightly newsletter, please click here
Thanks for reading, if you have any suggestions for topics or content that you want to see covered in future please drop a note to: info@secureredact.co.uk