The Ministry of Justice has seen its number of information breaches increase from 563 in 2007/08 to 1,316 in 2008/09.

These figures, revealed in a parliamentary written answer, equate to a 43 per cent increase in one year.

Source: publicservice.co.uk
Hat tip: @privacyint

The Government’s flagship e-borders programme is in disarray and could breach EU law, major transport operators said.

The £750 million programme to collect electronic records of everyone who enters and leaves the UK will also miss Home Office deadlines, they said.

…

Firms also fear that by taking passport data they may breach French and Belgian law which states only law enforcement officials can do so.

Bulk transfer of passenger data could also breach EU data protection rules, he said.

Requiring passengers to provide the information could fall foul of the right to free movement enshrined in EU treaties.

Source: Telegraph.co.uk

The European Commission should make sure that outsourcing providers who process personal data are bound by consistent rules irrespective of whether they are based inside or outside the EU, data protection watchdogs have said.

The European Union’s Article 29 Working Party, which consists of the privacy regulators from the 27 EU nations, have published an opinion on an as-yet unpublished European Commission policy change on the transfer of personal data outside the European Economic Area (EEA).

It said that the Commission needs to adopt a more consistent approach in its policy governing processors.

Companies that handle personal data are required by the EU’s Data Protection Directive to make sure that any outsourcing providers they use give adequate protection and security for that data, even if those providers are outside the EU and so not directly bound by the Directive.

Source: Out-Law.com

Facebook is hiring lobbyists to push its agenda on internet privacy and data sharing in Brussels and Washington, as the social networking site attempts to increase its influence with authorities around the world.

The company has appointed Richard Allan, who was previously the head of European regulatory affairs for the technology giant Cisco, to lead its efforts in lobbying EU governments.
…
According to Chris Kelly, the Californian web company’s chief privacy officer, the five-year-old startup has been engaging in talks with government officials in various countries for some time, but its growing size and importance means it is essential they “understand our philosophy”.

Source: guardian.co.uk

Security researchers have found a treasure chest of FTP passwords, some from high profile sites, on an open cybercrime server.

Jacques Erasmus, CTO at security tools firm Prevx, stumbled across a site where a Trojan is uploading FTP login credentials captured from compromised machines. So far, Erasmus has found logins for ftp.bbc.co.uk, ftp.cisco.com, ftp.amazon.com, ftp.monster.com and, even security sites including ftp.mcafee.com and ftp.symantec.com along the extensive list of more than 68,000.

Source: The Register

The music industry would be in better shape now if it had engaged with Napster rather than fought it.

So says Geoff Taylor, head of music industry body BPI, in a column written for the BBC.

In the column, Mr Taylor expressed “regret” that the music industry did not move faster to work out how to use the net to promote and sell records.

Source: BBC News

LIVERPOOL council leaders are challenging the Government’s scheme for a database which will hold information about every child.

The city is one of 17 local authorities in the North- West piloting the ContactPoint system which is designed for child protection.

However, the Liberal Democrat-led administration said yesterday it had serious concerns about the database which would be accessed by up to half a million public sector staff, like teachers and social workers.

Source: Liverpool Daily Post
Hat tip: @privacyint

The Commission has put together a legislative package “to establish a Regulatory Agency responsible for the long-term operational management of the second-generation Schengen Information System (SIS II), Visa Information System (VIS) and EURODAC”.

“Schengen Information System (SIS) II will replace the existing Schengen Information System (SIS 1+) and will facilitate the exchange of information on persons and objects between national authorities responsible, inter alia, for border controls and other customs and police checks.” SIS II will likely be extended to include biometric data.

Source: The Register

The privacy regulator for European Union bodies will increase the number of on-the-spot checks of EU bodies and agencies to ensure that they are complying with data protection law, it has said.

The European Data Protection Supervisor (EDPS), which monitors EU bodies for data protection compliance and advises them on policy, said that it will increase its use of spot checks, but that it was happy with the progress of EU bodies in complying with the law.

The EDPS has produced a report on how well EU bodies and agencies are compying with data protection law. The report found that there had been a marked improvement since the first such report last year.

Source: Out-law.com

Social networking sites are legally responsible for their users’ privacy, Europe’s privacy watchdogs have confirmed. A committee of data protection regulators has said that the sites are ‘data controllers’, with all the legal obligations that brings.

Users of the sites are also data controllers with legal obligations when they are posting on behalf of a club, society or company, the opinion said.

The committee of Europe’s data protection regulators, the Article 29 Working Party, has published its opinion on the legal status of social networking operators such as Facebook and MySpace.

It has said that the sites cannot escape their legal obligations just because content on them is often produced and posted by users.

Source: OUT-LAW.com