data privacy Archives -

pradeep@brainguru.in +91 9810953232

Category: data privacy

‘Storing away data in more nations debilitates protection, security spread’

March 8, 2019 Awdhesh singh 0 Comments

Facebook has taken an extreme remain against putting away information where it works as the organization’s prime supporter and CEO Mark Zuckerberg on Wednesday sketched out another course for the long range interpersonal communication mammoth, which additionally possesses Whats App and Instagram. Facebook, which has been entangled in debates over abuse of client information in decisions, as far as advancing viciousness, said it is happy to be obstructed in a couple of nations.

“There’s an essential contrast between giving an administration in a nation and putting away individuals’ information there,” Zuckerberg composed on the organization’s site. He included that Facebook has picked “not to construct server farms in nations that have a reputation of disregarding human rights, similar to protection or opportunity of articulation” as “it could make it less demanding for those legislatures to take individuals’ data.”

While Zuckerberg did not make reference to anything about India or a particular nation, he included that “putting away information in more nations likewise builds up a point of reference that encourages different governments to look for more noteworthy access to their resident’s information and thusly debilitates protection and security assurance for individuals around the globe.”

Zuckerberg’s announcement comes when Indian government is really busy administering a few arrangements like Personal Data Protection Bill, 2018 and Draft E-trade Policy, which require organizations like Facebook, Google, and Amazon to store touchy information of Indian clients in the nation. Facebook’s arrangements to dispatch installments inside its Whats App informing administration hit an obstacle a year ago when RBI turned out with information localization standards. Facebook is relied upon to be consistent with the standards in the next eight-to-nine months. What’s App has opposed requests by the administration to empower detect-ability of messages to check gossipy tidbits.

“Facebook is encompassed by campaigning and information burglary discussions. Imprint’s announcement demonstrates a subtle provocation to Indian officials, will’s identity intensely subject to Facebook and What’s App in the up and coming general decisions,” said Virag Gupta, legal advisor, and digital master. Gupta has likewise been instrumental with late court procedures of What’s App in India, which was recorded by the Center for Accountability and Systemic Change(CASC) a year ago.

Whenever reached, a Facebook India representative declined to remark on the ramifications of the Zuckerberg’s announcement for India. At this moment Facebook does not have a server farm in India but rather has one in Singapore.


Geospatial Information will be part of Data Protection Bill

October 16, 2018 Pradeep Agrawal 0 Comments

The Geospatial Information Regulation Bill will be the part of proposed Data Protection Bill for shielding geospatial information.

“One may contend that the proposed geospatial bill and the information assurance charge, which manages information of an individual sort, require various types of authoritative and implementation reaction. Be that as it may, on the off chance that one examination the two bills, there is an impressive cover here. The geospatial information in any touchy and vital association additionally pulls in arrangements for protection and security,” said a senior government official who talked on the state of namelessness.

He included that capacity of geospatial information, as well, need to pursue the general security standards and principles that would be appropriate to delicate individual data or basic information in the bill proposed by the Justice BN Srikrishna-drove panel.

The proposed geospatial charge manages information on an area gathered through satellites, unmanned aeronautical vehicles (UAVs), flying machine and inflatables. Information or pictures or graphs or maps that show characteristic or man-made physical highlights, wonders, limits on earth are under its domain.

The bill gives that spreading, distributing or showing data that is probably going to influence the “security, sway or honesty” of the nation would turn into a culpable wrongdoing. There is an arrangement for setting up a security verifying specialist that would investigate uses of geospatial data or information suppliers to get the pictures people in general area.

“Cruel corrective arrangements and the larger idea of the bill made it exceptionally dubious and it is in the same class as dead at this point. Be that as it may, comparative offenses can be characterized and punishments proposed both for geospatial and individual information. In the geospatial bill, there is an arrangement for a security reviewing specialist for conceding a permit for gathering information. Also, an information assurance expert is proposed in the information security bill for upholding the information insurance administration of the nation. The cover can be stayed away from,” said the authority.

Following the accommodation of the Justice BN Srikrishna panel report, the administration is firming up an information security law that will characterize subjects as “data principals” and any element that gathers information as “data fiduciaries”. The proposed bill additionally gives reformatory arrangements to rupture of information.

The proposed bill says it would be the duty of “data fiduciaries” to deal with information in a reasonable and dependable way.

“Information security bill must be all-encompassing. An attention on touchy individual information may not work well for the nation. It is basic to incorporate more sorts of information, including geospatial information, inside the ambit of the proposed information security bill. In any case, it must be guaranteed that it is empowering in nature and would allow lawfulness to geospatial information,” says legal counselor Pawan Duggal, who manages matters of protection and digital security.

Starting at now there is no engaged lawful structure to manage geospatial information.

#GeospatialInformation #GeospatialInformationBill


FaceBook Security Issue Deepen 29 Million effected

October 13, 2018 Pradeep Agrawal 0 Comments

Facebook Security Issue Deepen as we have said earlier in our Blog Post regarding FaceBook Hacked.
Facebook Attackers stole details from twenty-nine million users. Facebook opposition aforementioned in late Sep that hackers scarf digital login codes permitting them to require over nearly fifty million user’s accounts in its worst security breach ever, however, didn’t make sure if the data had really been taken.
The company aforementioned that for fifteen million folks, attackers accessed 2 sets of data – name and phone details together with
phone range, email, or both, counting on what the people had on their profiles.

For another fourteen million users, the attackers conjointly accessed different details enclosed username, gender, locale/language, relationship status, religion, hometown, current town, birthdate, devices accustomed access Facebook, education, work, and therefore the last ten places they checked into or were labeled in.
“We’re cooperating with the Federal Bureau of Investigation, that is actively investigating and asked North American country to not discuss WHO is also behind this attack,” Facebook aforementioned on a Blog post.

People will check whether or not they were stricken by visiting our facilitate Center. within the returning days, we’ll send custom-built messages to the thirty million folks affected to elucidate what info the attackers may need accessing, further as steps they’ll go for facilitating defend themselves, together with from suspicious emails, text messages, or calls.

This attack didn’t embody traveler, traveler children, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts. As we glance for different ways in which the folks behind this attack used Facebook, further because the risk of smaller-scale attacks, we’ll still collaborate with the Federal Bureau of Investigation, the North American country Federal Trade Commission, Irish information Protection Commission, and different authorities.

#FaceBook #FacebookHacked


Data Privacy Issue with Google Plus

October 10, 2018 Pradeep Agrawal 0 Comments

Google is on the point of having its Cambridge Analytica moment. A security bug allowed third-party developers to access Google+ user profile information since 2015 till Google discovered and patched it in March, however, set to not inform the globe. once a user gave permission to associate degree app to access their public profile information.

The bug additionally let those developers pull their and their friends’ personal profile fields. Indeed, 496,951 users’ full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship standing were doubtless exposed, tho’ Google says it’s no proof the info was ill-used by the 438 Apps that would have had access.

Few corporations would dream of getting to come back out publically to inform customers their information had probably been exposed however had not been purloined or ill-used. Disclosures of knowledge incidents were usually saved just for the crimes.

But The Wall Street Journal’s report Monday that Google could have tried to hide up a bug that exposed the info of its Google+ social network customers shows however the wheel has turned. Google’s hiding was meant to quell any potential requires regulation over digital issue reported , and it shows however the routine, unreported privacy incidents of yesterday area unit progressively obtaining time within the limelight.

Google eventually disclosed the bug in an exceedingly, the expression a Google+ bug exposed personal information of up to 5 Lac users.

Regulators may mark currently, as they did with Uber once the corporate unconcealed a security breach that it tried to hide up with giant payments within the name of a “bug bounty” to hackers WHO found the info. the corporate has paid $148 million in settlements due to this incident, that was comparatively minor apart from the hiding. The Federal Trade Commission can keep an eye fixed on the car-hailing service for twenty years due to the matter.

The company set against informing the general public as a result of it’d cause “us coming back into the spotlight aboard or maybe rather than Facebook despite having stayed underneath the measuring system throughout the Cambridge Analytica scandal,” in step with an enclosed note. currently Google+, that was already a town, for the most part, abandoned or ne’er underpopulated by users, has become an enormous liability for the corporate.

Google additionally can amendment its Account Permissions system for giving third-party apps access to your information such you have got to verify every style of access singly instead of all without delay. Gmail Add-Ons are restricted to those “directly enhancing email practicality,” together with email shoppers, backup, CRM, mail merge and productivity tools.
#GooglePlus


Time to Logout from FaceBook – Data Privacy Issue

September 29, 2018 Pradeep Agrawal 0 Comments

On Friday, Facebook proclaimed that a minimum of 50 Million and probably up to 90 Million Facebook users had their knowledge exposed to hackers in a very breach involving the social media platform’s “View As” feature, that helps you to read your own account as if you were somebody else.

The company declared in a political candidate journal post that earlier in the week, on Tuesday, September 25, it known a vulnerability in its code that had been a gift and unobserved for over a year. That vulnerability gave hackers the power to “take over people’s accounts” by stealing their access tokens — primarily, the “digital keys” that enable individuals to remain logged sure days, weeks, or months at a time.

At the time of its announcement, Facebook aforesaid it had already “fixed the vulnerability and enlightened enforcement.” it’s conjointly reset the access tokens for each account that it’s confirmed to be affected, still as for each account that has accessed the “View As” feature within the last year, as a preventative live. “As a result, around ninety million individuals can currently have to be compelled to log back into Facebook, or any of their apps that use Facebook Login,” Facebook aforesaid.

While acknowledging that the breach was huge, Facebook aforesaid it’s no info concerning WHO was accountable, what their intentions were, or whether or not any account info was mishandled. “Since we’ve just about started our investigation, we’ve however to work out whether or not these accounts were exploited or any info accessed,” the corporate aforesaid.

Facebook delineated the attack as having “exploited the advanced interaction of multiple problems in our code.” It’s not entirely clear whether or not the attack was a real hack — during which code is overwritten and manipulated thanks to security flaws, therefore permitting access to hostile parties — or whether or not it had been an imaginative exploitation of the means the system was designed to figure.

“People’s privacy and security is implausibly necessary, and we’re sorry this happened,” Facebook aforesaid by means of apology. it had been a step back from Facebook founder Mark Zuckerberg’s previous apologies within the wake of the Cambridge Analytica scandal, once he aforesaid, “We have a responsibility to shield your knowledge, and if we have a tendency to can’t then we have a tendency to don’t need to serve you.”

It’s conjointly in distinction to a different recent apology from Facebook, conjointly for the Cambridge Analytica breach, during which Zuckerberg acknowledged that “We didn’t take a broad enough read of our responsibility, which was a giant mistake.” and also the same is true for nearly all the opposite apologies Facebook has issued within the past.

At this time, it virtually goes the while not spoken language that news of the huge security breach comes at a foul time for Facebook, that has return underneath intense scrutiny this year for everything from privacy scandals to the worldwide disruption of democracy. thus if you’re thinking that continued to use Facebook is a smaller amount and fewer definitely worth the risk of getting your knowledge exploited, well, once again, you’re not alone.

#DataPrivacy #FaceBook #FacebookHacked


Ambiguity on Personal Data Privacy Law In India

September 14, 2018 Pradeep Agrawal 0 Comments

In July this year, the Justice BN Srikrishna committee projected India’s Personal Data Protection Bill, 2018 to the Centre. With an aim to form a comprehensive framework for data protection suggesting corporations to adopt certain practices to gather, process and store consumers’ information.

The 2018 Personal Data Protection Bill draft that corresponds the EU’s General Data Protection Regulation (GDPR) and comes with the ambiguities. It has its own pain points, a PricewaterhouseCoopers (PwC) and also the Associated Chambers of Commerce and industry of India’s (Assocham) collaborative finding aforesaid.

The draft recommends that each data fiduciary shall make sure the storage, on a server or data center located in India of at least one serving copy of the personal information. This Act applies which means that corporations would be needed to create servers locally. As the move to permit data fiduciaries to save a local copy of all personal information that’s stored outside the boundaries of India might have some negative consequences.

Following the Supreme Court’s recognition of the ‘right to privacy’ as a basic right under the Constitution of India in August 2017. The draft Bill guidelines have attracted a lot of attention within the country. Therefore, the study conjointly found out that the system integrity is also threatened when purging the information.

The exclusion of anonymized information can significantly bring down the obligations on entities each within the private and public sector. As it is recommended that so as to forestall damage to specific teams of people, the limitation of the process and publishing an analysis of anonymized information ought to be evolved.

Data destruction might compromise system integrity in several legacy and CRM systems as these aren’t built to permit data destruction or anonymization. In order to avoid important business ramifications because of data breaches, organizations got to define a well-defined testing mechanism to assess readiness to address any eventualities. The organization can get to limit the collection and reuse of information in line with the consent obtained from the information subjects.

Therefore, the report recommended that the bill ought to propose a layered approach for levying penalties for non-compliance on organizations.

#Dataprivacy