Daily Digest (7/17)

EU Court Voids Data-Sharing Pact With US in Facebook Privacy Case; Biggest Unknown US Contractor: Mitre Corp.; Calif. AG Updates ‘FAQ’ Page on CCPA; Mozilla Launches VPN Service. Click “Continue reading” below.

EU Court Voids Data-Sharing Pact With US in Facebook Privacy Case

A top European court ruled Thursday that companies moving personal user data from the European Union to other jurisdictions must provide the same protections given inside the bloc.

The ruling could affect how companies transfer European users’ data to the United States and other countries, such as the U.K., CNBC reports.

The legal battle started in 2013, when privacy activist Max Schrems filed a complaint with the Irish Data Protection Commissioner.

He argued that, in light of the Edward Snowden revelations, U.S. law did not offer sufficient protections against surveillance by public authorities.

Schrems raised the complaint against Facebook which, like many other firms, was transferring his and other user data to the U.S., CNBC reports.

The case reached the European Court of Justice (ECJ), which in 2015 ruled that the then Safe Harbor Agreement, which allowed European users’ data to be moved to the U.S., was not valid and did not adequately protect European citizens.

As a result, companies operating in Europe switched to Standard Contractual Clauses or SCCs, which ensured they could still move data across the Atlantic.

In the meantime, the European Union and the United States developed a new agreement, the Privacy Shield framework, to replace the Safe Harbor agreement.

But the court ruled Thursday that the SCCs were a valid way to transfer data, though it invalidated the use of the Privacy Shield framework. 

Practically, the decision means that non-E.U. countries, or those looking to move European users’ data abroad, must ensure an equivalent level of protection to the strict European data laws.

This could be a huge burden for multinationals, given they transfer much data all over the world, according to the report.

Source (all sources external links):

Biggest Unknown US Contractor: Mitre Corp.

Mitre Corp. runs some of the U.S. government’s most secret science and tech labs. The R&D shop might just be the most important organization you’ve never heard of.

Armed with 8,000 employees and an annual budget of as much as $2 billion, Mitre, a government-linked Skunk Works, has been making bleeding-edge breakthroughs for U.S. agencies for more than six decades, Forbes reports.

Headquartered in McLean, Va., Mitre’s research centers employ some of the nation’s leading computer scientists and engineers to build digital tools for America’s top military, security and intelligence organizations.

Among the government’s wilder Mitre orders: a prototype tool that can hack into smartwatches, fitness trackers and home thermometers for homeland security; software to collect human fingerprints from social media websites like Facebook, Instagram and Twitter for the FBI; support in building what the FBI calls the biggest database of human anatomy and criminal history in the world, and a study to determine whether someone’s body odor can show they’re lying.

These varied, multimillion-dollar projects, revealed in hundreds of pages of contract details obtained via Freedom of Information Act (FOIA) requests by Forbes, along with interviews with former Mitre executives and government officials, provide just a glimpse into this sprawling contractor’s secretive world.

Mitre’s influence goes far beyond its vast tech development, however; it’s also a major consultant for myriad government agencies on how best to deploy tech and policy strategies.

Its latest gig: helping the Centers for Disease Control and Prevention (CDC) and Homeland Security’s ominously named Countering Weapons of Mass Destruction office craft sweeping plans for curtailing the COVID-19 pandemic.

“If there’s a national security or public-interest (problem), Mitre probably has a hand in it,” former Mitre cybersecurity engineer Matt Edman told Forbes.


Calif. AG Updates ‘FAQ’ Page on CCPA

California’s Office of Attorney General Xavier Becerra has updated its frequently asked questions page on the California Consumer Privacy Act (CCPA).

Becerra answers questions on the basics of the CCPA, which took effect earlier this month, including requests to stop selling personal information, the right to delete and know what data businesses hold on an individual, required notices, and data brokers.

The page also includes notes on the right to nondiscrimination under the law.


Mozilla Launches VPN Service

Mozilla said it would begin a virtual private network service.

The new VPN initially will be compatible with Windows and soon be able to support Android devices, CNET.com reports.

Mozilla had been testing and developing the service for a year, adding that its encryption technology will improve privacy and browsing speeds.

The company makes the Firefox web browser.

The VPN comes after Mozilla launched other privacy-focused services last November.

The $4.99 monthly service initially will be available in the U.S., Canada, the U.K., Singapore, Malaysia and New Zealand.

VPNs act as an encrypted tunnel for transferring data on the internet, helping to protect sensitive information in transit. The services are used by a quarter of internet users for hiding online activity, bypassing internet censorship in countries without a free internet, and avoiding geography-based restrictions on streaming services.

VPNs also can obscure internet addresses, making it harder for advertisers, publishers and data brokers to track users online.


— By DPN Staff