In one look.
- US EO implements privacy safeguards between the US and the EU.
- Australian lawmakers are proposing amendments to the Telecommunications Privacy Act.
- You must be this age to browse this website.
- The new UK academy aims to strengthen cyber defense training.
- The US Treasury is looking to fill the cyber insurance gap.
The US Executive Order implements privacy safeguards for data sharing between the US and the EU.
An Executive Order signed this morning by US President Biden brings the US and the EU closer to an agreement on data privacy standards. It specifies the safeguards that the United States undertakes to put in place in accordance with the agreement reached with the European Union in March of this year. The executive order specifically addresses European concerns regarding US signals intelligence and other intelligence activities. It reassures the EU that the US will only conduct SIGINT “in pursuit of defined national security objectives” and that US SIGINT will be conducted with respect for the privacy of individuals, regardless of their nationality. It also undertakes to establish safeguards and mechanisms to resolve any issues or disputes regarding data processing and compliance.
Australian lawmakers are proposing amendments to the Telecommunications Privacy Act.
In response to the massive data breach at Optus, Australia’s second-largest mobile operator, the Australian government yesterday proposed changes to the country’s Telecoms Regulation Act 2021, Reuters reports. By helping telecom operators share government-issued identification documents with financial institutions, the new rules aim to help banks monitor customer accounts for fraudulent activity. Telecom operators would be allowed to temporarily share specific government identification data such as health insurance and passport numbers with financial service providers so they can better protect customer accounts from potential fraud.
Treasurer Jim Chalmers said of the proposed changes: “They have been carefully designed with strong privacy and security safeguards to ensure that only limited information can be made available temporarily to prevent and respond to cybersecurity incidents, fraud, scams and related activities.” ZDNet notes that the changes will apply to all financial institutions regulated by the Australian Prudential Regulation Authority, excluding overseas bank branches, and that institutions will be required to submit a written undertaking that they will comply with all confidentiality obligations. necessary and comply with relevant data security standards. Angelene Falk, Australian Information Commissioner and Privacy Commissioner, explained: “The regulatory framework needs to be a game-changer to place greater accountability on the organizations that are the custodians of Australians’ data, to prevent and remedy harm caused to individuals by the processing of their personal information.”
You must be this age to browse this website.
The Open Identity Exchange Identity Trust 2022 event was held in London last week, and online age verification was a central topic of interest. Computing notes that many countries, including the United States, Europe, the United Kingdom, and Australia, are considering legislation that would impose age restrictions on websites to protect minors from disturbing content or detrimental. “There’s just a slew of laws in place or about to come into force that basically say if you’re online you’ll have to prove your age,” Ian Corby, executive director of trade body Age Verification Suppliers Association (AVPA), said at the event. But questions remain about how to most effectively verify age online, and which sites will be affected by such legislation, especially as platforms like social media sites have pushed back on age restrictions in the purpose of protecting their business model. The UK’s Online Safety Bill covers all services “likely to be accessible to children”, but the expected changes are likely to be more specific.
Dr. Rachel O’Connell, founder and CEO of TrustElevate, a provider of child age verification and parental consent software, compares age limits to height restrictions for theme park rides. “If you’re less than a meter tall, you don’t go in the adult carousel, you go in the children’s carousel,” she says. “So in this amusement park you have adults, teenagers and children interacting, but there are certain restrictions for the users. He’s trying to bring that into the online world. The bill on online safety is currently in the final stages of Parliament, and California’s Age Appropriate Design Code Act has recently been signed into law. Children’s Online (COPPA) 2010 could be amended to include age verification, and a draft Australian online privacy code aims to hold social media platforms responsible for verifying the age of users.
The new UK academy aims to strengthen cyber defense training.
Last month at the Atlantic Future Forum 2022 in New York, the UK announced its forthcoming Defense Cyber Academy, a £50 million project providing training and support for “ develop the national cybernetic profession”. Building on the former UK Cyber Defense School, the academy’s main objectives will be to increase the volume and scope of cyber defense training and education, to collaborate with global allies to identify best practices and services, and to engage with industry and academia to improve its educational offerings. Overt Defense notes that the students will include British citizens as well as international allied personnel, including US cyber experts, with the aim of enhancing US-UK cooperation. UK Defense Secretary Ben Wallace said: “Defence cooperation between the UK and the US is the widest and deepest of any two countries in the world, and will continue to grow. develop in the decades to come. The Defense Cyber Academy builds on this collaboration, defining closer integration and shared capability, helping us and our allies to counter global cybersecurity threats, stay ahead of the curve and the vanguard of this advanced military field.
The US Treasury is looking to fill the cyber insurance gap.
The US Treasury Department’s Federal Insurance Office is seeking public input on how to close coverage gaps in the cyberinsurance industry. As cybercrime escalates and evolves at an exponential rate, insurers are raising rates and cutting coverage to limit their exposure, making it difficult for businesses to get affordable coverage when they need it most. According to Fitch Ratings, cyber insurers have seen a 300% increase in losses between 2018 and 2021. As Bloomberg Law explains, some lawmakers are wondering if a federal insurance backstop might be the answer, not only to improve coverage for potential victims, but also to make it easier for insurers to share the risk incurred with the government. Andy Moss, partner at international law firm Reed Smith LLP, explained: “A cyber insurer can write policies with comfort knowing that they can transfer some risk to the government, so they can offer limits of larger policies to businesses. The Treasury is seeking comment on a variety of issues, including how to determine whether a breach is “catastrophic,” whether companies feel sufficiently insured, and how to motivate policyholders to improve their cybersecurity posture. Public comments will be received until November 14.