Internet Gov Weekly Brief (W38A20): Two Iranians charged for cyber intrusion; US to block download of WeChat and TikTok; “Europe Digital Decade”; EU first decision on net neutrality; European Com test interoperability gateway; Govts released statement on Belarus Net shutdown
Two Iranian Nationals Charged in Cyber Theft Campaign Targeting Computer Systems in United States, Europe, and the Middle East.
The US Cybersecurity and Infrastructure Security Agency has released an advisory on the activities of China’s Ministry of State Security (MSS) and its associated agencies and contractors.
The U.S. Commerce Department has announced it plans to block downloads of the Chinese-owned social apps WeChat and TikTok, beginning on 20 September.
EU president Ursula von der Leyen outlined her vision for Europe that includes a call for Europe’s Digital Decade In her “state of the union” speech to the European Parliament,
European commission released studies on digital justice and a study on the use of innovative technologies stressing the need to step up actions aiming to build an ecosystem of excellence supporting the development and acceptance of AI across the EU economy and public administration.
In the USA, Consumer Financial Protection Bureau Releases Outline of Proposals Under Consideration to Implement Small Business Lending Data Collection Requirements. The New York Attorney General released a settlement following a lawsuit over Dunkin’ Brands’ failure to successfully respond to a cyber incident affecting the online accounts of its customers.
TELECOMMUNICATION – INFRASTRUCTURE
The ITU released Radio Regulations 2020 which facilitate equitable access to and rational use of the natural resources of the radio-frequency spectrum and geostationary satellite orbits.
“The Irish High Court has granted Facebook leave to file a Judicial Review against the DPC (Case No 2020/617 JR) and stayed a new “ex officio” procedure by the DPC into EU-US data flows.“
In the USA, The Office for Civil Rights has settled five more investigations in its HIPAA Right of Access Initiative this year.
The Delaware Department of Health and Social Services, and the Delaware Department of Technology and Information launched COVID Alert DE to fight spread of COVID-19.
U.S. Sen. Roger Wicker, R-Miss., chairman of the Committee on Commerce, Science, and Transportation, will convene a hearing titled, “Revisiting the Need for Federal Data Privacy Legislation,” at 10:00 a.m. on Wednesday, September 23, 2020.
European Commission has started to test interoperability gateway service for national contact tracing and warning apps
The European Parliament published a paper on the Court of Justice of the European Union (‘CJEU’) judgment in Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems (C-311/18) outlining the outcome of the judgment, as well as addresses the first reactions by commentators and EU data protection authorities.
The Government of the United Kingdom agreed in principle the UK-Japan Comprehensive Economic Partnership Agreement for free trade with Japan, including digital and data provisions.
Public Health Wales announced data breach involving the personally identifiable data of Welsh residents who have tested positive for COVID-19.
Data analytics firm Palantir has signed a contract with the UK government for border and customs work post-Brexit.
In France, the Data Protection Authority announced the signing of a partnership agreement with the Mediator of Companies to support economic stakeholders in their implementation of the General Data Protection Regulation.
In Luxemburg, the National Commission for Data Protection issued the draft law on measures to combat the spread of COVID-19 analysing its compliance with data protection requirements.
In Hong Kong, The Office of the Privacy Commissioner for Personal Data published revised guidance on the collection and use of biometric data.
In Canada, The Office of the Privacy Commissioner of Canada launched new resources to help businesses manage breaches and follow mandatory reporting and other requirements related to the safe storage of personal information.
The Canadian Chamber of Commerce issued along with other Canadian business associations, a joint statement on the importance of a coherent privacy framework.
In India, Data Security Council and CIPL published report on data transfers between India-US under data protection bill highlighting the importance of ensuring the continued flow of data between India and the US.
Colombia, Data protection authority fined Colombia Telecomunicaciones SA ESP – Movistar Colombia, approx. €60,086 for violations of Law 1266 of 2018.
Paraguay, the Commission on Industry, Commerce, Tourism and Cooperativsim had resolved to recommend to the plenary Chamber to accept the partial objection formulated by the Executive Power to Bill No. 65534/2020, Protection of personal credit data.
In Singapore, the Personal Data Protection Commission issued a fine of SGD 20,000 (approx. €16,850) on Civil Service Club for failures to take steps to protect its’ members personal data.
In Philippines, the Data Privacy Council Education Sector issued guidelines containing to help students, parents, and teachers, administrators and other school to navigate safely in digital spaces, as classes have shifted to online.
The International Telecommunication Union (ITU) estimates US$ 428 billion are needed to connect the remaining 3 billion people to the Internet by 2030 achieving universal, affordable broadband an connectivity for all humanity.
In Belarus, Governments released joint statement condemning the recently reported and ongoing use of partial and complete Internet shutdowns, as well as targeted content blocking.
The European Parliament released a report on the development of digital finance and the risks associated with cryptoassets.
The Nigerian Communications Commission has alerted Nigerians on the increasing incidents of fraud across various internet platforms, especially on social media networks.
In the UK, the National Cyber Security Centre has released a guideline to help companies implement a vulnerability disclosure process. It also issued an alert to the academic sector following on online attacks against schools, colleges and universities
In Canada, the Office of the Superintendent of Financial Institutions launched a three-month consultation with the publication of a discussion paper on technology risks in the financial sector
In the USA, The National Institute of Standards and Technology released the draft cybersecurity white paper on Trusted Internet of Things (‘IoT’) Device Network-Layer Onboarding and Lifecycle Management. Also, NSA Releases Cybersecurity Technical Report on UEFI Secure Boot Customization to better protect against firmware exploitation
The Telecommunications Regulatory Authority of India released its Recommendations on a Regulatory Framework for Over-The-Top Communication Services.
Twitter announced that it is expanding its policies against election-related misinformation, setting new rules that will likely force the platform to more aggressively fact-check President Donald Trump during the final months of the 2020 campaign.
The European Union’s top court has handed down its first decision on the bloc’s net neutrality rules.
the Internet Corporation for Assigned Names and Numbers (ICANN) announced the ICANN69 Prep Week schedule.
ICANN org has updated its travel and meetings guidance due to the continued pandemic.