Category: Regulations

Employee communications are also covered by human rights legislation if the organization has no explicit acceptable-use policy and fails to inform employees of the monitoring of personal e-mail.

Privacy experts at law firm Pinsent Masons, based in London, said that although businesses now have clear guidance for monitoring work communications under the Regulation of Investigatory Powers Act 2000, personal communications at work may be protected by the European Convention on Human Rights, and the Human Rights Act 1998.

“The lawful business practice regulations allow an employer to monitor and intercept business communications, so the court is implying that private use of a telecommunications system, assuming it is authorized via an acceptable-use policy, can be protected (by human rights legislation),” said Chris Pounder, a privacy specialist. “The ruling is important in that it reinforces the need for a statutory basis for any interference with respect to private use of a telecommunications system by an employee,” Pounder added. The college had no policy in place at the time informing employees that their communications might be monitored.

“According to the court’s case-law, telephone calls from business premises are prima facie covered by the notions of ‘private life’ and ‘correspondence’ for the purposes of Article 8,” said the court’s ruling.

http://news.com.com/E-mail+monitoring+may+violate+European+laws/2100-7348_3-6175495.html?tag=nefd.top

The internet is strictly monitored and censored in Saudi Arabia, with online pornographic material and politically themed websites blocked from public viewing.

While the cabinet passed the proposal, the king must give the final approval.

http://tech.monstersandcritics.com/news/article_1283704.php/Saudi_government_gets_tough_on_cybercrime_and_criminals

This move by the Swedish government follows several well-publicized incidents in 2006 when government and police websites were brought down by DoS attacks.

Up until now Sweden had no laws that specifically addressed DoS attacks, but a new draft amendment to hacking laws proposed by the government this week would punish such offences by a maximum of 2 years in jail.

Last summer’s incidents with the government and police sites have gone unpunished because the authorities could not prove who the perpetrators were, even though there was speculation that these attacks were related to raids on prominent pirate exchange site The Pirate Bay.

http://www.viruslist.com/en/news?id=208274043

According to IDC analyst Sue Feldman, the field of electronic document search and retrieval has “gone from practically zilch three years ago” to achieving 30 percent growth over the past year, in large part thanks to the changes to the FRCP. No wonder that established enterprise search application vendors like Autonomy, Recommind and Exalead have introduced new products or tweaked existing software to meet demand for the efficient storage and retrieval of electronic communications. For instance, Exalead CEO Alain Heurtebise told me that his Paris-based company closed a deal with EDS’s Italian subsidiary in 2006, and is being considered by IBM as an OEM partner for a storage and e-discovery application.

Paris-based business intelligence vendor Business Objects (Quote) picked Attensity to be its search partner in November, while Nstein has recently signed deals with Cognos (Quote) and Computer Sciences Corp. (Quote).

E-discovery application vendors promote their own special sauce for allowing corporate lawyers to sift through reams of data while de-duping and otherwise reducing irrelevant search results.

“If you’re ignorant about what you’re looking for, you’re obliged to go by serendipity,” he said.

http://www.internetnews.com/bus-news/print.php/3651836

It’s the start of an Interpol for the Internet. President Bush signed a bill that gives the commission broader authority to pursue e-crooks in other countries. The FTC had pushed for more than three years for the new powers, which will help it shut down scammers such as the polite Nigerians who e-mail thousands of people a day with tales of woe and promises of riches to those kind enough to help.

Increasingly, people operating e-mail scams or launching attacks with secretive programs that can steal personal information operate from Eastern Europe, Southeast Asia, Africa and other foreign locations. Sometimes they simply route their efforts through computer servers in multiple countries to make it more difficult for authorities to track them down.

“Commerce has gone global and so fraud follows.”

But the FTC said it had been hindered in such probes by legal barriers preventing it from sharing information with foreign countries or assisting them in their own investigations.

The legislation gives the FTC abilities similar to those granted in the 1990s to the Securities and Exchange Commission and the Commodity Futures Trading Commission to share information with foreign counterparts. Specifically, the US SAFE WEB Act — which stands for Undertaking Spam, Spyware, And Fraud Enforcement With Enforcers beyond Borders — gives the FTC the legal authority to share confidential information from its own investigations with foreign law enforcement authorities and assist them in their cases.

“These purveyors of bad applications can live in one country and affect people in 200 other countries,” said John Palfrey, executive director of the Berkman Center for Internet & Society at Harvard University. The center originally had some concerns with Smith’s legislation, particularly if the U.S. assisted investigations in other countries that have more restrictions on freedom of speech, said Ari Schwartz, the center’s deputy director. “It’s one thing to say that you want to be able to cooperate, but actually cooperating with foreign governments on these types of issues is more difficult,” said Schwartz, who recently attended a meeting in Brussels of the London Action Plan, a group promoting international cooperation on Internet fraud.

http://www.latimes.com/business/la-fi-foreignspam26dec26,1,741752.story?track=rss&ctrack=1&cset=true

Visa’s new Visa PCI Compliance Acceleration Program is designed to spur entities that are covered by PCI rules to comply in a speedy fashion, said Jennifer Fischer, a director at Visa U.S.A. “This program is part of our larger strategy for protecting cardholder data and to ensure that we are doing everything we can to protect it from compromise,” she said.

It targets the financial institutions responsible for the largest 1,200 merchants — known in PCI-speak as Level 1 and Level 2 merchants — which together account for about two-thirds of Visa’s total transaction volumes, she said.

Though nearly 18 months have passed since PCI rules went into full effect, only 36% of Tier 1 merchants and 15% of Tier 2 merchants are currently compliant with the requirements, according to Visa.

As part of the compliance validation process, merchants will need to show that they have purged all magnetic stripe data, Card Verification Value data and PIN data from their point-of-sale (POS) and other systems, Fischer said.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9006100&source=NLT_AM&nlid=1