S. 1976: A bill to protect consumers by requiring reasonable security policies and procedures to protect data containing personal information, and to provide for nationwide notice in the event of a breach of security was introduced on January 20, 2014 by Sen. John “Jay” Rockefeller IV (D-WV).
Category Archives: Cyber Law
Theorizing the Web will be held in New York, NY this week.
Source – The White House:
The White House
Office of the Press Secretary
For Immediate Release March 26, 2014
EU-US Summit: Joint Statement
We, the leaders of the European Union and the United States, met today in Brussels to reaffirm our strong partnership. We reaffirmed our shared values of democracy, individual freedom, the rule of law and human rights, and a common commitment to open societies and economies. Starting from those values, the European Union and the United States work together every day to address issues of vital interest and importance to our citizens and the world. We strive to create jobs and sustainable growth through sound economic policies. We seek a landmark Transatlantic Trade and Investment Partnership to build our common prosperity. We undertake joint efforts to build security and stability around the globe and to tackle pressing global challenges like climate change. Today, we took stock of our achievements, set priorities and charted the way ahead for a stronger transatlantic relationship, and rededicated ourselves to building a safer, more prosperous world for future generations. . . .
. . . We commit to expand cooperation in research, innovation and new emerging technologies, and protection of intellectual property rights as strong drivers for increased trade and future economic growth. Our collaboration in the space domain also contributes to growth and global security, including on an International Code of Conduct for Outer Space Activities. We will combine wherever possible our efforts as we did in the Transatlantic Ocean Research Alliance and through the GPS/Galileo agreement. The Transatlantic Economic Council will continue its work to improve cooperation in emerging sectors, specifically e-mobility, e-health and new activities under the Innovation Action Partnership. . . .
. . . The transatlantic digital economy is integral to our economic growth, trade and innovation. Cross border data flows are critical to our economic vitality, and to our law enforcement and counterterrorism efforts. We affirm the need to promote data protection, privacy and free speech in the digital era while ensuring the security of our citizens. This is essential for trust in the online environment.
We have made considerable progress on a wide range of transnational security issues. We cooperate against terrorism in accordance with respect for human rights. Agreements such as the Passenger Name Record and Terrorist Finance Tracking Programme that prevent terrorism while respecting privacy are critical tools in our transatlantic cooperation. We will strengthen our coordination efforts to prevent and counter violent extremism. We will continue looking for appropriate mechanisms to counter the threats posed by fighters departing to Syria and other unstable regions, who return home where they may recruit new fighters, plan and conduct terrorist operations. We also work to address the threats posed by activities of groups contributing to instability in these regions. We welcome our increasingly close cooperation in building the capacity of partner countries to counter terrorism and violent extremism within a framework of rule of law, particularly in the Sahel, Maghreb, Horn of Africa region and Pakistan. We pledge to deepen and broaden this cooperation through the United Nations, the Global Counterterrorism Forum, and other relevant channels. We have also decided to expedite and enhance cooperation on threats directly affecting the security of EU and US diplomatic staff and facilities abroad.
Data protection and privacy are to remain an important part of our dialogue. We recall the steps already taken, including the EU-U.S. ad hoc Working Group, and take note of the European Commission Communication of 27 November 2013 and President Obama’s speech and Policy Directive of 17 January 2014. We will take further steps in this regard. We are committed to expedite negotiations of a meaningful and comprehensive data protection umbrella agreement for data exchanges in the field of police and judicial cooperation in criminal matters, including terrorism. We reaffirm our commitment in these negotiations to work to resolve the remaining issues, including judicial redress. By ensuring a high level of protection of personal data for citizens on both sides of the Atlantic, this agreement will facilitate transfers of data in this area. The United States and the EU will also boost effectiveness of the Mutual Legal Assistance Agreement – a key channel of cooperation in the digital era. In addition, we are committed to strengthening the Safe Harbour Framework in a comprehensive manner by summer 2014, to ensure data protection and enable trade through increased transparency, effective enforcement and legal certainty when data is transferred for commercial purposes.
The Internet has become a key global infrastructure. We share a commitment to a universal, open, secure, and reliable Internet, based on an inclusive, effective, and transparent multi-stakeholder model of governance. As such, we reaffirm that human rights apply equally online and offline, and we endeavour to strengthen and improve this model while working towards the further globalisation of core Internet institutions with the full involvement of all stakeholders. We look forward to the transition of key Internet domain name functions to the global multi-stakeholder community based on an acceptable proposal that has the community’s broad support. We acknowledge the good expert-level cooperation developed in the framework of the EU-US Working Group on Cyber Security and Cybercrime. We commend the political success of our joint initiative to launch a Global Alliance against Child Sexual Abuse Online, as the EU prepares to hand over the lead to the United States, and we decide to tackle jointly the issue of transnational child sex offenders. We reiterate our support for the Budapest Convention on cybercrime, and encourage its ratification and implementation. Building on all these achievements and guided by shared values, we have today decided to launch a comprehensive EU-US cyber dialogue to strengthen and further our cooperation including on various cyber-related foreign policy issues. . . .
Source – Institute for Information Law:
Post-Graduate Legal Education:
Privacy Law and Policy
Summer Course (July 7-11, 2014)
Programme Application Form Course Materials
General Information on the Summer Course
Description of the course:
This week-long summer course focuses on privacy law and policy related to the Internet, electronic communications and online and social media. It will explore the broader trends and recent developments in this rapidly changing field, and explain how businesses, governments and others can achieve their goals within it. The course will feature a distinguished faculty of European and American academics, regulators and practitioners who will investigate the EU and US legal frameworks and how they operate together.
Held in a historic building on one of Amsterdam’s most beautiful canals, the course will employ a seminar format that promotes interaction between participants and faculty and allows for a deeper examination of the subject than is possible at most professional conferences. Enrolment is limited to 25 participants.
See also the course flyer.
Objectives of the course:
At the conclusion of the course, participants will:
(1) Understand the latest developments in E.U. and U.S. privacy law related to the Internet, electronic communications and online and social media;
(2) Have insight into how these critical areas of privacy law and policy are likely to evolve in the future, and into the strategic and legal implications of these impending changes; and
(3) Possess a set of course materials containing the most current and relevant European and American legislative, judicial and regulatory documents in the area.
Dennis Hirsch, Geraldine W. Howell Professor of Law, Capital University Law School, USA
Kristina Irion, Marie Curie Fellow, Institute for Information Law, University of Amsterdam, NL
Daniel Cooper, Partner and Head of Global Privacy Practice, Covington & Burling, London, UK
Ian Brown, Associate Director, Oxford University Cyber Security Centre and Senior Research Fellow, Oxford Internet Institute, UK.
Chris Hoofnagle, Lecturer in Residence and Director, Information Privacy Programs, Berkeley Center for Law & Technology, UC Berkeley School of Law, US
Sjoera Nas, Internet and Telecom Expert, Dutch Data Protection Authority, NL
Christopher Kuner, Senior Of Counsel, Wilson Sonsini Goodrich & Rosati LLP, Brussels, BE
Joris van Hoboken, Postdoctoral Research Fellow, New York University, Information Law Institute, US
Neil Richards, Professor of Law, Washington University School of Law, St Louis, US
Expert Panel on the Role of ISPs in public and private surveillance:
Caroline Goemans-Dorny, Senior Counsel, Office of Legal Affairs at the INTERPOL General Secretariat, FR
Seda Gürses, Post-Doctoral Research Fellow, New York University, Media, Culture and Communications Department, US
Max Schremps, Founder of europe-v-facebook.org, AT
Moderator: Nico van Eijk, Professor of Media and Telecommunications Law and Director of the Institute for Information Law, University of Amsterdam, NL.
De Rode Hoed, Keizersgracht 102, Amsterdam.
The course is aimed at lawyers, government officials, NGO staff, academics, PhD students and others who work in the areas of privacy and data protection law. The course is taught at the post-graduate level. Participants should have some prior knowledge of the field.
At the close of the course, each participant will receive a Certificate of completion of the programme.
The tuition fee includes the seminar materials, five lunches, as well as the opening and closing receptions and a welcome dinner.
Standard fee € 1.975;
Participants from governmental and non-profit entities: € 1.100;
Participants from academic institutions: € 900.
See the online application form.
Check this Web site for forthcoming information about the course programme and faculty.
Institute for Information Law, University of Amsterdam,
Kloveniersburgwal 48, 1012 CX AMSTERDAM
tel: +31 20 525 3406 /fax: +31 20 525 3033
Source – The White House:
FACT SHEET: U.S.-EU Cyber Cooperation
The United States and the European Union work in close coordination on cyber-related issues both bilaterally and in multilateral fora. This cooperation is founded on our shared values, our interest in an open and interoperable Internet, and our commitment to multistakeholder Internet governance, Internet freedom, and protecting human rights in cyberspace. International cyberspace developments are central to our broader foreign and security policy, and are key elements of our strategic partnership.
U.S.-EU Cyber Dialogue
The new high-level U.S.-EU Cyber Dialogue announced at the 2014 U.S.-EU Summit will formalize and broaden our cooperation on cyber issues, building on shared commitments and achievements in key areas. This strategic dialogue will be the platform for close U.S.-EU coordination on:
International cyberspace developments;
Promotion and protection of human rights online;
International security issues, such as norms of behavior in cyberspace, cyber security confidence building measures, and application of existing international law; and
Cybersecurity capacity building in third countries.
U.S.-EU Working Group on Cybersecurity and Cybercrime
Established in the context of the 2010 Lisbon U.S.-EU Summit, this Working Group serves as a framework for U.S.-EU collaboration to enhance cybersecurity and cybercrime activities and contribute to countering global cybersecurity threats. The Working Group focuses on four areas where cooperative approaches add significant value to both regions: cyber incident management, public-private partnership on critical infrastructure cybersecurity, cybersecurity awareness raising, and cybercrime. Since its creation, the Working Group has successfully conducted a transatlantic cyber exercise, organized information exchanges on national and regional cyber exercises, developed public-private workshops on industrial control systems, and jointly promoted National Cyber Awareness Month in the U.S. and Europe, among other activities. The Working Group continues to focus on incident management and response, awareness raising, critical infrastructure protection, combatting botnets, promoting the Budapest Convention on Cybercrime, and enhancing the security of domain names and Internet Protocol addresses.
The Working Group played a central role in the December 2012 launch of the Global Alliance against Child Sexual Abuse Online, a coalition of over 50 countries that have come together to actively combat, reduce, and prosecute child sexual abuse and exploitation online. The U.S. will take over the chairmanship of the Global Alliance in 2014, and plans are underway for a follow on conference later this year.
Information Society Dialogue (ISD)
The ISD ensures the coordination of an on-going working relationship between the USG and EU on important communication and information policy issues. ISD discussions typically include overarching issues such as internet governance, as well as a specific focus on cross-border data flows/cloud computing, data protection/data privacy, wireless spectrum management, broadband rollout, research and development cooperation, and 3rd-country market access issues.
Source – ITU:
ITU drives global effort to strengthen cybersecurity
Global index measures national cybersecurity resilience
Dubai, 2 April 2014 – ITU presented the Global Cybersecurity Index (GCI), a unique initiative launched by ITU and ABI Research to measure the levels of cybersecurity in countries, at a forum held in Dubai today. It underlies ITU’s commitment to strengthening cybersecurity and plugging the gaps worldwide while building capacity at the national level, particularly in developing countries.
The long term aim is to drive further efforts in the adoption and integration of cybersecurity on a global scale. A comparison of national cybersecurity strategies will reveal those countries with high rankings in specific areas, and consequently highlight lesser known – yet successful – cybersecurity strategies.
Based on questionnaire responses received by ITU Member States, a first analysis of cybersecurity development in the Arab region was compiled and one for the Africa region is under way. The objective is to release a global status of cybersecurity for 2014.
“Greater connectivity also brings with it greater risk,” said ITU Secretary-General Hamadoun I. Touré. “As our physical and cyber worlds overlap, there is an increased need to address the related challenges of ensuring security, human rights, rule of law, good governance and economic development.”
“In embracing technological progress, cybersecurity must form an integral and invisible part of that process,” said Brahima Sanou, Director of ITU’s Telecommunication Development Bureau addressing the forum. “Unfortunately, cybersecurity is not yet at the core of many national and industrial technology strategies.”
The goal of the GCI is to help foster a global culture of cybersecurity and its integration at the core of information and communication technologies. “Countries need to be aware of their current capability level in cybersecurity and, at the same time, identify areas where cybersecurity needs to be enhanced,” Sanou stressed.
The forum on Measuring Countries’ Readiness and Build Capacity on Cybersecurity was held at ITU’s World Telecommunication Development Conference that opened in Dubai on 30 March and will be in session until 10 April.
Media accreditation for WTDC-14 is compulsory. Please see: www.itu.int/en/newsroom/wtdc-14/Pages/media-accreditation.aspx
Media-relevant videos can be accessed at the WTDC-14 Newsroom: http://bit.ly/1jXuGP5 – http://bit.ly/1mojk3Z
The Report is available at: www.itu.int/en/ITU-D/Cybersecurity/Pages/GCI.aspx
Photos are available at: www.flickr.com/photos/itupictures
Source – EU Parliament:
European Parliament legislative resolution of 2 April 2014 on the proposal for a directive of the European Parliament and of the Council amending Council Directive 64/432/EEC as regards computer databases which are part of the surveillance networks in the Member States (COM(2011)0524 – C7-0229/2011 – 2011/0228(COD)) (Ordinary legislative procedure: first reading)
The European Parliament ,
– having regard to the Commission proposal to Parliament and the Council (COM(2011)0524),
– having regard to Article 294(2) and Article 43(2) of the Treaty on the Functioning of the European Union, pursuant to which the Commission submitted the proposal to Parliament (C7-0229/2011),
– having regard to Article 294(3) of the Treaty on the Functioning of the European Union,
– having regard to the opinion of the European Economic and Social Committee of 7 December 2011(1) ,
– having regard to the undertaking given by the Council representative by letter of 10 July 2013 to approve Parliament’s position, in accordance with Article 294(4) of the Treaty on the Functioning of the European Union,
– having regard to Rule 55 of its Rules of Procedure,
– having regard to the report of the Committee on the Environment, Public Health and Food Safety and the opinion of the Committee on Agriculture and Rural Development (A7-0201/2012),
1. Adopts its position at first reading hereinafter set out;
2. Calls on the Commission to refer the matter to Parliament again if it intends to amend its proposal substantially or replace it with another text;
3. Instructs its President to forward its position to the Council, the Commission and the national parliaments.
(1) OJ C 43, 15.2.2012, p. 64.
The White House
Office of the Press Secretary
For Immediate Release March 27, 2014
FACT SHEET: The Administration’s Proposal for Ending the Section 215 Bulk Telephony Metadata Program
On January 17, 2014, President Obama gave a speech at the Department of Justice on his Administration’s review of certain intelligence activities. During this speech, he ordered a transition that would end the Section 215 bulk telephony metadata program as it previously existed and establish a new mechanism to preserve the capabilities we need without the government holding this bulk metadata. The President made clear that he was ordering this transition to give the public greater confidence that their privacy is appropriately protected, while maintaining the tools our intelligence and law enforcement agencies need to keep us safe. This fact sheet describes the steps the Administration has taken to implement this transition, details the President’s proposal for a new program to replace the Section 215 program, and outlines the steps the Administration will be taking in the near future to realize the President’s vision.
Ending the Section 215 Bulk Telephony Metadata Program as it Existed
On January 17, 2014, the President directed the first step in the transition of the Section 215 program; that the Department of Justice (DOJ) to seek to modify the program to ensure that:
Absent an emergency situation, the government can query the telephony metadata collected pursuant to the program only after a judge approves the use of specific numbers for such queries based on national security concerns; and
The results of any query are limited to metadata within two hops of the selection term being used, instead of three.
On February 5, 2014, the Foreign Intelligence Surveillance Court (FISC) approved the government’s request to modify the program.
The President’s Proposal to Replace the Section 215 Program
For the second step in the transition, the President instructed the Attorney General and the Intelligence Community (IC) to develop options for a new program that could match the capabilities and fill the gaps that the Section 215 metadata program was designed to address without the government holding the bulk telephony metadata records. The President further instructed the Attorney General and the IC to report back to him with options for alternative approaches before the program comes up for reauthorization by the FISC on March 28th.
Consistent with this directive, DOJ and the IC developed options designed to meet the criteria the President laid out in his speech — to preserve the capabilities we need without the government holding this metadata. The Administration has also consulted with Congress, the private sector, privacy and civil liberties groups, and other interested groups.
On the basis of these consultations, and after having carefully considered the available options, the President has decided on a proposal that will, with the passage of appropriate legislation, allow the government to end bulk collection of telephony metadata records under Section 215, while ensuring that the government has access to the information it needs to meet its national security requirements. Under the President’s proposal, a new program would be created with the following key attributes:
the government will not collect these telephone records in bulk; rather, the records would remain at the telephone companies for the length of time they currently do today;
absent an emergency situation, the government would obtain the records only pursuant to individual orders from the FISC approving the use of specific numbers for such queries, if a judge agrees based on national security concerns;
the records provided to the government in response to queries would only be within two hops of the selection term being used, and the government’s handling of any records it acquires will be governed by minimization procedures approved by the FISC;
the court-approved numbers could be used to query the data over a limited period of time without returning to the FISC for approval, and the production of records would be ongoing and prospective; and
the companies would be compelled by court order to provide technical assistance to ensure that the records can be queried and that results are transmitted to the government in a usable format and in a timely manner.
The President believes that this approach will best ensure that we have the information we need to meet our intelligence requirements while enhancing public confidence in the manner in which this information is collected and held.
The Path Forward
Legislation will be needed to implement the President’s proposal. The Administration has been in consultation with congressional leadership and members of the Intelligence and Judiciary Committees on this important issue throughout the last year, and we look forward to continuing to work with Congress to pass a bill that achieves the goals the President has put forward. Given that this legislation will not be in place by March 28 and given the importance of maintaining the capabilities in question, the President has directed DOJ to seek from the FISC a 90-day reauthorization of the existing program, which includes the substantial modifications in effect since February.
Global thrust to achieve universal broadband connectivity
ITU World Telecommunication Development Conference opens in Dubai, United Arab Emirates
MEDIA ACCREDITATION OPEN
Dubai, 30 March 2014 – The sixth ITU World Telecommunication Development Conference (WTDC-14) opened today in Dubai, United Arab Emirates, with a call to achieve universal broadband connectivity. Under the theme ‘Broadband for Sustainable Development’, the conference will focus on development priorities in telecommunications and information and communication technologies (ICT) and agree on the programmes, projects and initiatives to implement them.
Mr Mohamed Nasser Al Ghanim, Director General of the Telecommunication Regulatory Authority of the United Arab Emirates and Head of the UAE delegation was elected Chairman of the Conference. He noted that the focus on the theme ‘Broadband for Sustainable Development’ brings attention to the critical aspect of leading edge ICT in enhancing a nation’s development. “Since the beginning of this Millennium, mobile cellular subscriptions have continued to rise, social media usage has rocketed, and an ever increasing number of people across the globe have been able to access the Internet, making use of the immeasurable quantity of information that greater connectivity provides,” said Mr Al Ghanim. “Yet one of the most persisting concerns that face us all is the ‘digital divide’. Serious practical solutions are required to close the gap and stem this endemic inequality of access.”
“ICTs, and in particular broadband networks, offer perhaps the greatest opportunity we have ever had to make rapid and profound advances in global social and economic development,” Said ITU Secretary-General Hamadoun Touré at the opening ceremony of WTDC-14. “By delivering efficiencies across so many areas, from education and healthcare to transportation, water and energy, broadband networks can quickly pay for themselves, creating a virtuous circle of investment, productivity and human development.”
The Director of ITU’s Telecommunication Development Bureau, Mr Brahima Sanou said that in the recent past, the growth of ICTs and their relevance in advancing the economic and social well-being of people have been extraordinary. “Yet, despite progress, significant challenges remain,” Mr Sanou said. “And that is the reason we are here. We need to create conditions for entrepreneurships and innovation; we need to create conducive and enabling regulatory environments to reach digital inclusion for all.” Mr Sanou stressed that “we should work together to put ICTs in the hands of ordinary people”.
One of the expected outcomes of WTDC-14 is the Dubai Action Plan – which will set the agenda for telecommunication and information and communication technologies development over the next four years. The dialogue, which will shape the future of the telecommunication and ICT sector and its contribution to social and economic development, will focus on:
Sound policies and regulatory frameworks that will foster investment and further develop telecom/ICT networks
Improved access to ICT applications to provide people with services such as education, health, and empower them with the means to achieve sustainable development
Increased safety and security in the use of telecoms/ICTs
Capacity building in the area of ICTs
WTDC-14 opened with the screening of a film on telecommunication and ICT development. Some 1650 participants from around 150 countries attended the Conference opening, including over 60 ministers and high-level delegates.
BROADBAND FOR SUSTAINABLE DEVELOPMENT
An Executive Strategic Dialogue on Broadband for Sustainable Development was held on Saturday, 29 March.
The event provided a platform for an interactive debate on the trends, challenges and opportunities of the telecom/ICT sector. In particular, it focused on strategies and policies directed towards broadband development worldwide.
Noting that there are almost 1.5 billion smart phones in use, and that number is likely to double in the next few years, ITU Secretary-General Hamadoun I. Touré said, “The broadband universe is evolving incredibly quickly, especially with the advent of mobile broadband, which is the fastest growing technology in human history. Most of this growth will come in developing countries, if the pattern of recent years continues to be repeated – with 90 per cent of the mobile growth and over 80 per cent of the growth in Internet users coming from the developing world over the past four years.” Dr Touré stressed that we need to continue measuring progress in order to see what still needs to be done and added: “What we decide and define here in Dubai over the next two weeks will shape not just the future of ICT development over the next four years – but the future shape of the very world we live in.”
In his opening remarks, Brahima Sanou, Director of ITU’s Telecommunication Development Bureau said, “We still have the huge challenge of bridging the ‘broadband divide’ by exploring, debating and innovating the best ways to reinforce impact related to deploying broadband infrastructure and making broadband-based services and applications affordable.”
Mr Sanou added: “I do not doubt that the impact of broadband is significantly reinforced by the power of the mobile revolution. With more than 6.8 billion mobile subscriptions worldwide, we need, now more than ever, to join forces to empower people – no matter where they live – and contribute to socio-economic development.”
The keynote speaker was Mr Gerd Leonard, Futurist and CEO of The Futures Agency (Switzerland). Panellists included Mr John Nasasira, Minister of Information and Communication Technologies, Uganda; Mr Mohamed Nasser Al Ghanim, Director General, Telecommunications Regulatory Authority, UAE; Mr. Yoon Jong-Rok, Vice-Minister, Ministry of Science, ICT and Future Planning, Republic of Korea; Ms Kathryn C. Brown, Chief Executive Officer, Internet Society; Mr Samer Halawi, Chief Executive Officer, Thuraya; Mr Luigi Gambardella, Chairman of Executive Board, European Telecommunications Network Operators’ Association; and Ms Lobna Smida, Policy Expert in Accessibility, Tunisia.
A series of events during WTDC-14 will address a number of ICT development issues:
Source – ABA:
Section of Public Utility, Communications and Transportation Law 2014 Annual Spring Meeting (Virtual)
Date: Tuesday, April 29, 2014 – Wednesday, April 30, 2014
Format: Live Webinar
Duration of Each Program: 90 minutes
The American Bar Association Section of Public Utility Communications and Transportation Law, Section of Science and Technology Law, Section of State and Local Government Law and Center for Professional Development
Time of each program below varies. Please click each program title for details.
Section of Public Utility, Communications and Transportation Law 2014 Annual Spring Meeting (Virtual)
Register for the entire series or alternatively view additional information and register for individual programs via the links below.
The practice of public utility, communications, and transportation is in significant flux. The American Bar Association’s Section of Public Utility, Communications and Transportation Law is committed to providing the resources attorneys need to be successful in navigating both emerging substantive topics and increasing challenges associated with the practice of law in these areas.
These programs will bring together leading experts who will address issues of fracking, emergency planning for natural disasters, and cybersecurity.
Building the Ark When the Sun is Shining: Emergency Planning for Utilities in 2014
Date: Tuesday, April 29, 2014
Event code: cet4baw
Shale Gas�Infrastructure, Impacts and Issues
Date: Tuesday, April 29, 2014
Event code: cet4tfg
Securing Utilities in an Insecure Age: Cyber and Physical Security Challenges in 2014
Date: Wednesday, April 30, 2014
Event code: cet4sui