Predictions with Privacy for Patient Data

Predictions with Privacy for Patient Data

It has been proven that de-identified data points on anything from credit card transactions to healthcare records can be reidentified, often quickly, by trained data scientists with access to additional data points. A study conducted in 2000, for example, found that 87 percent of the U.S. population can be identified using a combination of their gender, birthdate and zip code.

Securing Autonomous Fleets with Global-Trained Localized Brains

Securing Autonomous Fleets with Global-Trained Localized Brains

It is possible to train machine learning models with private data sets so that no single data point is identified but statistical learning is maintained, including outliers like balls bouncing in the road or black ice conditions.  Just like with humans, the more you experience, the more you know how to react in the future.

The Spectre of Hardware Security Looming over Intel SGX

The Spectre of Hardware Security Looming over Intel SGX

As the fallout of the Spectre and Meltdown vulnerabilities settles, the future of in-silica security becomes fuzzier.  There are many comprehensive reports on the attack vectors, patches and respective performance degradation, perhaps most lucidly presented by Peter Bright at Ars Technica.

Banking on [Digital] Trust

Banking on [Digital] Trust

Trust cements the foundation of the banking industry.  Without it, we would be more apt to keep cash stuffed under our mattresses than in the impenetrable vault of a stranger. Modern digital banking wins and maintains customers' trust based on the security, transparency and accessibility of their data.  Unfortunately that trilogy is not always mutually inclusive.

Behavioral Futures and Surveillance Capitalism

Behavioral Futures and Surveillance Capitalism

The inevitable onslaught of targeted advertisements has both consumers and technology companies wondering whether there is any alternative future for internet economics.  Jonathan Shaw recently published a compelling piece in Harvard Magazine, breaking down some of the biggest challenges to our understanding of individual freedoms and technological progress.

Confusion in China's Cyber Laws

Confusion in China's Cyber Laws

The latest in a wave of sovereign data security laws has emerged from China, causing some alarm with companies trying to understand how it could impact their businesses.  Several sectors are identified as "critical information infrastructure", including telecommunications, information services and finance, who would be required to store personal information and sensitive business data in China.

Cloud Security by the Numbers

Cloud Security by the Numbers

With over 3,000 IT professionals surveyed, the recent Ponemon study sponsored by Gemalto addressed issues concerning the "Global State of Cloud Data Security."  The webcast can be viewed here and the report can be downloaded here.  The participants represented a good cross section of company scale and geographic location around the world.

Open Camps Conference at UN

Open Camps Conference at UN

The world's largest mission-driven open source conference, Open Camps aims to "break down barriers to technology innovation through open source governance, communities and collaboration." The Inpher team presented the _ultra development platform for application-level security and privacy at the Search Camp session in New York on July 10th.

Gone, Not Forgotten.

Gone, Not Forgotten.

Strong privacy laws that establish the 'right to be forgotten' may be unenforceable.  EU citizens can request that search engines remove results that are no longer relevant or accurate; however, researchers at NYU have found that even after links are delisted it is possible determine the names of individuals who petitioned for their removal.

[Secure] Sharing is Caring

[Secure] Sharing is Caring

Keyword search is enabled on shared data by utilizing a key exchange system based on standard public and secret key cryptography. The _ultra encrypted key architecture allows applications to manage information in vulnerable cloud or on-premise environments while keeping sensitive data unreadable to the infrastructure provider and host.

Rethinking IoT Security

Rethinking IoT Security

With over 20 billion devices coming online by 2020 and an estimated 25 vulnerabilities per product, it's no wonder that IoT security is a hot topic.  While acknowledging that encryption is not the complete answer, we maintain that data should be protected as it is created.

Safe Harbor 2.0 and the reaction of cyber imperialists

Safe Harbor 2.0 and the reaction of cyber imperialists

Mr. Schrems has his doubts about 'Safe Harbor 2.0', according to his recent interview with Ars Technica.  Others have been quick to jump on board with dissent, eyeing opportunities to become a neutral data haven.  According to John Whelan, a data privacy lawyer,  in an interview  with the Irish site independent.ie, “If Privacy Shield doesn't work out and ultimately data has to be segregated."

Attack of the Ombudsperson

The draft document for ‘Safe Harbor 2.0’ was released on March 2, and is pending review and approval by the EU Article 29 Working Party by the end of March (sure).  Sidley Austin’s Data Matters blog covers it well.  In summary, the new framework is ‘significantly different’ from Safe Harbor 1.0 so companies must re-certify to “ensure a level of protection of personal data..."

EU's GDPR Could Cost Firms up to $20m (4% of Global Revenue)

EU's GDPR Could Cost Firms up to $20m (4% of Global Revenue)

Firms are spending tens to hundreds of millions building new data centers in the EU to comply with post safe-harbor regulations in order to avoid hefty fines; up to $20m USD or 4% of global revenues.  Despite their best efforts, employees' unsanctioned use of cloud applications that contain personal data could still render companies liable.

And more on security concerns around IoT...

And more on security concerns around IoT...

Will the Internet of Things make it even harder to prevent cyber-crime? Research seems to show that it will. How can you protect your privacy and your private data with IoT taking over everything?

Making big data anonymous and useful.

Making big data anonymous and useful.

The Economist is educating their audience about the difficulty of fully homomorphic encryption and multi-party computation technology. They're noting that putting them to work on messy, real-world data is proving to be very tricky.