Saundra Kae Rubel on 11 June 2005 at 23:30 said:-
> Yes, but does the EU or it's member states have a regulation that
> reads if there is a security breach then notice must be made? If you
> all don't then there are probably breaches happening all the time that
> are not disclosed.
>
> From the Don't bash the U.S. dept.
Some do admit to their own mistakes, when they see them, others implement
some rectification, and yet others do not see some things as mistakes at
all.
If mistakes/weaknesses are not perceived, notification from others may
occasionally be tiresome but can be very helpful. One example is the one
you give; another would be where public area CCTV control rooms are taken
over by the police on the authority of a senior police officer with only
police staff authorised to enter. No mention of the courts or other
external independent body authorising that process. And yet, sigh..,
strangely enough such actions, along with a constant surveillance, are
perceived in many areas as one of the greatest dangers for a society,
leading on to ever tightening rules and regulations.
Can US CCTV public area control rooms be taken into police control without
independent recourse to the courts/an external body, or do the police make
all the decisions?
Are any internal safeguards which consistently create obvious dangers for
all involved sufficient as safeguards on their own?
Would a DPO who focused rigidly only upon an organisations needs be
correctly implementing the DPA, safeguarding data subjects and effectively
progressing/protecting their organisation?
If not then external criticism should be welcomed as providing an
independent and valuable viewpoint, unless of course that is seen as not
conducive to proper security!
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Saundra Kae Rubel
> Sent: 11 June 2005 23:30
> To: [log in to unmask]
> Subject: Re: That Citibank error
>
>
> Yes, but does the EU or it's member states have a regulation
> that reads if there is a security breach then notice must be
> made? If you all don't then there are probably breaches
> happening all the time that are not disclosed.
>
> From the Don't bash the U.S. dept.
>
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of davidwyatt
> Sent: Friday, June 10, 2005 3:20 PM
> To: [log in to unmask]
> Subject: Re: [data-protection] That Citibank error
>
> Seems to me it was simply one journalistic interpretation of
> a single quote.
> Is the UK security any better?
>
> David Wyatt
>
> ----- Original Message -----
> From: "Tim Trent" <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: Friday, June 10, 2005 11:14 AM
> Subject: [data-protection] That Citibank error
>
>
> > I'm indebted to Michael Doherty for the link to
> > http://www.iht.com/articles/2005/06/09/business/data.php
> >
> > That quote: Right at the end - "This is a capitalist society,"
> Schneier
> > said, suggesting that no company can be expected to spend money to
> improve
> > things simply "for the public good."
> >
> > More than slightly scary. Schneier is a security expert and he
> appears to
> > be confirming that the US for sure is not a safe haven for data.
> Period.
> >
> >
> >
> > Tim Trent - Consultant
> > Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
> > email: [log in to unmask]
> > <blocked::mailto:[log in to unmask]>
> > Marketing Improvement Limited, Abbey House, Grenville Place,
> Bracknell,
> > United Kingdom, RG12 1BP
> <blocked::http://www.marketingimprovement.com/>
> > http://www.marketingimprovement.com
> >
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to
> the list owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|