Data Privacy

As the FBI continues its investigation into the deadly San Bernadino terror attack from last December, it has run into an unlikely adversary in Apple, which has refused the Bureau’s requests to defeat the security measures of one of the terrorists’ iPhones. While the legal struggle over this raises the larger question of how much liberty should be sacrificed in the name of security, at stake for compliance officers is whether or not there can ever be true data security should Apple be forced to do the FBI’s bidding.

Recommind, an advanced analytics provider, announced that it has integrated Microsoft Office 365 into the newest version of Axcelerate, its cloud-based e-Discovery platform. The collaboration streamlines discovery by enabling joint customers to easily and effectively cull data in the Office 365 environment before exporting it into Axcelerate for total visibility into discovery strategies.

The European Union and the United States have agreed on a new framework that will allow for trans-Atlantic data flows between Europe and the United States. The new arrangement will provide stronger obligations on U.S. companies to protect the personal data of Europeans and stronger monitoring and enforcement by the U.S. Department of Commerce and Federal Trade Commission, including through increased cooperation with European data protection authorities.

Sweeping changes to the EU’s data protection laws means new compliance headaches for any U.S. company that collects and handles data on citizens of the European Union. “It’s a game changer, primarily because it sets standards that many companies haven’t had to worry about,” said Hilary Wandall, associate vice president of compliance and chief privacy officer at global healthcare giant Merck.

You may have not even noticed it, but discreetly tucked into the massive omnibus spending bill signed into law last month is a provision that effectively makes it safer for companies to share cyber-threat information with one another—but critics argue the bill doesn’t go far enough to ease privacy concerns.

Ahead of the February launch of its new suite of cyber-risk management tools, RMS today released its recently developed Cyber Exposure Data Schema. The ‘open standard’ data schema will provide the insurance industry with a systematic and uniform way to capture cyber exposure data and manage cyber accumulation risk.

PwC US has named Patrick Hynes as a principal in the advisory cyber-security practice, focused on cyber-crime and breach response. He is based in PwC’s Los Angeles office.

The Securities and Exchange Commission has broad subpoena powers that this dedicated corps of highly credentialed professionals—inspired by a noble sense of mission, and rich with a long history of investor advocacy—tries to use in the best way possible. But when it comes to issuing subpoenas for electronic storage devices, the SEC needs a reality check against asking too much of its witnesses with overly broad requests that might actually do more harm than good.

PwC US has appointed Patrick Hynes as a principal in the advisory cybersecurity practice, focused on cybercrime and breach response. He is based in PwC’s Los Angeles office. Hynes joins PwC with a strong background in cyber-security.