Endpoint //

Privacy

4/11/2018
11:50 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Non-Profit Launches to Support Better International Data Privacy Policymaking

Toronto, Ontario, April 11, 2018 – Data Catalyst, a non-profit research and analysis organization, launched today with the release of two reports evaluating the state of data privacy regulations in Canada and Chile. The reports, authored by renowned data privacy experts Dr. Ann Cavoukian and Alejandro Barros respectively, provide insight into the goals of Data Catalyst and its Advisory Council (link) comprised of experts, industry leaders, and small businesses.

Data Catalyst’s introduction to the international data privacy community comes as implementation of the European Union’s General Data Protection Regulation (GDPR) rapidly approaches, questions about individual personal data protections grow, and the economic, societal, and technological benefits of data-driven industry reach new highs.  Through reports, original research, and expert assessments of specific initiatives, Data Catalyst will focus primarily on supporting the data privacy policy-making activities in countries throughout the Americas.

“Organizations like Data Catalyst and the International Council of Global Privacy and Security by Design, are rising to meet the unique challenges posed by an interconnected, data-driven world,” said Dr. Ann Cavoukian. “Through better understanding, a commitment to working together, and leveraging approaches like Privacy by Design, we can adopt a more integrated approach to solving the complex challenge of privacy; one that includes stakeholders from conception through execution and results in more informed, effective, and sustainable national and international privacy rules, to the benefit of everyone.”

Dr. Cavoukian’s report: GDPR and the Privacy Shake-up: Time to Abandon Zero-Sum Models and Shift to Positive-Sum Thinking is available here.

"Chile faces a number of challenges in these areas. The growing amount of data production and the importance of data to a dynamic economy strain outdated regulatory frameworks," said Chilean public innovation expert and Catalyst Advisory Council member Alejandro Barros. “In Chile and many nations around the world, it is time to create reasonable, incentive based frameworks for data regulation. Data Catalyst will help policymakers understand this need and to answer complex questions about transparency, security, and privacy.”

Alejandro Barros report: Acceso a los datos, desafíos y potencial is available here.

“Each current and future advisory council member offers unique perspectives and shares the core belief that complex policy questions are better answered with more information, adequate time, and a clear goal,” said Advisory Council member and Forward Strategies founder Jake Ward. “Our goal is to be a resource to policymakers with questions and provide opportunities for businesses with unique, invaluable insights to offer their expertise to the process. Creating data privacy regulations on any scale is complex and difficult and Data Catalyst is here to help promote an integrated approach that emphasizes collaboration among all stakeholders.”

Data Catalyst promotes an integrated approach to policymaking, which begins with an invitation to public and private stakeholders and the acknowledged shared goal of data driven innovation that benefits society, grows economies, and requires corporate responsibility.

Data Catalyst’s programs and products are shaped by the experience and expertise of its Advisory Council working toward the shared goals of (a) understanding and informing the data-driven world; and (b) promoting optimal and integrated data innovation and privacy policy. The Advisory Council provides informed and authoritative feedback on policy proposals and promotes privacy regulation that provides meaningful protection while enabling the use of data for economic and social good.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Ticketmaster Breach Part of Massive Payment Card Hacking Campaign
Jai Vijayan, Freelance writer,  7/10/2018
7 Ways to Keep DNS Safe
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/10/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Locked device, Ha! I knew there was another way in.
Current Issue
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14337
PUBLISHED: 2018-07-17
The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.
CVE-2018-14329
PUBLISHED: 2018-07-17
In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.
CVE-2018-14331
PUBLISHED: 2018-07-17
An issue was discovered in XiaoCms X1 v20140305. There is a CSRF vulnerability to change the administrator account password via admin/index.php?c=index&a=my.
CVE-2018-14333
PUBLISHED: 2018-07-17
TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has ...
CVE-2018-14334
PUBLISHED: 2018-07-17
manager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file upload because detection of a prohibited file extension simply sets the $errm value, and does not otherwise alter the flow of control. Consequently, one can upload and execute a .php file, a similar issue to CVE-2018-8766.