Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Jake Kouns (jkounsopensecurityfoundation.org)
Date: Mon Nov 22 2010 - 00:22:56 CST
The UK Information Commissioner's Office (ICO) signed an agreement
with Google Friday that requires the search engine giant to implement
more security training for employees and data protection requirements
for new features in the wake of Google's Wi-Fi data collection breach.
Google already announced that it would make these changes to its
internal policies, however, so the agreement is somewhat of a
formality, though the ICO said it would conduct a "full audit of
Google's internal privacy structure, privacy training programs, and
its system of privacy reviews for new products" sometime in the next
The agreement was signed by Alan Eustace, senior vice president at Google.
"I am very pleased to have a firm commitment from Google to work with
my office to improve its handling of personal information,"
information commissioner Christopher Graham said in a statement. "We
don't want another breach like the collection of payload data by
Google Street View vehicles to occur again."
The agreement comes almost a month after the ICO re-opened its
investigation into Google's Wi-Fi data collection. That came days
after Google said that it collected entire e-mails, URLs, and
passwords when its Street View cars accidentally sniffed unencrypted
Wi-Fi networks. The company first admitted the misstep in May, but had
not yet determined whether personally identifiable information was
included among the data. In July, the ICO said the issue was closed,
but re-opened its case after Google's admission.
In the U.S., the Federal Trade Commission closed its investigation on
the issue after Google implemented its privacy changes, but the
Federal Communications Commission announced recently that it would
conduct its own inquiry.
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list
Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works