Categories
Articles

Misconfiguration may be harmful

Darknets are well known as a place to look for Internet threats, but a presentation by RESTENA and CIRCL at this week’s TF-CSIRT meeting suggested they may also show up other kinds of problems. Darknets are parts of the IP address space that are routed but not used, so there should be no legitimate packets […]

Categories
Closed Consultations

Defamation Bill – process for website operators

[Updated to add clause 6 on peer-reviewed scientific and academic journals] The House of Lords debate of clause 5 of the Defamation Bill this week suggested that the Bill might make it easier for universities and colleges to support vigorous debate through their websites. As Lord May (once the government’s chief scientific advisor) pointed out, […]

Categories
Articles

ENISA Guide to Risk Mitigation for BYOD

ENISA have published a useful set of controls and best practices for managing the risks in a Bring Your Own Device (BYOD) program. They identify three groups of controls Governance Legal, Regulatory and HR Technical (Device, Application, User and Data) Throughout, the focus is on the owners, not the devices, which seems right. If the […]

Categories
Articles

ICC Cookie Guide updates

The International Chamber of Commerce has published a revised version of its Cookie Guide, reflecting the new information that has been produced by the Information Commissioner and Article 29 Working Party since the original version last April. There are relatively few changes to the existing text, in particular the four ICC categories of cookie remain […]

Categories
Articles

Art.29WP on Cookies – specific and pragmatic advice

The e-Privacy Directive’s provisions on cookies exempt two classes of cookies from the requirement to gain consent (though if they relate to individual users, websites still need to inform users about them, under data protection law): CRITERION A: the cookie is used “for the sole purpose of carrying out the transmission of a communication over […]