Posts relating to responding to security incidents, CERTs, CSIRTs and similar acronyms
At a meeting of TERENA’s CSIRT Task Force last week, I presented an updated version of my paper on Privacy and Incident Response. Responding effectively to incidents is essential to protect the privacy and other rights of individuals and organisations that use the Internet: compromises, phishing, etc. clearly infringe those rights. However incident response may […]
A bot is a program, maliciously installed on a computer, that allows that computer and thousands of others to be controlled by attackers. Bots are one of the major problems on the Internet, involved in many spam campaigns and distributed denial of service attacks, as well as allowing attackers to read private information from the […]
I’ve just sent in a Janet Submission to the Ministry of Justice’s Call for Evidence on the EU Data Protection proposals. Our response mentions the good and bad things about the proposal, as discussed here previously, for Internet Identifiers: still no clarity on when IP addresses etc. are personal data, but at least more realistic […]
The Commission’s proposed Data Protection Regulation seems very positive for Incident Response. Indeed Recital 39 explicitly supports the work of Incident Response Teams: The processing of data to the extent strictly necessary for the purposes of ensuring network and information security … by public authorities, Computer Emergency Response Teams … providers of electronic communications networks […]
Last week the European Commission published their proposed new Data Protection legislation. This will now be discussed and probably amended by the European Parliament and Council of Ministers before it becomes law, a process that most commentators expect to take at least two years. There’s a lot in the proposal so this post will just […]
An interesting reminder from the European Court of Justice (ECJ) that the Data Protection Directive (95/46/EC) is supposed to make processing and exchanging personal data easier as well as safer. The Directive contains a number of different reasons justifying processing of personal data (gathered together as Schedule 2 of the UK Data Protection Act 1998), […]
Questions about my last posting on Nominet’s DNS domain suspension discussions, have got me thinking a bit more about my idea of “domains registered for a criminal purpose”. My suggestion is that these should be the only domains that a top-level registry can remove on its own, rather than asking for the decision to be […]
An interesting news item from SWITCH, the Swiss NREN and also operator of the .ch and .li TLD registries, on how they are alerting website owners to malware and, if necessary, taking action to protect customers from being infected. Swiss law allows the registry to suspend a domain for five days, or longer if the […]
Nominet have published an issues paper asking whether there are circumstances in which it might be appropriate to rapidly suspend a DNS domain involved in criminal activity, and the processes that would be needed to ensure such action did not create too great a risk of unfairness. I’m writing this in an attempt to sort […]
An interesting morning yesterday at the launch of the Ministry of Justice’s Response to the Call for Evidence on the Current Data Protection Legislative Framework. JANET’s evidence focussed on the difficulties of applying data protection law to the Internet: the current law has proved unclear on the status of IP addresses and similar pseudonymous identifiers, […]