Understanding the robustness of a perimeter defense

This video shows the different penetrating power of various pistol caliber and gives a useful tip for those who (claim to) work in the IT security field: when setting up a perimeter defense, the “penetrating power” of the attack should be taken into account.

In other words, there is no “one-fit-all” solution when it comes to building a digital bulletproof vest, and if somebody thinks that a fancy leather jacket might be the very same than a kevlar vest with ceramic plates, he might be wrong. Deadly, as it would be the infrastructure he claimed to protect.

The Data Protection Authorities and the Liability for fines’ early warning

I do not understand the choice of some Personal Data Authorities to publicly anticipate the decision to fine a Data Controller instead of just doing it and then spread the news.

Indeed, many large companies are listed on the stock exchange or may suffer negative consequences from a simple announcement such as “we are thinking of fining…”. What happens, then, if the fine does not come or – worse – if it is cancelled following a judicial appeal? There will be a similar press-release that will say “we are deeply sorry, we were wrong, the judge turned us down?”

Now, if obviously it is not possible to ask for damages for the application (in good faith) of a fine then revoked by the judge, it is not automatically so for behavior that goes beyond the strict observance of the fining procedures.

Attention and care should be paid, therefore, to publicly anticipate decisions that are not definitive, especially without indicating the date when the appeal is no more allowed or the fact that the owner has challenged the fine in Court.

Protecting Personal Information in the High-Tech Business – A Special Lecture at Nagoya University

Special Lecture

Protecting Personal Information in the High-Tech Business
The impact of Privacy and Data Protection on the Japan/EU commercial relationships

Prof. Andrea MONTI «Gabriele d’Annunzio» University, Pescara

July 25, 2019 – 16:30-18:00
Asian Legal Exchange Plaza, Lecture Room 2


For information and registration please contact Prof. Giorgio F. COLOMBO: colombo@law.nagoya-u.ac.jp

This lecture is supported by JSPS Kaken-hi Grant 17H00963


GDPR and the LAPD Historical Photo Archive

The Los Angeles Police to open its historical archive of photos, some of which date back to 1925, taken by officers on duty: a unique opportunity to look at the American society and its evolution from the perspective of crime and those who fight it.

Fortunately, in the US, there is no rule similar to the GDPR’s distorted and forced interpretation that would prevent the publication of photographs like these.

The prevalence of the “right to history” over the processing of data of now deceased people – and not only – is an issue that I have dealt with extensively in Protecting Personal Information.

We must stop thinking that the sea of law is inhabited only by the GDPR and, above all, that the GDPR is the “biggest fish in the pond”.

How Hypocritical Is To Pretend To Care about Customers!

Another clichè now ubiquitous is that for which the “customer – or, as far as the GDPR is concerned, the data-subject – must be pampered”.

The result is that the narrative of corporate communication pours so much sugar and honey that it causes a hyperglycemic crisis at the mere sight of a poster or an advertising film. However, in the reality check, the user is faced with a carnivorous plant: beautiful on the outside – to attract the victims – and deadly on the inside. Continue reading “How Hypocritical Is To Pretend To Care about Customers!”