Andrew Charlesworth explains that one aspect of GDPR that’s easily missed is that it applies to all CCTV systems – from a single camera monitoring an entrance to a large public system.
Organisations are putting themselves at risk of breaching the GDPR because they’re failing to realise that the new regulations cover their CCTV systems and the visual data they collect. These are the words of Andrew Charlesworth, Reader in IT Law at the University of Bristol, and come just over six months until the GDPR becomes law.
In a white paper written for Cloudview, Charlesworth says that because CCTV systems have been lightly regulated until now, there is a danger that users will not understand their obligations under the new legislation. New IP-based systems can expose operators to significant data protection and privacy risks, but he uses a recent court case to show how data protection legislation applies to all CCTV systems which record and store visual data, both public and private.
Charlesworth cites a dispute earlier this year between two householders in Scotland where one recorded and stored data covering the other’s private property and from which they could be identified. This resulted in damages of more than £17,000 for distress caused – and the court was not asked to consider whether data was kept appropriately secure and met other data protection requirements, which would also be considerations for data controllers running CCTV systems. Potential fines under the GDPR are much greater, up to €20 million or four per cent of turnover, whichever is higher.
As there is no compulsory registration process it is difficult to get an accurate estimate of CCTV cameras in the UK. In 2015 the British Security Industry Association said there were between four and six million cameras. Cloudview’s own research suggests there are currently around 8.2 million cameras, all of which will need to comply with the GDPR.
‘Changing technology created the need for the GDPR, altering both the data protection environment and public perceptions of what constitutes acceptable data processing,’ explains Charlesworth.
‘From May all CCTV operators will have to be proactive in assessing, improving and ‘evergreening’ their compliance efforts – tickbox compliance will no longer be sufficient. However, GDPR provides a significant opportunity to enhance the industry’s public image as a valued and trusted service, rather than an unaccountable and privacy invasive ‘eye in the sky’.
‘The judge’s final comments in the case of Woolley v Akbar2 are telling – the default position is that any professional (individual or organisation) setting up a surveillance system will be aware of the potential impact of their activities on data subjects, and be familiar with the application of relevant law and guidance.’
‘As Andrew points out, there are already precedents for fining CCTV users who breach existing data protection legislation,’ adds James Wickes, CEO and co-founder of Cloudview.
‘Users need to assess their CCTV systems alongside the rest of their IT, and remember that the law applies to everything from a single camera monitoring the entrance to their office or home to a larger system used in a business, housing or public spaces.
‘The good news is that the GDPR gives CCTV users an opportunity to tackle what is often a negative image and take the lead in demonstrating accountability and privacy protection. They can also use new technologies such as cloud, which enable them to meet the new regulations while improving data accessibility and security.’
Image captionThe security services have warned about the dangers of toys being exploited by malicious hackers
Consumer watchdog Which? has called on retailers to stop selling some popular toys it says have "proven" security issues.
Those toys include Furby Connect, the i-Que robot, Cloudpets and Toy-fi Teddy.
Which? found that there was no authentication required between the toys and the devices they could link with via Bluetooth.
Two of the manufacturers said they took security very seriously.
The lack of authentication meant that, in theory, any device within physical range could link to the toy and take control or send messages, the watchdog said.
"Connected toys are becoming increasingly popular, but as our investigation shows, anyone considering buying one should apply a level of caution," said Alex Neill, managing director of home products and services at Which?
"Safety and security should be the absolute priority with any toy. If that can't be guaranteed, then the products should not be sold."
Hasbro, which makes the Furby Connect, said in a statement that it believed the results of the tests carried out for Which? had been achieved in very specific conditions.
Media captionGerman parents had already been advised in February to destroy a smart doll that could be used to spy on children
"A tremendous amount of engineering would be required to reverse-engineer the product as well as to create new firmware," it said.
"We feel confident in the way we have designed both the toy and the app to deliver a secure play experience."
I-Que maker Vivid Imagination said there had been "no reports of these products being used in a malicious way" but added that it would review Which?'s recommendations.
Spiral Toys, which makes Cloudpets and Toy Fi, did not comment.
Other toys tested by Which? included the Wowee Chip, Mattel Hello Barbie and Fisher Price Smart Toy Bear - but these were not found to have serious security concerns.
Cyber-security expert Prof Alan Woodward, from Surrey University, told the BBC it was a "no brainer" that toys with security issues should not be put on sale.
"Sadly, there have been many examples in the past two to three years of connected toys that have security flaws that put children at risk," he said.
"Whether it is sloppiness on the part of the manufacturer, or their rush to build a product down to a certain price, the consequences are the same.
"To produce these toys is bad enough, but to then stock them as a retailer knowing that they are potentially putting children at risk is quite unacceptable."
Microsoft co-founder and philanthropist Bill Gates. REUTERS/Rick Wilking
Bill Gates is going to invest $50 million in the Dementia Discovery Fund.
Followed by another $50 million in to a number of start-up ventures working in Alzheimer's research.
Dementia currently affects 50 million people and is expected to reach 131 million people by 2050.
Gates also hopes to help build a dementia data platform to help with the identification of patterns by researchers worldwide.
LONDON (Reuters) - Billionaire Microsoft co-founder Bill Gates is to invest $50 million (£38.2 million) in the Dementia Discovery Fund, a venture capital fund that brings together industry and government to seek treatments for the brain-wasting disease.
The investment is not part of Gates' philanthropic Bill & Melinda Gates Foundation and will be followed with another $50 million in a number of start-up ventures working in Alzheimer's research, Gates said.
With rapidly rising numbers of people suffering from Alzheimer's and other forms of dementia, the disease is taking a growing emotional and financial toll as people live longer, Gates told Reuters in an interview.
"It's a huge problem, a growing problem, and the scale of the tragedy — even for the people who stay alive — is very high," he said.
Despite decades of scientific research, there is no treatment that can slow the progression of Alzheimer's. Current drugs can do no more than ease some of the symptoms.
Gates said, however, that with focused and well-funded innovation, he's "optimistic" treatments can be found, even if they might be more than a decade away.
"It'll take probably 10 years before new theories are tried enough times to give them a high chance of success. So it's very hard to hazard a guess (when an effective drug might be developed).
"I hope that in the next 10 years that we have some powerful drugs, but it's possible that won't be achieved."
Dementia, of which Alzheimer's is the most common form, affects close to 50 million people worldwide and is expected to affect more than 131 million by 2050, according to the non-profit campaign group Alzheimer’s Disease International.
The DDF, which was launched in 2015 and involves drugmakers GlaxoSmithKline, Johnson & Johnson, Eli Lilly, Pfizer and Biogen Idec as well as the UK government, has already invested in at least nine start-up companies investigating potential ways to stop or reverse the biological processes that lead to dementia.
Gates told Reuters the additional $50 million would be put into start-ups working on some "less mainstream" approaches to the disease, but said he had not yet identified these companies.
The philanthropist, whose usual focus is on infectious diseases in poorer countries, said Alzheimer's disease caught his interest partly for personal reasons, and partly because it has so far proved such a tough nut to crack.
"I know how awful it is to watch people you love struggle as the disease robs them of their mental capacity... It feels a lot like you're experiencing a gradual death of the person that you knew," he said in a blog post about the dementia investments.
He added: "Some of the men in my family have suffered from Alzheimer's, but I wouldn't say that's the sole reason" (for this investment).
Through talking to experts in the field over the past year, Gates said he had identified five areas of need: Understanding better how Alzheimer's unfolds, detecting and diagnosing it earlier, pursuing multiple approaches to trying to halt the disease, making it easier for people to take part in clinical trials of potential new medicines, and using data better.
"My background at Microsoft and my (Gates) Foundation background say to me that a data-driven contribution might be an area where I can help add some value," he said.
Alongside the $50 million investment in DDF and the additional $50 million planned for start-ups, Gates said he would like to award a grant to build a global dementia data platform. This would make it easier for researchers to look for patterns and identify new pathways for treatment, he said.
Apple’s iPhone X has officially hit store shelves. If you’ve already managed to snag one, it may take you some time to get used to the new design. Have no fear, we’ve got helpful iPhone X tips and tricks so you can get the most out of your new iPhone. Once you’ve gotten the hang of it, brush up on your iOS 11 skills, find a case to protect that fragile iPhone, or even pick up a wireless charging pad.
How to switch between apps and go back to the home screen
Prior to the iPhone X, the home button was how you would switch between apps, or go back to the home screen. If you want to view all the apps you have open while on the home screen, swipe up from the bottom edge of your device. This will bring you to the stack of apps that are currently running. To force close apps, hold down on a specific app and red minus signs will appear on the top left of each app. You can either swipe up to get rid of the app or tap on the red sign. If you’re on an app and want to go back to the home screen, swipe up on the elongated bar at the bottom of every app.
How to set up Face ID
When you’re first setting up your iPhone X, you’ll get the option to turn on Face IDand go through the configuration process, just like Touch ID. It requires rotating your head twice so the TrueDepth camera can capture all your facial features. If you somehow skipped this step, you can head to Settings > Face ID and Passcode > Set up Face ID. You’ll have to let it scan your face again twice. Once done, all you need to do to unlock your iPhone X is swipe up the lock screen with your eyes open and you’ll see a padlock icon unlocking. Your iPhone X will not unlock if you do not make eye contact with the phone.
How to activate Siri
On the right side of the iPhone X is an elongated power button — we’ve started to call it the “lock” button, because its primary use is no longer to turn off your phone. You can activate Siri by holding down the lock button on the right for a few seconds. The voice assistant will appear, ready to answer any questions or follow any commands. If you want to exit Siri, press the lock button again.
How to take a screenshot
Brenda Stolyar/Digital Trends
Taking a screenshot on the iPhone X might feel a little foreign without the home button present, especially because now it’s similar to taking a screenshot on an Android phone. All you need to do is press the lock and volume up button at the same time. Once it takes the screenshot, you’ll see it appear in the bottom left-hand corner of your screen. Tap it to mark up or edit your screen shot, and you can then delete it or save it to Photos.
How to access your notifications and the Control Center
The iPhone X brings a “notch,” which is the black space at the top of the phone housing the tech needed for Face ID. The screen flanks the notch, and the right side has a very specific function — it’s how you now bring down the Control Center. Simply swipe down from the top right, and down comes the Control Center. To access the Notification Center, swipe down on the left side or center of the top of the iPhone X. This will pull down your notifications page which you can then swipe back up to bring you back to the home screen. In the Notification Center, you can still swipe left to access the camera, and swipe right to go to your Today widgets.
How to access Apple Pay
To quickly get to Apple Pay on the iPhone X, double tap the lock button on the right edge of the phone. Your card will then appear and Face ID will automatically scan you to verify you’re the card owner. If you don’t want to use Face ID, there’s also the option to manually type in your Passcode.
How to turn off your phone
You can turn your phone off by holding down either of the volume buttons and the lock button at the same time. At the top, you’ll see the “slide to power off” option. This is also how you can access Emergency SOS and Medical ID if you’re in a situation that requires emergency services.
How to take a photo in Portrait Mode
With the iPhone X, you can use Portrait Mode on both the rear and front-facing camera. After opening the camera app, choose Portrait, and you’ll get a carousel of different Portrait Lighting options such as Natural Light, Studio Light, Contour Light, and more. Tap the rotate camera icon to switch to the front-facing camera for a professional-looking selfie.
Tap to turn on display
Brenda Stolyar/Digital Trends
Normally, you’d use Touch ID to turn on the iPhone lock screen. With the iPhone X, all you need to do is tap the display to turn on the screen.
How to turn raise to wake off/on
Whenever you lift up your iPhone X to your face, the screen will automatically wake up. This is called Raise to Wake, and it has been around for some time on iPhones. If you want to turn it off, head to Settings > Display & Brightness and toggle Raise to Wake on or off.
How to send an Animoji
Jeremy Kaplan/Digital Trends
Animojis are animated emojis you can send to any iOS or Android user. The emojis use the Face ID TrueDepth cameras to track your facial animations, kind of like motion capture used in films. To send one, head to the Messages app. Open a chat thread, and you’ll see a bar of apps at the bottom. Next to the App Store icon sits the monkey emoji — tap it. You’re now at the Animoji record screen. You can swipe it up to expand it to the whole screen. Choose your favorite emoji, and you’ll realize it’s already tracking your facial movements. Tap the red record button to capture a 10 second video (with audio), and send it to your friends. This will show up as a video file for people without an iPhone X.
The "Paradise Papers" show that the Kremlin invested millions into Twitter and Facebook via two major state-owned companies.
The money was invested through Yuri Milner, a Russian-American billionaire tech investor who is also associated with Jared Kushner.
Milner sold his holdings in both companies years ago and has no apparent connection to Russia's propaganda campaign that took place during the 2016 election.
Still, the revelations bear significance because, as one expert put it, "Kremlin-connected institutions make investments with strategic interests in mind."
Newly-leaked documents show that the Kremlin invested hundreds of millions of dollars into Twitter and Facebook through a business associate of President Donald Trump's senior adviser and son-in-law, Jared Kushner.
According to the "Paradise Papers" — a trove of more than 13 million internal documents released Sunday that show how the world's wealthiest use offshore tax havens — two Russian state-owned entities with close ties to Vladimir Putin invested money into Facebook and Twitter through the Russian-American tech investor Yuri Milner.
Milner currently holds a stake in a real-estate project that was founded and is partially owned by Kushner. When Kushner first joined the Trump administration, he failed to disclose his holdings in the project.
Russia's state-owned VTB Bank gave Milner $191 million to invest in Twitter, according to the International Consortium of Investigative Journalists, which obtained the Paradise Papers. The bank, according to The New York Times, frequently embarks on "politically strategic deals."
Documents also show that Gazprom Investholding, the financial arm of the Russian state-operated energy firm Gazprom, backed a company affiliated with Milner which owned approximately $1 billion in Facebook stock shortly before it went public in 2012.
Gazprom is one of Russia's largest energy companies and Putin is said to wield significant influence over the firm, which is stacked with the Russian leader's allies and associates.
When all was said and done, Milner owned roughly 8% of Facebook and 5% of Twitter, according to The Times. He sold his holdings in both social-media companies years ago, and there is no evidence that he was connected to Russia's widespread propaganda campaign on the two platforms during the 2016 election. He also told the ICIJ that he was not aware of Gazprom Investholding's involvement in his investments, and that none of his deals were related to politics.
Commercial interests and state interest 'go hand in hand' for Russia
Vladimir Putin. Mikhail Klimentyev/Pool Photo via AP, File
Despite that, revelations that two major Russian state-owned entities pursued financial interests in Facebook and Twitter do bear some significance.
"Kremlin-connected institutions make investments with strategic interests in mind — not just commercial interests but state interests as well," Michael Carpenter, who served as Russia director on the National Security Council during the Obama administration, told The Times on Sunday. "They go hand in hand."
Carpenter added that Russian oligarchs who receive financial support from Russian banks must be above a certain "political threshold, meaning such support requires the explicit or tacit approval of those at the top of Russia's crony capitalist system."
Facebook and Twitter have taken center stage in recent weeks, particularly after it emerged in September that Russian "trolls" used the platforms to organize divisive rallies and spread misinformation to sow discord among the American public leading up to the election. Last week, lawyers representing the two companies and Google testified before the House and Senate intelligence committees about Russia's election meddling.
As part of their investigation into Russia's interference, congressional intelligence committees and the FBI are also looking into whether the Russians had help from any members of the Trump campaign. Brad Parscale, who served as the campaign's digital director, testified before the House Intelligence Committee in a closed-door session in late October.
Kushner, who managed the campaign's data operation along with Parscale, is also a subject of interest to the committees and to special counsel Robert Mueller.
It turns out smoking breaks are a serious business. One 2014 report from the British Heart Foundation found that lost productivity from people taking four 10-minute smoking breaks a day cost UK businesses £8.4 billion annually - that's an average of £1,815 a year per employee who smokes during the working day.
So maybe the Japanese firm is onto something?
That said, missing out on the daily smoking break might mean you're missing out on vital office intel. Remember the episode of Friends where Rachel takes up cigarettes just to get ahead at work?...
As for the legal small print about breaks in the UK, if employees work longer than six hours a day, they're entitled to one uninterrupted 20 minute rest break. That could be a tea break or lunch break, and whether or not it's paid depends on your contract.
On top of that, managers can say when you take rest breaks during work time as long as"the break is taken in one go somewhere in the middle of the day (not at the beginning or end). Workers are allowed to spend it away from their desk or workstation (i.e. away from where they actually work)."
But what about the odd smoking break?
The government's official rulings on rest breaks is pretty clear... "Unless a worker’s employment contract says so, they don’t have the right to take smoking breaks [or] get paid for rest breaks."
HMRC have updated their list of examples of websites, emails, letters, text messages and phone calls used by scammers and fraudsters to obtain individual's personal information.
The guidance can be used to help you decide if a contact from HMRC is genuine, this guidance provides examples of the different methods that fraudsters use to get individuals to disclose personal information.
You can also read about how to recognise genuine contact from HMRC, and how to tell when an email is phishing/bogus.
The malicious Android malware LokiBot has been spotted by security researchers and is particularly unpleasant. LokiBot is the first Hybrid Android Malware and it is actually a lot more than just malware.
Read on to find out why LokiBot is so dangerous.
According to information from the security company Sfylab, LokiBot is currently available on the dark web for market for around £1500 worth of bitcoin – including updates. Experts are not sure on how the malware is getting onto Android phones.
Malware LokiBot retaliates when you try to remove it.
Android malware LokiBot fights back
No one likes malware or other malicious software on their smartphone or computer. If you have been infected, you need to try to get rid of the intruder. It is quite difficult to do with this particular malware, as it defends itself against any attempts to remove it.
The malware begins as a new banking trojan but can turn into ransomware if the user tries to remove its admin privileges. So it is no longer just a malware, it then encrypts data and locks the device.
Android malware Lokibot is scam software
Basically, LokiBot is a scam software that uses overlays for banking apps and some other software to try to get money out of users. It tries to do this, by collecting personal information. In all, the attackers have targeted around 100 banking apps.
The apps affected by the overlays include Lloyds Bank Mobile Banking, Halifax, HSBC and TSB Mobile Banking. A full list can be found here. In addition, the malware steals contact information, sends SMS messages and fakes notifications from other apps for phishing attacks.All Android devices from version 4.0 upwards are affected. LokiBot gets admin rights and begins its “work”. How and to what extent LokiBot has spread, is still unclear.
Android malware LokiBot with alarm
The Android Malware LokiBot also has an alarm function. It gets set off when you try to uninstall the malware with antivirus software. But it also is tripped if you want to withdraw the admin rights. Then LokiBot transforms from malware to a blackmail Trojan.
LokiBot starts encrypting the data on the SD card and asks for a ransom payment for decryption. This is currently between £60 and £80. Until this is paid, access to the device is blocked. However LokiBot is not fully functioning yet. It fails to encrypt data correctly and the files are merely renamed. However the device lock does work fully. So although it fails at encrypting files, it succeeds at getting a ransom from users.