Security News

The EU's top court on Tuesday put limits on how European spy and security agencies could harvest troves of personal data, but said this could be done under a serious threat to national security. At the request of the courts in France, Belgium and Britain, the European Court of Justice confirmed that "EU law precludes national legislation" that requires telcos and tech companies to carry out the "Indiscriminate retention" of data, a statement said.

No matter the legal reasoning, an "Adequacy" decision to let data flow between the UK and the EU will hinge on the ups and downs of the wider Brexit negotiations, which are entering a tense final phase. At the end of the Brexit transition period, when business-as-usual trading with the EU will come to an end and the UK begins dealing with the world's largest trading bloc on new terms, the EU will need to decide whether the new UK data rules are sufficiently aligned with GDPR and allow the uninterrupted transfer of personal data from the EU to the UK. Such a decision of "Adequacy" in the relationship with EU data law is said to be important to the UK working as a successful digital economy.

Facebook may be forced to stop sending data about its European users to the U.S., in the first major fallout from a recent court ruling that found some trans-Atlantic data transfers don't protect users from American government snooping. The social network said Wednesday that Ireland's Data Protection Commission has started an inquiry into how Facebook shifts data from the European Union to the United States.

Facebook has been reportedly asked to stop sending data from Ireland to the US, on orders from the EU. This is according to a report from the Wall Street Journal, which said that Irish eyes won't be smiling come this Fall after a preliminary order to suspend data transfers to the US about its users was sent to Mark Zuckerberg's firm by the Irish Data Protection Commission. The news comes in the wake of an EU court ruling two months ago that transatlantic data protection arrangements - known as Privacy Shield - were "Inadequate".

European Union privacy regulators are wrangling over the penalty Ireland's data privacy watchdog was set to issue Twitter for a data breach, pushing back the case's long awaited conclusion under the bloc's tough new data privacy rules. The Irish Data Privacy Commission was expected to issue its decision in the Twitter case, which would be its first involving a U.S. technology company since the new privacy law, known as GDPR, took effect in 2018, allowing for hefty fines.

The European Union has, for the first time ever, slapped sanctions on hacking crews. "Sanctions are one of the options available in the EU's cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool," the EU said of the decision.

The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states. Out of the six individuals sanctioned by the EU include two Chinese citizens and four Russian nationals.

The European Union imposed its first ever sanctions against alleged cyber attackers on Thursday, targeting Russian and Chinese individuals and a specialist unit of Moscow's GRU military intelligence agency. The best known of the targeted entities is the Main Centre for Special Technologies, a unit of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation - better known as the GRU. This unit, based on Kirova Street in Moscow, is said to have carried out attacks known as NotPetya and EternalPetya in June 2017, hitting EU private companies with ransomware and blocking data.

Facebook on Monday said it is asking EU courts to review "Exceptionally broad" requests by antitrust regulators there that would scoop up employees' personal information. The US-based internet colossus maintained it has been cooperating with a European Commission antitrust investigation and will continue to do so, but that the wording of commission requests casts a net so wide it will haul in Facebook employees' private messages and more.

The EU Court of Justice has struck down the so-called Privacy Shield data protection arrangements between the political bloc and the US, triggering a fresh wave of legal confusion over the transfer of EU subjects' data to America. Austrian privacy activist Max Schrems brought the latest edition of the long-running case in 2015, complaining that Ireland's data protection agency wasn't preventing Facebook Ireland Ltd from beaming his data to the US. Once his data was in the US, Schrems argued, no EU-style data privacy controls were legally enforceable by him or anyone else in that situation.