Security News

A top judge told a barrister for the UK Information Commissioner's Office today that his legal arguments against police facial-recognition technology face "a great difficulty" as he wondered whether they were even relevant to the case. In plain English, Facenna was saying that South Wales Police's legal justification for deploying facial-recognition tech, as detailed yesterday, didn't comply with the Human Rights Act-guaranteed right to privacy - nor the Data Protection Act 2018 section, which states: "The processing of personal data for any of the law enforcement purposes is lawful only if and to the extent that it is based on law."

Harriet Harman MP, chair of Britain's Commons Human Rights Committee, has written to UK health secretary Matt Hancock seeking clarity on privacy aspects of the government's latest coronavirus contact-tracing app. "It is still crucial that people in the UK should be able to feel reassured that their data protection, privacy, and non-discrimination rights are protected in any contact tracing system," she wrote.

Automated facial recognition use by British police forces breaches human rights laws, according to lawyers for a man whose face was scanned by the creepycam tech in Cardiff. Squires is barrister for one Ed Bridges, who, backed by human rights pressure group Liberty, wants to overturn a judicial review ruling from 2019 which failed to halt facial recognition tech use against him by South Wales Police.

Cyber-threats taking advantage of the COVID-19 pandemic are evolving, and Google is seeing an increase in related phishing attempts in countries such as Brazil, India, and the UK. As the coronavirus crisis spreads worldwide, cyber-criminals and state-sponsored actors have adapted their attacks to leverage pandemic-related lures. Google says it has observed an increase in the number of scams targeting Aarogya Setu, an initiative where the government is trying to connect people across India with essential health services.

Some have claimed the Trump administration's concerns have more to do with losing the 5G arms race than anything else, but ostensibly its chief worries have been chalked up to security, with the US government claiming Huawei's 5G kit could be backdoored by Beijing. For its part, earlier this year, the UK's Department for Digital, Culture, Media & Sport labelled Huawei as a "High-risk" vendor over its perceived ties to the Chinese government, and issued strong new rules prohibiting carriers from using the firm's equipment within the core 5G network.

UK government has published the contracts it holds with private tech firms and the NHS for the creation of a COVID-19 data store, just days after campaigners fired legal shots over a lack of transparency. Campaign groups Foxglove and openDemocracy, which brought the action, said that the documents show the tech firms were set to build data models for commercial purposes from NHS training data before being challenged.

Open Rights Group has instructed lawyers to lodge a complaint with the UK's data watchdog over the rollout of the Test and Trace system because it says the system breaches the General Data Protection Regulation. The complaint to the ICO relates to the failure by the NHS and Public Health England, which runs the Test and Trace programme, to conduct a Data Protection Impact Assessment, which is required under the GDPR before processing of data in high-risk situations.

The intent of the MoU is to make it easier and more affordable for UK public sector agencies to leverage the full range of Google Cloud's services to increase innovation and deliver digital transformation. CCS, the UK Cabinet Office executive agency and trading fund, engaged Google Cloud in 2019 to discuss requirements for cloud services under the One Government Cloud Strategy, a joint initiative between Cabinet Office, CCS and Government Digital Service.

A Brit public sector-owned office supplies company shrugged off a ransomware demand for 102 Bitcoins after a staffer opened a phishing email. A local blogger, publishing the Vox Medway site, claimed the attack froze all CSG services at 01:30 UK time on 2 April.

The cybercriminals behind the recent attack on Elexon, which manages the electricity market in the United Kingdom, have started leaking data allegedly stolen from the company. Elexon revealed in mid-May that its IT systems were targeted in a cyberattack, but it did not provide any additional details.