Welcome to the Dynamic Digest, a weekly recap of the latest news happening in our industry. Want the pulse of what’s going on in enterprise software and analytics, performance management, cloud computing, data, and other like topics? We got you covered!
This week in the world of technology, Microsoft sued the Justice Department, Uber released its first ever transparency report, and the largest government-related hack in history went down.
Microsoft sues Justice Department for transparency in government data searches – TechCrunch, April 14
It seems that another tech company is at odds (yet again) with the U.S. government – this time, it’s Microsoft. The company is suing the Department of Justice for “unconstitutionally” preventing Microsoft from informing their customers when their cloud data is accessed by authorities. The lawsuit challenges a section of the Electronic Communications Privacy Act (ECPA), granting the government power to force tech companies to remain silent when they comply with government requests and provide customer cloud data. Apparently, the tech giant received 5,624 federal requests for company data between September 2014 and March 2016. Of those requests, approximately 46% were accompanied by a gag order, forbidding Microsoft from informing thousands of its customers about government requests for emails and various documents. While a few of the orders allowed Microsoft to inform its customers after a fixed end date, the majority of requests were permanent (with no end date). This is just the beginning of what could be another high-profile legal case between a major tech company and the U.S. government.
Key takeaway: Now more than ever, consumers want to know how tech companies are protecting and securing their personal information, especially after the recent battle between Apple and the FBI, not to mention countless data hacks. If the government deems the gag order unconstitutional, it could create a significant power shift between tech companies who hold our data and authorities who want access to it.
Uber received more than 400 rider data requests from U.S. law enforcement in 6 months – VentureBeat, April 12
Uber made headlines this week when the company released its first ever transparency report and announced it provided data on 12 million people to the U.S. law enforcement. From July 2015 to December 2015 (6 months), the ride-hailing service faced more than 400 data requests from law enforcement and regulators that “affected” almost 12 million riders and 600,000 drivers. What does the company mean by “affected,” you may ask? Luckily, the company didn’t hand over any personally identifiable data, but instead collected anonymized data varying from trips, trip requests, pickup and dropoff areas, fares, vehicles, etc. FYI— it’s required by law to provide this type of information for regulated transport businesses. While the report was completely voluntary, Uber wanted to show they comply with the majority of law enforcement requests, which are typically related to criminal investigations. While the company complied with government request, Uber assured riders that the group of internal experts who manage these requests, carefully analyze them to ensure they follow the proper legal process and are consistent with Uber policies. The company said it provided (full or partial) data for 85% of the requested cases, with the remainder of the requests either being withdrawn or having no recorded data. This report is the first of its kind for the ride-hailing service, but many major tech companies, such as Apple and Facebook have released similar reports.
Key takeaway: While the transparency report reinforced Uber’s compliance with law enforcement requests (which seems to be a touchy subject nowadays), the company made clear its criticality of the amount of data being requested. Apparently, law enforcement and regulators sent blanket requests without any solid explanation as to why it was needed. Furthermore, hearing that a whopping 12 million riders were affected leaves us slightly concerned about what information the government could be collecting. Although the requests seem harmless now, it might be worth having a larger discussion around regulatory reporting requirements.
Philippine electoral records breached in ‘largest ever’ government hack – The Guardian, April 11
First Panama, now the Philippines. Last week, the world experienced the largest data hack in history and now experts believe the largest government-related hack just went down.. The entire database of the Philippine Commision on the Elections (Comelec) has been a target of an enormous data breach, just a month before the country’s general election. According to security firm Trend Micro, the hack affects every registered voter in the Philippines, which amounts to about 55 million citizens. The information leaked includes a massive amount of personal data, including the fingerprints of almost 16 million citizens, in addition to millions of passport numbers and social security numbers. The Anonymous Philippines group is claiming responsibility for the breach, in an effort to highlight “vulnerabilities” in the system, specifically the security and use of automated voting machines that will be used in the upcoming election. The same day, a different (but related) hacker group called LulzSec Pilipinas, dumped the entire Comelec database online – potentially making this the biggest government-related breach in history. Comelec downplayed the magnitude of the hack, stating no sensitive information was compromised… but outside experts are saying otherwise.
Key takeaway: If sensitive personally identifiable information is indeed leaked (which it likely is), every registered voter in the country is open to risk from crime. Unfortunately, being a developing country, the Philippine government has more pressing needs over digital security. However, with the increased growth of cybercriminals and this massive and historic data breach, it’s likely that cybersecurity will become a focus in the near future.
Other top tech stories:
Everything Facebook announced at F8 2016 – The Next Web
We hope you enjoyed this week’s Dynamic Digest weekly roundup! Have a suggestion or preferred topic you would like to see next week? Tweet at us or leave a comment below!