Sign up for our Technology Newsletter 
Is Skype Involved In Spying?
Luxembourg’s data protection authority is investigating Microsoft-owned Skype for its alleged cooperation with the U.S. NSA’s Prism spying program, according to the agency.
Luxembourg’s data protection authority, CNPD, is investigating Skype’s links to NSA spying programs after receiving several complaints, said Tom Kayser, a spokesman for the authority. “I can’t really talk about the details of the investigation because it is still ongoing,” he said.
Skype, which has its European headquarters in Luxembourg, allegedly cooperates with the NSA through a program exploring the legal and technical issues involved in making customer calls available to intelligence and law enforcement agencies. The Guardian newspaper first reported the investigation.
The CNPD has powers to ensure that multinational companies based in Luxembourg respect national law, and often receives complaints from the data protection authorities of other European Union member states.
Privacy campaign group Europe-v-Facebook filed one of the complaints in June. That filing was part of a barrage of complaints filed in various countries against European subsidiaries of tech companies that are allegedly involved in the NSA’s spying program, including Facebook, Apple, Microsoft and Yahoo.
Under Luxembourg data protection law service providers and operators are required to ensure the confidentiality of communications and related traffic data.
“No person other than the user concerned may listen to, tap or store communications or the traffic data relating thereto, or engage in any other kinds of interception or surveillance thereof, without the consent of the user concerned,” reads the law’s unofficial English translation.
Violators can face up to a year in prison and/or a fine up to a!125,000 ($170,000). The court dealing with the matter can also order companies like Skype to stop any processing that conflicts with the law on pain of a periodic monetary penalty determined by the court.
“We regularly engage in a dialogue with data protection authorities around the world and are always happy to answer their questions,” a Microsoft spokeswoman said in an email. “It has been previously widely reported that the Luxembourg DPA was one of the DPA’s that received complaints from the ‘Europe v Facebook’ group so we’re happy to answer any questions they may have.”
Do You Trust Data-recovery Providers?
Comments Off on Do You Trust Data-recovery Providers?
Data-recovery service providers are tasked with saving important data for you when something goes wrong — a drive crashes or storage device is dropped, and no backup is available. But do you trust them with the important data you let them recover or could they actually be a source for a data breach?
A survey of 769 IT professionals published this week finds those surveyed need to find out more about the third-party data-recovery services their organizations use. For example, according to the survey, 67% felt that encryption they had in place protected their organizations from data loss or theft during the data recovery process. But encryption keys are often handed over to the third-party data recovery service provider as part of the process, according to the study done by Ponemon Institute.
Ponemon’s “Trends in Security of Data Recovery Operations” report says of the 87% of survey respondents who said their organization had at least one data breach in the past two years, “21% say the breach occurred when a drive was in the possession of a third-party data service provider.”