This year, the R&L AG in Landshut (D) celebrates its twentieth anniversary. I was asked wether I could contribute an article: “The value of information”, which I was very happy to do (article in German and English). To the article
Outlook and Projections for 2019
Dear Readers, what developments, surprises and events will 2019 bring us? What will happen in our focus areas and what impact will these developments have on our activities? Here are my projections for 2019: Digitization: The robot is overtaken by the can opener The debate on digitisation has so far been conducted in completely absurd spheres. Robots, self-propelled cars and autonomous drones were used to swagger, office jobs and lawyers
2. January 2019
Cloud Act: Do you think you can keep your secrets?
The Neue Zürcher Zeitung (NZZ) has addressed the Cloud Act; Conclusion: American cloud providers are not an option for companies that want to keep secrets. That’s not new, but it’s important because it’s the first time our leading business paper has informed our managers and business owners about the risks involved when using American cloud providers without additional security measures.. The recipe, however, is ineffective and diplomacy will not do
19. December 2018
The eleven biggest misconceptions in Cyber Security
This article was published in 2011 and updated in 2017: “There are many misconceptions in computer and information security that deceive the view on reality. But to make meaningful security decisions, it is important and key to know and truly understand the misconceptions commonly found in computer and information security. In this article, we outline and discuss the misconceptions we think are most common and influential. We divide the misconceptions
13. December 2018
Future Data Protection: Conclusion
Translated with www.DeepL.com/Translator What next? As shown, elementary misconceptions and inadequacies exist in the current EU data protection law. The list could be continued for a long time. One reason for this is certainly that the law was obviously drafted by the data protection lobby. This can be shown by various examples, my dearest thing is the liability of the data protection officer: this is not regulated in the law:
7. December 2018
Blockchain is not a trust machine
In October 2016 a book about Blockchain by my colleague Daniel Burgwinkel was published with a technical contribution by me on the topic “Trust and Liability”. Here is the Management Summary: Abstract: After the euphoria about the Blockchain technology follows the question of trust in this “new” technology on its feet. Technical security usually plays the smallest role. Rather, the question arises: What must be done to ensure that potential
5. December 2018
The 10 major GDPR misconceptions
Die DS-GVO ist ein Gesetzesmonster welches bereits bei der Publikation hoffnungslos veraltet war. Was sind die wichtigsten Fehlüberlegungen der DS-GVO und der klassischen Datenschutzansätze? Diese Artikelserie geht darauf ein.
5. December 2018
GDPR Misconception No. 7: The 72 hour Data Breach Notification
Translated with www.DeepL.com/Translator No security or communication professional understands the motivation for the 72 hour data breach notification rule (Art. 33). The problem here is that, in practice, it is impossible to make a statement within a period of three days about the impact of the vulnerability of a system that has been exploited. This can be compared to an aircraft accident: We must inform them as quickly as possible
4. December 2018
GDPR Misconception No. 6: Information Security can be neglected
Translated with www.DeepL.com/Translator Are you astonished? Do you have the impression that information security is a very important topic today? Then your attitude is the same as mine. The data protection laws and above all the DS-GVO in no way reflect the importance of information security (Art. 32 has just 4 paragraphs, actually no more than a side note). Nothing has been done here and not even the old
4. December 2018
GDPR Misconception No. 5: The regulator punishes the SME’s
Translated with www.DeepL.com/Translator If one reads the press reports about real or alleged data protection violations, then the discussion always moves in the direction of the “big one”, i.e. Facebook, Google and Co. One could conclude that the GDPR also has these providers in its sights, but that is far from the case. The EU legislator apparently didn’t seem to care whether the data protection law was applied to the
3. December 2018