We’re incubating with Winton Labs this winter!

Georgia Wright Events

We’re delighted to announce that we’ll be incubating with Winton Labs for three months from November to February. Winton Labs aims to be Europe’s premier startup accelerator for data science companies. The programme will culminate in a demo day on 10th February 2017. Read about Winton Labs in their own words:

What is Winton Labs?

W. L. is an accelerator for early-stage startups involved in the creation of data, or the application of data science. TheData Science Startups new programme will be run as a collaboration between investment management and data technology firm Winton, and VC firm Winton Ventures. Whilst the programme will leverage this expertise, it is not set to resemble a classic corporate accelerator, with much of the mentorship coming from an external network of startup experts, technologists and academics.

Who is behind Winton Labs?

Winton has a long history of successfully applying data science to disrupt the world of Investing, and wants to support companies that have the same data centric view of the world.

What are the details of the programme?

The 3 month programme will take place in the ‘The Lab’ co-working space at Winton’s London HQ. There will be three streams of mentors:

  • Business Unit: these are business leaders from within Winton, as well as large corporates and SMEs.
  • Data Science & Technology: these are drawn from Winton’s extensive pool of researchers and data experts, our deep network of academic partners, and leading data scientists from the startup ecosystem.
  • Entrepreneurship: these mentors are experienced founders, investors and advisors.

The Privacy Post #8

Georgia Wright Privacy

Every week we’ll be rounding up the latest news in privacy and other interesting articles.
European Parliament Approves EU-U.S. Umbrella Agreement

On December 2nd, the EU-US data protection “Umbrella Agreement” was approved, putting into place a “comprehensive high-level data protection framework for EU-US law enforcement cooperation”. Stipulating data processing requirements for EU citizens’ data handled by US authorities, it is set to outline equal rights for EU claims that their data was misused. Previously, EU citizens were not allowed to seek judicial redress before US courts. The agreement ends negotiations beginning in March 2009. For more information, see the EU’s press release.

Uber’s move to track riders after trip is completed sparks privacy concerns

Taxi app Uber is now tracking riders along with its drivers. The latest update gives user’s the option to opt in to being followed for up to five minutes after the ride is completed. This is claimed to be in order to improve their service, but privacy advocates have already criticised the change.

Google Settles Non-User E-Mail Scanning Class Suit

Google’s parent company Alphabet Inc. has settled consumer class claims alleging that people’s privacy was violated when their Gmail messages were scanned for ad-targeting purposes. California’s Invasion of Privacy Act and Electronic Communications Privacy Act was claimed to have been violated.

ICO cracks down on use of personal data in online gambling sector

Over 400 companies have been targeted by the Information Commissioner’s Office (ICO). They are being asked to explain exactly how they use people’s personal details and use marketing texts. Large amounts of spam texts promoting gambling websites have been reported as a result of affiliate marketing, which allows the involved parties to shrug the responsibilities of their data processing.

Data centres are on the move – where will they end up?

Intralinks, a technology provider has announced a new data centre in Frankfurt, Germany. This move is predicted to become a trend as technology companies seek to comply with the Genderal Data Protection Regulation (GDPR) and avoid the Investigatory Powers Bill. Brexit has caused some uncertainty and it isn’t clear exactly what the UK’s cybersecurity polices will look like.

“As the GDPR deadline approaches, customers need to plan their compliance strategy to know where their data is at all times, otherwise the fines are unthinkable.”

– Richard Antsey CTO, Intralinks

Court Rules IRS Can Seek Information on Bitcoin Customers

It has been ruled that the IRS will be allowed to serve a “John Doe summons” upon digital currency services company Coinbase. The IRS is seeking detailed customer transaction logs between 2013 and 2015. It believes that bitcoin was used to evade federal tax laws, although it has no evidence and the assumption is purely speculative.

Study examines effect of privacy controls on Facebook behaviour

Information Systems Research, the INFORMS journal, has released a report studying the effect of Facebook’s privacy controls on users. Granular privacy controls increased user’s use of wall posts as opposed to private messages after they customised their audience. However, users who were more public in their sharing decreased their wall post activity after the privacy controls were introduced.

The Privacy Post #7

Georgia Wright Privacy

Every week we’ll be rounding up the latest news in privacy and other interesting articles.
How ‘right to be forgotten’ puts privacy and free speech on a collision course

Professor George Brock, of City, University of London’s department of Journalism, has published a report examining how privacy and free speech are destined to clash in the world of digital publishing. He examines how the ‘right to be forgotten’ is poorly written, citing the difficulties encountered in Google Spain v AEPD and Mario Costeja González. Reckoning that the case has set a poor precedent, he calls for greater clarity from judges and ultimately a law which balances the competing rights.

Fears raised over Google’s DeepMind deal to use NHS medical data

The Google owned British artificial intelligence company, DeepMind, has signed a five year contract with the NHS. The controversial deal allows it to access patient data to develop Streams, a healthcare app. The Information Commissioner’s Office (ICO) is currently investigating the sharing of patient information between the organisations. The Streams app aims to bring information to healthcare professionals and to replace writing physical notes and paging.

Thailand seeks to tighten cyber security, raising questions about privacy protection

Thailand’s 2007 Computer Crime Act is expected to be amended by the military government next month. Rights group have spoken out against the changes, which could include more government surveillance privileges.

“These laws are aimed at controlling online media, accessing personal data, and when the Cyber Security bill is passed, mass surveillance is a real threat,”

– Kanathip Thongraweewong, data privacy expert at Saint John’s University in Bangkok.

Advisory Group Releases Report on Internet of Things

The Broadband Internet Technical Advisory Group has released a report on the ‘Internet of Things (IoT) Security and Privacy Recommendations’. It details recommendations from academics, advocacy organisations and members of the telecommunications and consumer technology industries, with the aim of improving security and privacy of IoT devices.

“Would you like us to email you a receipt?”

The Information Commissioner’s Office has written a blog containing guidance on e-receipts. The ICO reminds retailers to inform consumers of how they are using and collecting this data, especially if they will use email addresses to send marketing. According to the Privacy and Electronic Communications Regulations, in most instances explicit consent to marketing must be obtained.

Europe’s new privacy rules are about shake adland to its core

Dr Johnny Ryan of Pagefair, has analysed the effect of the incoming General Data Protection Regulation (GDPR) on the advertising industry. As well as the rise of lawsuits, Dr Ryan predicts the change of user behaviour as data subjects become more aware. The advertising industry relies heavily on third-party tracking, however the GDPR has established a chain of responsibility for this data processing. He believes that in a quest for consent, mergers and acquisitions could be stimulated in the media and adtech space.

Like this post? Subscribe to our weekly newsletter here to be updated with all news privacy, Cognitiv+ and more.

Cognitiv+ shortlisted for the Aurexia Fintech Awards!

Georgia Wright Events

On November 2nd we attended the Aurexia Fintech Awards!

Over 100 companies were consulted and Cognitiv+ made it to the final 15.

Cogntiv+ entered for the KYC category:

What is it?
KYC process places the customer at the heart of the organisation ensuring they understand them better and an in turn can service them more effectively.

What are the current challenges?

  • Very long process resulting in human errors due to requirement of multiple manual entries
  • Negative impact on the transactions slowing down transactions
  • Client satisfaction worsening

What are the solutions proposed by Fintechs? 
In terms of solutions, the market is quite mature on the KYC process. Regarding the development of Fintechs in this sector, we can identify 3 technology solution area:

  • Big Data
  • Blockchain
  • SaaS

Like this post? Subscribe to our weekly newsletter here to be updated with all news privacy, Cognitiv+ and more.

The Privacy Post #6

Georgia Wright Privacy

Every week we’ll be rounding up the latest news in privacy and other interesting articles.
Facebook’s WhatsApp adds secure video calling amid privacy concerns

WhatsApp is releasing a new feature this week for its billion users worldwide. The video calling addition will be fully secure using end-to-end encryption, technically blocking the company and governments from surveilling users’ activity. WhatsApp co-founder Jan Koum has recognised that customers’ primary concern is privacy, despite releasing a new privacy policy which allows WhatsApp to share data with its parent company Facebook.

Privacy issues abound as UK passes controversial ‘snoopers’ charter’

The Investigatory Powers Bill was passed by both parliamentary houses last week. Communications providers will be required to store customer usage data for one year for the benefit of police investigations. It also gives the government the power to remove “electronic protection applied by or on behalf of that operator to any communications or data”.  The privacy implications have been raised repeatedly by tech companies, privacy advocates and Nick Clegg whilst in power.

GDPR ‘To Require’ 75,000 Data Protection Officers Worldwide

The General Data Protection Regulation (GDPR) has been predicted to spark a drive for hiring data protection officers globally. The EU’s GDPR will come into force in May 2018 and applies to any organisation handling EU citizens’ data. Large scale companies and public authorities will be required to have “independent” officers to ensure compliance in data processing.

Firefox Focus iPhone Browser Is Build for Privacy

Mozilla Corp. is releasing a new version of its mobile browser, Firefox, with added privacy features. The browser, Firefox Focus, will access of the webs but block all cookies, ad trackers, analytics trackers and social trackers. It also won’t allow the storing of passwords, logins or browser history. The separate app will allow users to consciously decide when to use a anti-tracking browser. This means they can use a separate browser for instances when they might need their passwords saved.

 New data privacy law can enhance patient safety, data privacy and boost digital health in Qatar, says experts

The Personal Data Privacy Protection Law is due to take effect in around six months time, and is expected to provide comprehensive safeguards for patients. Organisations will be required to obtain a permit from the state in order to process health data. Fines for breaching the obligations, which include keeping data secure and being transparent about data usage, will be of a maximum $1.37 million.

Like this post? Subscribe to our weekly newsletter here to be updated with all news privacy, Cognitiv+ and more.

The President-elect and surveillance: will security trump privacy in the world of Donald?

Georgia Wright Articles, Privacy

What does Donald Trump mean for the people’s privacy? This is a question asked, but not answered. America’s 56th presidential election has left the world reeling and to swallow the bitter pill of uncertainty. With the President-elect almost reinventing himself during his victory speech, everyone is questioning his policies ahead of his inauguration.

So what can we learn from the past?

The President-elect has supported the National Security Agency’s (NSA) bulk phone metadata collection, revealing a year ago that surveillance came before privacy when it came to collecting data. After Apple Vs FBI, when Apple refused to write code to hack the San Bernardino shooter’s iPhone, Trump suggested an Apple boycott to the public.

Of course, this was completely undermined by Trump tweeting after this statement from an iPhone. Then later being photographed behind a MacBook Pro.

So ‘yes’ means ‘no’ and ‘up’ means ‘down’ in Donald J. Trump’s world – perhaps this was an insight to his current identity crisis.

To add to these positions, Trump has deemed the profiling of American Muslims “common sense”, and suggested that mosques ought to be under surveillance.

“I err on the side of security.” – Donald J. Trump

Investigating a little further back into Republican government, Timothy Edgar, director of law at Brown University and ex-Director of Privacy and Civil Liberties in Obama’s White House, has predicted Trump’s pro-surveillance stance.

“Republicans typically show little sympathy on the matter… I would say pretty much any attempts to reform will come to a screeching halt, and maybe it will go backwards.”

What is the present privacy climate?

However, it’s no secret that privacy advocates haven’t been satisfied with the Obama administration. Edward Snowden revealed the full extent of the US government’s surveillance of American and global citizens, causing global outrage. Obama renewed the controversial Patriot Act in 2011, despite his previous stance that it infringed the population’s privacy rights. The whistle was blown by Edward Snowden in 2013 on the NSA’s mass surveillance programme, and Obama was forced to dial back surveillance activities.

However, Snowden’s lawyer, Ben Wizner, of the American Civil Liberties Union, has spoken a warning of the current presidential powers.

“The danger of the aggregation of executive power we have seen over the last decade is that we might have an executive who is not worthy of that trust. This has been a trend in the US but there has been a weakening of constitutional oversight during the growth of the national security state.”

“I think many Americans are waking up to the fact we have created a presidency that is too powerful.” – Ben Wizner, Edward Snowden’s lawyer at director at the American Civil Liberties Union

John Napier Tye, a whistleblower in 2014 and ex-state department official, has also surveyed the weaknesses in current privacy policies.

“Obama and Bush could have set the best possible privacy protections in place, but the trouble is, it’s all set by executive order, not statute. So Trump could revise the executive order as he pleases. And since it’s all done in secret, unless you have someone willing to break the law to tell you that it happened, it’s not clear the public will ever learn it did. Consider that even now, the American people still do not know how much data on US persons the NSA actually collects.”

The crystal ball is murkier than ever – what does the future hold for privacy in the US?

A major turning point will be in December 2017, when the FISA Amendments Act of 2008 will expire. This legislation enables the NSA’s PRISM surveillance program. Using data taken from the tech giants, “it specifically authorises intelligence agencies to monitor the phone, email, and other communications of US citizens for up to a week without obtaining a warrant, provided one of the parties to the communications is outside the US” Neil McAllister reports.

But the tech giants haven’t been willing to sit back and allow this use of data. Jan Koum, co-founder of WhatsApp, has told Reuters that the instant messaging company will be “extremely vocal” against efforts to allow the government to get past encryption and other data protection measures. The CEO has cited concerns for American companies’ reputations as the reason for this.

This sort of opposition is a consensus in the tech industry, indicating a war effort on their part to secure privacy rights. Microsoft President and Chief Legal Officer Brad Smith has already addressed the issues between Trump and tech companies, and urged a future strategy of unification in his blog post.

“It will remain important for those in government and the tech sector to continue to work together to strike a balance that protects privacy and public safety in what remains a dangerous time.

As this election demonstrated, technology now plays a ubiquitous role in our daily lives. But people will not use technology they do not trust.” – Brad Smith, President at Microsoft

These debates are likely to continue, unless Trump pulls off his attempt at unifying the divided American nation. But, it is hard to predict the future. “Nobody knows what he’ll do. I don’t know if his past statements should be taken as gospel or if it’s more about emotions.” Jay Edelson, an attorney and CEO of law firm Edelson PC commented.

Political power problems ahead?

As Forrester’s data protection report has found, countries are seeking surveillance powers which conflict with privacy rights. We can see a similar cause rising in the US – Trump has no concerns with renewing the Patriot Act, which affects both foreign and American citizens.

When Donald Trump reminisced of the hack of the Democratic National Committee’s email server, he spoke thus:

“I wish I had that power…Man, that would be power.”

And he’s got it.

Source: The Political Insider

Source: The Political Insider

The Privacy Post #5

Georgia Wright Privacy

Every week we’ll be rounding up the latest news in privacy and other interesting articles.
EU questions U.S. over Yahoo email scanning, amid privacy concerns

Reports that Yahoo scanned its customers’ emails has led the European Commission to question the U.S. government. If true, Yahoo would have violated the data transfer pact Privacy Shield. Commission spokesman Christian Wigand said that the U.S. government had been contacted in order to clarify the situation.

UK privacy watchdog says Facebook agrees to suspend using WhatsApp users’ data

The Information Commissioner’s Office (ICO) has reported that Facebook will stop using UK WhatsApp users’ personal data for advertisements and product-improvement purposes. The Information Commissioner, Elizabeth Denham, hopes to use other privacy watchdogs to get Facebook to agree to sign an undertaking to improve their explanation of how they use personal data.

LinkedIn Banned in Russia Over Data Privacy

The internet firm LinkedIn has been found to be violating Russian data protection laws by a local court. The site will therefore remain blocked to its 6 million Russian users. The 2014 law requires that personal data of Russians must be stored on a Russian server. It is expected that this case will set a precedent for further cases.

Case Takes UK Privacy Tribunal to European Court

Six individuals and the Human Rights Watch are demanding to know whether they were unlawfully spied on by GCHQ. The UK Investigatory Powers Tribunal will be required to confirm whether they were subjected to surveillance, and whether this action was lawful or not.

“The Tribunal’s refusal to recognise the human rights claims of non-UK residents is illogical and wrong… Victims – wherever they are – should be entitled to justice when a European court member commits a human rights violation against them on its own territory.” – Scarlet Kim, Legal Officer at Privacy International

Forrester’s 2016 Data Privacy Heatmap Points To Continued European Influence On Global Regulations

The updated 2016 report has found that countries are still trying to emulate the European standard of data protection. Furthermore, the GDPR (General Data Protection Regulation) has caused the tightening of data protection laws across the globe. In a high-level look at government surveillance, the Forrester has also found that countries are seeking more surveillance. This comes at the cost of undermining data protection laws.

Drones: new EU rules to ensure safety and privacy

On 10 November the European Union aviation safety rules were updated to include basic safety measures for drones. The changes were implemented in order to ensure people’s privacy and safety. See the released infographic below.


Courtesy of the European Parliament.

ICO to remain as a single Commissioner agency

Despite a recommendation from the Triennial Review, The ICO will remain as a single Commissioner agency. Data Protection Minister, Matt Hancock MP said “reconstituting the ICO as a multi-member Commission is not the right change to make to its governance arrangements”. This is likely due to the success of the ICO despite funding cuts. The Commissioner will be adding a new position of General Counsel to the ICO and a new management structure.

Hong Kong’s first privacy commissioner reflects on privacy’s changing landscape

Stephen Lau Ka-men gave an interview with the South China Morning Post, looking back at his time in office from 1996-2001. He explains that the data protection laws were first written “to promote awareness of personal data privacy… it [was only] in the last few years that they amended the law and made the penalties harsher… actually prosecuting individuals and organisations that have breached the law.”

Like this post? Subscribe to our weekly newsletter here to be updated with all news privacy, Cognitiv+ and more.

Cognitiv+ featured on the Artifical Lawyer!

Georgia Wright Features

Last month our CEO and Co-founder, Vasilis Tsolis, was interviewed by the Artificial Lawyer. The article features the birth and beginning of Cognitiv+ and a sneak preview of where the product is heading… Want to find out how our CEO sees the legal AI market evolving? Read on here…

So how is Cognitiv+ different to other legal AI companies? Although there are some offerings in the market, Vasilis notes that there is lots of space to add different use cases. Cognitiv+ doesn’t rely solely on NLP (natural language processing) and machine learning to provide contract review. Cognitiv+ links this to a body of legislation and regulation which allows quick and thorough compliance reviews. This can be applied by an lawyer or executive within a company.

“The idea is to both provide this service in terms of checking a small number of contracts, perhaps in an inhouse setting, and also provide broader document review, for example for due diligence. The aim therefore is two-pronged.” – Artificial Lawyer on Cognitiv+

And what about the AI market in general? The Artificial Lawyer and Vasilis both agree that the market is in early stages and therefore hard to predict. However, a new client is destined to emerge:

photo-vasilis-company2“Some companies have been looking at AI for over five years now. We see CEOs and COOs of companies who are now familiar with AI applications.

We also see HR teams inside companies making use of AI… if the GC and inhouse lawyers in a company are not using it as well then they will be in a very different situation to the other parts of the company.” – Vasilis Tsolis, Cognitiv+ CEO

Caught your attention? Read the rest of the article ‘New Legal AI On the Block: Cognitiv+’

Thanks to the Artificial Lawyer for originally publishing parts of this article. 

Like this post? Subscribe to our weekly newsletter here to be updated with all news privacy, Cognitiv+ and more.

The Privacy Post #4

Georgia Wright Privacy

Every week we’ll be rounding up the latest news in privacy and other interesting articles.
EU-U.S. personal data pact faces second legal challenge from privacy groups

La Quadrature du Net, a French privacy advocacy group has challenged the data sharing pact between the US and EU. Previously an Irish privacy group has challenged Privacy Shield. Both cases face being declared inadmissible if the groups are not directly concerned with their complaint.

Multiple fitness trackers are being accused of violating European law

The Norwegian Consumer Council has reported Fitbit, Jawbone, Garmin and Mio for breaking European privacy laws. Their concern arises from the companies collecting  more data than necessary and not notifying users of who has their data. The companies have since released statements informing users of their policies. The report signifies the strength of EU privacy rules and shows that it could be a tough upwards battle for the commercialisation of big data in the healthcare industry.

Facebook data and privacy rules sink Admiral’s insurtech plans

The insurer, Admiral, sought to use users data such as their likes and posts to assess their personalities. This could then determine whether people were safer drivers, according to Admiral’s research. It was found to be a breach of Facebook’s terms of use, which doesn’t allow decisions to be made about people’s eligibility based on their Facebook use. This is blow to the insurance industry, which has been trying to harness the uses of big data. However, some suspect that this is due to Facebook wanting to utilise the data in a similar way.

KPMG: What do consumers really think about companies using their personal data?

KPMG surveyed 7000 consumers to find that 60% were seriously concerned about how companies use or hold their personal data. The report also found that 25% used encryption to protect their data and that two thirds of people are not comfortable with smart phone and tablet apps using their personal data.

2017 Predictions: Trust is now business currency

Forrester has predicted that in 2017, privacy breaches will escalate and result in the failure of a Fortune 1000 company. It has estimated that the new US president will face a cybercrisis within 100 day of inauguration. The report also cites that customers becoming more aware of their privacy risks will affect the relationship between consumers and businesses, with trust playing a crucial role. When forecasting this, the report notes that CEOs will be key players in ensuring this trust – see our latest article on cyber security and boardroom liability here.

Like this post? Subscribe to our weekly newsletter here to be updated with all news privacy, Cognitiv+ and more.

Who dunnit? Cyber security & boardroom liability

Georgia Wright Articles

The new stance on accountability

It’s clear that Elizabeth Denham, the new UK Information Commissioner, isn’t going to be lenient when it comes to data protection. When addressing the UK Digital Economy Bill, she has recommended that persons should be liable for data breaches.

The Information Commisioner’s Office (“ICO”) has only managed to collect a small amount of fines incurred for data breaches this year. Why? Companies mysteriously shut down after a fine, then reappear as a new corporate entity. This is only one reason as to why she thinks directors should be accountable for data breaches. Whilst there is no law supporting this stance yet, the attention has turned to the boardroom when discussing cyber threats.

The chancellor announced the government’s £1.9 billion spend on cyber security on Tuesday, and here’s why your company should be spending a bit more.

So – what are the facts?

The stats on cyber security. Sources: PCI SSC, PWC, COMRES

The stats on cyber security. Sources: PCI SSC, PWC, COMRES

If you look at the data, it seems that board directors are happy to have their companies penalised by a tougher regulator.

However, the Commissioner wants the board directors penalised, by a tougher ICO. Nowadays, we’re talking big money. When the EU General Data Protection Regulation (“GDPR”) comes into force – and no, you can’t use Brexit as an excuse – companies could be fined up to 4% of global annual turnover.

It’s fine, I’m covered, right?

Cyber liability insurance cover (“CLIC”) isn’t a new product, but it’s just not talked about enough. CLIC can cover privacy crisis/data breach management, which extends to data subject notification, legal costs and regulatory fines. Additionally, it covers multimedia liability (such as intellectual property rights infringement), extortion liability cover and network security cover.

This isn’t a well explored market, so know what your costs could be in the event of a breach and be prepared to talk it over with your insurer.

Insurance alone won’t guarantee that your business runs smoothly in the event of a breach. You will still need to take the appropriate measures to defend yourself against cyber threats. It will also bring your insurance premiums down. Read this helpful guide here for further details.

But this isn’t relevant to me – I’m not in IT!

Do you use a computer or phone at work? Do you determine budgets for your IT department? Are you responsible for spending decisions? If the answer is yes to any of these questions, then you have to pay attention.

“Risk is a full team sport” – Steven Walker, National Association of Corporate Directors

There is a greater pressure on the boardroom to address cyber security. It’s no good assigning an investigation into your cyber policy to another unit – it’s the key decision makers in businesses who will be called into question during any event. Ignorance simply isn’t good enough.

The shareholders of TalkTalk knew who to point their fingers at when their stock value plummeted. The commercial loss of the cyber attack for TalkTalk was estimated at £65 million, with fines being only 7% of that figure. Just ask Dido Harding and Marissa Mayer, chief executives of TalkTalk and Yahoo respectively, who were blamed for their cyber breaches.

No, it wasn’t the person in IT.

Like this post? Subscribe to our weekly newsletter here to be updated with all news privacy, Cognitiv+ and more.