On November 23rd, Symantec, the American antivirus company, announced the discovery of a piece of software called Regin, which it had found lurking on computers and stealing data in Ireland, Russia, Saudi Arabia and several other countries. Its sophistication and stealth led Symantec to conclude that it must have been created by a nation-state.

The Regin software appears to have been lurking on some computer systems from as long ago as 2008 and Symantec said it was unusually low-key, meaning it could be used on a target for several years before being noticed. Symantec have described the purpose of Regin

Continue Reading Regin – State Sponsored Hacking

Audit provisions are a common feature of a wide range of IP and technology agreements. They can be seen by those seeking the audit right as a practical way to monitor key aspects of a commercial deal. Security standards being applied to data, accuracy of billing, compliance with licence restrictions or, in some cases, general compliance with the agreed contract are often the subject of audit rights.

The general compliance audit right seems useful on the face of it. But a recent English High Court decision illustrates that a broad audit clause can raise more questions than it answers.

The
Continue Reading Audit Clauses in IT Contracts: The Broader the Better?

Ireland has been ranked in 18th position globally and 11th in western Europe for the level of protection which it affords to property rights followng the publication of the International Property Rights Index 2014. The Index ranks 97 countries in respect of their legal and political environments, physical property rights and intellectual property rights.

Ireland is ranked one place higher at 17th globally in respect of its intellectual property rights protection. Most notably, it has been placed third globally and first in western Europe for its patent protection – a position which it shares with overall top ranked country Finland. This result should be further cemented by the proposed introduction of a local Irish division of the

Continue Reading Ireland scores highly on International Property Rights Index

 A Ministerial Order (S.I. 541/2014) has been passed commencing Part 3 of the Criminal Justice (Mutual Assistance) Act 2008 (the Act), from 1 December, 2014. The Act provides for various forms of mutual legal assistance to foreign law enforcement authorities. 

 Part 3 concerns requests for mutual assistance between Ireland and other Member States of the EU for interception of telecommunications messages for the purposes of criminal investigations. It gives effect to Article 17 to 22 of the Convention on Mutual Assistance in Criminal Matters between the Member States of the European Union, 2000.Continue Reading Interception of Telecommunications Messages

A woman, who claimed a pharmacy allowed her husband to watch CCTV footage of her buying a pregnancy test kit, has allegedly settled a Circuit Court damages claim against the pharmacy for €10,000. The action claimed a breach of section 7 of the Data Protection Acts 1988 and 2003 for breach of duty of care, in allowing the footage to be shown to her husband.

She told the court that she had bought the pregnancy test for a friend, but her husband found the receipt in their home and went to the pharmacy with it. When he arrived at the

Continue Reading Woman Sues Pharmacy for Data Protection Breach

On 6 November 2014, law enforcement agencies from 17 countries and over 40 digital investigators collaborated on one of the largest dark web enforcement actions to date. This was known as ‘Operation Onymous’. Up to 50 illicit online websites based on the TOR network were deactivated and closed and more than 400 hidden services were seized. Preet Bharara, the United States attorney, whose office announced the operation said that this was “the largest law enforcement action to date against criminal websites operating on the Tor network,”
Continue Reading Authorities turn the Lights on in the Dark Web?

The Data Protection Commissioner has been notified of a data breach which has occurred at Trinity College Dublin.

The university’s Law School confirmed that personal data of law students who are participating in the Erasmus programme was inadvertently uploaded to a shared folder which was accessible by all second year law students. While it was intended that a list of students currently participating in the exchange programme would be uploaded in order to facilitate conversation between those students and students who were considering spending an academic year on exchange, the inclusion of the personal data which was attached to the list was overlooked.

The personal

Continue Reading Data Protection Commissioner notified of TCD Data Breach

According to a survey recently published by Microsoft, a large proportion of Irish people think that online privacy is important and that people should not need to give up privacy and freedom for safety from crime and terrorism.

The survey published by Microsoft, and carried out by Amárach Consulting, focused on Irish peoples’ attitudes toward online and digital data privacy and security. Microsoft commissioned the survey as part of its on-going legal challenge to a US warrant which compels Microsoft to produce data held in a Microsoft data centre in Dublin. Continue Reading How important is online privacy?

Dublin District Court, yesterday, convicted a private investigator on two charges of unlawfully obtaining personal information from the Garda Pulse system and disclosing it to without authority.  He was fined €2,500 for each offence. 

Pursuant to section 22 of the Data Protection Acts(DPAs) 1988 and 2003, it is an offence to obtain access to personal data without the prior authority of the data controller by whom the data is kept and to disclose the data to another person.

The private investigator allegedly obtained the information from a Detective, and member of the Garda, and used the information to provide

Continue Reading Private Investigator fined €5,000 for unlawfully obtaining personal data