Category Archives: Internet Safety for Kids and Families

Data Privacy Day: the 2020s can be the decade of privacy-by-design everywhere

By Ian Heritage

Internet trends come and go. But one concept that has steadily gathered momentum over the past decade is that of dataprotection and privacy. It’s now enshrined in EU law thanks to the GDPR, and today consumers and businesses are far more aware than they’ve ever been about their rights and responsibilities online. That’s why the coming decade offers a fantastic opportunity to embed privacy-by-design principles into every single organisation. But there’s still much to do, to raise awareness and change behaviours, especially among corporates.

That’s why Trend Micro is a proud sponsor and champion of the annual Data Privacy Day initiative, which is celebratedaround the world on 28 January.

Back to the beginning
It was on this day way back in 1981 that the Council of Europe opened for signature Convention 108, the first legally binding international treaty dealing with privacy and data protection. The first European Data Protection Day was held in January 2007 to drive greater engagement with online privacy issues, and the rest is history. 

Over the past 13 years, countless organisations have come unstuck in a very public manner. From a now-infamous HMRC blunder in 2007 to 2018’s Cambridge Analytica scandal, each incident has highlighted the potentially catastrophic impact of negligent data protection programmes. Yet these incidents have also raised public awareness and galvanised lawmakers. Thanks to the GDPR, European citizens are more in control of their personal data than they have ever been, while businesses must clear a high bar to prove they are responsible custodians of that data.  

Still work to do
But there’s still much to do. Highly sensitive personal browsing data is still shared across the adtech digital supply chain billions of times a day without any consent from consumers. Social media companies continue to harvest vast troves of customer data, IoT devices and smart assistants listen to our most intimate conversations, and the growing pervasiveness of digital technology continues to raise concerns among worried parents. 

There are also concerns for businesses. GDPR compliance is no easy thing: its vague references to “state of the art” technology and focus on broad principles rather than prescriptive controls, mean there’s no simple tick-box solution here. For many, there’ll be no 100% way of knowing whether they’re compliant until an incident occurs and the company waits for an official verdict.

There have already been over 160,000 breach notificationsacross Europe since the regulation landed nearly two years ago, leading to fines of €114m (£94m). These will certainly ramp up, as regulators across the region sharpen their knives. The ICO has already stated its intent to fine Marriott International and BA a combined £282m for serious breaches at the companies.

What happens next?
For now, this means that organisations must ensure their data protection policies are aligned with the GDPR, even in post-Brexit Britain. They must focus on best practice approaches and frameworks like those produced by NIST, Cyber Essentials and ISO. And they must look to partner with the right security experts: vendors that can offer multi-layered protection across all parts of the IT infrastructure, from endpoint to servers, networks to web and email gateways. The end goal is privacy-by-design: a commitment to embedding data protection into everything an organisation does.

At Trend Micro, we sit on both sides of the data privacy debate. Our Internet Safety for Kids and Families (ISKF) programme has offered vital resources for concerned parents for over a decade. But we also provide expert advice and support for organisations struggling to navigate a complex regulatory landscape while ensuring they do right by their customers. 

As a Data Privacy Day Champion, we’re working hard on both fronts — to ensure consumers know their rights, and have the tools and knowledge to stay safe online, and that businesses have the right controls and processes in place to meet their data protection responsibilities. As we travel through a new decade, there’s still plenty of work to do.

Tackling CSAM One Wi-Fi Hotspot at a Time

by Bharat Mistry

At Trend Micro our work to combat online threats and make the digital world a safer place stretches far beyond the obvious: malware and cyber-attacks on customers. In fact, since 2008 our Internet Safety for Kids and Families (ISKF) programme has been a leading light in the industry, spearheading Trend Micro’s efforts to be a more responsible corporate citizen. One of its core goals is to help combat the spread of child sex abuse material (CSAM) online.

We’re delighted to be driving these ambitious aims forward, most recently with newly minted recognition as a “Friendly WiFi Approved Provider” in the UK.

Family friendly Wi-Fi

Public Wi-Fi is rightly regarded with some suspicion by cybersecurity experts, who point out that it could enable attackers to eavesdrop on private conversations and even steal important log-ins. However, there’s another risk: that the internet service behind it could allow individuals, especially young people, to view inappropriate and even CSAM material.

First trailed by the Prime Minister in 2013 and launched the following year, the Friendly WiFi scheme is industry’s response. By applying to be certified under the scheme, public and guest Wi-Fi providers can show they’re putting their customers first. How? By offering global public assurance that the wireless networks consumers use when out and about is independently certified as filtered from pornography and CSAM.

Although Trend Micro doesn’t run its own public/guest Wi-Fi networks across the UK, we wanted to get involved and show our support for the initiative and the wider aims of online safety that ISKF has been driving for over a decade. That’s why we’re delighted to now be certified as an Approved Provider.

ISKF and the next decade

This latest recognition can be seen as part of our three-pronged approach to tackling CSAM. This is built around the following tenets:

Educate: raising awareness among young people about the risks involved in sharing images or trusting people online.

Integrate into products/services: blocking known CSAM using watchlists such as those run by the UK’s Internet Watch Foundation (IWF) and building it into our products, ie via web reputation. We’ll also alert industry hotlines if our products and services come across such content.

Collaborate: We’re already serving on the advisory board of the INHOPE Foundation, a global association of internet hotlines.And we’re always on the lookout for new ways to team up with like-minded organisations across the world.

Friendly WiFi is just the latest in a long line of initiatives by ISKF to extend our goal of creating a world safe for the exchange of digital information to the world’s youngest citizens. We educate, we collaborate, we innovate and we practice what we preach all around the world in order to help realise this vision.

Trend Micro’s bottom-line message to kids and families is that, if you’re online: be safe, be savvy and be kind. It might not always be easy, but there’s plenty of support and advice on our website to help those who need it.

Extending Internet Security Awareness to Employees’ Families

by Mark Conway

Today’s businesses face an unprecedented cybersecurity challenge. They must keep their networks free from threat but do so without impacting the user experience. To add to this, the benefits they see through adopting a more flexible, mobile workforce actually go hand in hand with the need to mitigate auxiliary risk. Despite the mounting hurdles, however, some of the most responsible corporate citizens refuse to be stopped in their tracks. They recognise the gains afforded through corporate cyber awareness and chose to support their employees away from work and into the home.

It’s in this regard that Trend Micro was invited to the headquarter’s of National Lottery operator Camelot Group. Our brief was simple. Discuss security practices outside of the office and provide guidance on achieving a healthier cyber environment for themselves, their children and their families. Continue reading