Abstract:





[Domestic Policy Trends]

The Ministry of Industry and Information Technology has issued a notice on regulating the use of domain names for Internet information servicesClick to view the original article



Summary:Notice “to regulate the use of domain names in Internet information services for Internet access service provider in accordance with the requirements for the may act to carry out the real-name system, and demanded that the domain name registration management, services in accordance with the” measures for the administration of Internet domain names and telecommunications supervisor request, with the ICP/ICP address/domain name registration management information system “for docking.
The Internet access service provider shall regularly check the status of the domain name used by the Internet information service provider through the filing system, and shall stop providing access services for the non-existent domain name, expired domain name and failure to provide real identity information.



Comment on:After the official release of the notice, Internet access service providers have more responsibility to implement the real-name system and are required to check it regularly through the filing system, raising management costs. Internet information service providers also need to voluntarily record ICP address and domain name information in accordance with the requirements of the director of telecommunications to ensure that the information provided is accurate and timely updated.



[International Policy Trends]

Russia plans to set up an alternate DNS, which will also cover China and other BRIC countriesClick to view the original article

Summary:

The Russian Federal Security Council has confirmed the start of building a backup DNS system, and Putin approved and asked for the plan to be completed by August 1, 2018. The Russian government wants to build an independent Internet infrastructure to counter the powerful information warfare offensive capabilities of western countries. Russia and the other BRICS countries will reportedly have the option of pulling the switch and diverting traffic to a private standby DNS system.

Comment on:The main purpose of Russia’s establishment of standby DNS is to reduce its dependence on global DNS and reduce its own risks.
If you have a back-up Internet link to an important trading partner, you’re less at risk from attacking your opponent. In the future, cooperation, competition and prevention among countries around the world in the Internet space will continue to increase, and issues such as boundaries and data sovereignty in the Internet space will also receive more attention.

[Industry Trends]

Google has cracked down on Android apps that collect personal information without consent
Click to view the original article

Summary:
Google requires apps on its Android platform to seek permission to process personal user data, such as phone numbers and email addresses. If data unrelated to its function is collected and transmitted, the user’s consent must be sought and emphasized. If the developer fails to comply within 60 days, Google will issue a warning to the user and take action accordingly.



Comment on:In terms of personal information protection and content security, application mall platforms actually bear certain “joint and several liability”, and need to manage the applications on the platform and inform the personal information protection responsibility to reduce their own compliance risks. A few days ago, Google

Alleged to have collected information on iPhone users between June 2011 and February 2012 and sold information on more than five million iPhone users without their consent. The case is expected to reach the High Court in 2018 and could cost Google £2.7bn in damages. After GDPR and other regulations take effect, compliance costs of enterprises increase, requiring more manpower, technology and time investment, and further clarifying the responsibility relationship with users.


【 Security Incident 】

Australia’s Department of Social Services has admitted leaking personal information of 8,500 employees

Click to view the original article

Summary:Australia’s Department of Social Services (DSS) admitted leaking personal information of 8,500 current and former employees. The data included credit card information, employee names, user names, work phone numbers, work email addresses, system passwords, Australian government service numbers, public service categories and organisational units. DSS’s CHIEF financial officer said the data breach was not caused by DSS’s internal systems but was caused by improper operations by a third-party provider, adding that the data is now properly protected and there has been no improper use of the data or credit cards.

Comment on:Recently, there have been several data breaches of government websites and systems around the world. Disclosures are usually not discovered until at least several months after the event, and the impact is unpredictable, but the consequences are significant. At the same time, many similar government data breaches are the result of improper security practices by third-party outsourcers. Therefore, government agencies and critical information infrastructure operators should not only ensure their own security measures in place, but also choose suppliers with corresponding security capabilities to reduce the potential risks of third-party data leakage.











To subscribe to

NEWS FROM THE LAB