Good morning, Cyber Saturday readers.
It has at last arrived.
Can you feel it? Does your coffee taste richer, the air smell a little sweeter, the sunlight shine a smidgen brighter—and is your inbox much, much fuller? The European Union’s General Data Protection Regulation, or GDPR, went into effect yesterday. After years of preparation (you have been preparing, right?), businesses with operations in Europe will now be forced to steward people’s data with greater care—or else.
You’ve probably been alerted to the regime change by an avalanche of emails regarding updated privacy policies and changes in terms of service agreements. (Please excuse my joking subject line.) Even if you are not an EU resident, you may benefit. Many tech firms, such as Facebook and Google, are extending protections across their user bases, so as to simplify matters for themselves. This decision to conform to Europe’s high standard is known, as my colleague Jeff John Roberts explains, as the “Brussels effect“; the phrase calls to mind, at least for me, a parent commanding a child to finish their Brussels sprouts. Quit complaining—they’re good for you.
Even though many companies are saying that they plan to abide by the new rules globally, the penalties for breaching a GDPR stipulation count only for EU residents. That means Americans will have no choice but to take these corporations at their word—and if anyone screws up, there will be little recourse outside Europe. Some people may criticize GDPR for its heavy-handed approach: see, fines of up to 4% of global revenues for compliance failures. But it is a necessary and overdue set of measures for safeguarding people’s privacy. The tech economy has been recklessly aslosh in our data for too long. It’s time they started taking responsibility for it.
Finish your greens, then you can play.
***
Last weekend I ran a column by Oren Falkowitz, a cybersecurity entrepreneur, which applied the late scientist Richard Feynman’s warning about “cargo cult science” to the cybersecurity industry. The essay prompted me to pick up a book I’ve been meaning to read for years, Surely You’re Joking, Mr. Feynman! It struck me, while reading a chapter on the eminent physicist’s obsession with lock-picking and safe-cracking during his stint on the Manhattan Project, that if he had been born today, there’s no question in my mind he would have been a hacker. The man loved a technical puzzle as much as he loved outfoxing authorities. May your spirit live on, Mr. Feynman.
Have a great Memorial Day weekend.
Robert Hackett
@rhhackett
robert.hackett@fortune.com
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’sdaily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
THREATS
A new sheriff in town. As mentioned above, the European Union’s General Data Protection Regulation, or GDPR, went into effect this weekend. Companies with EU operations now must abide by new strictures, like reporting data breaches within 72 hours, or delivering EU residents' data to them upon request within 30 days. Otherwise, businesses could be forced to pay a penalty that can run as high as 4% of global revenues, or 20 million euros. Ouch.
Routers routed. Cisco’s threat research team, Talos, warned the public that it has discovered a malware campaign that compromised half a million routers in 54 countries. It is suspected that Russian spy services are to blame for the attack, which Talos dubbed "VPN Filter." The FBI has recommended that people reboot their routers to help identify and disrupt the infection.
Alexa, quit eavesdropping. An Amazon Echo device erroneously recorded a private conversation between two people in Portland, Oregon, and then sent the file to an unauthorized third party. The device apparently misheard the couple's verbal cues, causing it to go rogue. Amazon said in a statement, "As unlikely as this string of events is, we are evaluating options to make this case even less likely."
I demand a recount. The Federal Bureau of Investigation repeatedly overstated the number of devices it has been unable to access due to strong data encryption features, the Washington Post reports. While the FBI has said that it has been prevented from accessing the contents of about 7,800 devices, it turns out the true figure is somewhere between 1,000 and 2,000. The agency is said to have inflated the numbers by counting the same devices more than once, a result of apparently poor database management.
On the Internet nobody knows you're a...Bitcoin scammer?
Share today's Data Sheet with a friend:
http://fortune.com/newsletter/datasheet/
Looking for previous Data Sheets? Click here.
ACCESS GRANTED
Like many cybersecurity bunkers, IBM’s foxhole has deliberately theatrical touches. Whiteboards and giant monitors fill nearly every wall, with graphics that can be manipulated by touch.
“You can’t have a fusion center unless you have really cool TVs,” quipped Lawrence Zelvin, a former Homeland Security official who is now Citigroup’s global cybersecurity head, at a recent cybercrime conference. “It’s even better if they do something when you touch them. It doesn’t matter what they do. Just something.”
FORTUNE RECON
Fiat Chrysler Is Recalling 4.8 Million Vehicles Over Cruise Control Flaw by Jonathan Sperling
Facebook Accused of Widespread Surveillance of Its Users by Don Reisinger
The GDPR Is in Effect: Should U.S. Companies Be Afraid? by Jeff John Roberts
Trump Canceled the North Korea Summit. Here's What He Should Do Next. by Anthony Ruggiero
GDPR Should Have Made 'Cookies' Toast by Mark Dixon
Freezing Your Credit Will Be Free Later This Year by Emily Price
Xfinity Customers’ Wi-Fi Passwords Leaked by Comcast Bug by Lisa Marie Segarra
New Chrome Extension Warns You of Stolen Passwords by Erin Corbett
Donald Trump Is Using a 'Twitter' Phone Without a Critical Security Measure. Here's What Could Go Wrong, by David Meyer
ONE MORE THING
"The Edison of our age." Not many people know the name of Stanford Ovshinsky, an Ohio-born inventor whose contributions to materials science overturned dogma about semiconductors in the '60s. Today, Ovshinsky's legacy extends to technologies that make CDs and DVDs, hybrid car batteries, and cheap solar panels possible. Now Intel and Micron are using the late tinkerer's patents, which they've since purchased, to create the next generation of "phase-change" memory chips. Scientific American has a nice biography on the man and his work here.