International Telecommunication Union   ITU
Site Map Contact us Print Version
 Wednesday, 15 August 2007

The New York Times reported on 14 August 2007 that Google and Microsoft are separately developing a system of online health records, which would allow individuals to store, retrieve and provide personal health data to doctors, hospitals, insurers, laboratories, etc. as desired.

Data would been directly uploaded onto these records by health service providers, but access to the information (through PCs, mobile telephones and other digital devices) would be controlled by the patient. The health data stored on the personal online record would also lead their owners to locating relevant health-related information on the web (including advertisements that would likely fund the system).

Other companies specialized in digital health records and search engines are working on similar systems. To eventually reach end-users significant security and privacy issues will have to be resolved in fine-tuning these services

To read more, click here.

Wednesday, 15 August 2007 14:18:33 (W. Europe Standard Time, UTC+01:00)  #     | 

Information technology flourishes in northern Indian states, as the Financial Express reports on 13 August 2007. In order to better evaluate the capacities of using information and communication technologies (ICTs) in India to participate in a globally networked economy, the department of information technology and the National Council of Applied Economic Research released its latest e-Readiness Assessment report in January 2007.

States and union territories ranked at the top have implemented, among others, some e-Governance initiatives for land and property records, transportation, birth and death registration, and ICT applications for agriculture. Further activities to boost the level of e-Readiness as well as e-Governance are mentioned in the article such as providing an enabling political and regulatory environment, infrastructure, capacity building and sharing experiences with other states.

To learn more of the national e-Governance plan, click here.

Wednesday, 15 August 2007 11:00:23 (W. Europe Standard Time, UTC+01:00)  #     | 

InfoWorld reports that security experts warn Germany's new antihacker law could result to more cybercrime and not less. The law, which aims to mitigate the rise of computer attacks in the public and private sectors, was approved in May by the German government and implemented on Saturday. Although Germany already has approved numerous laws to curb attacks on IT systems, the most recent one aims to close any remaining loopholes. Punishable cybercrimes include DOS (denial-of-service) attacks and computer sabotage attacks on individuals, which would extend the existing law that limited sabotage to businesses and public authorities.

The new law defines hacking as penetrating a computer security system and gaining access to secure data, without necessarily stealing data. Offenders are defined as any individual or group that intentionally creates, spreads or purchases hacker tools designed for illegal purposes. They could face up to 10 years in prison for major offenses.

Security experts from different clubs and vendors such as Chaos Computer Club, F-Secure and Kaspersky Lab, all share the same concern on the legal uncertainty the new law creates. According to them with the new law, their development of hacker tools to test and ensure network system security, which is essential to their business, could get them in trouble and bring them to court in the future.

Other groups of computer experts that develop hacking tools to test the security of computers and network systems have already pulled the out their operations in Germany. KisMAC and Phenoelit, hacker groups that offer a tool to detect security holes in networks, stopped its work in Germany and plans to resume in neighboring Netherlands.

To read the full article, click here.

Wednesday, 15 August 2007 10:11:48 (W. Europe Standard Time, UTC+01:00)  #     | 

On an article by InformationWeek, researchers are blaming the virulent Storm worm for a widespread denial-of-service attack that hit Canadian Web sites over the weekend, saying the attack could have been a test of the might of a botnet more than 1.7 million zombies strong.

Johannes Ullrich of the SANS Institute and the Internet Storm Center, said in an interview that "the DoS part was basically an unintentional side effect. It was a whole lot of spam -- enough to make the servers slow down. Once [that much spam] is set loose, it's hard to tell what's going to happen."

The Storm worm has been bombarding the Internet with massive amount of spam e-mails in the form of phony electronic greeting cards for the past several months. This emails lure unsuspecting users to malicious Web sites where their machines are infected with malware that turns them into bots, which adds them up to the massive botnet that the Storm worm authors have been putting together. However, the latest attack used e-mails with limited amount of text instead of the e-card ruse though, which confirms the attack was a test-run, according to Ullrich.

In the first half of this year, it has been reported that the Storm authors had a botnet about 2,815 strong according to the researchers at SecureWorks. That number had skyrocketed to 1.7 million by the end of July. Researchers at both SecureWorks and Postini said they think the Storm worm authors are cultivating such an enormous botnet to do more than send out increasing amounts of spam. All of the bots are set up to launch DoS attacks and that's exactly what they're anticipating.

Read the full article here.

Wednesday, 15 August 2007 08:59:38 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 14 August 2007

On 16 July 2007, the European Commission issued a set of draft recommendations on eHealth interoperability. This supports the idea that connecting people, systems, and services would be vital for the provision of good healthcare in Europe.

The lack of interoperability in systems and services has long been identified as one of the major challenges to the wider implementation of the Union's e-Health applications.

The goal of this Recommendation is to contribute to enabling the provision of a means of authorised healthcare professionals to gain managed access to essential health information about patients, subject to the patients' consent, and with full regard for data privacy and security requirements. Such information could include the appropriate parts of a patient's electronic health record, patient summary and emergency data from any place in Europe: within countries, in cross-border regions, and between countries.

The proposed actions cover the following areas:

  • The overall (political/legal) level of eHealth interoperability inclusing privacy and confidentiality
  • Creating the organisational framework (or process) for e-Health interoperability
  • Applications (including semantic) interoperability
  • Architectural and technical interoperability including security, certification and accreditation
  • Monitoring and evaluation

For full information, click here.

Tuesday, 14 August 2007 13:15:44 (W. Europe Standard Time, UTC+01:00)  #     | 

The first Global Information Society Watch 2007 report was released at the United Nations' Palais des Nations in Geneva on 22 May 2007 and during the The Third Annual SANGONeT "ICTs for Civil Society" Conference and Exhibition in Johannesburg, South Africa on 18 July 2007. The report discusses the state of the field of information and communication technology (ICT) policy at local and global levels and particularly how policy impacts on the lives of people living in developing countries.

Studies of the ICT policy situation in twenty-two countries from four regions are featured: Africa (Democratic Republic of Congo, Egypt, Ethiopia, Kenya, Nigeria, South Africa and Uganda); Asia (Bangladesh, India, Pakistan and the Philippines); Latin America (Argentina, Brazil, Colombia, Ecuador, Mexico and Peru); and Eastern Europe (Bosnia and Herzegovina, Bulgaria, Croatia and Romania), with one report from a Western European country (Spain).

The report concludes that when it comes to ICTs for development, there are some conspicuous similarities between the countries. Excluding Spain, the other twenty-one countries each show obvious evidence of the "digital divide" which impacts on the majority of people negatively. The report also includes provocative, analytical essays on five international institutions (including ICANN and the World Intellectual Property Organisation) questioning the extent to which they allow all stake-holders to participate in their processes. There is a special section on how to measure progress as well.

Read more on the Global Information Society Watch.

Tuesday, 14 August 2007 11:04:02 (W. Europe Standard Time, UTC+01:00)  #     | 

On Sydney Morning Herald's Veto for Parents on Web Content, it was announced that ISPs in Australia will be obligated to filter web content at the request of parents. This is part of the $189 million Federal Government crackdown on online bad language, pornography and child sex predators. According to the Prime Minister, John Howard, the Government would increase funding for the federal police online child sex exploitation team by $40 million to aid investigators to track those who prey on children through chat rooms and sites such as MySpace and Facebook. The Government is also expected to pay $90 million to provide every concerned household with software to filter internet content.

According to the article, the more efficient compulsory filtering of internet service providers (ISPs) was proposed in March last year by the then Labor leader, Kim Beazley, which the Communications Minister, Helen Coonan, and ISPs criticised as expensive then. Three months later Senator Coonan announced the Government's Net Alert policy, promising free filtering software for every home that was interested. She also announced an ISP filtering trial to be conducted in Tasmania, but that trial was scrapped.

The ISP filtering measure, according to Mr. Howard is a world first by any Government, and is expected to offer funding to help cover the cost. An ISP filter option will be made available to parents when they sign up with an ISP. This service will be compulsory to all ISPs. The measures are expected to be implemented by the end of this month.

US authorities have reported last month that more than 29,000 convicted sex offenders had profiles on MySpace. In Australia, about 26 per cent of Australia's 3.8 million MySpace users are under 18. To protect the users, MySpace has written to all state and territory governments, and the Commonwealth, asking them to create a national child-sex offender database that requires email addresses to enable them to track sex offenders and remove their profiles on the system.

Read the full article here.

Tuesday, 14 August 2007 10:34:03 (W. Europe Standard Time, UTC+01:00)  #     | 

A Report entitled Personal Internet Security from the House of Lords Science and Technology Committee has been made available on Friday discussing primarily the issues pertaining to individual experiences of the Internet. In the report, the U.K., ISPs and others, has been said to unfairly hold Internet users responsible for online safety. According to the panel, this "laissez-faire" attitude toward personal security is what weakens user confidence. The report proposes that ISPs should be held responsible and avoid them from ignoring spam and malware notices, and that information technology vendors be held liable for not making products secure.

Network security, appliances and applications, how businesses and individuals use the Internet and policing of the online world were studied and dealt with in the Lords inquiry. It also noted that the U.K. government is at fault for not showing leadership in assembling available information and interpreting it for the public. "The Government are not themselves in a position directly to gather the necessary data, but they do have a responsibility to show leadership in pulling together the data that are available, interpreting them for the public and setting them in context, balancing risks and benefits. Instead of doing this, the Government have not even agreed definitions of key concepts such as 'e-crime'." The report recommends the establishment of a cross-departmental group in the Government, "bringing in experts from industry and academia, to develop a more co-ordinated approach to data collection in future. This should include a classification scheme for recording the incidence of all forms of e-crime. Such a scheme should cover not just Internetspecific crimes, such as Distributed Denial of Service attacks, but also e-enabled crimes - that is to say, traditional crimes committed by electronic means or where there is a significant electronic aspect to their commission."

The committee points out the need for more support for research from the industry as well. "The development of one or more major multidisciplinary research centres, following the model of CITRIS, is necessary to attract private funding and bring together experts from different academic departments and industry in a more integrated, multi-disciplinary research effort."

End-users are still predominantly viewed as unable to protect their own security according to the report. And private companies are driven by strong incentives to either promote security for profit or to oppose it as imposing costs on them according to lawmakers. The committee, thus, proposes that ISPs, being the link between the users and the network, could take more control over the network traffic by blocking or filtering traffic containing malicious code. "We do not advocate immediate legislation or heavy- handed intervention by the regulator," says the lawmakers, adding that the market must be nudged to provide better security.

Further recommendations of the committee include criminalizing trade in botnet services, no matter what their use, creating a unified, Web-based reporting scheme for e-crime, more action on creating a central e-crime police unit, fast ratification of the Council of Europe CyberCrime Convention, and educating courts on Internet crime.

Read the full article on Factiva Content Watch.
To access the report, click here.

Tuesday, 14 August 2007 09:56:33 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 13 August 2007

On ZDNet Australia's article, "Knowledge is greatest threat to critical infrastructure," researchers and security experts agree that Australia's critical infrastructure still proves to be vulnerable due to insufficiency and lack of educational resources. The article discusses the problem with the security of Supervisory Control and Data Acquisition (SCADA) systems, "the central nervous system for sensors, alarms and switches that provide automated control and monitoring functions for utilities such as water, gas and electricity, as well as large manufacturers."

Jill Slay of the University of South Australia's Defence and Systems Institute, said at the inaugural International Federation for Information Processing (IFIP) Critical Infrastructure Protection conference that Australia needed more stringent audits of SCADA network access, better training and stricter controls over contractors. She believes Federal Government initiatives such as the Trusted Information Sharing Network are good but, at present, are insufficent to keep the SCADA operators aware and updated of current threats and response strategies.

The article also points out that due to the threat of terrorism, there has been increased security concerns on essential services as SCADA systems have increasingly been accessible over TCP/IP protocol corporate networks to improve process automation and visibility of data. According to the article, "the Federal Government's approach to SCADA security has been to garner industry support through cooperative initiatives such as its Trusted Information Sharing Network, a community of practice networks dedicated to fostering knowledge-sharing and training between government, industry and academia," however "the amount of information available on SCADA systems online provides such a large amount of information out there for those who want to find network vulnerabilities in critical infrastructure."

To read the full article, proceed here.

Monday, 13 August 2007 13:24:50 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 10 August 2007

The Journal Record reported on a hospital group in Oklahoma City, USA that is developing a technology program to better connect its hospitals and clinics in the metropolitan area with its seven rural hospitals. This program uses the existing hospitalsí infrastructure, and will cost USD 30,000 to develop. It will initially focus on fetal monitoring and on sharing records amongst hospitals, which will allow doctors to assist patients at different locations in remote areas. 

Read the full article here.

Friday, 10 August 2007 13:26:12 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 09 August 2007

On 30 July 2007 in Berlin and 27 June 2007 in Tokyo, the Federal Ministry of Economics and Technology of Germany, the Ministry of Internal Affairs and Communications of Japan and the Ministry of Economy, Trade and Industry of Japan signed a Joint Statement expressing the following:

"Information and Communications Technologies (ICT), including the Internet, are key enablers in the development of the economies in both Germany and Japan. Spam poses a potential threat to this economic development. It must be made clear that spam has no legitimate role in the German or Japanese e-economy.

The Federal Ministry of Economics and Technology of Germany, the Ministry of Internal Affairs and Communications of Japan and the Ministry of Economy, Trade and Industry of Japan see mutual benefit in strengthening friendship and cooperation between their two countries through cooperation concerning anti-spam policies and strategies. The aim is to support international cooperation in and among a variety of organizations such as the Organization for Economic Cooperation and Development, the International Telecommunication Union, the United Nations Conference on Trade and Development, the Internet Engineering Task Force, the International Consumer Protection and Enforcement Network, and the Asia-Europe Meeting.

Under this Joint Statement, cooperation in matters of mutual interest will be able to take place through the exchange of ideas, information, personnel, skills and experience and collaborative activities that will be of benefit to both sides. Because spam has implications for many groups of stakeholders, every effort will be made to ensure that all interested parties, both public and private, are consulted as appropriate. Particular areas of cooperation will include:

a) Exchanging information about anti-spam activities such as anti-spam policies and strategies, as well as technical and educational solutions to spam;

b) Encouraging the adoption of effective anti-spam technologies and network management practices by German and Japanese Internet Service Providers and major business network managers, and further cooperation between government and private sectors;

c) Supporting German and Japanese marketers or bulk email senders in adopting spam-free marketing techniques;

d) Identifying and promoting user practices and behaviours which can effectively control and limit spam and supporting the development of multi-stakeholder public information and awareness campaigns to foster increased adoption of anti-spam practices and behaviours by end users in Germany and Japan;

e) Cooperating to strengthen anti-spam initiatives being considered in international fora."

To access the Joint Statement in different languages, click here.

Thursday, 09 August 2007 11:29:58 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 03 August 2007

SRI and Georgia Tech have been working on a new tool, BotHunter, that aims to quickly locate bot traffic inside a network. "BotHunter introduces a new kind of passive network perimeter monitoring scheme, designed to recognize the intrusion and coordination dialog that occurs during a successful malware infection. It employs a novel dialog-based correlation engine, which recognizes the communication patterns of malware-infected computers within the network perimeter.  A government/military version of this software has been in use successfully for about a month, and a public version has recently been released. A highly interactive honeynet using BotHunter is also run by SRI. Dozens of new infections are detected each day, and the site proves to be very helpful in understanding the behavior of the received malware. It generates a list of potentially evil IP addresses and DNS queries as well."

For more information on this new software, visit the BotHunter site.

Friday, 03 August 2007 11:29:24 (W. Europe Standard Time, UTC+01:00)  #     | 

An Informational draft RFC by John Curran was recently published, outlining an IPv4 to IPv6 transition plan. The paper provides a clear guidance to organizations regarding specific expectations that change over time, and vary greatly by organization. A timeline of the different phases was set with the intention of allowing enough time for the necessary planning and deployment steps which each organization must undertake. The author proposes the transition to predominantly IPv6-connectivity by Januaray 2011 in response to meeting the overall requirements of allowing the Internet to scale as specified in "The Recommendation for the IP Next Generation Protocol" [RFC1752].

On the contrary, Randy Bush provides a very informative presentation, IPv6 Transition & Operational Reality, regarding the reality of such a transition. The presentation discusses the different myths about IPv4 and IPv6, the emergence of a market for IPv4 addresses, and the transition from allocation to entitlement among others.

For more background data and interesting comments from Geoff Huston, read his IPv4 Address Report or his ISP column articles on The End of (IPv4) World, and Transition to IPv6.

Friday, 03 August 2007 10:53:05 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 01 August 2007
The UNESCO Office in Bangkok launched an interactive online forum targeted to educators, teachers, administrators, policy makers and others to foster discussions on topics relating to the use of information and communication technologies in education.
For more information, see ICT-in-Education online community.
Wednesday, 01 August 2007 12:03:12 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 31 July 2007

To aid in choosing a good DNSBL, Swa Frantzen proposes at the SANS Internet Storm Center several tips and tricks in gauging which blacklists are effective. Presented as well are several criteria that must be considered by the blacklist administrators. Among the criteria they suggest are:

  • Speed of reaction
  • Selection criteria
  • Goal of the blacklist
  • Ease of getting unlisted
  • Working Email contact to get unlisted
  • Out of band contact details
  • Blocking for the right reasons
  • Duration of a block
  • Automatic delisting
  • Granularity of the block
  • Security of the blacklist provider
  • Extortion
  • Warning to those getting listed

To read the full article, click here.

Tuesday, 31 July 2007 15:57:21 (W. Europe Standard Time, UTC+01:00)  #     | 
 Saturday, 28 July 2007

In order to ensure transparent procurement at reduced costs in Chinese hospitals, the China Medical Equipment Association (CMEA) under the auspice of the Ministry of Health will draw up a recommended list of medical equipment to be used for purchasing decisions. The list will be based on an open and fair assessment of medical equipment considering the needs of the partners involved (including the government, hospitals and manufacturers), according to CMEA. Purchases should be made by the Ministry's International Communication and Cooperation Center.

Furthermore, China earmarked 1.2 bln yuan (about 157.9 million USD) to purchase medical equipment for hospitals in the country's poor rural areas through government procurement and public bidding. As mentioned by an official of the Ministry of Health, the list of new equipment would include electro-cardiographs, ultrasound scanners, operation beds and respiratory mechanics.

For more information, see Xinhua News Agency and here.

Saturday, 28 July 2007 11:35:43 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 27 July 2007

A report released Monday by Government Accountability Office (GAO), a congressional research and investigation agency, reveals that cybercrime (computer crime, identity theft and phishing) costs the U.S. economy US$117.5 billion a year.

"These projected losses are based on direct and indirect costs that may include actual money stolen, estimated cost of intellectual property stolen, and recovery cost of repairing or replacing damaged networks and equipment," says the report, released through the offices of Reps. Bennie G. Thompson (D-Miss.), chairman of the committee on Homeland Security, and James R. Langevin (D-R.I.), chairman of the subcommittee on Emerging Threats, Cybersecurity, Science and Technology. However, according to the lead author of the report, GAO Director of IT Management Issues David A. Powner, the staggering losses pegged to cybercrime may even be worse than estimated. "Whatever is reported by organizations, most of that will likely be underreported because of disincentives to report losses," he says.

The GAO report also acknowledges that certain personnel policies at federal law enforcement agencies may be hurting the fight against cybercrime. "[S]taff rotation policies at key law enforcement agencies may hinder the agencies' abilities to retain analytical and technical capabilities supporting law enforcement," the report observes. "In order to address the challenge of ensuring adequate law enforcement analytical and technical capabilities," it continues, "we are recommending that the Attorney General and the Secretary of Homeland Security reassess and modify, as appropriate, current rotation policies to retain key expertise necessary to investigate and prosecute cybercrime."

Read the full article at E-Commerce Times.

Friday, 27 July 2007 14:17:02 (W. Europe Standard Time, UTC+01:00)  #     | 

Secure Science Corporation, in their GPCode Evolution Report, describes the more obscure, previously undocumented traits belonging to the most recent Ransom-based Trojan (known as Glamour). "The code is a modified version of the Prg/Ntos family which was detailed in depth during their Encrypted Malware Analysis in November 2006. While a majority of the functionality has not changed since then, this recent variant is distinctive enough to warrant additional research. In particular, the trojan is now equipped with the ability to encrypt a victim's files on disk. The motive for adding this feature is clearly monetary, as the victim is advised that the files will remain encrypted unless $300 is turned over to the authors, in exchange for a decryption utility." According to their report, in the past 8 months, 152,000 victims have been infected, and over 14.5 million records were discovered to be logged by the trojan.

Read more about this report on the Secure Science Blog. Access the GPCode Evolution Report here. Secure Science Corporation has also provided the source code for the decrytor and is available here.

Friday, 27 July 2007 13:08:04 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 25 July 2007

More and more citizens in Singapore are using government services online, of which 98% can be accessed on a 24/7 hour basis. Such e-government services include, inter alia, online business licensing services that allow entrepreneurs to register their business online, which would result in significant company savings.

To protect Singapore's critical infrastructure from cyber attacks the government established a national cyber threat monitoring scheme in March 2007. International collaboration through computer emergency response teams (CERTS) represents another approach of combating the threats from cyberspace. Through both a public education campaign on cybersecurity and a legal environment dealing with computer misuse, spam, electronic transactions, etc. Singapore aims to increase confidence in using its e-government services.

To read the full article "S'pore: E-govt success lures cyber terrorists" by L. Tann, ZDNet Asia, click here.

Wednesday, 25 July 2007 15:48:03 (W. Europe Standard Time, UTC+01:00)  #     | 

Sophos recently released its global statistics naming the top 12 spam-relaying countries for the period between April to June 2007. The US and China tops the list, while Europe, on the other hand, houses six of the top 12 countries mentioned in the statistics, which when combined, account for even more spam-relaying than the U.S. The statistics reveal as well that the overall global volume of spam rose by 9% during the second quarter, when compared to the same period in 2006.

"'While the US remains top spam dog, the latest chart emphasises the urgent need for joined-up global action to combat this growing problem,' said Carole Theriault, senior security consultant at Sophos. 'For every spam campaign, the spammers, the compromised computers used, and the people being deluged by the unsolicited mail are often located in totally different parts of the world. A consolidated effort is needed not only to pursue and prosecute spammers, but also to convince computer users everywhere of the importance of blocking rather than responding to spam messages. Everyone has a part to play if we are to win the global battle against spam.'"

Statistics on spam relayed by continent, however, show Asia as the top spam-relaying continent with the number of Asian nations relaying smaller amounts of spam. Europe, which topped the chart in the first quarter of 2007, has reduced its percentage by 6.6 percent and fallen to second place. Asia, North America, South America and Africa have all seen rises in spam-relaying activity.

Read the full article here.

Wednesday, 25 July 2007 09:08:27 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 24 July 2007

A growing, sophisticated technique of propagating cyber-crime, dubbed as fast-flux service networks, has increasingly been elevating the threats we face today on the Internet. "Fast-flux service networks are a network of compromised computer systems with public DNS records that are constantly changing, in some cases every few minutes. These constantly changing architectures make it much more difficult to track down criminal activities and shut down their operations." Despite the awareness of researchers and ISPs of fast-flux for over a year now, all of the current researches on fast-flux is new.

According to the Honeynet Project & Research Alliance, criminal organizations behind two infamous malware families, Warezov/Stration and Storm, have recently adopted this so-called fast-flux service networks into their infrastructures. "The purpose of this technique is to render the IP-based block list, a popular tool for identifying malicious systems, useless for preventing attacks," says Adam O'Donnell, director of emerging technologies at security vendor Cloudmark.

To fight against fast-flux, "ISPs and users should probe suspicious nodes and use intrusion detection systems; block TCP port 80 and UDP port 53; block access to mother ship and other controller machines when detected; 'blackhole' DNS and BGP route-injection; and monitor DNS."

Access the full article at the Dark Reading website.

Read more about fast flux service networks on the the Honeynet Project & Research Alliance's new report on the emerging networks and techniques.

Tuesday, 24 July 2007 09:06:38 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 23 July 2007

The Africa Health Infoway is a World Health Organization (WHO) project supported by the Department for International Development (DfiD) that aims to provide a technology platform that supports the collection of sub national health data and statistics for analysis, dissemination and use to facilitate decision making in health, and strengthen capacity of African countries to use information in decision making. It is a district-based public health information network for African health which focuses on infostructure and connectivity, district health information systems, and knowledge translation into policy and action.

For more information on the Africa Health Infoway, click here.

Monday, 23 July 2007 15:31:25 (W. Europe Standard Time, UTC+01:00)  #     | 

The OECD's Ministerial meeting on the Future of the Internet Economy has been opened to an Online Public Consultation, providing an opportunity for all stakeholders to comment on the topics and issues to be discussed at event. The public consultation is scheduled to be open until 14 September 2007, and stakeholders and players may share their views and opinions with the OECD through their Online Questionnaire.

"The Ministerial represents an opportunity for high-level stakeholders from government, business, the technical community, and civil society to consider broad social, economic and technical trends shaping the development of the Internet Economy, and to discuss policies that can respond to evolving societal needs. The participation of all players in the dialogue is important to ensure that the Ministerial is able to benefit from a wide range of viewpoints and expertise."

For more information on the public consultation, go here or visit the OECD website.

Monday, 23 July 2007 10:01:31 (W. Europe Standard Time, UTC+01:00)  #     | 

KPMG, a global network of professional firms providing audit, tax, and advisory services, released a report on Cross-Border Investigations: Effectively Meeting the Challenge.

KPMG, along with the research firm Penn, Schoen and Berland Associates Inc. approached multinational businesses in diverse industries around the world, and asked those charged with the responsibility for cross-border investigations within those companies how they responded to their current challenges. As the trade barriers fall and international commerce expands, and as the speed of conducting business and remitting funds increases, companies that conduct business across international boundaries are recognizing the corresponding increase in the risk of fraud and misconduct. They thus face several challenges such as taking the appropriate first steps, cultural and legal differences, investigation resources, and the availability and accessibility of electronic data.

The report proposes that an effective approach can lower the risk of the occurrence of fraud or misconduct, thus lowering the possibility of being hit with serious sanctions, can demonstrate to regulators, shareholders, stakeholders, bond-ratings agencies, and the capital markets that the business takes accountability and control seriously, thereby mitigating damage to reputations, can exhibit the business's commitment to overall corporate governance activities, and can assist in a rapid and efficient response before issues spiral beyond control.

This report aims to provide insights into possible responses to the described challenges. It points out as well that an effective cross-border investigations plan demonstrates not only an organization's sound risk management practices, but also its overall commitment to good corporate governance.

Read the full report here.

Monday, 23 July 2007 09:14:02 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 20 July 2007

The OECD Committee for Information, Computer and Communications Policy (ICCP), through its Working Party on Information Security and Privacy (WPISP) has developed the Recommendation on Electronic Authentication and the Guidance for Electronic Authentication. The project was made possible with the participation of Jane Hamilton from Industry Canada and with the support of delegates from Australia, France, Hungary, Korea, Norway, the United States, the OECD Secretariat and the Business and Industry Advisory Committee (BIAC) to the OECD. On 12 June 2007, the OECD Council adopted the Recommendation, and the Guidance for Electronic Authentication, was adopted by the ICCP Committee in April and declassified on 12 June 2007 by the OECD Council.

The Recommendation encourages efforts by OECD member countries to establish compatible, technology-neutral approaches for effective domestic and cross-border electronic authentication of persons and entities. It also reaffirms the important role of electronic authentication in fostering trust online and the continued development of the digital economy.

The OECD Guidance on Electronic Authentication aims to assist OECD member countries and non-member economies in establishing or amend their approaches to electronic authentication with a view to facilitate cross-border authentication. The Guidance sets out the context and importance of electronic authentication for electronic commerce, electronic government and many other social interactions. It provides a number of foundation and operational principles that constitute a common denominator for cross-jurisdictional interoperability.

Both the Recommendation and the Guidance conclude a work stream initiated in response to the "Declaration on Authentication for Electronic Commerce" adopted by Ministers at the Ottawa Ministerial Conference held on 7-9 October 1998 and serve as a bridge to future OECD work on identity management.

The ITU Telecommunication Standardization Sector with its Focus Group on Identity Management (FG IdM) works to facilitate the development of a generic Identity Management framework, by fostering participation of all telecommunications and ICT experts on Identity Management. To read more about the ITU-T FG IdM activities, go here.

Read the full article on the OECD Recommendation on Electronic Authentication and the Guidance for Electronic Authentication here.

Friday, 20 July 2007 09:58:44 (W. Europe Standard Time, UTC+01:00)  #     |