NIST has revised the draft cybersecurity framework that it released in August. What it published today is a “preliminary cybersecurity framework.” After comments, a final framework will be released in February.

I’ve been very critical of the draft released in August. NIST clearly worked to address the criticisms.

The result is a mixed

The European Union has proposed a privacy policy that will inevitably deprive many people of their privacy. Now working its way through the tortuous Brussels process, the regulation includes a “right to data portability.” Typically, this is Commission-speak for a regulatory requirement that information services must hand over all of a subscriber’s historical data upon