Hackers Steal Credit Card Data From Up to 40 Million Target Customers, 12/19/2013, mashable.com
Cybercriminals have hit retail store Target with a massive data breach that may have affected 40 million of customers’ credit and debit cards accounts. The breach started around Black Friday, the busiest shopping day of the year in America, and has reportedly affected roughly 40,000 card devices at registers in Target locations around the country. … In its press release acknowledging the breach, Target said “40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013.”
The PII Problem: Privacy and a New Concept of Personally Identifiable Information, 12/06/2011_www.pogowasright.org_
Personally identifiable information (PII) is one of the most central concepts in information privacy regulation. The scope of privacy laws typically turns on whether PII is involved.
Reporters’ Roundtable: Who owns your online identity?, 02/11/2011, www.cnet.com
Today, we’re talking about identity. You own your identity, right? That’s why we talk about identity theft. Identity is clearly personal, and it can be stolen from us
12 reasons why we’re losing the identity theft battle, 09/14/2010, www.echanneline.com
1. Zero Liability has made consumers feel they have nothing to lose….
Heartland breach expenses pegged at $140M — so far, 5/10/2010, www.databreaches.net
The costs to Heartland Payment Systems Inc. from the massive data breach that it disclosed in January 2009 appear to be steadily adding up.
FTC Settles with Twelve Companies Falsely Claiming to Comply with International Safe Harbor Privacy Framework, 01/21/2014, _www.ftc.gov
Twelve U.S. businesses have agreed to settle Federal Trade Commission charges that they falsely claimed they were abiding by an international privacy framework known as the U.S.-EU Safe Harbor that enables U.S. companies to transfer consumer data from the European Union to the United States in compliance with EU law.
Ie: High Court orders Quinns to reveal passwords to receiver, 11/10/2012, www.pogowasright.org
In an interesting decision the High Court (Kelly J.) yesterday ordered that members of the Quinn family must provide passwords to personal email accounts and other information to the receiver appointed over their assets by the Irish Bank Resolution Corporation.
Government of Malta proposes inclusion of digital rights in Constitution, 10/11/2012, www.pogowasright.org
The government has presented a White Paper proposing the inclusion of digital rights in the Constitution as a means of introducing new rights to internet access, accessing information online, online freedom of expression, and the right to informational self-determination.
EU court: Social networks can’t be forced to monitor users, 02/16/2012, news.cnet.com
The European Union’s highest court says social networks cannot be forced to monitor users just to stop piracy.
FTC Welcomes a New Privacy System for the Movement of Consumer Data Between the United States and Other Economies in the Asia-Pacific Region, 11/16/2011, www.pogowasright.org
The Federal Trade Commission welcomed the approval by the forum on Asia-Pacific Economic Cooperation (APEC) of a new initiative to harmonize cross-border data privacy protection among members of APEC.
Where in the world are there data protection laws?, www.pogowasright.org, 10/30/2011
I stand in awe of how much some folks accomplish. Dave Banisar alerts me that he has updated the global map showing which countries have comprehensive data protection laws. The number is now up to 70.
Privacy commissioner of British Columbia issues guidelines on using social media for background checks, 10/14/2011, www.pogowasright.org
The Information and Privacy Commissioner of British Columbia has issued guidelines to assist organizations and public bodies using social media sites to conduct background checks of prospective employees, volunteers and candidates.
A new sheriff in town: Federal Trade Commission enforcement of medical information security=, 09/17/2014, _www.lexology.com
A recent court decision found that the Federal Trade Commission (FTC) has authority to enforce the requirements for security of Protected Health Information, or PHI, as defined under the Health Information Portability and Accountability Act (HIPAA), against a defense asserted that the FTC has no authority under that statute.
Fourth Annual Benchmark Study on Patient Privacy and Data Security, 3/22/2014, www.bespacific.com
Ponemon Institute: “…we are releasing our Fourth Annual Benchmark Study on Patient Privacy and Data Security. We hope you will read the report sponsored by ID Experts that reveals some fascinating trends. Specifically, criminal attacks on healthcare systems have risen a startling 100 percent since we first conducted the study in 2010. This year, we found the number and size of data breaches has declined somewhat. Employee negligence is a major risk and is being fueled by BYOD.”
Data Broker Removes Rape-Victims List After Journal Inquiry, 12/19/2013, www.pogowasright.org
If you missed Senator Rockefeller’s hearing on data brokers yesterday, Pam Dixon of the World Privacy Forum made a powerful point in her opening statement about how data brokers have no shame. She cited the fact that brokers were selling lists of rape victims’ names for 7.9 cents per name.
NZ privacy commissioner finds that physician properly mitigated harm following a breach, 09/18/2013, www.phprivacy.net
A doctor working in a suburban medical practice had his car broken into and bag stolen. The bag contained a USB stick holding the personal information of a number of patients, including the complainant.
PPR Releases Trust Framework© for Data Privacy, 04/03/2013, www.phiprivacy,net
Patient Privacy Rights (PPR) is pleased to announce the publication of its Privacy Trust Framework©, a set of 75+ auditable criteria based on 15 key privacy principles.
At long last, HHS unveils Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules, 01/17/2013, www.phiprivacy.net
The U.S. Department of Health and Human Services (HHS) moved forward today to strengthen the privacy and security protections for health information established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
A Brief History of the Internet of Things, 09/24/2014, www.baselinemag.com
Over the last few years, the Internet of things has evolved from an intriguing concept into an increasingly sophisticated network of devices and machines.
The Internet of Things for Cars: What Will it Mean for Insurance?, 08/12/2014, quoted.thezebra.com
Imagine, for a moment, a world in which vending machines restock themselves. A world in which your wallet, via a Bluetooth signal, beeps at your phone if you leave it behind at a restaurant.
Your Interest in Privacy Will Ensure You’re Targeted By The NSA, 07/14/2014, www.makeuseof.com
Have you ever wondered if you’re on an NSA observation list? Turns out that if you’ve even thought about it (or online privacy in general), you’re probably more likely to be on one.
Internet of Things to Stress Enterprise Networks, 07/07/2014, www.eweek.com
The survey also revealed almost two-thirds of respondents (63 percent) believe the Internet of things to be a threat to network security. – See more at: http://www.eweek.com/small-business/internet-of-things-to-stress-enterprise-networks.html#sthash.ZCdKDmtV.dpuf”
Google reinstates ‘forgotten’ links after pressure, 07/04/2014, www.bbc.com
After widespread criticism, Google has begun reinstating some links it had earlier removed under the controversial “right to be forgotten” ruling.
Microsoft Joins The AllSeen Alliance Internet of Everything Open-Source Project, 07/04/2014, www.hiddenwires.co.uk
The Broadest Internet of Everything Project Adds the World’s Largest Software Company as a Premier Member. The AllSeen Alliance, the broadest Internet of Everything open-source project, today announced that Microsoft (Nasdaq “MSFT”) has joined the group’s multi-company effort as a Premier Member to make it easier for a broad range of everyday devices, objects and services to interoperate seamlessly and intelligently.
Why has Google cast me into oblivion?, 07/02/2014, www.bbcnews.com
This morning the BBC received the following notification from Google:
Notice of removal from Google Search: we regret to inform you that we are no longer able to show the following pages from your website in response to certain searches on European versions of Google
The Internet of Things at home: Why we should pay attention, 06/30/2014, www.computerworld.com
Some of the current consumer products could lead into important enterprise tools. An explanation, a slideshow and some data.
Massachusetts high court says accused criminal must decrypt computers for police, 06/25/2014, www.pogowasright.org
Police can order an accused criminal to decrypt his computer without violating his constitutional right against self-incrimination, Massachusetts’ top court said on Wednesday.
‘Get a warrant’ to search cellphones, Justices say, 06/25/2014, www.seattletimes.com
Officers are being briefed during roll calls, new procedures are in place, and prosecutors are considering the effect on potentially thousands of pending court cases after the Supreme Court’s ruling that restricts police searches of cellphones.
‘Bionic Pancreas’ Astonishes Diabetes Researchers, 06/16/2014, www.nbcnews.com
A “bionic pancreas” that uses a smart phone, glucose monitor and insulin pump to automatically control blood sugar levels helped more than two dozen people live free of finger pricks and other troublesome reminders of diabetes, researchers reported Sunday.
Preparing for the Internet of Things , 06/09/2014, www.zdnet.com
What are you doing to prepare for the Internet of Things in your company? How are you going to handle connectivity of the new internet-enabled “things”? How will you handle the new bandwidth requirements from network-hungry devices? Are you prepared for the amount of storage required to maintain those devices?
For Sale: Practically All the Details of Your Personal Life, 06/09/2014, www.securitybistro.com
When documents released by Edward Snowden showed that the National Security Agency (NSA) is collecting various types of data on ordinary American citizens, a lot of people were quick to voice their opinion that this is just wrong.
5,000 Years of History Shows that Mass Spying Is Always Aimed at Crushing Dissent , 06/07/2014, www.securitybistro.com
Spying has been around since the dawn of civilization. Keith Laidler – a PhD anthropologist, Fellow of the Royal Geographical Society and a past member of the Scientific Exploration Society – explains: Spying and surveillance are at least as old as civilization itself.
Hoofnagle & Urban Reexamine Alan Westin’s Privacy Classifications of Consumers , 06/07/2014, www.pogowasright.org
Homo economicus reliably makes an appearance in regulatory debates concerning information privacy. Under the still-dominant U.S. “notice and choice” approach to consumer information privacy, the rational consumer is expected to negotiate for privacy protection by reading privacy policies and selecting services consistent with her preferences
The Massive Challenge of Securing the Internet of Things, 05/12/2014, www.securityweek.com
If the buzz last year was all about software defined networking (SDN), this year’s buzz is about the Internet of Things – everyday devices that are IP-enabled, can communicate over the Internet and can transmit what may be very confidential and important data.
Ten Key Take-Aways From the White House Big Data Report, 05/05/2014
On Thursday, the White House Big Data Working Group, led by senior presidential advisor John Podesta, released a 79-page report that outlines a number of key observations and recommendations for privacy in both the private sector and government.
New directives on border searches of electronic media, 09/27/09, www.pogowasright.org
Department of Homeland Security (DHS) Secretary Janet Napolitano today announced new directives to enhance and clarify oversight for searches of computers and other electronic media at U.S. ports of entry.
In Warrantless Wiretapping Case, Obama DOJ’s New Arguments Are Worse Than Bush’s, 4/09/09, www.pogowasright.org
Friday evening, in a motion to dismiss Jewel v. NSA, EFF’s litigation against the National Security Agency for the warrantless wiretapping of countless Americans, the Obama Administration’s made two deeply troubling arguments.
A First Principles Approach to Communications’ Privacy, 5/17/08, www.pogowasright.org
Under current doctrine, parties to a communication enjoy robust constitutional protection against government surveillance…
Why Schools Are Flunking Privacy and How They Can Improve, 12/16/2012, www.safegov.org
Fordham School of Law’s Center on Law and Information Policy (CLIP), headed by Joel Reidenberg, has released an eye-opening and sobering study of how public schools are handling privacy issues with regard to cloud computing. The study is called Privacy and Cloud Computing in Public Schools, and it is well worth a read.
California passes legislation to protect college students’ social media privacy, 08/21/2012, www.pogowasright.org
California’s Senate on Tuesday unanimously approved legislation to bar colleges and universities from requiring students to provide administrators with access to theirsocial media usernames and passwords. Governor Jerry Brown now must sign or veto the bill by Sept. 30.
FTC Advises Parents How to Protect Kids’ Personal Information at School, 08/15/2012, www.bespacific.com
A new school year usually means filling out paperwork like registration forms, health forms, and emergency contact forms, to name a few. The Federal Trade Commission wants parents to know that many school forms require personal and sensitive information that, in the wrong hands, could be used to commit fraud in their child’s name.
Stepping Into the Breach, 10/25/2011, www.campustechnology.com
If you think your institution is immune to a security breach, perhaps you should have a chat with Brian Rust at the University of Wisconsin-Madison.
Student loan company: Data on 3.3M people stolen, 3/27/10, www.databreaches.net
A company that guarantees federal student loans said Friday that personal data on about 3.3 million people nationwide has been stolen from its headquarters in Minnesota.