If you have cross-border privacy issues as part of your portfolio, you should mark your calendar for November 16th. The Department of Commerce has just announced that the 2009 International Conference on Cross Border Data Flows, Data Protection and Privacy will be held on that date in Washington. “Cross the Divide: Successfully Navigating Safe Harbor”… Continue Reading
Monthly Archives: September 2009
Privacy and Security Bits and Bytes
Posted in Data BreachAfter a bit of a hiatus, our Friday afternoon feature is back: Do you know what your information is worth on the black market? It may just surprise you. Good piece on a new Symantec tool to let you do the calculations. See Information Security Resources – What Are You Worth On The Black Market?… Continue Reading
Check your employee handbook – what you might think is fraud and abuse may not be a federal case….
Posted in Data Compliance & SecurityMy colleagues over at the Employment Matters blog report on an interesting decision drawing attention to the need for clear and explicit policies regarding “acceptable use” of computers and company information and the absolute necessity to terminate access once an employee or contractor is terminated. Particularly in light of the upcoming Massachusetts data security regulations,… Continue Reading
“Smart Grid” privacy issues to be examined by Federal Communications Commission
Posted in LegislationSmart Grid technology enables electric utilities to use communications and computing technology to glean consumer electric usage patterns to facilitate more efficient network management. It’s been identified by the FCC as a promising way to use broadband to promote energy efficiency, reduce greenhouse gas emissions, and encourage energy independence. These consumer electric usage patterns could… Continue Reading
Your mother was right: the FTC confirms you don’t get a second chance to make a first impression
Posted in LegislationWritten by Cynthia and Michele So you thought that if you made “full disclosure” in your online agreements with customers, you’d be OK — well, it’s time to think again. The FTC recently confirmed in In re Sears Holdings Management Corp that even full disclosure of company practices in an end user license agreement (“EULA”)… Continue Reading
What is “reasonable expectation of privacy” in an employment context?
Posted in Employee PrivacyWritten by Cynthia and Jennifer A recent decision by the Maine Supreme Court highlights the tension between an employee’s reasonable expectation of privacy in conducting personal business through a company’s computer system and the individual’s right to prevent the company’s publishing of such material. In Fiber Materials, Inc. v. Subilia, the Maine Supreme Court dismissed… Continue Reading
Federal Breach Notification Rules — NEXT WEEK. Are you ready?
Posted in Data BreachWritten by Cynthia and Dianne New federal breach notification rules go into effect next week for covered entities and their business associates and also for vendors of personal health records. Covered entities (organizations subject to the HIPAA privacy rule) and their business associates must report breaches of unsecured protected health information in accordance with new… Continue Reading
FTC to Hold Data Privacy Roundtables
Posted in Data Compliance & SecurityHere’s an important notice from the Federal Trade Commission – The FTC will host a series of day-long public roundtable discussions to explore the privacy challenges posed by the vast array of 21st century technology and business practices that collect and use consumer data. Such practices include social networking, cloud computing, online behavioral advertising, mobile… Continue Reading
From Privacy Academy – The Seven Step Program
Posted in Data Compliance & SecuritySounds like common sense, but it is food for thought — and will be required under new Massachusetts data security regulations: The seven easy ways to protect PC based information from theft The proliferation of Personal Storage Devices (thumb drives, iPods, USB external hard disks, etc.) and simple remote access has created unprecedented levels of… Continue Reading
Gonzalez Hearing: More than 40 MILLION Distinct Credit Card Numbers Recovered
Posted in Data BreachEvan Schuman of StorefrontBacktalk has an interesting piece about last week’s plea in the massive credit card fraud case currently in federal court. Albert Gonzalez pleaded guilty in federal court in the cyberthief case and the plea hearing revealed some remarkable details. According to testimony, the Secret Service has collected “more than forty million distinct… Continue Reading
IAPP Privacy Academy 2009
Posted in Employee PrivacyThe IAPP Privacy Academy is taking place in Boston this week. Privacy professionals from all over the world are gathered to catch up on the latest developments and best practices. I’ll blog a bit from the Academy and pass on some of the tidbits.
Some “light reading” for privacy geeks…
Posted in Data Compliance & SecurityOr, actually, for anyone interested in building privacy into business from the “ground up” and how privacy can (and should) become a business differentiator. Dr. Ann Cavoukian is Ontario’s Information and Privacy Commissioner and has long been an advocate of privacy technologies and coined the term “Privacy by Design” in the late-nineties. Her latest book… Continue Reading
Maine Lawsuit Dismissed and Law “Likely Unconstitutional”
Posted in LegislationThe kerfuffle over the controversial Maine law slated to become effective this week that would have prohibited all marketing to minors has been dismissed. Yesterday, the District of Maine issued a Stipulated Order of Dismissal stating that there is a likelihood that the statute is “overbroad and violates the First Amendment.” Further (and perhaps more… Continue Reading
Maine AG – I Will Not Enforce New Marketing Law
Posted in LegislationIt looks as though Maine’s Attorney General will not enforce a controversial new state law that restricts marketing to minors, but has drawn a federal lawsuit because plaintiffs argued that the law swept too broadly. The Wall Street Journal today reports that a spokesperson for Maine AG Janet Mills said that Mills will not be… Continue Reading
Low Tech ID Theft ……
Posted in Identity TheftAs Federal Reserve Chairman Ben Bernanke and his wife recently found out, identity theft often has nothing to do with technology…. PC Mag: Fed Chairman Hit by ID Theft