ACI_Q2_Ads_battletested-728x90
BNA_15349_Privacy_Law_Asia_wp_ad_680x75_Ldbd
ACI_Q2_Ads_disaster-728x90
DPC15_300x250_ads_FINAL
Certification_Ad_300x250final-01
TRUSTe_Webcon_TE_300x250_ad_June_2015-01

(Jul 29, 2015) With regulators around the world calling for organizations to be accountable with their privacy practices, often privacy officers struggle to manage such requirements with limited resources. The challenges faced by privacy officers can include “communicating a definitive privacy-management program, leveraging and motivating individuals throughout the organization and justifying the business case to obtain the necessary resources,” writes Nymity President and Founder Terry McQuay, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPM. In this post for Privacy Perspectives, McQuay discusses how privacy officers can implement successful privacy-management activities by using a resource-based approach. Read More

Daily Dashboard

OPM, Anthem Hackers May Have Breached United Airlines

(Jul 29, 2015) Bloomberg Business reports that the same hacking group that stole sensitive records from the Office of Personnel Management (OPM) and Anthem also breached United Airlines. Manifests were compromised, which include passenger names, travel times, arrivals and departures. Security professionals believe such data can be cross-referenced with other data stolen from Anthem and the OPM to create detailed maps of U.S. citizens and increase the possibility of advanced and precise targets for blackmail an... Read More

Daily Dashboard

Tool Diagnoses Severity of Leaked PI

(Jul 29, 2015) The New York Times published an online tool to gauge not only which elements of your personal information have been leaked but also how many times it was accessed by hackers depending on your online registrations, purchases or enrollments with companies such as Target, Anthem or Neiman Marcus. “How can you protect yourself in the future? It’s pretty simple: You can’t,” the report states. “But you can take a few steps to make things harder for criminals,” like two-factor authentication, frequent password updates and encryption. The report also includes links to each breached corporation’s public statement regarding the hacks. Read More

Daily Dashboard

White House Responds to Snowden, ECPA Petitions

(Jul 29, 2015) The White House responded in separate statements to two petitions—the first calling for the pardon of Edward Snowden and the second calling for Electronic Communications Privacy Act (ECPA) reform. Regarding Snowden, the White House responded that his “dangerous decision to steal and disclose classified information had severe consequences for the security of our country,” adding, “He should come home to the United States and be judged by a jury of his peers.” However, the White House agreed with petitioners that “ECPA is outdated, and it should be reformed,” adding that while it won’t “endorse a single ECPA-reform bill at this time,” it is “encouraged by the strong bipartisan support for updating this legislation.” Read More

Daily Dashboard

Advocates Say Legislation Is Problematic

(Jul 29, 2015) Patient Privacy Rights’ Deborah Peel believes recent legislative moves such as the 21st Century Cures bill lack innovation and put the patient second, FierceHealthIT reports. “The problems of interoperability of data, the 21st Century Cures bill and the calls to create a national patient identifier are all proposals to solve today's problems with yesterday's technology—pressure to open up commercial use of health information. This doesn't have anything to do with research and cures," Peel said. “The promise of electronic health information was supposed to be to help with treatment, not to create massive, hidden business models where people are using your data for purposes we don't even know about,” she added. Read More

Daily Dashboard

CISA Unlikely To Have Its Day Before Congressional Recess

(Jul 29, 2015) A Congressional vote on the Cybersecurity Information Sharing Act (CISA) before its August recess is “unlikely,” The Hill reports. “I’m sad to say I don’t think that’s going to happen,” said Senate Majority Whip John Cornyn (R-TX), adding,“I think we’re just running out time.” NationalJournal reports that “extra time could help” as CISA “has numerous political hurdles to clear that may not be easily negotiated during the first week of August.” Critics have picked apart CISA’s issues, even going ... Read More

Daily Dashboard

Google Changes User Consent Policy To Comply With Cookie Reg

(Jul 29, 2015) Google has announced a change to its user consent policy, which will affect website publishers using Google products and services including Google AdSense, DoubleClick for Publishers and DoubleClick Ad Exchange, TechCrunch reports. Google says that under the new policy, publishers will have to obtain EU end-users’ consent before storing or accessing their data. The change is in direct response to the EU’s cookie compliance regulation, the report states, and follows Google’s CookieChoices website, launched earlier this month. The site was launched to help digital publishers obtain tools and access other resources in their endeavor to gain user consent. Read More

Daily Dashboard

Experts: Credit-Monitoring Not All It’s Cracked Up To Be

(Jul 29, 2015) In the wake of recent high-profile hacks and subsequent data breaches, many victims have been offered identity-monitoring as compensation. However, experts believe that “credit-monitoring and identity-theft protection is far from a panacea,” Nextgov reports. “We know that companies whose job it is to secure data are themselves vulnerable,” said George Washington University’s Costis Toregas. "Never look a gift horse in the mouth," said Rep. Steny Hoyer (D-MD). "For sure, accept it. But do not think that that is adequate.” Toregas recommends victims “learn about cybersecurity practices, change their online lifestyles to manage risk and always operate under the assumption that their personal information has been stolen at least once,” the report states. Read More

Daily Dashboard

DPA: Facebook Can’t Change Pseudonyms to Real Names

(Jul 29, 2015) In Germany, Facebook has been prevented from disallowing users to create accounts under false names, BBC News reports. The Hamburg data protection authority has said the social network cannot change individuals’ chosen usernames or ask them to provide official identification, the report states. The ruling follows a woman’s use of a pseudonym for her Facebook account “to avoid unsolicited contact in relation to her business” that the social networking site changed to her actual name. Facebook has expressed disappointment with the ruling. “The use of authentic names on Facebook protects people’s privacy and safety by ensuring people know who they’re sharing and connecting with,” the company said. Read More

Daily Dashboard

UN Gives U.S. Failing Grade on Privacy

(Jul 29, 2015) The U.S. scores very low on protecting its citizens’ privacy, according to a new United Nations Human Rights Committee Review. The committee’s midterm report cards for several countries, including Bolivia, Hong Kong, Norway, Portugal and the U.S., look at how well the countries have adhered to and implemented UN recommendations on the International Covenant of Civil and Political Rights. In several aspects of protecting privacy, the U.S. was graded “not satisfactory,” The Intercept reports. Specifically, the U.S. government has not established an adequate oversight system to ensure privacy rights are being upheld, the report states. Read More

Daily Dashboard