ACI_Q2_Ads_successful-728x90
ACI_Q2_Ads_battletested-728x90
ACI_Q2_Ads_disaster-728x90
IAPP-GDPR Web Banners-300x250-FINAL
IAPP_StudyGuideAD
beLikeStacey-01

(Feb 9, 2016) As part of his 2017 budget proposal for the U.S., President Barack Obama is including $19 billion for cybersecurty efforts, a 35 percent increase over fiscal year 2016. The funds will go toward a Cybersecurity National Action Plan, which includes the hiring of a chief information security officer, a $3.1 billion fund for IT modernization at the federal level, and, perhaps most importantly for privacy professionals, a new executive order establishing a permanent Federal Privacy Council, as announced by Office of Management and Budget Director Shaun Donovan in December. IAPP Publications Director Sam Pfeifle examines the executive order, and talks with Department of Homeland Security CPO Karen Neuman, for The Privacy Advisor. Read More

Daily Dashboard

CNIL issues formal advisory to Facebook on nonuser tracking

(Feb 9, 2016) On Monday, the French data protection authority, the CNIL, issued a formal notice to Facebook stating it must comply with the French Data Protection Act within three months. After an on-site and online inspection — together with a documentary audit — the CNIL found that Facebook violates France’s Data Protection Act in multiple ways. One, the company collects data on nonusers without consent, according to the CNIL press release, as well as data on sexual orientation and the religious... Read More

Daily Dashboard

Google hearing postponed until after Supreme Court Spokeo ruling

(Feb 9, 2016) California’s U.S. District Judge Lucy Koh permitted Google to delay its privacy lawsuit hearing until after the Supreme Court’s ruling on the Spokeo case, MediaPost reports. Koh said that the Supreme Court’s decision “may provide substantial guidance" on whether a plaintiff “can sue in federal court without proving they suffered an economic injury,” the report states. The Google case in question relates to a netizen without a Gmail account contending that the service violated both federal and state privacy laws. Read More

Daily Dashboard

More funding in the works for privacy-conscious tech startups

(Feb 9, 2016) In two separate articles, TechCrunch reports on new tech startups that include privacy as part of their new products and services. CognitiveLogic, which announced a new round of $3 million in seed funding, aims to allow enterprises to share customer data while keeping it private. “We want to join data between multiple companies without either company having to send the raw data, but gain insights from combining those datasets,” said CognitiveLogic Founder Nick Halstead. “Today, many companies wh... Read More

Daily Dashboard

From the White House to Venable, Schwartz talks security travels

(Feb 9, 2016) IAPP member and managing director of Venable’s cybersecurity service, Ari Schwartz, talks about his long and illustrious security career with The Hill. Of particular focus is his transition from the White House National Security Council to law firm Venable in October. “On my first day, I talked to a bunch of clients here that really, clearly needed help at just [developing] a more granular vision” regarding cybersecurity,” Schwartz said. “A lot of companies are dealing with that realization, ‘Oh... Read More

Daily Dashboard

Lincare found guilty of negligence, owes OCR $239,800 in fines

(Feb 9, 2016) A U.S. Department of Health and Human Services Administrative Law Judge found Lincare in violation of HIPAA, ruling that the company had to pay the Office for Civil Rights $239,800 in fines, the agency announced in a statement. The ruling is the culmination of an investigation that found employee negligence and a lack of privacy safeguards led to the exposure of client data. “The decision in this case validates the findings of our investigation,” said OCR Director Jocelyn Samuels. “All covered entities … must ensure that, if their workforce members take protected health information off-site, they have adequate policies and procedures that provide for the reasonable and appropriate safeguarding of that PHI,” she added. Read More

Daily Dashboard

Department of Justice, Homeland Security employees’ data breached

(Feb 9, 2016) An unidentified thief gained access to the personal data of “thousands” of Department of Homeland Security and Justice Department employees, The New York Times reports. The data taken appeared to have been gleaned from an internal employee directory, housing workers’ job titles and emails. “There is no indication at this time that there is any breach of personally identifiable information,” said Justice Department spokesman Peter Carr. While details remain murky, agency representatives pegged the attack as “a social engineering breach, which could involve pulling personal information from social media and using it to determine passwords,” the report states. Read More

Daily Dashboard

Utah proposes anti-doxing bill

(Feb 9, 2016) The Utah House of Representatives proposed a new bill Monday that amends the state’s criminal code to include so-called doxing — the process of leaking someone’s personally identifiable information online against their consent — but, critics fear the bill’s broad language would stifle free speech, Ars Technica reports. Utah HB 255 includes provisions that would outlaw denial-of-service attacks and false emergency reports — also known as swatting. Though the state already has a ... Read More

Daily Dashboard

UK Parliament group says spy bill has poor privacy protections

(Feb 9, 2016) The controversial U.K. surveillance bill — the Investigatory Powers Bill — is facing scrutiny from a parliamentary group, Bloomberg Business reports. According to the Intelligence and Security Committee of Parliament, the current draft “appears to have suffered from a lack of sufficient time and preparation” and does not provide citizens with enough privacy protection as it would allow intelligence agencies to have too much bulk access to personal data. Meanwhile, the Christian Scien... Read More

Daily Dashboard

John Perry Barlow on his cyber manifesto 20 years later

(Feb 9, 2016) Twenty years after Electronic Frontier Foundation founder and Grateful Dead songwriter John Perry Barlow penned “A Declaration of the Independence of Cyberspace” at the World Economic Forum in Davos, The Economist asks him to look back upon his work. “I will stand by much of the document as written,” he said of his 844-word manifesto. “I believe that it is still true that the governments of the physical world have found it very difficult to impose their will on cyberspace.” In retrospect, howeve... Read More

Daily Dashboard