More analyses of 2008 breach data
Tuesday, January 06 2009 @ 06:53 PM EST
Contributed by: PrivacyNews

As a follow-up to my initial analyses and commentary, I did some additional analyses of ITRC's 2008 data...
Source - Chronicles of Dissent
![]()
|
More analyses of 2008 breach dataTuesday, January 06 2009 @ 06:53 PM EST
![]() As a follow-up to my initial analyses and commentary, I did some additional analyses of ITRC's 2008 data... Source - Chronicles of Dissent A rare peek at Homeland Security's files on travelersTuesday, January 06 2009 @ 04:35 PM EST
![]() The oversize white envelope bore the blue logo of the Department of Homeland Security. Inside, I found 20 photocopies of the government's records on my international travels. Every overseas trip I've taken since 2001 was noted. I had requested the files after I had heard that the government tracks "passenger activity." Starting in the mid-1990s, many airlines handed over passenger records. Since 2002, the government has mandated that the commercial airlines deliver this information routinely and electronically. Source - Budget Travel Blog A ‘Black Box’ for Taxicabs?Tuesday, January 06 2009 @ 01:41 PM EST
![]() “You may be recorded.” Soon, a select group of New York City yellow taxicabs will be marked with decals bearing that message. As part of a data-collection experiment, the New York City Taxi and Limousine Commission will install windshield-mounted cameras, similar to the “black boxes” in aircraft, that will record data on vehicle use, road accidents and other information in and around the city’s yellow taxicabs. Source - NY Times Sophos versus police spyware in “legal hacking” debateTuesday, January 06 2009 @ 07:38 AM EST
![]() In a rather disturbing development it is being reported in the British press that police have been given the power to hack into computers without a court warrant. [...]One thing I can promise you though: If Sophos encounters any malware written by the police, we won’t turn a blind eye. We will add detection for it. And if you think about it, we don’t have any other sensible choice. For anti-virus vendors to know which spyware Trojan horse to ignore, the British police would need to provide us with a sample of their code. For security reasons, it seems unlikely that this would happen. As a result, how will we (and other security vendors) know which code is written by the cops and which originates from traditional hackers? After all, it’s not likely to say Copyright (c) New Scotland Yard is it? In order to properly protect customers, Sophos continues to protect against all the malicious code that we see. ..... And if that puts us at loggerheads with our friends in the police, so be it. Source - Sophos BEWARE - Canada Border Services Agency WILL Read Lawyer's MailTuesday, January 06 2009 @ 07:28 AM EST
![]() I can report this because it happened to me and not a client. The Canada Border Services opened mail addressed to "Todgham Cherniak, Counsel, Lang Michener LLP". The Canada Border Services Agency knew the package was being sent to a lawyer at a lawyer's office and they opened it and read it. I know because the package arrived re-taped and a stamp notified me that the contents were "EXAMINES / RELEASED - CUSTOMS - TORONTO - DOUANES, EXAMINE / LIBERE". However, there is no indication of the date that this invasion of privacy occurred and there is no indication of the identy of the officer who made the decision to examine my package. There certainly was no reasonable or probably cause to examine this lawyer's mail. Source - Trade Lawyer's Blog hat-tip, Canadian Privacy Law BlogCourt Dismisses Spam Lawsuit Against Reunion.comTuesday, January 06 2009 @ 07:04 AM EST
![]() In a controversial ruling, a federal judge has dismissed a spam lawsuit filed by four Web users against social networking site Reunion.com because the users did not claim they lost money as a result of e-mails sent by the site. "Plaintiffs cannot proceed with their claim in the absence of an allegation that each such plaintiff incurred some type of injury or damage," wrote federal district court judge Maxine Chesney. Source - MediaPost Government Transparency Takes a HitTuesday, January 06 2009 @ 06:47 AM EST
![]() As one of the most secretive presidential administrations in history gets ready to close up shop, it’s closing a few more things—records. Over the past few months, some federal agencies have issued rules that would eliminate public disclosure of information—or, in some cases, make it more difficult for requestors to get information. [...]<[p>The Family Educational Rights and Privacy Act, the privacy law that protects information that identifies students will broaden starting Jan. 9 under a final rule of the Department of Education. According to the Student Press Law Center, the proposed rule said that records would remain confidential if a student’s identity could be determined by people outside the school: “But the final regulation says that a redacted record is confidential if a person’s identity could be determined by people in the school.”In its rule, the agency provides the example of a high school student being suspended for bringing a gun to class. That information could not be disclosed, because someone in the school likely knew the identity of the student—thus making it almost impossible for someone outside the school to get that information. So no one in the community would ever have that information. The new FERPA rules likely will affect access to test scores, which already are restricted when demographic characteristics might allow someone to determine a student’s identity. Source - Columbia Journalism Review U.S. judge revives lawsuit over Bush wiretap programMonday, January 05 2009 @ 07:42 PM EST
![]() A defunct Islamic charity in Oregon that says it was illegally wiretapped by federal authorities can pursue its lawsuit challenging President Bush's clandestine eavesdropping program, a federal judge in San Francisco ruled Monday. In reviving a suit filed by Al-Haramain Islamic Foundation, Chief U.S. District Judge Vaughn Walker said the group had enough publicly available evidence to show that it could reasonably believe it had been wiretapped.Source - San Francisco Chronicle Constitutionality of FISA to be ReviewedMonday, January 05 2009 @ 06:45 PM EST
![]() A federal appeals court in Oregon will hold a hearing next month on a government appeal of a 2007 judicial ruling that said the Foreign Intelligence Surveillance Act (FISA) is unconstitutional. .... A hearing on the appeal has now been scheduled for February 5, 2009 at the Ninth Circuit Court of Appeals in Portland, Oregon.Source - Secrecy News 2008 Data Breach Total Soars - ITRC Reports 47% Increase over 2007Monday, January 05 2009 @ 05:55 PM EST
![]() The Identity Theft Resource Center (”ITRC”) issued its end of year press release today. Not surprisingly, the number of breaches reported in 2008 was up significantly from 2007, with their counter hitting 656 U.S. breaches for the year, an increase of 47% over last year’s total of 446 breaches in their database. [...]Whereas ITRC’s analysis might lead to the conclusion that the financial section is the most proactive sector because they represent less than 12% of all breaches, inspection of the raw frequency data suggests a somewhat different picture: reported breaches increased over 250% from 2007 to 2008. That trend indicates that security in the financial sector is not keeping pace with previous threats and new threats to data security. In interpreting ITRC’s data, then, and in addition to all of the cautions and qualifiers they appropriately include, we also need to keep other factors in mind, not the least of which is that when Massachusetts analyzed its breach reports for the first 10 months after its law went into effect, 75% of the reported breaches were from the financial sector, a statistic that does not seem to “fit” with what ITRC found based on published media reports or those reports available on a few states attorney general web sites. Source - Chronicles of Dissent (commentary and analysis) MySpace MedicalMonday, January 05 2009 @ 10:05 AM EST
![]() For adults, browsing MySpace.com can be a secret window onto how teenagers sculpt their public personas. Teens, one of the most wired groups in America, use the social-networking site to create profiles where they share clips of their favorite songs, post pictures or vent about a bad day. But MySpace, which now boasts 200 million profiles, is not all fun and games. Findings from a new pair of studies by Megan Moreno, a physician specializing in adolescent medicine, and her colleagues at Seattle Children's Hospital reveal that more than half of the 500 teen profiles they looked at during two and a half months in 2007, read more like cautionary tales, chock full of high-risk behaviors from sexual conquests to binge drinking and drug use. While the prevalence of racy MySpace pages created by teens may not be news, Moreno's studies are the first to systematically catalog the sexual and substance-abuse content of teens' profiles, and to look at the results of an online health intervention. Her results, on a small scale, support the idea that these profiles are an untapped resource for physicians and mental-health professionals. By harnessing this technology as a monitoring tool, physicians, parents and counselors may effectively tag along with teens for some of their social interactions and when appropriate, contact teens at risk. Source - Newsweek Ca: Suit over 49ers policy has privacy implicationsSunday, January 04 2009 @ 08:26 PM EST
![]() The California Supreme Court could set new ground rules for the clash between privacy and security in a case from an unusual setting - Candlestick Park, where 49ers fans are subjected to pat-down searches before entering the stadium. The court hears arguments Tuesday in an appeal by a Danville couple whose lawsuit challenging the pat-downs was tossed out on the grounds that they consented to be searched when they bought season tickets. Their lawyers say any consent was coerced and that a company could give the same rationale for conducting body searches at work or wiretapping customers' phones, as long as it announced its intentions ahead of time.Source - San Francisco Chronicle UK: Police set to step up hacking of home PCsSunday, January 04 2009 @ 03:39 PM EST
![]() THE Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant. The move, which follows a decision by the European Union’s council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as a sinister extension of the surveillance state which drives “a coach and horses” through privacy laws. Source - Times Online hat-tip, tech.blorgeMaryland police surveillance run amokSunday, January 04 2009 @ 11:55 AM EST
![]() Last July, the Washington Post reported that officers in Maryland State Police Homeland Security Division had been conducting surveillance on war protesters and death penalty opponents for over a year. ... New information suggests the Maryland State Police surveillance was even more broad than what was reported in July, including surveillance of activists involved in human rights and the establishment of bike lanes in Maryland.Source - Examiner.com Ca: School buses may be wired for surveillance: privacy experts warn of perilsSunday, January 04 2009 @ 11:53 AM EST
![]() EDMONTON — Surveillance cameras are gradually making their way onto school buses with education and transport officials defending the equipment as a good deterrent to rowdy behaviour and bullying. But some privacy experts say the cameras don't always discourage misbehaving and represent a possible invasion of student privacy. Source - The Canadian Press |
|
© 2006-2007 PogoWasRight.org, unless copyright otherwise noted. News items on this site are reproduced under 17 U.S.C. § 107 for purposes of news reporting and discussion only. |