• Obama signs cybersecurity executive order, promotes information-sharing hubs

    President Barack Obama, at last week’s White House Summit on Cybersecurity and Consumer Protection, reiterated the need for more companies to collaborate with each other as well as with the federal government to develop cybersecurity solutions that protect consumer privacy while keeping hackers out of network systems.One strategy Obama encouraged in his speech was the creation of information-sharing groups, called hubs, built around vertical industry sectors.

  • CEO responsibilities for data breach

    The job of a chief executive officer (CEO) is becoming more difficult every year. Today, in addition to being strategic visionaries and leaders, most CEOs must deal with complex legal issues surrounding their organizations. More often they are being held personally responsible for mistakes made by their organizations. Security breaches are one of the fastest growing legal issues facing many C-level executives. All C-level executives need to be prepared to handle a potential security crisis with the help of IT, legal, and PR (public relation) teams.Taking rapid countermeasures and openly communicating about breaches are key factors in effectively managing expectations of a company’s shareholders and customers.

  • view counter
  • Emergence of the Internet of Things significantly weakens privacy protection

    Researchers are urging consumers to take a proactive approach to ensure Internet privacy, particularly with companies that use and share Internet data to influence consumer behavior. They warn that privacy “approaches that rely exclusively on informing or ‘empowering’ the individual are unlikely to provide adequate protection against the risks posed by recent information technologies.”Those emerging risks include information compiled by Internet-connected appliances, cars, and health monitors.

  • The encryption debate is heating up

    The privacy vs. security debate is heating up. Should messages on private devices be encrypted to protect our privacy? Will this dangerously hamper national and international security efforts? If we go the encryption route, are technologies being implemented fast enough to protect sensitive data from criminals?

  • Privacy in the digital age essential to protecting basic liberties: Privacy law expert

    In our increasingly digital world, the balance between privacy and free speech is tenuous, at best. We often overlook, however, the important ways in which privacy is necessary to protect our cherished civil liberties of freedom of speech, thought, and belief, says Neil M. Richards, JD, a privacy law expert at Washington University in St. Louis and author of the new book, Intellectual Privacy: Rethinking Civil Liberties in the Digital Age, published 2 February.

  • Individuals face privacy hurdles, pitfalls while navigating in the information age

    We leave a trail of data, both knowingly and unwittingly, with every swipe of a credit card, post on social media and query on a search engine. Researchers detail the privacy hurdles people face while navigating in the information age, and what should be done about privacy at a policy level. The researchers call for policies that seek to balance power between individuals and data holders.

  • view counter
  • The many problems with the DEA's bulk phone records collection program

    Think mass surveillance is just the wheelhouse of agencies like the NSA? Think again. One of the biggest concerns to come from the revelations about the NSA’s bulk collection of the phone records of millions of innocent Americans was that law enforcement agencies might be doing the same thing. It turns out this concern was valid, as last week the government let slip for the first time that the Drug Enforcement Agency (DEA) had also been collecting the phone records of Americans in bulk since the 1990s.

  • If you seek to “switch off” encryption, you may as well switch off the whole Internet

    Prime Minister David Cameron has stated that the U.K. government will look at “switching off” some forms of encryption in order to make society safer from terror attacks. This might make a grand statement but it is impossible to implement and extremely technologically naïve. Encryption is a core part of the Internet; its use is increasing every day — Google’s services, including search and e-mail, use encrypted streams, as do Facebook and Twitter and many other widely used sites. Encryption makes it almost impossible for eavesdroppers to read the contents of the traffic. It is the foundation upon which all e-commerce is based. The technical case for switching off encryption is thus simply a non-starter. In fact we are moving in the opposite direction, replacing the old, open Internet with one that incorporates security by design. If you wish to switch off encryption, it will unpick the stitching that holds the Internet together.

  • No technological replacement exists for bulk data collection: Report

    No software-based technique can fully replace the bulk collection of signals intelligence, but methods can be developed more effectively to conduct targeted collection and to control the usage of collected data, says a new report from the National Research Council. Automated systems for isolating collected data, restricting queries that can be made against those data, and auditing usage of the data can help to enforce privacy protections and allay some civil liberty concerns, the unclassified report says.

  • Keeping citizens safe while respecting their right to privacy

    Surveillance is an increasingly common – and sometimes controversial – activity, designed fundamentally to protect public and property. The rapid increase in information gathered by surveillance cameras however has led to spiraling costs in terms of storage filtering and data checking, and has also led to concerns that innocent citizens are routinely being tracked. Using innovative new technology, EU-funded researchers have reconciled the need for robust surveillance with the right to privacy.

  • When the camera lies: our surveillance society needs a dose of integrity to be reliable

    Being watched is part of life today. Our governments and industry leaders hide their cameras inside domes of wine-dark opacity so we can’t see which way the camera is looking, or even if there is a camera in the dome at all. They’re shrouded in secrecy. But who is watching them and ensuring the data they collect as evidence against us is reliable? Surveillance evidence is increasingly being used in legal proceedings, but the surveillants – law enforcement, shop-keepers with a camera in their shops, people with smartphones, etc. — have control over their recordings, and if these are the only ones, the one-sided curation of the evidence undermines their integrity. There is thus a need to resolve the lack of integrity in our surveillance society. There are many paths to doing this, all of which lead to other options and issues that need to be considered. But unless we start establishing principles on these matters, we will be perpetuating a lack of integrity regarding surveillance technologies and their uses.

  • Can a hacker stop your car or your heart? Security and the Internet of Things

    An ever-increasing number of our consumer electronics is Internet-connected. We’re living at the dawn of the age of the Internet of Things. Appliances ranging from light switches and door locks, to cars and medical devices boast connectivity in addition to basic functionality. The convenience can’t be beat, but the security and privacy implications cannot and should not be ignored. There needs to be a concerted effort to improve security of future devices. Researchers, manufacturers and end users need to be aware that privacy, health and safety can be compromised by increased connectivity. Benefits in convenience must be balanced with security and privacy costs as the Internet of Things continues to infiltrate our personal spaces.

  • Online tools help users adopt better privacy practices

    Research shows a growing concern for online privacy, but Internet users give up personal information every day in exchange for the convenience and functionality of a variety of online services. Online privacy is distinct from online security, which encompasses efforts to mitigate the theft of personal information. Most violations of online privacy are not illegal but rather the results of tacit consumer consent. The new Privacy Helper mobile app teaches users about the features on their phones that can affect privacy. The key to Privacy Helper, its developers say, is its flexibility in giving users better control over how they share personal information.

  • Judges question claims that NSA metadata collection poses threat to ordinary citizens

    A panel of three judges on the U.S. Court of Appeals for the District of Columbia challenged arguments made earlier this week by Larry Klayman, a conservative lawyer arguing on his own behalf, and Cindy Cohn, an attorney representing the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU), that the National Security Agency’s (NSA) mass-surveillance program is a breach of the Fourth Amendment, which protects against unreasonable searches.The case, Klayman v. Obama, is one of three currently at the appeals-court level regarding the NSA surveillance program.In the D.C. Circuit Court of Appeals, Judges Stephen Williams and David Sentelle voiced skepticism about claims that collecting metadata posed a threat to ordinary citizens.

  • Identifying ways to improve smartphone security

    What information is beaming from your mobile phone over various computer networks this very second without you being aware of it? Experts say your contact lists, e-mail messages, surfed Web pages, browsing histories, usage patterns, online purchase records and even password protected accounts may all be sharing data with intrusive and sometimes malicious applications, and you may have given permission. The apps downloaded to smartphones can potentially track a user’s locations, monitor his or her phone calls and even monitor the messages a user sends and receives — including authentication messages used by online banking and other sites, he says, explaining why unsecured digital data are such a big issue. Assigning risk scores to apps may slow down unwarranted access to personal information.