Friday, December 08, 2006

More on HP

http://www.bespacific.com/mt/archives/013226.html

December 07, 2006

CA AG Announces Settlement with HP Over Pretexting

Press release: "Attorney General Bill Lockyer today announced Hewlett-Packard (HP) will finance a new law enforcement fund to fight violations of privacy and intellectual property rights, and adopt corporate governance reforms, under a $14.5 million settlement that resolves allegations the firm used false pretenses – or pretexting – to unlawfully access phone records during its probe of boardroom leaks to the media." [see this FTC Factsheet on Pretexting]



Sounds to me like the background check would not have prevented anything.

http://it.slashdot.org/article.pl?sid=06/12/07/2339228&from=rss

Are Background Checks Necessary For IT Workers?

Posted by CowboyNeal on Thursday December 07, @07:16PM from the better-safe-than-sorry dept.

Security Privacy

4foot10 writes "UBS PaineWebber learned a hard lesson after hiring an IT systems admin without conducting a background check. Now its ex-employee is slated to be sentenced for launching a 'logic bomb' in UBS' computer systems that crashed 2,000 of the company's servers and left 17,000 brokers unable to make trades."

[From the article: Prosecutors charged that Duronio, angry over not receiving as large a bonus as he had expected, sought revenge against his employer by building, planting, and disseminating the logic bomb. I

Okay, he did have a record... Bob]



Think this might help their corporate reputation?

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005742

Lifetouch Gets It Right on Kids' Privacy

Jay Cline December 07, 2006 (Computerworld)

The constant drumbeat of news stories chronicling the security blunders of U.S. corporations makes it seem as if no business, no matter how trusted, is up to the task of protecting our personal information. So it’s all the more noteworthy when companies do the right thing with personal privacy. I learned recently that Eden Prairie, Minn.-based Lifetouch Inc. got it right when the feds came knocking.

What is Lifetouch? The privately held company photographs over 24 million North American schoolchildren each fall, making it the market leader. It also takes pictures of millions of other people through J.C. Penney, Target and Flash Digital Portraits studios.

You might not think that photos are sensitive information, but any parent would disagree with you. Try this test with your co-workers: Ask them what data they consider most private. Is it their Social Security numbers, credit card numbers, salaries, health data or information about their children? Whenever I’ve posed this question to a U.S. audience, kids’ information has always won, hands down.

Lifetouch gets this, and having been in business for 70 years, it got it long before the age of digital identity theft. Senior attorney Laurie Dechery, who advises on privacy law issues at Lifetouch, told me, "Given the nature of our product, privacy has always been a core component of the culture here."

Lifetouch regularly received urgent calls from law enforcement agencies seeking a missing child’s photo in cases where parents were unable to provide a high-quality one for reprinting. Lacking the means to immediately authenticate whether these requests were valid, Lifetouch’s response was tough, but predictable: not without a subpoena or verifiable parental consent.

The story might have ended there, with a stalemate between privacy interests and personal safety. But in 2004, Lifetouch contacted the National Center for Missing and Exploited Children, which helps attempts to find the 2,000 children reported missing in the U.S. each day, with a five-step proposal:

  1. Lifetouch would enlist partner schools that would allow it to distribute to each student a set of wallet cards that include a unique retrieval code and crisis hot-line number for the center.

  2. Lifetouch would provide round-the-clock staff for the center’s hot line. If a child went missing, parents could call the hot line with the code.

  3. The center would authenticate the case and the parents’ consent with law enforcement and then contact Lifetouch with the image-retrieval code.

  4. Lifetouch would immediately transmit to the center the image of the child, faster than many parents could get a high-quality, usable image to the center.

  5. The center could then broadcast the image through Amber alerts, its Web site, posters and mail inserts.

... Since the launch, Lifetouch has spent more than $2 million to keep the program running and has assisted in more than 400 searches. Lifetouch images directly led to the recovery of seven children, O’Brien said.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)