The web site has been updated with seminar details
http://www.privacyfoundation.org/
Corporate Privacy: The HP Board of Directors Affair
Privacy Foundation Morning/Lunch Seminar
FRIDAY, February 23, 2007
A follow-up to the initial report. I wonder who else has this data?
RU security breach info linked to child health care
by Denise Eck WSLS NewsChannel 10 Friday, February 9, 2007
Some local parents are wondering why Radford University is sending them letters.
Jennifer Jarels got two letters, one for each of her sons, ages 2 and 4. They are obviously not students at Radford University.
But Jarels received two of 2400 letters which warning of a security breach of a computer containing Social Security numbers and birthdates at RU's Waldron School of Health and Human Services.
“How could this have happened?” she asked.
Radford spokesman Rob Tucker said a virus put the information at risk. He said most of the 2400 identities were not RU students but declined to tell who they were or why their information was on an RU computer.
Despite that, NewsChannel 10 found a link between RU and the kids. All the parents we talked to gave their child's personal information when enrolling them in "FAMIS": Family Access to Medical Insurance Security. According to Craig Markva, Director of Communication for Virginia’s Department of Medical Assistance Services, Radford University previously had a privately funded outreach grant to promote the program and assist families enroll in FAMIS and the children's Medicaid program. Markva said DMAS was unaware of any security breach.
I don't think this is the right way to do it. “...but we gotta do something!”
US Senate Bill Holds IT Managers Responsible for Privacy Breaches
By Scott M. Fulton, III, BetaNews February 8, 2007, 8:09 PM
A bill introduced in the US Senate on Tuesday by Judiciary Committee Chairman Patrick Leahy (D - Vermont), along with one independent and one Republican backer, aims to strengthen security requirements for all private databases accessible online that may hold personal information. Reintroducing language that had been stalled since 2005, if passed, the bill could hold IT managers accountable and responsible for security breaches where personal information is pilfered.
"Our bill...requires that companies that have databases with sensitive personal information on Americans establish and implement data privacy and security programs," Sen. Leahy stated in a speech on the Senate floor Tuesday. "In the Information Age, any company that wants to be trusted by the public must earn that trust by vigilantly protecting the databases they use and maintain."
One of the most susceptible databases to pilfering of citizens' private information, Leahy and the bill's co-sponsors concede, belongs to the US Government itself. The latest version of what's being called the Personal Data Privacy and Security Act of 2007 (the complete text of which has yet to emerge from the Government Printing Office) will create new regulations on government contracts with commercial data brokers.
... Entities that maintain personal data on individuals, under this bill, would be required to give notice to law enforcement officials whenever access of that data by unauthorized individuals comes to their attention. What remains unclear, however, is how the revised bill will delegate authority. If identity theft is elevated in status as a federal crime, do IT managers call their local police or the FBI? Or the Dept. of Homeland Security?
Also, previous permutations of the bill referred to the requirement for implementation of a comprehensive "security program," although the political definition of "program" and the IT manager's definition are somewhat different. Will these requirements impact the constitution of security software? Or if "program" in this instance is actually synonymous with "policy," will the 2007 edition of the bill become sidelined or even rejected for the same reason the 2005 version was tabled: because a majority of senators declared the bill had no "teeth?"
Some security firms voiced opposition to the 2005 version of Leahy-Specter, specifically for not identifying the measures that security software is expected to take in order to comply with its terms, as well as for the appearance of granting exemptions to certain financial institutions from having to meet the privacy standards the bill would apply to other commercial enterprises.
As MSDN blogger A.J. Law wrote today, "Do you have a documented security incident response plan in place if a problem occurs? How will you communicate with your customers? Do you know if corporate council would be needed to help put together such a communiquy? In many of the companies I have visited, the answer to these and other questions is, 'Sort of.'"
[Form the article:
Key features of the bipartisan legislation include:
Increasing criminal penalties for identity theft involving electronic personal data and making it a crime to intentionally or willfully conceal a security breach involving personal data;
Giving individuals access to, and the opportunity to correct, any personal information held by commercial data brokers;
Requiring entities that maintain personal data to establish internal policies that protect the personal data of Americans;
Requiring entities that maintain personal data to give notice to individuals and law enforcement when they experience a breach involving sensitive personal data; and
Requiring the government to establish rules protecting privacy and security when it uses information from commercial data brokers, to conduct audits of government contracts with data brokers and impose penalties on government contractors that fail to meet data privacy and security requirements.
Dealing with males...
http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2007/02/10/MNGU8O2HII1.DTL
Creeps beware: Web gives women revenge
Catcall recipients share their stories -- and men's photos
Meredith May, Chronicle Staff Writer Saturday, February 10, 2007
She ain't your baby, and no, she doesn't want to take a ride with you.
But she does want your picture.
A new generation of female bloggers -- armed with camera phones -- has started an Internet site to post pictures and videos of guys who harass them in public.
Under the motto "If you can't slap 'em, snap 'em!", HollaBack is based on the same sort of camera phone vigilantism that has been used to shame bad drivers, litterbugs and rude sales clerks.
... In the Information Age, when even the most trivial missteps by ordinary citizens can be exposed -- from bad parking to letting their dogs poop on the sidewalk -- people should realize what they read online is just one anonymous person's opinion, King said.
"Still, I admit I love sites like HollaBack. I want to check it out to see what women's opinions of what too much is," he said.
... A man could sue for defamation, but a jury would have to be convinced that his behavior wasn't offensive.
... The law is on the woman's side, at least in the office, said San Francisco attorney Philip Kay, who specializes in sexual harassment and employment law.
"What's considered an offensive comment in the workplace is defined by the person on the receiving end, not the person who said it," he said. "There are no similar laws about the streets outdoors, but that's an interesting new area."
... She concedes that the men who are catcalling are probably not going to change, but she hopes HollaBack can encourage some new laws about lewd behavior.
"Sometimes laws can start to formulate through popular culture because of things that people are bringing to light," Cumming said. [Interesting idea. Bob]
Interesting. I take it the girls have confessed, otherwise there seems to be no evidence of their crime.
http://hosted.ap.org/dynamic/stories/F/FAKE_SNOW_DAY?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT
Feb 10, 6:04 PM EST
Students Charged in Online Snow-Day Hoax
TRENTON, Ohio (AP) -- Two teenage girls posted a fake announcement on their school district's Web site that said school was closed for the day due to winter weather, police said.
The notice, posted Monday, confused many parents - snow was not in the forecast - and persuaded some students to stay home.
Edgewood City Schools Superintendent Tom York said he discovered the posting when he logged on to write his own announcement that school would be delayed for an hour because of an extreme cold snap.
"I didn't make that call, and I'm the guy who does, so I knew something was up," York said.
The two Edgewood High School students, whose names were not released, were charged in juvenile court on Friday and face expulsion. One of the girls, 16, was charged with delinquency by unauthorized use of a computer and by reason of records tampering. The other, 17, was charged with delinquency by reason of complicity, Sheriff's Sgt. Monte Mayer said.
The company that runs the Web site, RCH Networks Inc., said the system was not hacked into because no security breach was detected. [“Yep, if we don't detect it, we pretend it never happened!” Bob] Administrators say the girls must have somehow gotten the password.
RCH helped the district track down the girls by supplying the identification numbers from computers that accessed the system, which authorities could then track to the girls' homes.
First what?
http://yro.slashdot.org/article.pl?sid=07/02/10/214250&from=rss
Two Ways Not To Handle Free Speech
Posted by kdawson on Saturday February 10, @08:32PM from the hang-up-or-takedown dept.
Two stories in the news offer contrasting approaches by Web companies to questions of free speech. First YouTube: reader skraps notes that the Google property has recently banned the popular atheist commentator Nick Gisburne. Gisburne had been posting videos with logical arguments against Christian beliefs; but when he turned his attention to Islam (mirror of Gisburne's video by another user), YouTube pulled the plug, saying: 'After being flagged by members of the YouTube community, and reviewed by YouTube staff, the video below has been removed due to its inappropriate nature. Due to your repeated attempts to upload inappropriate videos, your account now been permanently disabled, and your videos have been taken down.' Amazon.com provides a second example of how to react to questions of free speech. Reader theodp sends along a story in TheStreet.com about how Amazon hung up on customers wanting to comment on its continuing practice of selling animal-fighting magazines. The article notes that issues of free speech are rarely cut-and-dried, and that Amazon is doing itself no favors by going up against the Humane Society.
Update: 02/11 04:25 GMT by KD : updated Nick Gisburne link to new account.
Be afraid, be very afraid.
http://www.lesliespring.com/video/silvia.wmv
SILVIA
Over the course of the past several months, Leslie has developed a new technology designed to interact with humans in a completely natural way. "SILVIA" is this new technology.
To see a video demonstration of this software, click on SILVIA's face:
No comments:
Post a Comment