One of the few acknowledged breaches
covering an entire country. If I'm correct, the Population Registry
records births, deaths, citizenship, current address, etc. for
Israelis anywhere, not just in Israel.
Il:
Six indicted over Population Registry data theft
May 13, 2012 by admin
More on a breach previously
mentioned on this blog last year. Joanna Parasczuk reports
on the evolution of a data breach that started in
2006 as an insider breach and ultimately affected everyone
in Israel, it seems:
The Tel Aviv
District Attorney has charged six people, including a computer
programmer formerly employed as a Social Affairs Ministry contractor,
in connection with a massive data theft that exposed the personal
details of millions of Israelis.
The theft, which
took place in 2006, included the publication of detailed personal
information on nine million Israelis,
among them minors, deceased persons and citizens living abroad.
According to the
indictment, Shalom Bilik, who had access to the database during his
work at the ministry, copied the data and took a copy
of the database home.
After Bilik’s
contract with the ministry ended in 2006, he began to provide
computing services to an ultra-Orthodox organization in Jerusalem,
and allegedly installed the database on computers there.
Indicted alongside
Bilik are Avraham Adam, Yosef Vitman, Haim Aharon, Moshe Moskovitz
and Meir Leiver.
Adam, who worked
at the ultra-Orthodox charity, allegedly used the
stolen data [Knowing it was stolen? Bob] after Bilik gave
it him.
Allegedly, Adam
passed the data on to Vitman, who volunteered at the charity.
Vitman then sold
a copy of the stolen database to Aharon, an independent
computer consultant, who combined it with a copy of
the voter registration database and eleven other databases,
the indictment said.
Aharon then sold
the combined database to several people, and also gave it to
Moskovitz, a computer programmer, to sell.
Moskovitz enhanced
the database with a sophisticated search program he had written, and
called the final database ‘Agron’. He then sold it on to various
acquaintances.
At this stage, the
indictment said, the database ended up in the hands of Leiver, who
renamed it aRi and sold it to several overseas internet sites.
Read more on Jerusalem
Post.
So… what do you think the punishment
or sentence should be for someone who’s responsible for starting a
mammoth privacy breach like this? There’s no closing this
particular barn door any more, either, and the potential remains to
combine the database with new or future databases.
Is this Mark Zuckerberg’s wet dream
or what? Or maybe NSA’s? Or maybe both, for different reasons.
(Related) A much larger target. But
then, every country seems to want all of the data about their
citizens in one basket.
Indian
ID scheme has already enrolled 160 million citizens
May 14, 2012 by Dissent
Karl Flinders reports:
The Indian
government’s plan to issue all of its 1.2 billion citizens with
biometric ID cards is gathering pace, with the IT firm that built and
supports the software to enroll citizens revealing that it is
completing 14 million enrollments a month.
In 2010, tier-two
Indian
supplier MindTree won the contract to create and support the
software used to enroll citizens, which includes the use of
biometrics.
Read more on ComputerWeekly.com.
One use for ubiquitous surveillance. I
wonder if they ever do the same thing in reverse to make someone's
life miserable? I think it could be automated to allow muckety-mucks
to zoom past us “second class” citizens.
"Does it count as a hack if you
change your own system? Vanity Fair report that during the bidding
process for the 2012 Olympic and Paralympic Games, the London Streets
Traffic Control Center followed
each vehicle using CCTV, 'and when they came up to traffic
lights,' [bid committee CEO Keith] Mills said, 'we turned them
green.'"
It's probably not that people are
better educated about Privacy, but that the number of aggressive,
irritating invasions of their privacy have (at last) reached a
tipping point.
Complaints
Related to Misuse of Personal Data Increasing
May 14, 2012 by Dissent
Some data from Estonia reported by
Ingrid Teesalu of Estonia Public Broadcasting:
The number of
complaints over misuse of personal data has increased sevenfold in
the last five years, according to the Data Protection Inspectorate.
While in 2007
there were 110 registered complaints, last year the number had
climbed to 818, the agency said in a statement, adding that people’s
awareness on the importance of personal data protection is also
increasing.
Read more on ERR.
(Related) In the US, an invasion of
privacy means we sue... My first question: When did you stop using
Hulu?
Hulu
Said to Disclose Users’ Viewing Habits
May 14, 2012 by Dissent
Nick McCann reports;
A class of Hulu
subscribers who claim the website discloses what they watch to third
parties without their consent argued that their action should
continue in San Jose’s federal court.
In their amended
class action complaint,
six Hulu subscribers said the video site “repurposed” its browser
cache so a marketing analyst service called KISSmetrics could store
their private data.
The class also
claims Hulu shared their private viewing choices with Facebook,
Google Analytics, and other online market research and ad companies.
Read more on Courthouse
News.
I'm not sure lawyers are ready for
this, but I suspect there will be a market for “Train the Client”
consultants.
ABA
Commission Proposes Ethics Rule Requiring Adequate Data Security
May 14, 2012 by Dissent
Scott Loughlin writes:
Data protection
long has been a legal responsibility for lawyers. The
American Bar Association now is proposing to make clear that the
protection of a client’s data is an ethical responsibility
of the lawyer as well.
The Commission on
Ethics 20/20 of the American Bar Association released its Report
to the House of Delegates recommending several modifications to
the ABA Model Rules of Professional Conduct regarding lawyers’ use
of technology and protection of client confidences. The proposals
will be considered at the ABA’s 2012 Annual Meeting, and several of
these proposed modifications incorporate established concepts from
existing data protection and breach notification laws.
Read more on Hogan Lovells Chronicle
of Data Protection.
[From the article:
The proposed Model Rule 1.6(c), which
uses language commonly found in data breach notification statutes,
states:
A lawyer shall
make reasonable efforts to prevent the inadvertent or unauthorized
disclosure of, or unauthorized access to information relating to the
representation of a client.
Got facts? This 'free to copy' book
shows you how to gather, analyze and report them.
May 13, 2012
Free
Online Data Journalism Handbook
"The
Data Journalism Handbook (Beta) is an initiative of the European
Journalism Centre and the Open Knowledge Foundation. It is published
by O'Reilly Media and freely available online under a Creative
Commons Attribution-ShareAlike license."
I'll never get rich blogging (my wife
will see to that) but the odd million now and then would be useful...
This will inspire my Apple-loving
students and completely depress my Windows-lovers...
Something for to make me gooder.
… Edshelf hopes to become a go-to
site where teachers can recommend to one another what’s worked for
them, and it’s building a directory of educational materials that
have been reviewed for educators by educators. Apps and websites are
reviewed based on student engagement and pedagogical effectiveness,
as well as on how hard these tools are to learn.
… Edshelf has a number of direct
and indirect competitors. Kindertown
(which I covered here)
provides reviews on educational content written by educators for
parents. Edsurge, a weekly
newsletter that covers education entpreneurship, recently launched
its own review site. I’ve also covered
Chalkable, a New York City-based
startup that wants to blend the app store with the LMS – part of
its value proposition is easier procurement and single sign-on.
That’s also what platforms like Edmodo
and Google’s Chrome Web Store promise too. And then there’s
Apple and iTunes.
No comments:
Post a Comment