Friday, September 21, 2012

How much is encryption worth?
By Dissent, September 20, 2012
Michelle McNickle reports:
The recent data breach at Massachusetts Eye and Ear Infirmary (MEEI) and Massachusetts Eye and Ear Associates once again screams the message: Encryption, encryption, encryption! The provider has agreed to pay a $1.5 million fine to theDepartment of Health and Human Services (HHS), after allegations were made that Mass. Eye and Ear failed to comply with certain requirements of the Health Insurance Portability and Accountability Act (HIPAA) standards that govern the security of individually identifiable health information.
Read more on InformationWeek.


We've been trying to reduce paperwork, like warrants...
LAPD Joins Feds In Skirting Fourth Amendment With Cell Phone Tracking Devices
September 21, 2012 by Dissent
Tim Cushing reports that the use of software such as StingRay to triangulate and determine cell phone location is on the rise:
local law enforcement members have been availing themselves of them. LA Weekly, using recently obtained FOIA documents, discovered that the Los Angeles Police Department (along with police in Miami, Ft. Worth and Gilbert, AZ) has obtained and deployed the questionable StingRay.
Read more on TechDirt, keeping in mind that Congress failed again to update ECPA and the Governor of California has had a bill sitting on his desk for almost a month that would require a warrant for cell phone location data. He has neither signed the bill into law nor vetoed it.

(Related) From almost a year ago...
DoJ: Stingray cellphone tracking device falls under Fourth Amendment, but don't ask about it


This allows “Traffic Analysis” (to determine who the terrorists are talking to) but won't be able to tell if they are ordering an attack or a pizza...
AU: ASIO, Roxon defend data-retention proposal
September 21, 2012 by Dissent
Shipping data overseas is not the only Australian proposal generating controversy these days. Josh Taylor reports:
Following widespread criticism of the government’s proposal to require internet service providers (ISPs) to retain unspecified customer data for up to two years, the Australian Security Intelligence Organisation (ASIO) and Attorney-General Nicola Roxon have taken the unusual step of releasing public submissions on the proposal, defending the need to retain the data.
Read more on ZDNet.
[From the article:
In the submission, published yesterday, Roxon said that she didn't have a "specific data-retention model" planned at this stage, but that the government does not intend for the content of communications data, such as emails, SMS messages, or phone calls, to be included in the scheme.
Roxon pointed to the controversial EU Directive on Data Retention that was created in 2004, which requires companies to keep a log of the source, destination, date, time, duration, type, and the equipment used in making the communication for between 6 and 24 months.

(Related) “If you don't know how to control it, ban it!”
AU: Coalition joins fight against privacy law reform
September 21, 2012 by Dissent
One argument I often hear against privacy reform is that it will stifle innovation or commerce. In Australia, proposed reform would almost certainly do that. Jane Lee and Georgia Wilkins report:
The Coalition has joined big banks and telcos in their fight against proposed laws that aim to prevent them from sharing personal information about customers with companies overseas.
Government amendments to the Privacy Act would restrict companies from sending valuable information about customers’ credit-worthiness offshore – unless the receiver was formed in, or controlled from, Australia.
This would affect companies that outsource information to international call centres, data-processing centres and data stored in the cloud.
Read more on The Age.


“Holy Mackerel, Batman!” OR TSA strikes again! (Because we heard Al Queida is developing a bait fish bomb.)
Would-be terrorists hoping to sneak weapons and other contraband through U.S. ports on and in the hulls of ships may be thwarted by a robotic tuna fish under development for the government.


Insight! How to game the cy pres decision make sure you are fairly considered for a share of cy pres funds.
Settlement in Facebook Beacon case upheld
September 21, 2012 by Dissent
A challenge to the Ninth Circuit’s approval of the settlement in the Facebook Beacon class action lawsuit has failed. The Ninth Circuit Court of Appeals writes:
The question presented is whether the district court abused its discretion in approving the parties’ $9.5 million settlement agreement as “fair, reasonable, and adequate,” either because a Facebook employee sits on the board of the organization distributing cy pres funds or because the settlement amount was too low. We hold that it did not.
Read the opinion in Ginger McCall v. Facebook here. It sheds light on how the court views cy pres awards when there are a number of organizations that are relevant to the nexus of the complaint.
Wendy Davis of MediaPost covers the decision and reports that McCall is deciding whether to appeal.

No comments: