Saturday, March 17, 2012
We argue semantics here. Apparently no one has the ability to write a clear sentence!
Viviane Reding responds to Reporters Without Borders’ criticism of “right to be forgotten”
March 16, 2012 by Dissent
In its 2012 “Enemies of the Internet” report, Reporters Without Borders voiced reservations about a proposed European Commission directive and regulation on online personal data protection that would enshrine the “right to be forgotten.”
Yesterday, Reporters Without Borders received a response from the spokesperson of Viviane Reding, the European Commission vice-president responsible for justice, who is the initiator of this directive. The reply follows.
Read more of their view and Viviane Reding’s reply via spokesperson on Reporters Without Borders. The reply makes it clear that the scope of any such directive does not include removal or deletion of news stories but is oriented to individuals’ rights to have their profiles or material they uploaded deleted.
(Related) Perhaps a nice quiet (avoiding the Streisand Effect) request to remove the pictures? Then people around the world wouldn't hear about it. Bad advice from his lawyer, I think.
French court awards Google France €1,200 in legal fees, tosses lawsuit over Street View image showing man peeing in his yard
March 16, 2012 by Dissent
The Connexion reports that a man who sued Google in France after Street View captured him peeing in his yard has lost his lawsuit:
Despite losing his case in court, the man snapped peeing in his back yard by Google Street View has won a victory as the internet giant has withdrawn his picture from the webpage.
The 50 year old claimed Google had made him the laughing stock of his village by publishing the picture – and lodged a complaint of intruding into his private life with the Tribunal de Grande Instance at Angers in Maine-et-Loire.
However, the judges threw out his complaint as he had made his complaint against Google France when the Street View service was edited by Google USA. They ordered him to pay €1,200 legal expenses to Google France.
The judges said he should, instead, continue his complaint against Google USA as he had also lodged a claim for €10,000 damages.
However, the man’s lawyer said he probably would not continue the case as the photo had since been pulled from the site, adding: “We lost in law but we won in fact.”
Wouldn’t have Google pulled this anyway, upon request? Did this really require a lawsuit? And did this guy ever hear of the Streisand Effect?
“We can bill you for anything.” (Translating 'we can, therefore we must' into cash!)
"Microsoft, reports GeekWire, is seeking a patent on monetizing the buttons of your TV remote. In its application for a patent on 'Control-based Content Pricing,' Microsoft explains how one can jack up the cable bill of those who dare fast-forward past a diaper commercial or replay a sports highlight. From the patent application: 'If a user initiates a navigation control input to advance past (e.g., skip over) an advertisement, the cost of a requested on-demand movie may be increased. Similarly, if a user initiates a replay of a sporting event, the user may be charged for the replay control input and for each subsequent view control input.'"
Do you think a bunch of lawyers wrote this “we don't need no stinking lawyers” ToS agreement?
(Related) You can't do this either...
Facebook Bans Source Code Extraction In Proposed Governance Changes
Facebook has proposed several changes to its Statement of Rights and Responsibilities and is asking the public for feedback until March 22nd. The most important changes are the prohibition of extracting source code from its downloadable software, and a clear explanation that friends can share your information through applications. The changes are necessary since Facebook released its first download “Messenger For Windows” this month, and because it has come under greater scrutiny from government privacy offices.
Rethinking the Health Insurance Industry?
Aetna: The Company Scaring Its Competition And Delighting Startups
Whither health insurance? A former medical advisor to the Obama Administration who happens to be the brother of former Presidential Chief of Staff predicted in the New York Times that by 2020 health insurance companies will be extinct. Nearly two years ago, I penned a piece entitled Health Insurance’s Bunker Buster. It outlined two key reasons that health insurance — as we have known it the last couple decades — will cease to exist.
Yet, in the midst of this backdrop, you have a CEO of a major insurance company looking positively giddy about the future when he is presenting at an event such as Health 2.0. Mark Bertolini of Aetna looks to be doing his best imitation of Lou Gerstner, who engineered the wholesale reinvention of IBM.
… Bertolini has stated that increasingly Aetna views itself as a healthIT company with an insurance component. Not exactly what you expect to hear from one of the largest health insurance corporations.
Interesting how a service that is still “Invite only” can have such a huge impact.
… Traditional social bookmarking services such as Digg and the dominant method of sharing links, Twitter, are both at risk from the polished presentation and simple features of Pinterest. In fact, Twitter could be seriously at risk from this new service.
1. Find A Great eBook Reader
2. Download Free eBooks From The Best Directories
3. Borrow eBooks From Libraries
4. Organize Your eBook Collection
5. Create Your Own eBooks Easily
Dilbert explains how corporations craft those confusing messages...
Friday, March 16, 2012
Why can't the feds (notably the FBI) win settlements for their screwed up, never worked, over budget and years late projects? Note that the original budget here was $63 million...
"Science Applications International Corp. said that it will pay $500.4 million in restitution and penalties under a settlement over its CityTime program with New York City. From the article: 'Two former SAIC employees have been charged with conspiring to defraud New York, and New York Mayor Michael R. Bloomberg (I) has called on the company to reimburse the city for the more than $600 million it spent on the program over an 11-year period.'"
We can do this because Second Class Citizens (and terrorists?) can't afford $100.
"Catching a flight in the U.S. isn't a great experience anymore due to the security checks involved. You have to remove your shoes, your belt, get your laptop out, be scanned and subjected to radiation in the process. Hundreds of other people are doing the same thing, meaning it takes 40 minutes instead of four. Now, the TSA has come up with a clever, money-making alternative. Instead of scaling back security or speeding it up, you can instead pay $100 and bypass it completely!"
[from the article:
To qualify, frequent fliers must meet undisclosed TSA criteria and get invited in by the airlines. There is also a backdoor in. Approved travelers who are in the U.S. Customs and Border Protection's "Global Entry" program can transfer into Precheck using their Global Entry number.
Let's hope this idea doesn't spread...
Hydro-Québec proposes smart-meter opt-out clause, but it will really really cost you
If your privacy is only worth 65 cents, what are Canadians likely to do in response to Hydro-Québec’s proposal to charge $302 the first year and $204 each year thereafter to opt-out of using a smart meter?
How much do meter readers up there earn, anyway?
And why can’t they use a simple system like we used to have here: homeowners circle numbers on a card and mail it in to report usage, and the utility only sends out a reader once or twice a year to verify? Or are they saying they charge $200 just to have your meter read once a year? If so, yikes!
Protecting privacy shouldn’t be so expensive. Hydro-Québec should be encouraged to go back to the drawing board and come up with a better offering.
Offering opt-out is A Good Thing. Making it prohibitively expense is not.
The Value Of Data Privacy To Consumers? About 65 Cents.
Paul Roberts writes:
What is the value of data privacy to online shoppers? About 65 cents, according to a new study of by researchers in Britain and Germany.
The report: “Study on Monetising Privacy: An Economic Model for Pricing Personal Information” was released in February and presents the results of work by researchers from DIW Berlin, the German Institute for Economic Research, and the University of Cambridge in the UK. The study was sponsored and released by ENISA, the European Network and Information Sharing Agency. In it, researchers found that consumers consistently prefer companies that protect the privacy of their data over companies that don’t. Unfortunately, that preference for privacy wasn’t very strong.
Read more on ThreatPost.
How can you be on Double Secret Probation if we tell you what the rules are? It's a matter of national security – if we tell the terrorists we're looking for them they won't come!
Senators Demand DOJ Release Secret Spy Court Rulings
Two Democratic senators urged the Obama administration Thursday to declassify secret court rulings that give the government far wider domestic spying powers under the Patriot Act than intended.
The 10-year-old measure, hastily adopted in the wake of the 2001 terror attacks, grants the government broad surveillance powers with little oversight that can be used domestically.
While much has been written and debated about the bill’s powers and efficacy, there’s evidently much more going on than the public knows.
A secret tribunal known as the Foreign Intelligence Surveillance Act Court has issued classified rulings about the Patriot Act that U.S. Senator Ron Wyden (D-Oregon) and Sen. Mark Udall (D-Colorado) say expand the government’s surveillance powers even more.
At issue, the lawmakers said, is section 215 of the Patriot Act. The sweeping power, one of the most controversial in the law, allows the secret FISA court to authorize broad warrants for most any type of record, including those held by banks, internet companies, libraries and doctors. The government does not have to show a connection between the items sought under a section 215 warrant and a suspected terrorist or spy: the authorities must assert the documents would be relevant to an investigation.
(Related) Note the value of phoney (not stolen) identities. So if I know someone who knows someone who might have created a few back in the 1960s, what might they be worth?
CIA Chief: We’ll Spy on You Through Your Dishwasher
… Earlier this month, Petraeus mused about the emergence of an “Internet of Things” — that is, wired devices — at a summit for In-Q-Tel, the CIA’s venture capital firm. “‘Transformational’ is an overused word, but I do believe it properly applies to these technologies,” Petraeus enthused, “particularly to their effect on clandestine tradecraft.”
All those new online devices are a treasure trove of data if you’re a “person of interest” to the spy community. Once upon a time, spies had to place a bug in your chandelier to hear your conversation. With the rise of the “smart home,” you’d be sending tagged, geolocated data that a spy agency can intercept in real time when you use the lighting app on your phone to adjust your living room’s ambiance.
… That’s not the only data exploit intriguing Petraeus. He’s interested in creating new online identities for his undercover spies — and sweeping away the “digital footprints” of agents who suddenly need to vanish.
“Proud parents document the arrival and growth of their future CIA officer in all forms of social media that the world can access for decades to come,” Petraeus observed. “Moreover, we have to figure out how to create the digital footprint for new identities for some officers.”
It’s hard to argue with that. Online cache is not a spy’s friend. But Petraeus has an inadvertent pal in Facebook.
Why? With the arrival of Timeline, Facebook made it super-easy to backdate your online history. Barack Obama, for instance, hasn’t been on Facebook since his birth in 1961. Creating new identities for CIA non-official cover operatives has arguably never been easier. Thank Zuck, spies. Thank Zuck.
March 15, 2012
FBI FAct Sheet on Internet Fraud
FBI Fact Sheet on Internet Fraud: Includes information on: Avoiding Internet Auction Fraud, Avoiding Non-Delivery of Merchandise, Avoiding Credit Card Fraud, Avoiding Investment Fraud, Avoiding Business Fraud, Avoiding the Nigerian Letter or “419” Fraud, Common Fraud Scams, Investment-Related Scams, Internet Scams, and Fraud Target: Senior Citizens.
“Copyright is so important, even the dead rise up and vote our way” RIAA lobbyists?
'These are not the crooked politicians you are looking for...” Legal Affairs Committee
"In a bizarre turn of events, the legal affairs committee of the European Parliament, voted to weaken a reform of the copyright monopoly for allowing re-publication and access to orphan works. What is surprising is that the voter turnout happened to be 113%. That there were three votes too many, and that these three votes determined the outcome, was pointed out to the committee. Unfortunately, when this was done, along with formally requesting a re-vote, the re-vote was denied."
Uh oh, I feel a minor rant coming on... Who convinces politicians (not just French politicians) that people who won't change with the times deserve to be paid to remain ignorant and innovators need to be taxed to allow it? Canada taxes blank CDs and DVDs and gives money to their version of ASCAP because everyone in Canada steals Copyrighted music.
Allez Les Books: France Suggests Amazon Tax To Help Independent Bookstores
France has developed something of a reputation in trying to tax larger companies on the Internet to use the funds to help out smaller players. The latest development in that scheme: a proposal to tax large booksellers to help French independent bookstores impacted by the rise of online giants like Amazon.
(Related) Perhaps this explains their logic?
I've blogged about this before. It's just a large (probably not large enough) data center, like those Amazon, Facebook, Google, Microsoft and others are building for half a Billion dollars each, except this one costs $2 Billion. The Internet giants build where electrical power and cooling (rivers or cold climate) make it cheap to operate, government builds in the desert. (More correctly, they built in Senator Orrin Hatch's state)
The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)
You have to catch them at the right time. Best is when they are complaining about a game... Also note, there are many other development tools out there.
In this video, Brian Alspach tells you how Gamestar Mechanic helps turn kids from game players into game authors, which helps them learn a lot about programming and how computers work in easy steps while having a good time. If you're a parent, you'll especially want to read this page on their site, which will help reassure you that these folks know what they're doing, and might even (hint hint) give you the idea of suggesting that your local school should subscribe to Gamestar Mechanic, which several thousand schools already do. The price varies between free and $6 per month, which is a great deal for something that can engage children for many hours every day -- and just might keep a parent or grandparent interested, too.
I wonder if they'll let me use the big printer at school...
Trolling the Neighbors: 21 Wild Garage Posters
For my geeks. Boot from your USB drive...
How To Install Android On Your Netbook
We had a couple $4000 Smartboards, but as far as I know no one ever used them.
I have to admit that I don't always understand the appeal of SMARTBoards (or any other interactive whiteboard). That is probably because I often see them being used as nothing more than expensive LCD projectors. Then sometimes I see IWBs being used in a manner that makes me stop and say, "hmmm, now that is neat." If your thoughts about interactive whiteboards are like mine, you might benefit from reading Why Teachers Love SMARTBoards. The document was created by James Hollis who runs Teachers Love SMARTBoards a blog and training service.
Another good blog about resources for interactive whiteboards is Danny Nicholson's The Whiteboard Blog. I've mentioned Danny's blog before because I often find good IWB-specific resources in his blog posts.
Free is good
Planning for Big Data: A CIO's Handbook to the Changing Data Landscape
By Peggy Garvin Source: O'Reilly Media, Inc.
From the publication web page:
In an age where everything is measurable, understanding big data is an essential. From creating new data-driven products through to increasing operational efficiency, big data has the potential to make your organization both more competitive and more innovative.
As this emerging field transitions from the bleeding edge to enterprise infrastructure, it's vital to understand not only the technologies involved, but the organizational and cultural demands of being data-driven.
Written by O'Reilly Radar's experts on big data, this anthology describes:
- The broad industry changes heralded by the big data era
- What big data is, what it means to your business, and how to start solving data problems
- The software that makes up the Hadoop big data stack, and the major enterprise vendors' Hadoop solutions
- The landscape of NoSQL databases and their relative merits
- How visualization plays an important part in data work
+ Link to download free book (PDF; 3.34). Also in mobi and ePub formats.
+ Register and follow order instructions to download free book.
Thursday, March 15, 2012
I also find it amusing that they cite a letter from some concerned congressmen as evidence of “an extremely serious and substantial lapse in security.” Typical foot-in-mouth politicians...
By Dissent, March 14, 2012
Bob Brewin reports that a class action lawsuit against the Department of Defense and SAIC over the TRICARE breach has been amended after some of the victims discovered fraudulent charges on their credit cards shortly after the theft.
Read about it on NextGov.
The complaint indicates the plaintiffs’ belief that the theft was not opportunistic but targeted.
Frankly, I don’t know how you prove the card fraud was from this theft unless there were accounts that were only used with DOD/SAIC. Given the number of breaches every day – most of which don’t make the media – if you have only a handful of cases out 5 million people whose data were misused for card fraud one month to three months later, that doesn’t sound particularly convincing to me.
What do you think?
In any event, the amended complaint makes for interesting reading and suggests what entities should not do before or after.
So, is this an act of war? (Invading Iran's airwaves with BBC news?)
Cyber-attack on BBC leads to suspicion of Iran's involvement
A "sophisticated cyber-attack" on the BBC has been linked to Iran's efforts to disrupt the BBC Persian Service.
In a speech Director General Mark Thompson plans to say that the internet attack coincided with efforts to jam two of the service's satellite feeds into Iran.
He will say: "We regard the coincidence of these different attacks as self-evidently suspicious."
I like their definition of personal information. If you can show how it can be used to identify a user, it's personal!
China’s New Privacy Regulations Go Into Effect
Jun Wei and Roy Zou write:
March 15 marks the effective date of new privacy regulations issued on December 29, 2011 by the Ministry of Industry and Information Technology of the People’s Republic of China entitled Several Provisions on Regulation of the Order of Internet Information Service Market. The new regulation defines the personal information protection requirements applicable to Internet Information Service Providers (“IISPs”).
Read about the new regulations on Hogan Lovells Chronicle of Data Protection.
[From the article:
Definition of "User Personal Information": Under the new regulation, "user personal information" is defined as the information relevant to the users that can ascertain the identity of the users independently or in combination with other information.
Just one of the joys of ubiquitous surveillance!
"Cameras at UK petrol stations will automatically stop uninsured or untaxed vehicles from being filled with fuel, under new government plans. Downing Street officials hope the hi-tech system will crack down on the 1.4 million motorists who drive without insurance. Automatic number plate recognition (ANPR) cameras are already fitted in thousands of petrol station forecourts. Drivers can only fill their cars with fuel once the camera has captured and logged the vehicle's number plate. Currently the system is designed to deter motorists from driving off without paying for petrol. But under the new plans, the cameras will automatically cross-refererence with the DVLA's huge database."
Would anyone be allowed to create a truly secure device? No 'backdoors,' no manufacturer overrides, no readily bypassed security? Let's get back to the old days, when law enforcement had to beat your confession out of you...
"Those multi-gesture passcode locks on Android phones that give users (and their spouses) fits apparently present quite a challenge for the FBI as well. Frustrated by a swipe passcode on the seized phone of an alleged gang leader, FBI officials have requested a search warrant that would force Google to 'provide law enforcement with any and all means of gaining access, including login and password information, password reset, and/or manufacturer default code ("PUK"), in order to obtain the complete contents of the memory of cellular telephone.' The request is part of a case involving an alleged gang leader and human trafficker named Dante Dears in California. Dears served several years in prison for his role in founding a gang in California called PhD, and upon his release he went back to his activities with the gang, according to the FBI's affidavit."
[From the article:
"[I]t suggests that a warrant might be enough to get Google to unlock a phone. Presumably, this is not the first time that the FBI has requested Google unlock a phone, so one would assume that the FBI would request the right kind of order. [Big presume Bob] However, we do not know if Google has complied with the request. Given that an unlocked smartphone will continue to receive text messages and new emails (transmitted after the device was first seized), one could reasonably argue that the government should have to obtain a wiretap order in order to unlock the phone," Chris Soghoian, a privacy advocate and security researcher, wrote in a blog post on the case.
The FBI special agent who wrote the affidavit also requested that Dears not be told about the information request, however the search warrant and affidavit were not sealed. [Suggesting that a “do not tell” order is merely habit and not actually required? Bob]
Perspective Will this increase the velocity of money or allow more careful management of income or have no real impact?
March 14, 2012
Federal Reserve survey provides information on mobile financial services
News release: "One out of five American consumers used their mobile phone to access their bank account, credit card, or other financial account in the 12 months ending in January 2012 and an additional one out of five indicated they would likely use mobile banking at some point in the future, according to a Federal Reserve Board survey, Consumers and Mobile Financial Services, March 2012. The survey's findings suggest that the use of mobile banking is poised to expand further over the next year, with usage possibly increasing to one out of three mobile phone users by 2013. However, the survey indicates that many consumers remain skeptical of the benefit of mobile banking and the level of security associated with the technology. The use of mobile banking is highly correlated with age, according to the survey results. People between 18 and 29 account for approximately 44 percent of mobile banking users, relative to 22 percent of all mobile phone users. Conversely, people age 60 and over account for only 6 percent of all mobile banking users, but 24 percent of mobile phone users. The survey showed a significantly higher level of mobile banking uptake among African Americans (16 percent) and Hispanics (17 percent), relative to 11 percent and 13 percent of mobile phone users, respectively."
Perspective. If direct access to news traditionally carried only by the large metropolitan dailies (not the small local papers) goes behind the paywall, what opportunities does that present? News in exchange for personal information? What business models will arise?
March 14, 2012
Commentary - The economics of more paywalls for newspapers around the world
Ken Doctor: "By the end of this year, figure that about 20 percent of the U.S.’s 1,400-plus dailies will be charging for digital access. Gannett’s February announcement that it’s going paywall at all its 80 newspapers [except USA Today] galvanized attention; when the third largest U.S. newspaper site, the Los Angeles Times, went paid this week, more nodding was seen in publishers’ suites."
(Related) I wonder how companies reconcile these studies with their plans to charge for news...
Nielsen: U.S. Consumers The Most Likely To Pay For Content On A Tablet… Except When It’s News
… Taking just the use of paid content on tablets in Q4 2011, Nielsen found that in the U.S., a majority of tablet owners have already paid for downloaded music, books and movies, with 62 percent, 58 percent and 51 percent respectively saying they have already made such purchases. The one area that really fell down in the U.S. was news, where only 19 percent said they had ever paid to read news on their tablets.
For my Statistics students. I find it interesting that it took so long to do this! This has implications for universal health care data. In theory, we can learn a lot about disease and treatments by examining data from the entire population rather than an occasional sample.
"An algorithm designed by U.S. scientists to trawl through a plethora of drug interactions has yielded thousands of previously unknown side effects caused by taking drugs in combination (abstract). The work provides a way to sort through the hundreds of thousands of 'adverse events' reported to the U.S. Food and Drug Administration each year. The researchers developed an algorithm that would match data from each drug-exposed patient to a nonexposed control patient with the same condition. The approach automatically corrected for several known sources of bias, including those linked to gender, age and disease. The team then used this method to compile a database of 1,332 drugs and possible side effects that were not listed on the labels for those drugs. The algorithm came up with an average of 329 previously unknown adverse events for each drug — far surpassing the average of 69 side effects listed on most drug labels."
Also for my Statistics students. Would our education system recognize a potential Mozart or an Einstein and if so, what would they do with him or her? (Depressing, isn't it?)
Cultivating Genius in the 21st Century
… Several years ago, statistician David Banks wrote a short paper on what he called the problem of excess genius: It turns out that human geniuses aren’t scattered randomly across time and space. Instead, they tend to arrive in tight clusters.
… Banks cites the example of Athens between 440 and 380 BC. He writes that the ancient city was home to an astonishing number of geniuses, including Plato, Socrates, Thucydides, Herodotus, Euripides, Aeschylus, and Aristophanes. These thinkers essentially invented Western civilization, and yet they all lived in the same place at the same time. Or look at Florence, Italy, between 1440 and 1490. In a mere half century, a city of fewer than 70,000 people gave rise to a staggering number of immortal artists, like Michelangelo, da Vinci, Ghiberti, Botticelli, and Donatello.
Calameo is a great way to publish your documents in a manner that makes them accessible across a wide variety of platforms including the iPad.
… Using Calameo you can publish your documents in a flip-book or magazine style with page-turning effects. You can add a background soundtrack to your document. You can also specify the sounds that viewers hear when they turn the pages in your documents. Your Calameo documents can be published and shared using Calameo's HTML5 embed codes (makes your document iPad compatible). Published documents can be annotated by content publishers and viewers (that option can be disabled).
It's already free, this just makes it more useful.
If you assign wiki editing due dates to your students' wiki projects, Wikispaces has just launched a new feature just for you. Events is a Wikispaces feature that allows you to schedule due dates for Wikispaces Projects. When you schedule a Wikispaces Event you can specify a lock time for your project. Once that lock time is reached no one is able to make any further edits to that page.
Perhaps a better way to show students how to use online resources?
Last fall I wrote about SideVibe, a service designed to help you build lesson plans around web content. At the time that I wrote my review, SideVibe was offering a "premium" version for $5.99/ month that allowed teachers and students to converse about the content in closed feedback loops. Last week I received an email informing me that SideVibe is no longer charging for that service.
Applications for Education
SideVibe could be a helpful tool when teaching students to evaluate the validity of information found on websites. By using SideVibe you could take a fake website like DHMO.org and build an evaluation lesson around it.
Wednesday, March 14, 2012
It looks like today's theme is the true cost of Computer Security...
...including the cost of properly disposing of used computers.
HHS settles HIPAA case with Blue Cross Blue Shield of Tennessee for $1.5 million following theft of 57 computer drives
By Dissent, March 13, 2012
Blue Cross Blue Shield of Tennessee (BCBST) has agreed to pay the U.S. Department of Health and Human Services (HHS) $1,500,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules, Leon Rodriguez, Director of the HHS Office for Civil Rights (OCR), announced today. BCBST has also agreed to a corrective action plan [Cost unknown Bob] to address gaps in its HIPAA compliance program. The enforcement action is the first resulting from a breach report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act Breach Notification Rule.
The investigation followed a notice submitted by BCBST to HHS reporting that 57 unencrypted computer hard drives were stolen from a leased facility in Tennessee. The drives contained the protected health information (PHI) of over 1 million individuals, including member names, social security numbers, diagnosis codes, dates of birth, and health plan identification numbers. OCR’s investigation indicated BCBST failed to implement appropriate administrative safeguards to adequately protect information remaining at the leased facility by not performing the required security evaluation in response to operational changes. In addition, the investigation showed a failure to implement appropriate physical safeguards by not having adequate facility access controls; both of these safeguards are required by the HIPAA Security Rule.
“This settlement sends an important message that OCR expects health plans and health care providers to have in place a carefully designed, delivered, and monitored HIPAA compliance program,” said OCR Director Leon Rodriguez. “The HITECH Breach Notification Rule is an important enforcement tool and OCR will continue to vigorously protect patients’ right to private and secure health information.”
In addition to the $1,500,000 settlement, the agreement requires BCBST to review, revise, and maintain its Privacy and Security policies and procedures, to conduct regular and robust trainings for all BCBST employees covering employee responsibilities under HIPAA, and to perform monitor reviews to ensure BCBST compliance with the corrective action plan.
The HHS Resolution Agreement can be found athttp://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/resolution_agreement_and_cap.pdf.
Additional information about OCR’s enforcement activities can be found athttp://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/index.html.
(Related) It could be worse.
By Dissent, March 13, 2012
It seems like a breach that I never mentioned on this blog was the downfall of a firm.
In December, 2011, Impairment Resources, LLC was the victim of a burglary. They reported the incident and I had included it on DataLossDB.org, but didn’t think much of it as there was nothing wildly unusual in their reports to suggest it was particularly newsworthy. Just another business that was reporting a breach involving SSN and medical information, right?
Today, Katy Stech reports on WSJ:
The New Year’s Eve burglary of a California office building has led to the collapse of a national medical records firm.
Impairment Resources LLC filed for bankruptcy Friday after the break-in at its San Diego headquarters led to the electronic escape of detailed medical information for roughly 14,000 people, according to papers filed in U.S. Bankruptcy Court in Wilmington, Del. That information included patient addresses, social security numbers and medical diagnoses.
Police never caught the criminals, and company executives were required by law to report the breach to state attorneys general and the Department of Labor’s Office of Inspector General. Some of those agencies, including the Department of Labor, are still investigating the matter, the company said in court papers.
“The cost of dealing with the breach was prohibitive” for the company, Impairment Resources said when explaining its decision to file for Chapter 7 bankruptcy protection. That type of bankruptcy is used most often by companies to shut down and sell off what’s left to pay off their debts.
The company said its assets are worth about $226,000, an amount that, even after money trickles in from liquidating sales, likely won’t be enough to pay lender Insurance Recovery Group and its $583,000 loan, Impairment Resources said in court papers.
The company also faced the threat of even more debt with customers and individuals threatening to sue it over the privacy breach.
Impairment Resources reviewed medical records taken on workers’ compensation and auto casualty claims for roughly 600 insurance companies and other customers, according to court papers. It also had offices in Framingham, Mass., and Kailua, Hawaii.
So…. this a case where a lack of strong encryption was ultimately responsible for a business’s failure? From their correspondence, it doesn’t sound like the data were encrypted, but then, the company also doesn’t report a lot of assets given the size of its clientele, so who knows?
Dude, there's an App for that!
An App for Watching for Personal Data Breaches
March 14, 2012 by admin
I don’t usually comment on commercial services, but this seems blog-worthy. Damon Darlin reports:
Want to know if your identity has been stolen? Or if your or your child’s Social Security number is being pawned off on the Internet?
There’s an app for that.
On Wednesday, AllClear ID, an identity protection service that scans the Internet for stolen information, will offer a free mobile app for the iPhone and iPad to alert users when their personal or financial records have been compromised. The free app alerts users if their credit card and Social Security numbers have been stolen or if thieves are using their child’s identity.
Read more on The New York Times.
I would hope that consumers don’t get a false sense of security by downloading this app as there are so many hacks of credentials. What percent of them are not reported to the National Cyber-Forensics and Training Alliance on which their fraud detection is based? It would be nice to get some sense of how comprehensive their database is and I’d be interested to find out more if they’d like to get in touch.
You can read more about their service on AllClear ID.
The US as Global Copyright Cop. Break US law anywhere in the world and we'll come for you, drag you to the US and slap you in one of our overcrowded prisons...
"British student Richard O'Dwyer, creator of the TVShack website, has had his extradition to the United States approved by Conservative Home Secretary Theresa May. Mr. O'Dwyer now has 14 days to appeal the decision. The extradition was requested by the U.S. Immigration and Customs Enforcement agency, which has accused O'Dwyer of aiding copyright infringement by publishing links to pirated content hosted on external sites."
Looks like it's not a good day for the Copyright Trolls either.
Judge Orders Failed Copyright Troll to Forfeit ‘All’ Copyrights
Righthaven, a copyright-troll law firm that failed in its attempt to make money for newspapers by suing readers for sharing stories online, was dealt a death blow Tuesday by a federal judge who ordered the Las Vegas company to forfeit “all of” its intellectual property and other “intangible property” to settle its debts.
Interesting that with floppy disk desktops, everyone (everyone important) got a handheld device...
"In the first 40 days of President Barack Obama's administration, the White House email system was down 23% of time, according to White House CIO Brook Colangelo, the person who also delivered the 'first presidential Blackberry.' The White House IT systems inherited by the new administration were in bad shape. Over 82% of the White House's technology had reached its end of life. Desktops, for instance, still had floppy disk drives, including the one Colangelo delivered to Rahm Emanuel, Obama's then chief of staff and now Mayor of Chicago. There were no redundant email servers."
Apple backs into the corporate world?
Corporate Types Are iPad-Crazy, Survey Finds
In the land of corporate tablets, Apple’s iPad is king.
That’s what a recent survey of just over 1,600 business technology buyers concluded. The study, conducted by ChangeWave Research, found that 22 percent of respondents were planning to buy tablet computers during the second quarter of 2012.
And of those tablet-hungry companies, 84 percent are going to go with Apple’s iPad.
We probably won't go to war to ensure supplies since we can buy finished goods containing the rare earths. It does tend to lock everyone in to Chinese manufacturers...
"China's rare earth monopoly has resulted in a shortage as China blocks their export and the rest of the world resumes their operations. Now, in a first-ever joint filing from three members of the World Trade Organization, Japan, the EU and the U.S. are not sitting idly by as China repeatedly ignores the WTO's orders to export rare earth metals and raw materials at a fair price to other countries. China claims the embargoes are in place to protect its environment, while Obama denounces China as being unfair and not playing by the rules of the WTO. In 2009, the WTO released a report (PDF) that explained how actions like China's hurt trade partners."
I'm sure this has nothing to do with the vast amount of money they get from “obscene ebooks”
PayPal reverses its ban on 'obscene' e-books
The economics of IT in the age of the Cloud. Any work will be outsourced if it 1) is not a core function of the firm and 2) is cheaper.
"IT pros feeling the pressure to boost tech skills should expect little support from their current employers, according to a recent report on IT skills. '9 in 10 business managers see gaps in workers' skill sets, yet organizations are more likely to outsource a task or hire someone new than invest in training an existing staff. Perhaps worse, a significant amount of training received by IT doesn't translate to skills they actually use on the job.'"
Perspective An Infographic to explain Pinterest – and you still have to request an Invite! (80% female and NOT in Colorado...)
Data You Can't Ignore: A Guide to Pinterest
… Pinterest began in 2009 with a limited use policy. In 2010 it began to expand beyond invitations to sign-ups. It took off, and boasts 12 million U.S. users. At a minimum, 4 million college-aged students are using Pinterest every day. In addition, Apple has released a Pinterest App, making it even more accessible. Further evidence of its universal acceptance is the fact that it can now be pinned to Twitter and Facebook.
… Pinterest pin boards have also given bloggers a traffic boost because their blog post of a review or rant gets shared and re-shared through the social network. [Hummm Bob]
So is this a time to Cheer or grab a future collector's item?
"According to the New York Times, it's the end of the road for the printed Encyclopedia Brittanica, saying, '...in recent years, print reference books have been almost completely wiped out by the Internet and its vast spread of resources, particularly Wikipedia, which in 11 years has helped replace the authority of experts with the wisdom of the crowds.' The last print edition will be the 32-volume 2010 edition."
Minor rant: As I understand it, this means that now someone with a PhD in Math can teach high school Math, where before teachers with a BA in Education taught Math, Chemistry, Physics, etc. Why would the Teachers Union fight this? Oh yeah. They don't have many PhD's in Math, Chemistry, Physics, etc. Lots of Universities, particularly the “for profit” Universities, actively recruit teachers who have worked in the field they teach. Does that mean they occasionally get a lousy teacher? You bet! But that teacher doesn't last more than one semester.
Iowa House Passes Bill Allowing the Instruction of Math and Science without Teacher Training
As Iowa struggles to find and hire teachers in math and science, a controversial solution has surfaced again and is picking up steam in the Legislature.
In a largely party-line vote, the House voted, 61-36, Tuesday for House File 2385, which would allow people with at least three years of work experience in math, science or engineering — but no formal training in teaching — to teach in those shortage areas in high school.
Tuesday, March 13, 2012
This is not surprising. There are legitimate reasons to store data in the cloud and not everyone gets a copy of the “Companies the RIAA wants us to bust” memo.
MegaUpload's users may include U.S. government officials
When the file-swapping site MegaUpload was shuttered by the U.S. government--and consequentially its offices raided, $42 million of its assets frozen, and its leader Kim DotCom arrested--some officials might not have thought of unintended consequences, such as the loss of legitimate files.
They also might not have realized that they too might be outed as having used MegaUpload.
During an interview with TorrentFreak this week, DotCom said, "Guess what--we found a large number of Mega accounts from U.S. government officials, including the Department of Justice and the U.S. Senate." [Will these people recover their data while others can not? Bob]
“Plain language” requires twice as many lawyers working twice as long.
March 13, 2012 by Dissent
Peter Fleischer points us to some examples of plain language privacy policies:
Wouldn’t it be great if businesses wrote so simply and clearly?
Forgive me loyal readers. I will immediately add stories about Justin Bieber to this blog. (er.. What's a Justin Bieber?)
Reading Over Your Shoulder: Social Readers and Privacy Law
March 12, 2012 by Dissent
Margot Kaminski has an article in Wake Forest L. Rev. Online that begins:
My friends, who are generally well educated and intelligent, read a lot of garbage. I know this because since September 2011, their taste in news about Justin Bieber, Snooki, and the Kardashians has been shared with me through “social readers” on Facebook. Social readers instantaneously list what you are reading on another website, without asking for your approval before disclosing each individual article you read. They are an example of what Facebook calls “frictionless sharing,” where Facebook users ostensibly influence each other’s behavior by making their consumption of content on other websites instantly visible to their friends. Many people do not think twice about using these applications, and numerous publications have made them available, including the Washington Post, Wall Street Journal, and Guardian.
I intend to prompt conversation about social readers on three fronts. First, social readers are part of a shift toward real name policies online, and, for a number of reasons, should remain opt-in rather than becoming the default setting. Second, if people do choose to use these applications, they should know that they are making that choice against a backdrop of related battles in privacy law concerning the right to consume content without a third party sharing your activity more broadly. And third, when individuals choose to use these applications, they may be sharing their habits more widely than they think.
Read the full article on Wake Forest Law Review.
How (and how much) will this change the game?
‘Personal Cloud’ to Replace PC by 2014, Says Gartner
There’s no doubting the cloud invasion. But the research firm Gartner believes the personal cloud will replace the PC as the center of our digital lives sooner than you might think: 2014.
“Major trends in client computing have shifted the market away from a focus on personal computers to a broader device perspective that includes smartphones, tablets and other consumer devices,” Steve Kleynhans, research vice president at Gartner, said in a statement on Monday. “Emerging cloud services will become the glue that connects the web of devices that users choose to access during the different aspects of their daily life.”
Google plans a cloud-centered future with Google Play and its market-leading Android mobile OS. But the personal computer will also not miss out on the cloud, as Microsoft and Apple are planning to weave the cloud into the next generation of their desktop operating systems, Windows 8, and OS X Mountain Lion.
But a cloud-happy future will not be as easy as that, because “it will require enterprises to fundamentally rethink how they deliver applications and services to users.”
(Related) How much more useful if you can access this anywhere on any device?
"Microsoft Research has shown off software that translates your spoken words into another language while preserving the accent, timbre, and intonation of your actual voice. In a demo of the prototype software, Rick Rashid, Microsoft's chief research officer, said a long sentence in English, and then had it translated into Spanish, Italian, and Mandarin. You can definitely hear an edge of digitized 'Microsoft Sam,' but overall it's remarkable how the three translations still sound just like Rashid. The translation requires an hour of training, but after that there's no reason why it couldn't be run in real time on a smartphone, or near-real-time with a cloud backend. Imagine this tech in a two-way setup. You speak into your smartphone, and it comes out in their language. Then, the person you're talking to speaks into your smartphone and their voice comes out in your language."
The Techfest 2012 keynote has a demo of the technology around minute 13:00.
(Related) Remember, they call it American Sign Language because no one else uses it. It's a unique language.
UK Researchers Plan Mobile Real-Time Sign Language Translation App
… A team of British researchers, however, is making the attempt, creating a tool that translates a set of standard signs into readable text, in real time. It’s called the Portable Sign language Translator, and it should be out next year.
Once again, I offer myself as taste tester. (Notice that there are very few snarky comments following this article – everyone wants a taste!)
An anonymous reader tipped us to an interview with Phillip Lee, author of Brewtarget, one of the best pieces of Free brewing software available (it's even in Debian). The interview discusses some of the technical decisions made (why Qt and Cmake?), and mentions a bit of the plans for future development: "The way the database was designed previously really hadn't been changed since the my first code in 2008, and we were running into a brick wall with some of the features we wanted. After we move to SQLite, there will be quite a lot of new features like being able to search through the ingredients in the database and stuff like that. I also plan to add some water chemistry tools for people that like to alter the ions and salts to fit a particular profile." (The last bit about water salt modifications comes as a relief to at least this brewer.)
Monday, March 12, 2012
Something we’re not seeing? Perhaps a new crime: “Talking about the DA?”
Coming back for more: NYC DA after more info on Malcolm Harris
March 12, 2012 by Dissent
Over the weekend, the news broke:
Occupy Wall Street activist and writer Malcolm Harris (@getsworse) today received a second subpoena from Twitter.
The DA appears to want a bigger bite of his identity, including “all public Tweets posted for the period of 9/15/2011 – 10/31/2011 and 2/1/2012 – 2/15/2012″ and his “subscriber information: name; address; records of session times and duration; length of service (including creation date); types of service utilized; telephone or instrument number or any other subscriber number or identity, including any temporarily assigned network address.”
The second set of dates coincides with when Harris received the first subpoena. Shortly after, he changed his Twitter handle from @destructuremal to @getsworse.
Read more on PrivacySOS.org.
All this for a violation of obstructing traffic? Seriously? What is the NYC District Attorney really up to? And why, oh why, does Twitter continue to retain so much information?
Zillman strikes again?
March 11, 2012
LLRX.com - New Economy Resources
via LLRX.com - New Economy Resources - Marcus P. Zillman's guide is focused on current web sites, blogs and database sources targeted to researchers whose goal is the discovery and effective use of specific, reliable resources to track the New Economy. These sources assume added importance with the expansion in U.S. government transparency, the rise in prominence of "big data" and the public release by agencies, NGOs, public interest groups and media, of diverse databases of analytics, reports, statistical releases, and customized charts.
This might be fun to play with…
Infographics For Everyone: Visual.ly Launches First Automated Tool Out Of Beta
If you are among those who feel that we see too many infographics these days, be prepared for a little more eye candy: Visual.ly, which offers an online tool to create instant visualizations of data, is launching its first public product out of beta.
The service will let users take publicly-available data such as information from a Twitter hashtag or a Facebook feed, and then select a template (currently five, with each having two to three variations within it) to instantly visualize it.