Wednesday, August 14, 2013
What would have happened if the cards had already been issued?
Boston Public Schools To Change Student ID Cards After Flash Drive with Information Was Lost by Plastic Card Systems
Oops. Via WBUR, we learn of a breach involving Boston Public Schools.
Here’s the statement from BPS’s web site:
The Boston Public Schools is changing the design of Boston OneCard student ID badges, changing MBTA CharlieCard assignments and is changing library card numbers for students following a vendor’s loss of a flash drive that contained badge sticker images Friday afternoon. The vendor, Northborough-based Plastic Card Systems, is contracted to create OneCard ID badges for the upcoming school year.
None of the information contained on the drive can be used by an unauthorized person to access student records or log-in to any electronic systems. The sticker image data on the drive is limited to student names, school, age, grade, ID number, library card number, CharlieCard number and for about two-thirds of the cards, a photo. The drive did not contain any confidential student contact information, such as a home address, phone number, social security number or birth date.
The drive lost by the vendor contains .pdf images that are used to print 21,054 student ID badges for students across 36 schools
… Plastic Card Systems reported the company could not find the drive after picking it up from BPS on Friday afternoon.
Did the NSA get the idea from Google or did Google get the idea from the NSA? Chicken/egg
Gmail: You weren't really expecting privacy, were you?
I just finished reading Google's motion to dismiss in response to a lawsuit alleging that its e-mail scanning violates California privacy laws. And I'll say this: those Google lawyers are towering writers, indeed. But on to the point: did Google really argue in its rebuttal to the lawsuit that Gmail users do not and never should have an expectation of privacy when they're using Gmail? I mean, they actually just came out and said it like that!?
Well, yes. But if you read the brief, or the Gmail Terms of Service, or even stop and think about what Gmail actually does, that shouldn't come as a surprise, and it's nothing Google hasn't baldly stated before. I'm not saying I like it, but it's definitely not news. It's actually just how Gmail works.
… Google argues, the Electronic Communications Privacy Act specifically permits such indexing and automated scanning by email providers because it's "necessary" for them to continue to deliver you free, Web-based email (that they use as a vector for serving you ads). [Is there a market for an email service that is not free but does not read your mail? Bob]
… Google's brief points out that "[u]nder federal law, the consent of a single party to a communication is complete defense to any liability and so the consent of the Gmail user alone is sufficient to bar a claim."
… Google reads your e-mail, knows what's in your calendar, looks at your photos, and knows who your friends are, and that's just via its in-house services. When you include the breadth of its search, Google knows everything about you that's public information, from your address to all your online profiles to your marital status and much, much more.
Is this really so different?
Olivier Proust writes:
On June 19, 2013, the French Court of Cassation ruled in favour of a company for having dismissed one of its employee’s (M. X) on the grounds that he was involved in unfair competition. M. X’s wrong-doing was based on email exchanges between him and a competitor that were found on his computer’s hard drive and used against him as evidence in court. M. X argued that this evidence was inadmissible because it was unlawfully obtained by the company in violation of his right to privacy and to the secrecy of correspondence. M.X claimed that the emails were private and that the company had made a copy of his computer’s hard drive without informing him and not in his presence.
Read more on Privacy and Information Law Blog. The case provides for an interesting contrast between French and U.S. standards. From my reading of Proust’s commentary, had the employee put “PRIVATE” in the subject line of the emails or stored them in a folder marked “PRIVATE,” the outcome of the case might have been very different.
Does this strike you as creapy?
Bill Chappell reports:
The city of London has ordered a company to cease tracking the cellphones of pedestrians who pass its recycling bins, which also double as kiosks showing video advertisements. The bins logged data about any Wi-Fi-enabled device that passed within range.
The company, called Renew, recently added the tracking technology to about a dozen of the 100 bins it had installed before London hosted the 2012 Summer Olympics.
Read more on WUFT.
'The rest of the world' can see that we are afraid of them.
Zimmermann’s Law: PGP inventor and Silent Circle co-founder Phil Zimmermann on the surveillance society
Here’s another post from yesterday that I should have restored earlier:
Om Malik interviewed PGP creator Phil Zimmerman on the surveillance state. You can read excerpts of his interview on GigaOm. Here’s one of Zimmerman’s comments:
The surveillance landscape is far worse than it has ever been and I feel like everything we do is now observable. All of our transactions and communications are all fused together into total information awareness apparatus. I don’t think any of this can be fixed merely by the application of cryptography. It is going to require some push back in the policy space. We are going to have to have Congress react to this and we need to get the population to react, perhaps through the economic consequences we face of losing a lot of business for American internet companies. Maybe American internet companies can push back because of economic harm that comes with the rest of world turning its back on us.
The pendulum swings. Give it a few hundred years to settle down.
Jason M. Weinstein of Steptoe & Johnson reviews recent litigation trends. His sympathies seem clearly with the businesses and not government regulators or states seeking to protect consumers:
Nearly every day we read about another data breach at yet another major company in the United States. Yet even more disturbing than the increase in data breaches is the rise in efforts by regulators and class-action lawyers to try to blame the victim companies for not doing more to prevent those breaches. Federal regulatory agencies, most notably the Federal Trade Commission, and numerous state attorneys general have targeted victim companies in the wake of cyberattacks.
These same regulators have also aggressively pursued companies for alleged privacy violations based on the companies’ own collection and use of personal data.
Read more on Steptoe & Johnson.
Update: Thompson & Knight have also issued a client alert about the FTC’s “aggressive” stance. Of course, some of us see that as A Good Thing.
Not everything, but a simple start...
… The header is a part of the email message that most people never even see. It contains a lot of data that seems like gobbledygook to the average computer user, so as email use became a daily tool in everyone’s life, email clients started to hide this information out of convenience for you. These days, it can even be a bit troublesome to unhide the header, even for those who know it is there.
Record retention is not simple.
Ruling shows that deleting personal data can remove burdens brought by data subject access requests, says expert
Yes, Virginia, if you don’t store it forever, you’ll have less cost protecting it or producing it:
A ruling by the High Court on the issue of dealing with data subject access requests highlights the positives that can be derived by businesses that decide to dispose of personal data records they no longer need, an expert has said.
Read more on Out-Law.com
Is it that we're not teaching research skills or we're accepting a level of research that we could have achieved back in the days of scrolls and quill pens?
New on LLRX – Rebooting Legal Research in a Digital Age
Via LLRX.com – Rebooting Legal Research in a Digital Age: Steven A. Lastres writes that research has always been core to the practice of law. However, the results of a recent survey Steven has authored identified a “New Normal” in today’s business climate that has a profound effect in the delivery of legal services and impacts how research is conducted.
For my students and other professors.
Fidus Writer is an online collaborative editor especially made for academics who need to use citations and/or formulas. The editor focuses on the content rather than the layout, so that with the same text, you can later on publish it in multiple ways: On a website, as a printed book, or as an ebook. In each case, you can choose from a number of layouts that are adequate for the medium of choice.
It seems these days as if you’re not getting anywhere unless you have a channel on the automation juggernaut known as IFTTT (If This Then That). In the past, we have highlighted lots of other companies who have allowed us to automate their service using IFTTT (the most recent one being Gmail attachments). But now the newspaper giant The New York Times has jumped right in with both feet with their own IFTTT channel, enabling you to have various stories and features from the NYT sent to you automatically. For those who love to read the news, this one could be heaven-sent.
There are currently 71 “recipes” on IFTTT which involve the NYT in some way, and this includes the following 5 which immediately jumped out at me:
And what is even better is that you don’t need a NYT subscription to take advantage of these recipes. Just stick to your free NYT monthly quota and the recipes will work just fine without having to pay for a subscription.
Simplify, simplify, simplify.
See and Print Pages More Clearly With Evernote Clearly
Evernote Clearly is a free browser extension available for Firefox and for Chrome. Clearly can strips the sidebar content from any webpage that you're viewing. You can send the cleaned-up version directly to your Evernote account for easy reading whenever you open your Evernote account. You can print the cleaned-up article from your Evernote account or directly from your web browser.
Evernote Clearly is an excellent extension for teachers to use before printing articles to distribute to their students to read in class. Stripping the sidebar content not only saves ink and paper it also makes it also creates a distraction-free reading experience for your students. Evernote Clearly can also be used to highlight sections of an article. And if you have students that need webpages read to them, Clearly has a text to speech capability that your students can use.
For my website students
Layout your pages in minutes for beautifully responsive pages on desktops, tablets and smartphones. Add divs to separate the different sections of your page. Add, remove, rename and nest divs with a click of a button until you’re happy with the layout. Resize each div according to how you want it to appear on each device.
For all my students.
New on LLRX – Student Research Resources on the Internet
Via LLRX.com – Student Research Resources on the Internet: Marcus P. Zillman’s new guide is a comprehensive pathfinder that identifies reliable, actionable and high value research resources and sources on the Internet that will provide students with key benchmarks for their studies.