For the first time, according to a recent study, criminal and state-sponsored hacks have surpassed human error as the leading cause of health care data breaches, and it could be costing the industry as much as $6 billion. With an average organization cost of $2.1 million per breach, the results of the study give rise to a question: How do you define human error?
[…]Wetware is a term of art used by hackers to describe a non-firmware, hardware or software approach to getting the information they want to pilfer. In other words, people. (The human body is more than 60% water.) Wetware intrusions happen when a hacker exploits employee trust, predictable behavior or the failure to follow security protocols. It can be a spearphishing email, a crooked employee on the take or a file found while Dumpster diving—and, of course, all stripe of things in between. Whatever it is, there’s a human being involved.
Fordham Law Center on Law and Information Policy (CLIP) Ninth Law and Information Society Symposium. Trends in the global processing of data, developments in new technologies, privacy enforcement actions and government surveillance put international privacy at the center of the global law and policy agenda. Government regulators, policymakers, legal experts, and industry players need to find solutions to cross-border conflicts and to the issues presented by innovative technologies. This conference seeks to create a robust, but informal dialog that will explore possible solutions to current questions arising from the international legal framework, infrastructure architecture and commercial practices. The conference will use a unique format. Each panel will start with a short presentation on the technological and business context to set the stage. The panel will be an informal, moderated roundtable discussion with a select group of experts followed by a question and answer session from the audience.
The Illinois State Police announced that the FAA has authorized what it calls its ‘Unmanned Aircraft System Program’.
It’s a F***ING surveillance drone program! My god, DHS/Police are trying to mask what it really is by calling it an ‘Unmanned Aircraft System Program’.
There’s even a UAS news website where you can follow all the latest surveillance drone news.
“It’s a new crisis,” O’Shea said. “Girls all are sending nude photographs of themselves all over the place.”
We’ve said it before and we’ll say it again: violating a computer use restriction is not a crime. That’s why today EFF filed an amicus brief urging the Oregon Supreme Court to review a troubling opinion by the Oregon Court of Appeals in State v. Nascimento, finding an employee committed a computer crime for violating her employer’s computer use restrictions.
Caryn Nascimento worked as a cashier at the deli counter of a convenience store. As part of her job, she was authorized to access a lottery terminal in the store to sell and validate lottery tickets for paying customers. Store policy prohibited employees from purchasing lottery tickets for themselves or validating their own lottery tickets while on duty. After a store manager noticed a discrepancy in the receipts from the lottery terminal, it was discovered that Nascimento had printed lottery tickets for herself without paying for them. She was ultimately convicted not only of first-degree theft, but also of computer crime on the ground that she accessed the lottery terminal “without authorization.”
The Second Circuit held oral argument Tuesday in United States v. Valle, widely known as the “Cannibal Cop” case. There was a ton of media attention about this case at trial, including the trial judge’s decision to overturn the jury verdict for conspiracy to commit kidnapping on the ground that it was all a fantasy. HBO has already made a documentary about the case.
Amidst all this attention, the part of Valle that I care about — and that worries me — has flown under the radar. I’m referring to the defendant’s appeal from the one count on which Valle was convicted: A violation of the computer hacking statute, the Computer Fraud and Abuse Act.