Why smart companies hire consultants (to blame if anything goes
wrong).
Enhancing
the Security of Data Breach Notifications and Settlement Notices
Ryan
Amos, Mihir Kshirsagar, Ed Felten, and Arvind Narayanan write:
We couldn’t help noticing that the recent Yahoo and Equifax data breach settlement notifications look a lot like phishing emails. The notifications make it hard for users to distinguish real settlement notifications from scams. For example, they direct users to URLs on unfamiliar domains that are not clearly owned by the company that was breached nor any other trusted entity. Practices like this lower the bar for scammers to create fake phishing emails, potentially victimizing users twice. To illustrate the severity of this problem, Equifax mixed up domain names and posted a link to a phishing website to their Twitter account. Our discussion paper presents two recommendations to stakeholders to address this issue.
First, we recommend creating a centralized database of settlements and breaches, with an authoritative URL for each one, so that users have a way to verify the notices distributed.
Read
more on Freedom
to Tinker.
Should be interesting to see what Microsoft thinks
every privacy law will include.
Microsoft
vows to ‘honor’ California’s sweeping privacy law across entire
US
On
Monday, Microsoft
announced that it would honor the “core rights” provided
to Californians through the state’s landmark data privacy law and
expand that coverage across the entire United States.
… Many
Democratic lawmakers argue that any national legislation should leave
California as a baseline and extend those protections across the
country and add more protections if necessary. Republicans and
industry stakeholders disagree and are broadly convinced that CCPA
goes too far and any federal law should nullify it and any other
state laws in order to stave off a “patchwork” of privacy
regulations.
Privacy
is spreading.
Yomi
Kazeem reports:
A new data protection law in Kenya is setting a high standard for the rest of the continent.
As the country looks to engender more safeguards in the collection, handling and sharing of data, Kenya’s president Uhuru Kenyatta has approved legislation which complies with the European Union’s General Data Protection Regulation.
Perhaps it’s the USPTO’s AI asking these
questions.
Can AI Own
IP? U.S. Patent and Trademark Office Opens Inquiry into Artificial
Intelligence
The
U.S. Patent and Trademark Office (USPTO) is asking
the
public for input on whether computers, in the form of artificial
intelligence (AI), can create something that could be copyrighted and
whether it could infringe on the copyrights of others.
… The
first question the office asks is this: “Should a work produced by
an AI algorithm or process, without the involvement of a natural
person contributing expression to the resulting work, qualify as a
work of authorship protectable under U.S. copyright law? Why or why
not?”
The
questionnaire then goes on to ask another dozen related questions.
Such as the following:
“To
the extent an AI algorithm or process learns its function(s) by
ingesting large volumes of copyrighted material, does the existing
statutory language (e.g., the fair use doctrine) and related case law
adequately address the legality of making such use? Should authors
be recognized for this type of use of their works? If so, how?”
It
also asks:
“Are
current laws for assigning liability for copyright infringement
adequate to address a situation in which an AI process creates a work
that infringes a copyrighted work?”
Thoughts
for lawyers.
Lessons
for In-House Counsel from Cybersecurity’s Front Lines
Recent
developments reinforce the urgent need for general counsel and legal
departments to deepen their focus on cybersecurity.
To
read the full article, click
here
Something
to share with our Vet students.
Free
Cybersecurity Training Now Available for U.S. Veterans
A new and free cybersecurity training and
certification program called Second Watch has been launched today by
Palo Alto Networks to help U.S. veterans find new careers in
cybersecurity after their military service is over.
This new initiative is designed to provide
military veterans with all the online resources needed to aid them to
switch to new careers in cybersecurity, a mission that perfectly
matches their previous training on effectively responding to threats
and preventing attacks.
… The
free digital learning courses provided by the company through the
Second
Watch initiative enable
veterans to acquire cybersecurity knowledge on various topics ranging
from "the basics of malware to managing a global infrastructure
of Next-Gen Firewalls."
… The
program's Skills
Learning Path features
nine self-paced steps that will guide them through the free digital
learning courses available that can be accessed on an online portal.
They
will also be able to take the Palo Alto Networks Certified Network
Security Administrator (PCNSA) and Palo Alto Networks Certified
Cybersecurity Associate (PCCSA) free
exams along the way
No comments:
Post a Comment