Tuesday, August 01, 2006

Hummm...

http://www.securityfocus.com/columnists/412?ref=rss

E-mail privacy in the workplace

Mark Rasch,

... A number of U.S. states require that, before you can record the contents of an "oral" or telephonic communication (or before you can "intercept" such a communication) you must have the consent of all parties to the conversation. Such is the law in Massachusetts (Mass. Ann. Laws ch. 272), Michigan (§99 Michigan, Mich. Comp. Laws §750.539c), Nevada (Nev. Rev. Stat. Ann. §200.620 - by court decision, and N. H. Rev. Stat. Ann. §570-A:2) South Carolina (S.C. Code Ann. §16-17-470), and Washington State (Wash. Rev. Code § 9.73.030).

Some states expressly extend this "all party consent" philosophy to "electronic" communications. This includes California (Conn. Gen. Stat. §52-570d:), Delaware (Del. Code Ann. tit. 11, §2402(c)(4)), Florida, (Fla. Stat. ch. 934.03), Hawaii, (Haw. Rev. Stat. §803-42), Illinois (720 ILCS 5/), Louisiana (La. Rev. Stat. §15:1303), Maryland (Md. Code Ann., Courts and Judicial Proceedings §10-402), Montana ( Mont. Code Ann. §45-8-213) and Pennsylvania (18 Pa. Cons. Stat. §5703).


Even better!

http://news.com.com/2010-1022_3-6100542.html?part=rss&tag=6100542&subj=news

Company laptops, privacy and you

By Eric J. Sinrod Story last modified Tue Aug 01 04:00:07 PDT 2006

Yes, it is true, the great weight of law holds that employees generally should not have privacy expectations when it comes to their work-related electronic communications, especially when they have signed computer policies that explicitly state this to be the case.

However, in a recent twist, a federal court has held that employees may be able to assert that the attorney-client privilege applies to their communications with their attorneys on company laptops under certain circumstances.

In the case Lara Curto v. Medical World Communications, a federal trial judge in New York affirmed the holding of a magistrate that a particular employee had not waived the attorney-client privilege concerning documents retrieved from company laptops she had used during the course of her employment.

The plaintiff employee had been employed by Medical World Communications (MWC) from August 1995 to October 2003. In connection with her work, the plaintiff signed MWC's "E-mail/Computer Privacy Policy" that was contained within the company employee handbook. The policy specifically states that employees do not have any expectations of privacy in their communications on MWC's computer system; the computer system belongs to MWC; the computer system only can be used for business purposes; and MWC is entitled to access and review communications on the computer system.

Starting in May 2002, the plaintiff worked primarily out of her home office. She was assigned two company laptops in succession for work-related purposes. The plaintiff used the laptops to create, send and retrieve electronic communications with her own private attorney. She deleted these communications before she returned the laptops to MWC.

Almost two years later, MWC hired a forensic consultant who was able to restore and retrieve some of the deleted communications between the plaintiff and her private attorney. The plaintiff claimed that these restored and retrieved communications were governed by the attorney-client privilege, and had to be returned and not kept by MWC. MWC, on the other hand, argued that the plaintiff had no expectation of privacy in these communications, as reflected in the policy that she had signed, and thus she had waived any potential privilege. The matter came to a head for resolution by the magistrate by the trial judge assigned to the case.

The magistrate ultimately ruled that the plaintiff had not waived her right to assert the attorney-client privilege with respect to the communications with her private attorney, notwithstanding the policy. The magistrate found significant, among other factors, that MWC had not actively enforced the policy previously, other than on just a few prior occasions, and thus had created a "false sense of security" which "lull(ed) employees into believing that the policy would not be enforced."

Moreover, the magistrate found that the plaintiff had taken reasonable precautions to prevent inadvertent disclosure of her communications with her attorney by sending the subject e-mails through her own personal AOL account, which did not go through MWC's servers, and because she had deleted the communications before returning the laptops (she did not know that those e-mails would be restored and retrieved).

... Specifically, the trial judge held that whether a company enforces its monitoring policies or not "goes right to the heart" of whether the plaintiff's conduct was such that she waived the protection of the attorney-client privilege. Because she was using an AOL account, deleted her communications, and the company before did not regularly enforce its policy, the plaintiff's conduct did not rise to the level of waiver.


Controversy? Surely everyone agrees...

http://www.technewsworld.com/rsstory/52111.html

FDA Contemplates Over-the-Counter 'Plan B' Drug Sales

AFX News Limited 07/31/06 8:00 PM PT

The Food and Drug Administration may consider allowing sales of the so-called morning-after pill without a prescription. So far the FDA has rejected plans for nonprescription sales of the drug, citing concern about young teens' use of the pills without a doctor's guidance. Now, the FDA is reportedly considering a plan to sell the drug over the counter with age restrictions.



http://www.technewsworld.com/rsstory/52112.html

Wireless Broadband for the Home Fueling Gaming, MP3 Sales

By Gene J. Koprowski4 TechNewsWorld 08/01/06 5:00 AM PT

"Our vision of the digital home is one where a variety of digital devices use wireless home networking technologies to seamlessly interact with each other and with the available broadband and digital services," said David Mercer, vice president of Strategy Analytics. "This vision is being realized."



http://www.infoworld.com/article/06/07/31/HNbanksecurity_1.html

Banks face Web security deadline

Majority of banks are unprepared to meet Dec. 31 deadline for complying with guidelines

By Jaikumar Vijayan, Computerworld July 31, 2006

For some bank IT managers, last fall's release of federal guidelines on validating the identities of online users helped catalyze ongoing efforts to adopt so-called strong authentication measures.

But a majority of U.S. banks appear unprepared to meet the Dec. 31 deadline for complying with the guidelines, several analysts said last week. They placed much of the blame for the current lack of preparedness on the fact that the guide-lines aren't mandatory and don't specify what form of strong authentication banks should implement.



Now you can find the identity theft data you need much faster!

http://www.bespacific.com/mt/archives/011991.html

July 31, 2006

Reporters Committee Releases Update of State Open Government Guide

"The Open Government Guide is a complete compendium of information on every state's open records and open meetings laws. Each state's section is arranged according to a standard outline, making it easy to compare laws in various states."



Tools & Techniques

http://techdirt.com/articles/20060731/2254225.shtml

Bot-On-Bot eBay Scamming

from the when-the-bots-takeover dept

It's one of the oldest eBay scams in the book: sell something you don't have, pocket the money and walk away. However, these days, for it to work you need to have at least a decent eBay feedback reputation. A few years ago, this would work out with the scammer acting as a legit eBay user for a few months, buying and selling various cheap items, building up a decent profile... and then putting up some big expensive item for the scam payoff. Again, however, the times are changing and that process is too involved -- so the next generation of scammers has move on to eBay scamming automation. They use bots to scan eBay and buy $0.01 "buy it now" items. Apparently, many of the sellers who offer such things use bots themselves to manage all those offers -- including the near automatic "good feedback" stamps of approval. So, the bots talk to the bots, and any new scamming user can build up a nice looking feedback page with tons of successful deals -- all at just a penny a shot. The bots can create tons of new users as well, all of which are quickly building up good eBay reputations. Then, they can waltz in with the real scam and drop the account, and move right on to the next "primed" account their bot has set up for them. So far, there's no evidence that the bots on both sides may be controlled by the same scammers -- but each side benefits by getting a near automatic feedback boost.



http://technology.guardian.co.uk/news/story/0,,1834036,00.html?gusrc=rss&feed=20

YouTube overtakes MySpace

The rise and rise of YouTube

Mark Sweney MediaGuardian.co.uk Monday July 31, 2006

YouTube has established itself at the top of the league of the new generation of community websites by becoming even more popular than MySpace, according to research.

The video sharing site has taken a 3.9% share of global internet visits a day compared with 3.35% for MySpace, according to internet analysis company Alexa.



Perhaps this is the way to go. I bet Microsoft would like everyone to upgrade their software!

http://news.yahoo.com/s/ap/20060731/ap_on_hi_te/cingular_older_phones

Cingular to charge $5 for older phones

By BRUCE MEYERSON, AP Business WriterMon Jul 31, 5:52 PM ET

About 4.7 million Cingular Wireless subscribers with older phones will have to pay $5 extra each month as the company tries to prod them to get new handsets so it can devote its entire network to one type of signal.



I've been suggesting something like this for years. Who'd a thunk the first mover would be Boston? Of course my plan didn't rely on donations.

http://www.nwfdailynews.com/articleArchive/jul2006/bostonwifi.php

Boston plans to have nonprofit run citywide Wi-Fi network

By MARK JEWELL AP Business Writer 2006-07-31

BOSTON (AP) - The city is considering an unusual approach to creating a citywide, low-cost wireless Internet network: putting a nonprofit organization, rather than a private service provider, in charge of building and running the system.

No comments: