“See? I'm a
peacemaker! I'm resisting being drawn into war! So far...”
Putin
Announces Pullback From Ukraine Border
President Vladimir V.
Putin, faced with rising violence in southeastern Ukraine that
threatened to draw in the Russian Army at great cost and prompt
severe new Western economic sanctions, pressed pause on Wednesday in
what had started to look like an inevitable march toward war.
But it remained unclear
to analysts and political leaders on both sides of the Atlantic
whether he was truly reversing course on Ukraine or if this was just
another of his judo-inspired feints.
The alternative to “We
don't give our data to Intelligence Agencies” has always been
“Oops! Someone stole our data!” Which would customers prefer?
In February, I noted a
breach
involving 800,000 Orange customers that occurred
in January.
Now Reuters reports:
French
telecoms group Orange said around 1.3 million subscribers or
potential subscribers fell victim to a theft of personal data,
including telephone numbers, dates of birth and email addresses, last
month.
[...]
In
mid-April, hackers accessed a software platform that Orange used to
send promotional emails and text messages to people who had agreed to
receive them.
Read more on Reuters.
Are we starting to zero
in on the cost of a HIPAA breach?
From HHS,
a press release concerning a settlement arising from a breach
previously
covered
on this blog:
Two
health care organizations have agreed to settle charges that they
potentially violated the Health Insurance Portability and
Accountability Act of 1996 (HIPAA) Privacy and Security Rules by
failing to secure thousands of patients’ electronic protected
health information (ePHI) held on their network. The
monetary payments of $4,800,000 include the largest
HIPAA settlement to date.
The
U.S. Department of Health and Human Services (HHS) Office for Civil
Rights (OCR) initiated its investigation of New
York and Presbyterian Hospital (NYP)
and Columbia
University (CU) following their submission of a joint
breach report, dated September 27, 2010, regarding the disclosure of
the ePHI of 6,800 individuals, including patient status, vital signs,
medications, and laboratory results.
…
The investigation revealed that the breach was caused when a
physician employed by CU who developed applications for both NYP and
CU attempted to deactivate
a personally-owned computer server on the network
containing NYP patient ePHI. Because
of a lack of technical safeguards, deactivation of the
server resulted in ePHI being accessible on internet search engines.
The entities learned of the breach after receiving a complaint by an
individual who found the ePHI of the individual’s deceased partner,
a former patient of NYP, on the internet.
In
addition to the impermissible disclosure of ePHI on the internet,
OCR’s investigation found
that neither NYP nor CU made efforts prior to the breach to assure
that the server was secure and that it contained
appropriate software protections.
The
New York and Presbyterian Hospital Resolution Agreement may be found
at:
http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/ny-and-presbyterian-hospital-settlement-agreement.pdf
The
Columbia University Resolution Agreement may be found at:
http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/columbia-university-settlement-agreement.pdf
An article Professor
John Soma at the Sturm College of Law tipped me to. I hope he find
this as scary as I do. Imagine the size of the law library if every
type of device had unique law... Horrors! Perhaps the Privacy
Foundation could point out the commonalities?
What
Happens When There’s a Law for Every Device?
We often characterize
the U.S. privacy framework as being sectoral. That is, instead of a
comprehensive privacy framework at the federal level, the United
States provides by statute heightened, statutory protections for
certain kinds of personal information, including financial data,
health information and children’s data, as they are used in certain
types of activities. Even those who call for comprehensive privacy
legislation would probably admit that there is some sense to the
strategy of identifying sensitive types of information and providing
heightened protections for them. But, as recent legislation shows,
lawmakers don’t always focus on sensitive types of information.
Sometimes they carve out sectors by focusing on specific technologies
and services. For example, we
wrote recently on the potential regulatory
scenarios facing unmanned aerial systems (UAS), commonly referred to
as drones. This month, we considered writing (and likely will in
coming months) on legislation currently being considered for privacy
in the context of “connected cars.”
That got us to
wondering: What will the next laws be? Are refrigerator privacy laws
on their way? What about televisions, thermostats, robots, and
toilets?
How do I surveil thee,
Let me count the
ways...
EPIC
Sues Army for Information About DC Surveillance Blimps
by Sabrina
I. Pacifici on May 7, 2014
“EPIC has filed a
Freedom
of Information Act lawsuit against the Department of the Army for
documents about JLENS, a sophisticated surveillance system that will
be deployed over Washington, DC during the next three years. JLENS
is comprised of two 250′ blimps. One blimp conducts aerial and
ground surveillance over a 340-mile range, while the other has
targeting capability including HELLFIRE missiles. The JLENS was
originally deployed in Iraq. In the FOIA
request, EPIC asked the Army for technical specifications as well
as any policies limiting domestic surveillance. EPIC has urged
Congress to establish privacy safeguards for aerial drones. For
more information, see EPIC:
EPIC v. Army – Surveillance Blimps, EPIC:
Drones – Unmanned Aerial Vehicles, and EPIC
Spotlight on Surveillance (2005) – “Unmanned Planes Offer New
Opportunities for Clandestine Government Tracking.”
(Related)
Defense
One – Every Country Will Have Armed Drones Within Ten Years
by
Sabrina
I. Pacifici on May 7, 2014
Patrick
Tucker: ”Virtually
every country on Earth will be able to build or acquire drones
capable of firing missiles within the next ten years. Armed
aerial drones
will be used for targeted killings, terrorism and the government
suppression of civil unrest. What’s worse, say experts, it’s too
late for the United States to do anything about it. After the past
decade’s explosive growth, it may seem that the U.S. is the only
country with missile-carrying drones. In fact, the U.S. is losing
interest in further developing armed drone technology. The military
plans to spend $2.4 billion on unmanned aerial vehicles, or UAVs, in
2015. That’s down considerably from the $5.7 billion that the
military requested in the 2013 budget. Other countries, conversely,
have shown growing interest in making unmanned robot technology as
deadly as possible. Only a handful of countries have armed flying
drones today, including the U.S., United Kingdom, Israel, China and
(possibly) Iran, Pakistan and Russia. Other countries want them,
including South Africa and India. So far, 23 countries have developed
or are developing armed drones, according to a recent report from the
RAND organization. It’s only a matter of time before the lethal
technology spreads, several experts say… Sam Brannen, who analyzes
drones as a senior fellow at the Center for Strategic and
International Studies’ International Security Program, agreed with
the timeline with some caveats. Within five years, he said, every
country could have access to the equivalent of an armed UAV, like
General Atomics’ Predator, which fires Hellfire missiles. He
suggested five to 10 years as a more appropriate date for the global
spread of heavier, longer range “hunter-killer” aircraft, like
the MQ-9 Reaper. “It’s fair to say that the U.S. is leading now
in the state of the art on the high end [UAVs]” such as the
RQ-170.”
Welcome to the “Age
of Stupid.”
Teen
arrested after posting reckless driving video online
Robert Kelley, 18, has
been arrested after posting a video of his reckless driving on
YouTube. The "driving like an idiot" video reportedly
shows the Florida teen running red lights, weaving in and out of
traffic and causing two separate accidents. Kelley has been charged
with leaving the scene of an accident with injuries, reckless driving
and driving without a license.
Something to consider
as we try to lock down the Internet of Things: Sensors have distinct
“fingerprints.”
Jan Willem Aldershoff
writes:
A
researcher from the University of Illinois has
discovered that a mobile phone’s accelerometer can be
used to produce an unique fingerprint, allowing
the phone to be tracked even if all other privacy settings are locked
down. Fingerprinting through the sensors is possible
because of small variations in each manufactured sensor. In a test
researchers were able to recognize devices based on the fingerprint
with a 96% accuracy.
Perhaps there is hope
for my “Make your own explosive and detonate it with a phone call”
video?
Most
phone theft victims ready to resort to vigilantism, study shows
Perspective. End of
(yet another) era.
Jet
magazine shifting to digital publication
Jet magazine, the
digest-size publication that has been a staple among African-American
readers for 63 years, is getting out of the print business.
Johnson Publishing
announced Wednesday that Jet, with a circulation of more than
700,000, will transition to a digital-only format in June.
For my students. Tell
me what you learned and draw me a picture?
Adobe
Voice video app focuses on narration
Adobe Voice is a free
app for iPad that produces short videos based on voice recordings,
motion graphics and images. It's based on the idea that speaking is
key in storytelling or getting a message across.
… Targeted at
mobile users, the app's animated videos can be viewed on virtually
any mobile device.
… Users are
encouraged to tell a story by recording one line at a time.
That means hitting a
virtual button on the iPad, speaking a sentence, choosing an image or
icon for that sentence and then repeating the process.
For my students who
read...
Get
More Out of Google Play Books By Adding Your Favorite eBooks
Google Play Books isn’t
just for eBooks purchased from Google; you can easily upload your own
ePub or PDF eBooks that sync with Play Books and are accessible from
all your Android devices and even on the Web.
First things first:
you’re going to need some eBooks that don’t have Digital Rights
Management (DRM) on them, although you
can break the DRM if you already have some eBooks with
it.
Essentially, DRM on an
eBook prevents you from copying it, transferring it to a different
device, or altering it in any way. We have a more in-depth article
on what
exactly DRM is and how it works, but for our purposes, that’s
all you need to know. Unfortunately, most major publishers and
retailers slap DRM on their books, but there are some DRM-free stores
out there.
Google Play Books only
supports ePubs and PDFs right now, so make sure to download the
correct file type. ePubs are much easier to read than PDFs generally
because they’re scalable and customizable, while PDFs function
similar to viewing an image of a page.
Handy tool. Make
copies of a thumbdrive!
How
To Create An Image Of Your USB Drive
No comments:
Post a Comment