Here
we go again?
Home
Depot Investigating Potentially Massive Credit Card Breach
…
Home Depot has confirmed that it’s investigating some “unusual
activity” with regards to its customer data, and the consistently
spot-on
Brian
Krebs is saying that it’s a credit card breach. According to
Krebs, two “massive” batches of cards appeared on a credit card
number seller site early this morning.
It’s
unclear just how long the breach was in play — but Kreb’s early
analysis of the credit card data suggests that its tentacles reached
into the majority of Home Depot’s 2,200 stores, possibly
going as far back April of this year...
Mandating
surveillance? Of course this does nothing to prevent crime, but
might make catching the criminals a bit easier.
If
you have a business in Gary, Indiana that’s open during the hours
of 10 pm and 6 am, you must have outside surveillance cameras –
whether you want to or not. Rob Earnshaw reports:
Businesses in the city operating between the hours of 10 p.m. and 6
a.m. will be required to have three high-resolution surveillance
cameras recording public access areas following passage Tuesday of an
ordinance by the City Council.
Businesses have a three-month grace period until the ordinance is
enforced and failure to comply after that could result in fines up to
$2,500 and revocation of its business license.
[From
the article:
Gary
Police Cmdr. Kerry Rice said Police Department reports show that in
2013 more than 60 percent of reported crimes and 80 percent of
shootings at gas stations and convenience stores in Gary occurred
between the late evening to early morning hours.
…
According to the ordinance the cameras must produce reproducible
digital color images from a digital video recorder that is approved
by the Police Department. Businesses must also post a
conspicuous sign stating that the property is under camera
surveillance. Each camera must display a date and time stamp on each
image and produce retrievable images suitable for permanent police
records.
The
camera system must also be able to store and retrieve 30 days of
recorded material.
Let's
make a law... (I skipped a lot of this post that would probably be
of interest to lawyers)
The
Australian Law Reform Commission’s Final Report, Serious
Invasions of Privacy in the Digital Era (Report 123, 2014) was
tabled in Parliament today and is now publicly available.
The
Terms of Reference for this Inquiry, required
the ALRC to design a tort to deal with serious invasions
of privacy in the digital era. In this Report, the ALRC provides the
detailed legal design of such a tort located in a new Commonwealth
Act and makes sixteen other recommendations that would strengthen
people’s privacy in the digital environment.
…
The
Report
and a
Summary
Report is available to
freely
download or purchase in hard copy from the ALRC website.
The Report is also freely available as an
ebook.
It's
the (marketing) principle of the thing!
Microsoft
Defies Judge, Refuses To Hand Over Customer Emails
Microsoft
looks set to be found in contempt of court after defying an order
from a US judge that it should hand over data stored in Ireland.
Judge
Loretta Preska, chief of the US District Court in Manhattan, has
lifted a stay on her previous order that Microsoft must give email
messages held in an Irish data center to US prosecutors investigating
a criminal case.
However,
Microsoft is refusing to comply. While the judge has concluded that
the order itself isn’t appealable, a refusal to play ball by
Microsoft could force her to find the company in contempt. Microsoft
could then appeal against that finding to continue arguing its case.
…
The disagreement hinges on whether the servers on which the data is
kept are subject to US jurisdiction. In July, the judge ruled that
Microsoft must hand over the emails because, while they were stored
overseas, they were under the control of a US company.
…
Alternatively, we may start to see more of a move towards the
encryption of all customer data. If Microsoft and other cloud
providers didn’t have access to the encryption keys, the data
couldn’t be deemed to be under their control – and they couldn’t
hand it over.
It's
an argument, not a solution.
Chris
Hoofnagle writes:
A revolution is afoot in privacy regulation. In an assortment of
white
papers
and
articles,
business leaders—including Microsoft—and scholars argue that
instead of regulating
privacy through limiting the collection of data, we should focus on
how the information is used. It’s called “use
regulation,” and this seemingly obscure issue has tremendous
implications for civil liberties and our society. Ultimately, it can
help determine how much power companies and governments have.
[From
the article:
Use
regulations offer no real protection, because businesses themselves
get to choose what uses are appropriate. Worse yet, companies
misusing data will have a huge legal loophole—the First Amendment.
Companies have long argued that privacy rules are a form of
censorship, and thus limits on use will be an abridgement of their
free expression rights. The only workable situation for this problem
is to require companies to contractually waive their First Amendment
rights with respect to personal data.
For
my Statistics students.
A
Predictive Analytics Primer
No
one has the ability to capture and analyze data from the future.
However, there is a way to predict the future using data from the
past. It’s called
predictive
analytics, and organizations do it every day.
Has
your company, for example, developed a
customer
lifetime value (CLTV) measure? That’s using predictive
analytics to determine how much a customer will buy from the company
over time. Do you have a “next best offer” or product
recommendation capability? That’s an analytical prediction of the
product or service that your customer is most likely to buy next.
Have you made a forecast of next quarter’s sales? Used digital
marketing models to determine what ad to place on what publisher’s
site? All of these are forms of predictive analytics.
…
Lack of good data is the most common barrier to organizations
seeking to employ predictive analytics.
…
Regression
analysis in its various forms is the primary tool that
organizations use for predictive analytics.
(Related)
For law school students? Interesting question?
Should
Lawyers Be Big Data Cops?
Many
police departments are using big data analytics to predict where
crime is likely to take place and prevent it. Should lawyers do the
same to predict and stop illegal, non-criminal activities? This is
not the job of police, but should it be the job of lawyers? We
already have the technology to do this, but should we? Should
lawyers be big data cops? Does anyone even want that?
…
The necessary software and search skills already exist to do this.
Lawyers with big data skills can already detect and prevent breach of
contract, torts, and statutory violations, if they have access to the
data. It is already possible for skilled lawyers to detect and stop
these illegal activities before damages are caused, before disputes
arise, before law suits are filed. Lawyers with artificial
intelligence enhanced evidence search skills can already do this.
I
have written about this several times before and even coined a word
for this legal service. I call it “
PreSuit.” It is a
play off the term
PreCrime from the
Minority
Report movie. I have
built
a website that provides an overview on how these services can be
performed. Some lawyers have even begun rendering such services.
But should they? Some lawyers, myself included, know how to use
existing predictive coding software to mine data and make predictions
as to where illegal activities are likely to take place. We know how
to use this predictive technology to intervene to prevent such
illegal activity. But should we?
For
my programming students. Read this understand why you need a lawyer.
Open
Source Software Licenses: Which Should You Use?