Thursday, February 19, 2015

Strange that SlashGear thinks this is a PR problem. What advice did their lawyers offer? Did PR lie to the lawyers? Did the lawyers rely on the PR guys?
Nope, Samsung doesn’t actually encrypt Smart TV voice data
If Samsung thinks it's already safe from the latest Smart TV scandal, it better put its PR team into action again. The company publicly stated that its Smart TVs were not eavesdropping on users and that it follows security best practices when transmitting voice queries, and only voice queries, to a third-party company for processing. Apparently, for the Korean consumer electronics giant, such "best practices" don't actually include encryption, leaving owners' voice commands, or practically anything they say to the TV, open for hackers to hear.

(Related)
Kashmir Hill and Pendarvis Harshaw point out that it’s not just Samsung TV that can capture our conversations through voice recognition features. See what other devices and cars can do – and what their privacy policies reveal – on Fusion.


Amusing that this article is in the Japan Times. Not much being said by those beneath the blimp? Is there a threat by a country that has cruise missiles and the ability to deliver them to Washington undetected, or are they more interested in people already on the ground?
AFP-JIJI reports that the Joint Land Attack Cruise Missile Elevated Netted Sensor System (JLENS) blimp, which the government says is intended to spot low-flying cruise missiles amid thousands of aircraft in this corner of the U.S. East Coast, is making the people who live under it uncomfortable:
“There is a particular visceral reaction to looking up in the sky and seeing someone or something staring back at you,” said Ginger McCall of the Electronic Privacy Information Center in Washington.
Combing through thousands of pages it obtained through the Freedom of Information Act, the nonprofit group found no guarantee that JLENS will not be used for ground surveillance.
Instead, it came across contracts stating that “the technology was specifically designed to integrate very high definition video” to track and identify people and vehicles in a five-kilometer (three mile) radius,” McCall said.
Read more on Japan Times.


Shouldn't everyone be using this standard?
Quinten Plummer reports:
Microsoft has adopted an international standard for certifying the security of its cloud offerings, making it the first major cloud services provider to do so, the company says.
The company adopted the International Organization for Standardization and International Electrotechnical Commission’s standard 27018 to certify the security of its cloud offerings, using the guidelines to set a uniform, international approach to protecting privacy for personal data stored in the cloud.
Read more on Tech Times.


I knew this because a professor friend of mine pointed it out some years ago.
Me: “So HIPAA means we no longer need to worry about privacy!”
Professor: “Not so fast, my incredibly ignorant friend.”
Amanda Robert reports:
In recent weeks, it has been widely reported that Dr. Robert Taub will testify in the corruption case against New York State Assembly Speaker Sheldon Silver.
According to the Jan. 21 federal complaint, Taub referred his patients from the Columbia University Mesothelioma Center to the high-profile asbestos cancer law firm Weitz & Luxenberg, which employed Silver. These patients and their cases generated millions in referral fees for Silver, who in exchange, the complaint says, secretly directed state funding to Taub’s cancer center.
While it seems that Taub’s role as a government witness may have helped him avoid criminal charges, should he be held to standards agreed to by all medical professionals, particularly the Health Insurance Portability and Accountability Act, or HIPAA?
Karen Porter, an associate professor of clinical law at Brooklyn Law School who also serves as executive director of its Center for Health, Science and Public Policy points out that HIPAA isn’t “extraordinarily protective of people’s information.”
Read more on The Legal Newsline.


...because it addresses so many of the areas I teach.
Hunton & Williams write:
On February 12, 2015, the Office of the Privacy Commissioner of Canada released a research report entitled Privacy and Cyber Security – Emphasizing privacy protection in cyber security activities (the “Report”). The Report explores the interconnected relationship among cybersecurity, privacy and data protection, including common interests and challenges.
The Report illustrates some of the current and growing challenges for data protection and cybersecurity including:
  • the growing complexity of managing and providing security for cyberspace;
  • the growing sophistication and “professionalization” of cybercrimes and hackings;
  • the future focus of cyber criminals on the mobile sphere;
  • the risks of “big data” and “big data” analytics to individual privacy;
  • the failures of companies and organizations to prioritize breach preparedness; and
  • the shortcomings of a “check the box” approach to compliance with data protection laws, and the need for effective risk management and dynamic implementation of security.


Interesting
Top 10 U.S. Privacy Developments of 2014


It's not in the US, but it is “educators”
Updated: Following a strongly negative public reaction to his statements yesterday, it appears the Education Minister is backing off. Adam Shostack kindly pointed out that CBC now reports:
Bolduc said Wednesday the government has asked an independent person from outside the school board to look into what happened.
Once the review is complete, Bolduc said he would decide, “based on the facts, what should be done in the future.”
Original story:
Steve Rukavina reports:
Quebec Education Minister Yves Bolduc says high school staff are permitted to strip-search students, as long as it’s done “in a respectful fashion.”
Bolduc’s comments Tuesday follow a report in the Journal de MontrĂ©al newspaper, saying that a 15-year-old female student at the Neufchatel High School in Quebec City was strip-searched last week after school officials suspected she was selling drugs.
The girl told the newspaper that the female school principal and a female staff member took her to a room in the school and asked her to remove all her clothing, including her underwear. The female staff member held a blanket in front of the student while the principal searched her clothes.
In a news release, the De la Capitale School Board did not dispute that version of events.
The board said school officials have a responsibility to ensure a safe and healthy environment.
Read more on CBC News.


Any manager worth the title should be able to design a process that prevents this.
Carnegie Mellon Mistakenly Accepts -- Then Rejects -- 800 Grad School Students
The Pittsburgh university revealed yesterday that it had erroneously admitted 800 students to its highly selective Master of Science in Computer Science program -- which ranks as the number one program of its kind in the world, according to U.S. News & World Report.
Carnegie Mellon explained that the error “was the result of serious mistakes in our process for generating acceptance letters.”
… However, such oversights occur more often than one might expect -- though typically at the undergraduate level, where the application process is less personal, the Associated Press reports. In December, Johns Hopkins mistakenly sent welcome letters to 300 rejected undergrads, and in 2009, the University of California sent acceptance emails to all 46,000 applicants.


“It's hard to define what an intermediary is but we studied it anyway.” Isn't it the companies (processes) that we removed back when the buzzword was “disintermediation?”
Liability of Online Intermediaries – New Study by the Global Network of Internet and Society Centers
“The Global Network of Internet and Society Research Centers (NoC) and the Berkman Center for Internet & Society at Harvard University are pleased to announce the release of a new report, which examines the rapidly changing landscape of online intermediary liability at the intersection of law, technology, norms, and markets, and is aimed at informing and improving Internet policy-making globally. This report is a first output of a larger initiative on the governance of online intermediaries and consists of a case study series exploring online intermediary liability frameworks and issues in Brazil, the European Union, India, South Korea, the United States, Thailand, Turkey, and Vietnam, and a synthesis paper. In addition to facilitating the research project, the Berkman Center led the drafting of the synthesis document and contributed a case study on intermediary liability in the United States. The synthesis paper seeks to distill key observations and provide a high-level analysis of some of the structural elements that characterize varying governance frameworks, with a focus on intermediary liability regimes and their evolution. While intermediary liability varies significantly across the country case studies, the synthesis highlights the importance of cultural and political context, as reflected in both the legal norms aimed at regulating intermediaries and the perception of intermediaries’ social function within the countries studied. The United States paper describes and assesses the intermediary liability landscape in the United States, providing an overview of major US legal regimes that protect online intermediaries from liability for user content. It then offers a series of short case studies describing ways in which US-based companies and other organizations have structured their operations in compliance with and in response to US law. The research effort is grounded in a diversity of global perspectives and collaborative research techniques, committed to objective and independent academic standards, and aspires to be useful, actionable, and timely for policymakers and stakeholders. More broadly, the Network of Centers seeks to contribute to a more generalized vision and longer-term strategy regarding the role of academic research, facilitation and convening, and education and communication in the Internet age. The full text of the Berkman Center contribution, the other case studies by our international partners, and the synthesis paper are available on the Publixphere website, where the authors welcome comments and feedback. The series and individual papers are also available for download from SSRN.”


For my “Anything but Microsoft” students.
Microsoft Offers 100 GB of Free Storage for Using Bing
… The company is now offering 100 GB of free space to anyone. And there’s only one catch. To get the space, you’ll need to sign up for Bing Rewards.
Bing Rewards is a program run through the Microsoft search engine in an attempt to get more users to choose it over Google. As long as you stay signed into Bing (either on a PC or mobile device), the search engine collects your browsing data and based on where you visit and what you buy, you earn credits.
The more searching with Bing you do, the higher your Bing Status rises and Rewards are accrued as a result, according to the program’s terms.
… Microsoft even offers an option where you can donate your Bing Rewards credits to a charity.
To get your 100 GB of free OneDrive storage requires only a few simple steps, AndroidAuthority reports.
… However, the Bing Rewards deal also require you sign up to receive promotional emails from Microsoft about OneDrive in the future, cNet reports.


This agrees with what I find in the classroom.
America’s Skills Challenge – Millennials and the Future
Educational Testing Service – “Recent research reveals an apparent paradox for U.S. millennials (born after 1980, ages 16–34): while they may be on track to be our most educated generation ever, they consistently score below many of their international peers in literacy, numeracy and problem solving in technology-rich environments. Equally troubling is that these findings represent a decrease in literacy and numeracy skills when compared to results from previous years of U.S. adult surveys. As a country, simply providing more education may not be the answer. There needs to be a greater focus on skills — not just educational attainment — or we are likely to experience adverse consequences that could undermine the fabric of our democracy and community. This vital new report sheds light on the growing inequality of opportunity in the United States and the impact this has on both skills acquisition and outcomes for both current and future generations.”


A “backgrounder” for my IT students.
What Are APIs, And How Are Open APIs Changing The Internet


For the student toolkit.
How To Use Your Smartphone as a Windows Microphone

No comments: