Sunday, April 12, 2015

I’m not a lawyer. So when several lawyers I know point me to a draft law that concerns them, I tend to listen. The proposed law in question is the ‘‘Data Security and Breach Notification Act of 2015’’ which is intended to replace all the state laws dealing with data breach notification with one simple federal law. The problem seems to be that “simple” part. From several reviews of the law (all negative) I get the impression that in “simplifying,” several important bits and pieces have been omitted.
The law's sponsor, Marsha Blackburn, seems to be in a bit over her head, understanding neither the technical nor legal issues involved. But perhaps that's just me. I don't have a degree in home economics so I could be underestimating her knowledge. Look at the draft of the bill and judge for yourself.

(Related)
How This Federal Data Breach Law Could Actually Hurt Consumers

(Related)
The Data Security and Breach Notification Act of 2015

(Related)
Needed Improvements to the Data Security and Breach Notification Act


Not a simple problem as police departments often ask the victim to provide proof of a crime. (Recent experience)
Katharine Goodloe writes:
At a talk today with members of Covington’s Privacy and Data Security Group, Danielle Citron highlighted the need for more remedies for victims of online harassment, including women harassed by so-called revenge pornography.
Citron, a professor at the University of Maryland School of Law, focuses on information privacy law and is the author of Hate Crimes in Cyberspace. Her book argues that online harassment of women is a civil rights issue, a position made more compelling in light of the recent online assaults on women in the Gamergate and iCloud photograph hacking scandals.
Citron grouped online harassment into four different models: (1) using the internet to terrorize a victim, such as by cyberstalking, (2) using the internet to destroy a victim’s reputation, such as by defamatory postings, (3) using technology to invade a victim’s privacy, such as by posting private materials and (4) using technology to essentially shove a victim offline, such as by cyberattacks.
Read more on Covington & Burling Inside Privacy.


Not sure I like the idea that I need a “formal” relationship with an entity to be protected from that entity. (At least I think that's what this case implies.)
Jacob Gershman reports that a federal court in New York dealt a setback to the case of a woman who claims AMC Networks violated the Video Privacy Protection Act (VPPA) by sharing information about her visits to the cable network’s website with Facebook. Read more on WSJ.
[From the article:
In her ruling, U.S. District Judge Naomi Reice Buchwald said Austin-Spearman failed to demonstrate that she was a “subscriber” to AMC’s website under the meaning of the law.
“Such casual consumption of web content, without any attempt to affiliate with or connect to the provider, exhibits none of the critical characteristics of ‘subscription’ and therefore does not suffice to render Austin-Spearman a ‘subscriber’ of AMC,” Judge Buchwald wrote in her opinion.
… “This ruling to a certain extent validates the idea that a party can gather information about what an end user is doing across the web on sites not controlled by that party,” Evan Brown, a technology and intellectual property attorney at Much Shelist PC in Chicago, said.
In essence, Brown said, that means “Facebook can track the viewing habits of people on other parts of the web not controlled by Facebook.”


For my Computer Security students. Every now and then I like to point to articles like this to remind my students that there plenty of reasons for lawyers to come after companies that can't (or won't) secure their data.
There’s another development in a patient privacy breach that I had covered on PHIprivacy.net. The case involved a doctor, Nikita Levy, who surreptitiously filmed his female patients during pelvic examinations. The doctor committed suicide after a co-worker tipped the hospital as to what was going on. Johns Hopkins subsequently offered counseling services to those impacted and then settled a patient privacy lawsuit for $190 million. Now the attorneys representing the class of patients have been awarded legal fees of $32.8 million.
Y. Peter Kang reports:
Baltimore City Circuit Court Judge Sylvester B. Cox said the fees award, which was below the 35 percent plaintiffs’ counsel was seeking, was “fair, just, reasonable, and appropriate.” He also ordered that expenses of about $829,600 be reimbursed, according to court records.
Read more on Law360.


Good luck. They won't even escrow a copy in case they go out of business.
Boing Boing’s Doctorow leads campaign to ban digital locks on ebooks, music
by Sabrina I. Pacifici on Apr 10, 2015
James Bridle – UK Guardian: “In my last column I wrote about Tesco’s graceful exit from the ebook business, offloading its customers – and their precious libraries – to Kobo. While applauding the commitment to preserving customers’ purchases, it remains a shame that this sort of transfer is even necessary. Storing books – or anything else – in “the cloud” always comes with a trade-off: everything you put there is backed up and presumably safe for a while, but it’s also still controlled by the retailer- – not by the customer who legally purchased it. More than just a question about books, this is a fundamental issue at the heart of the content industry and the internet itself. And now the Electronic Frontier Foundation, which has fought for digital civil liberties since 1990, has launched a campaign to eradicate digital rights management (DRM) called Apollo 1201, referring to the section of the US Digital Millennium Copyright Act (DMCA) that prevents users tampering with the digital locks on the things they own, such as books, music and movies… Legal challenges to DRM strike at the heart of this issue: is it us, or distant, unaccountable corporations that control not only our media, but the software in our phones, our cars, and our fire alarms? The name Apollo 1201 also refers to the scale of the struggle: it’s a moonshot; it might take a decade, but it’s a stand worth taking, and fighting for.”


Interesting. Another resource made more valuable (and more timely) by moving online. I wonder what took them so long?
Cambridge Yearbook of European Legal Studies Now Online
by Sabrina I. Pacifici on Apr 11, 2015
“The Cambridge Yearbook of European Legal Studies is CELS’ flagship publication. It provides a forum for the scrutiny of significant issues in European Union Law, the Law of the Council of Europe, and Comparative Law with a “European” dimension, and particularly those which have come to the fore during the year preceding publication. The contributions appearing in the collection are commissioned by CELS. The papers presented are all at the cutting edge of the fields which they address, and reflect the views of recognised experts drawn from the University world, legal practice, and the civil services of both the EU and its Member States. Inclusion of the comparative dimension brings a fresh perspective to the study of European law, and highlights the effects of globalisation of the law more generally, and the resulting cross fertilisation of norms and ideas that has occurred among previously sovereign and separate legal orders. The Cambridge Yearbook of European Legal Studies is an invaluable resource for those wishing to keep pace with legal developments in the fast moving world of European integration.”
  • “The Cambridge Yearbook of European Legal Studies has been published since 1998 and is now in its 17th volume. From 2015, the Yearbook will be published by Cambridge University Press via Cambridge Journals Online, and will now be fully accessible online as well as in print. The Yearbook publishes pieces of up to 11,000 words and all articles will appear online on FirstView in advance of print publication. We have a benchmark of publishing online via FirstView within 16 weeks of receipt of a manuscript. All articles are reviewed by the editorial board and anonymously by an external expert peer reviewer. The first article for 2015 is already online and can be accessed here.” [Kenneth Armstrong, Editor-in-Chief]


An interesting summary that I can use to show my statistics students that you can learn something even with simple statistics.
Membership of the 114th Congress: A Profile
by Sabrina I. Pacifici on Apr 11, 2015
Membership of the 114th Congress: A Profile. Jennifer E. Manning, Information Research Specialist. March 31, 2015
“This report presents a profile of the membership of the 114th Congress (2015-2016). Statistical information is included on selected characteristics of Members, including data on party affiliation, average age, occupation, education, length of congressional service, [It's getting shorter Bob] religious affiliation, gender, ethnicity, foreign births, and military service.


Since I have to read it, the least my students can do is try to write well.
Analyze My Writing - Way More Than Word Clouds
A couple of days ago I received an email from the developer of Analyze My Writing. At first glance I thought it was just another word cloud tool like Wordle. Then when I really looked at it I realized that there was much more to it than a word cloud generator.
Paste your text into Analyze My Writing and it will generate a ton of information about your writing. Analyze My Writing will give you a break-down of the readability of your writing on five indices. The analysis will include listings of the most common words and most common word pairs in your writing. A listing of how frequently you use punctuation and punctuation types is included in the analysis provided by Analyze My Writing. Finally, a word cloud is included at the end of the analysis of your writing. The word cloud and the graphs of your
Applications for Education
Analyze My Writing could be a great resource for high school and collage students to use in editing their works. Beyond the readability of the their papers students will receive important information about the words and phrases they have used repetitively in their writings.


Giant oaks from little acorns grow. I'm trying to show my students how businesses should be monitoring even very temporary changes in custome behavior.
How J Lo inspired Google to create image search
Google image search was created 15 years ago but its surprising backstory was only revealed earlier this year.
The search giant created image search because of overwhelming demand from people who wanted to see pictures of pop singer Jennifer Lopez in the green dress she wore to the 2000 Grammy Awards, executive chairman Eric Schmidt explained in a January blog post.
"At the time, it was the most popular search query we had ever seen," Schmidt wrote for Project Syndicate. "But we had no surefire way of getting users exactly what they wanted: JLo wearing that dress. Google Image Search was born."

No comments: