Like the bumper sticker says, “stuff happens.”
How big must the breach be before the FTC stops saying that? What
constitutes Best Practices remains unclear.
Back in January 2015, Morgan Stanley disclosed an
insider breach (previous coverage here
and here).
It appears that the Federal Trade Commission opened an investigation
into the breach under Section 5 of the FTC Act, but decided not to
pursue any enforcement action.
In a closing
letter to Morgan Stanley’s counsel, Maneesha Mithal, Associate
Director of the Division of Privacy and Identity Protection at FTC
explains why the FTC decided to close the investigation, but noted
that closing the investigation should not be construed as a
determination that there was no violation of Section 5.
The
letter may be instructive, as it suggests that if an entity has
appropriate policies in place, but there’s a failure due to “human
error,” then the FTC will not necessarily pursue a case.
In this case, the access controls for one narrow set of reports was
configured improperly and Morgan Stanley corrected the problem as
soon as they become aware of it.
So here we have a situation where there was a risk
of significant injury to consumers that they could not reasonably
avoid. Whether the risk was offset by any benefits, well, I don’t
know how the FTC calculates that in this case. But it looks like
what saved Morgan Stanley was it was able to show the FTC its
policies and all the ways it had attempted to prevent the very
problem that occurred.
Would you expect local governments in the US to do
better? We don't hear much about them here because they are small
and we have no central agency to report them and fine the
governments.
Ian Drury reports on the results of a FOIA
investigation by Big Brother Watch:
Bungling
councils have lost or wrongly shared the sensitive personal
information of tens of thousands of people, a damning report reveals
today.
Officials
breach data rules at least four times a day, often involving the
confidential details – including medical records – of countless
adults and children.
The
‘shockingly lax attitudes’ that local authorities show towards
protecting private records is exposed in a study by the civil
liberties group Big Brother Watch.
Read more on Daily
Mail. I don’t see BBW’s report up on their site yet, but
will add a link to this post when I find it.
Update: here’s
BBW’s report. And there’s already one criticism
of it.
Strange that even in education, ignorance is
bliss.
CBS News reports:
As summer vacation winds down, new legislation is raising concern over digital privacy at school. Nationwide, only four states prohibit kids’ personal information from being shared by schools with third party vendors, like marketers.
Common Sense Media founder and CEO Jim Steyer said until a couple of years ago, many schools weren’t even aware this was happening.
“Because there were no laws about it — school districts aren’t that knowledgeable about it — they were selling it to marketers, etc. so we started passing laws at Common Sense around the country, starting in California, to restrict the use of that data to only educational purposes,” Steyer said Monday on “CBS This Morning.”
Read more on CBS.
[From
the article:
Across the country, 95 percent of school districts
use cloud services but only 25 percent inform parents of that usage,
according to a Fordham University Law School study.
(Related) Why schools should be paying attention,
even though this is a “Health” survey.
U.S. adults increasingly rank web safety and
sexting as leading health concerns for children as smartphones and
Web use become ubiquitous, according to a poll out Monday.
Fifty-one percent of adults ranked Internet safety
as a big health concern for children, while 45 percent said the same
about sexting — ranking them at the fourth- and sixth-largest
concern respectively, according to the C.S. Mott Children’s
Hospital National
Poll on Children's Health.
Change makes Google more nimble.
The
Invention Of Alphabet Is The Ultimate Larry Page Move
… Anyone who's been paying attention also
knows that Page has been grooming
Pichai to be Google's CEO. Creating Alphabet allows Page to give
Pichai the job without pulling himself away from the parts of Google
he's passionate about. And other hotshot executives—ones currently
at Google, or yet to be hired—will presumably like Page's statement
that Alphabet's big businesses will be run by their own CEOs, without
much interference from Larry or Sergey.
… Google said its existing shares would
convert to Alphabet shares and trade under its existing stock
tickers, GOOG and GOOGL. Alphabet will remain incorporated in
Delaware, Google said in a securities filing. Its website is at
https://abc.xyz/.
Heading down the spiral?
With Yuan
Devaluation, China Digs a Hole for Commodities
China’s appetite for commodities from gold to
crude oil is likely to abate in the near term after the country’s
surprise decision to devalue
its currency, although a weaker yuan could boost steel exports.
As one of the world’s largest buyers of
commodities, China’s decision to devalue the yuan
Tuesday—effectively lowering the value of exports and increasing
the cost of imports for domestic buyers—is likely to deepen price
declines among copper, aluminum and other metals. China
consumes nearly half of the world’s annual output of metals.
Commodities that were already at multiyear lows
due to worries about China’s slowing economy and a strengthening
dollar—the unit in which most commodities are priced—suffered
an immediate hit Tuesday on the People’s Bank of China’s
action. The move also took a toll on the currencies of
commodity-dependent countries; the Australian and New Zealand dollars
each fell around 1% against the U.S. dollar.
Keep up! You don't want to sound old fashioned,
“haha” is now the bee's knees.
RIP to LOL
- the history of laughing out loud
A
Facebook study suggests that people are choosing to use "haha"
and emojis over "LOL" to express laughter.
The research claims more than half (51.4%) opt for
"haha", while just 1.9% are LOLers, although it didn't look
at direct messages.
Fuel for the debate? Have bans stopped
governments from creating and using chemical weapons? Would a ban
stop the “Terminator?”
Late last month, Stephen Hawking (former Lucasian
Professor at Cambridge), Elon Musk (CEO of Tesla and SpaceX), Steve
Wozniak (Apple co-founder) and more than 1,000 artificial
intelligence and robotics researchers co-signed a letter urging a ban
on autonomous weapons.
...and my IT Governance students thought (hoped?
prayed?) I would run out of things for them to read.
Designing
Successful Governance Groups
by Sabrina
I. Pacifici on Aug 10, 2015
“The Berkman Center for Internet & Society,
together with the Global Network of Internet and Society Research
Centers (NoC), is pleased to announce the release of a new
publication, “Designing
Successful Governance Groups: Lessons for Leaders from Real-World
Examples,” authored by Ryan Budish, Sarah Myers West, and Urs
Gasser. Solutions to many of the world’s most pressing governance
challenges, ranging from natural resource management to the
governance of the Internet, require leaders to engage in
multistakeholder processes. Yet, relatively little is known how to
successfully lead such processes. This paper outlines a set of
useful, actionable steps for policymakers and other stakeholders
charged with creating, convening, and leading governance groups. The
tools for success described in this document are distilled from
research published earlier this year by Berkman and the NoC, a
comprehensive report entitled “Multistakeholder
as Governance Groups: Observations From Case Studies,”
which closely examines 12 examples of real-world governance
structures from around the globe and draws new conclusions about how
to successfully form and operate governance groups. This new
publication, “Designing Successful Governance Groups,” focuses on
the operational recommendations drawn from the earlier case studies
and their accompanying synthesis paper. It provides an actionable
starting place for those interested in understanding some of the
critical ingredients for successful multistakeholder governance. At
the core of this paper are three steps that have helped conveners of
successful governance groups:
- Establish clear success criteria
- Set the initial framework conditions for the group
- Continually adjust steps 1 and 2 based on evolving contextual factors
The paper explores these three steps in greater
detail and explains how they help implement one central idea:
Governance groups work best when they are flexible and adaptive to
new circumstances and needs and have conveners who understand how
their decisions will affect the inclusiveness, transparency,
accountability, and effectiveness of the group. The paper, as well
as the research it builds upon, is intended as a contribution to
emerging good and best practices in Internet governance and is
offered as a submission to the IGF Best Practice Forum and the
NetMundial Initiative, among other forums.”
Some amusing “predictions” from the past. The
only one that still seems true is from Arthur C. Clarke who said, “If
a teacher can be replaced by a machine, she or he should
be.”
Teaching
Machines and Turing Machines: The History of the Future of Labor and
Learning
For the Tutor's toolkit.
How to
Learn Microsoft Access: 5 Free Online Resources
Ditto
8 Types of
Excel Charts & When You Should Use Them
I'm ready to go, but I think I'll need at least a
couple of months to cover just the highlights. I wonder if there are
Apps for Colorado? I'll look. If not, perhaps my students can
create a few.
18 Apps You
Need to Download for Travelling to India
No comments:
Post a Comment