Wednesday, January 02, 2019

Consider yourself (or your selfie) scanned.
Lorraine Bailey reports:
A federal judge ruled Saturday that Google does not violate Illinois privacy laws by automatically creating a face template when Android users upload photos taken on their smartphone to the company’s cloud-based photo service.
Read more on Courthouse News.
[From the article:
“The Seventh Circuit has definitively held that retention of an individual’s private information, on its own, is not a concrete injury sufficient” to establish standing, the 28-page opinion states.
Further, there are no allegations that hackers have stolen the plaintiffs’ information or that there has been other unauthorized access to the Google Photos accounts.
“Plaintiffs cannot show – and do not argue – that Google ‘intruded into a private place’ by receiving photographs of plaintiffs voluntarily uploaded to Google photos” by themselves or others, Judge Chang said.
He added, “Plaintiffs do not offer evidence to dispute that their faces are public – just that their facial biometrics are. This is consistent with Fourth Amendment case law that rejects an expectation of privacy in a person’s face.” (Emphasis in original.)




3 business days to provide notice of a breach.
Josephine Cicchetti of Carlton Fields writes:
Ohio has joined South Carolina in becoming the next state to adopt a variation of the NAIC Insurance Data Security Model Law (“MDL-668”). This legislation makes a number of changes to Ohio’s insurance law, including the addition of a new Chapter 3965, which establishes “standards for data security and for the investigation of and notification to the Superintendent of Insurance of a cybersecurity event” (containing new Sections 3965.01 through 3965.11). Licensees will have one year to come into compliance with the new requirements, with the exception of the third party service provider provisions (Section 3965.02(F)), which have been granted a two-year implementation date.
[From the article:
The law provides an affirmative defense to any tort cause of action that "alleges that the failure to implement reasonable information security controls resulted in a data breach concerning nonpublic information." [See Section 3965.08]. Section 3965.02(J) also states that "a licensee that meets the requirements of this chapter shall be deemed to have implemented a cybersecurity program that reasonably conforms to an industry-recognized cybersecurity framework for purposes of Chapter 1354 of the Revised Code.




Perspective.
Economists calculate the true value of Facebook to its users in new study
“Facebook, the online social network, has more than 2 billion global users. Because those users do not pay for the service, its benefits are hard to measure. We report the results of a series of three non-hypothetical auction experiments where winners are paid to deactivate their Facebook accounts for up to one year. Though the populations sampled and the auction design differ across the experiments, we consistently find the average Facebook user would require more than $1000 to deactivate their account for one year. While the measurable impact Facebook and other free online services have on the economy may be small, our results show that the benefits these services provide for their users are large.”




For the next time I teach Statistics.
Seeing Theory – Making statistics more accessible through vizualizations
Seeing Theory was created by Daniel Kunin while an undergraduate at Brown University. The goal of this website is to make statistics more accessible through interactive visualizations.”
Chapters –


No comments: