Tuesday, March 26, 2019

An update: Privacy Foundation at University of Denver Sturm College of Law Spring Seminar. April 19th, from 10am-1pm
The topic is:
After the GDPR--- California’s CCPA’s Response: Other States, Federal Efforts, and What Lawyers Need to Know.
The seminar will be free to DU Faculty/Staff/Students/Mentors, and $30 for the general public. You can find all this information and register online at: http://dughost.imodules.com/privacy2019ccpa.




As an evil hacker, I would like to thank you for helping to improve my ransomware.
LockerGoga Ransomware Neutralized by Shortcut Files
Experts at Alert Logic noticed that before LockerGoga starts encrypting files on a system, it performs an initial scan to create a list of files it should encrypt. If it comes across a .lnk file — a shortcut or link used by Windows as a reference to an original file — it will stop without attempting to encrypt anything.
Specifically, Alert Logic’s analysis shows that LockerGoga may be neutralized if the Recent Items folder contains a shortcut file that has an invalid network path or one that has no associated RPC endpoint.
When [LockerGoga] encounters a ‘.lnk’ file it will utilize the built-in shell32 / linkinfo DLLs to resolve the ‘.lnk’ path. However, if this ‘.lnk’ path has one of a series of errors in it, then it will raise an exception—an exception which the malware does not handle,” Alert Logic researchers explained. “Once the malware encounters an unhandled exception it is terminated by the operating system (as is standard procedure).”




Another way to distract teen drivers? Any liability here? Will the App work while the car is moving?
You can soon order Domino's pizza from your car's touchscreen
Domino's is continuing its quest to let you order pizza through every device imaginable. It's partnering with Xevo on an app that can order pies through your car's infotainment system, no tethered smartphone required.
… The technology is expected to come pre-loaded on "millions" of cars sometime later in 2019, although Domino's and Xevo didn't name specific brands or models.




I suspect the FBI will hate this.
Ben Lovejoy reports:
Two new Telegram privacy features are likely to prove controversial. The first removes the previous 48-hour time limit for ‘unsending’ anything you wrote from the devices of both participants using the secure messaging app …
The second is that you can now delete entire chats, again for both parties.
Telegram announced the changes, together with some less controversial changes, in a blog post.
Read more on 9to5Mac.




This Privacy Thing seems to be catching on.
Sydny Shepard reports:
District of Columbia Attorney General Karl A. Racine has introduced the Security Breach Protection Amendment Act of 2019, which would modernize the District’s data breach law and strengthen protections for residents’ personal information.
Racine introduced the bill in response to the major data breaches that have put tens of millions of consumers, and hundreds of thousands of District residents, at risk of identity theft and other types of fraud, according to a press release.
The new legislation would expand legal protections to cover additional types of personal information, require companies that deal with personal information to implement safeguards, include additional reporting requirements for companies that suffer a data breach, and require companies that expose consumers’ social security numbers to offer two years of free identity theft protection.
Read more on Security Today.


(Related)
Cameron Abbott of K&L Gates of writes:
In light of concerns over how personal data is being used by social media platforms and tech companies, the Commonwealth Government has proposed amendments to the Privacy Act in order to more harshly penalise companies for privacy breaches. The new regime, which aims to update Australia’s privacy laws in line with increased social media use, will see tougher penalties for all entities that are subject to the Privacy Act, not just the headline companies like Google and Facebook.
Read more on National Law Review.


(Related) More limited in scope, but definitely a reaction.
Connor Boyack writes:
Nearly every American regularly uses a pocket-sized supercomputer to store sensitive information, one that tracks our every movement. Some have suggested that the conveniences of cellphones come with an inevitable trade-off of less privacy, but one state has profoundly disagreed, passing a new data privacy law that sets an example for other states to follow.
Timothy Carpenter’s story demonstrates why elected officials need to step forward to protect privacy. In 2011, the FBI obtained several months’ worth of his cellphone location records, without a warrant, after suspecting that he was involved in criminal activity. These records revealed nearly 13,000 locations he had visited, providing them with sensitive information Carpenter considered private.
Read more of his opinion on Washington Examiner.




Gaps & Overlaps.
EDPB Joins the Dots of ePrivacy and GDPR
On 12 March 2019 at its Eighth Plenary Session, the European Data Protection Board (“EDPB”) adopted its Opinion 5/2019 on the interplay between the ePrivacy Directive (“ePD”) and the General Data Protection Regulation (“GDPR”). The Belgian Data Protection Authority had, on 3 December 2018, requested that the EDPB examine the overlap between the two laws and in particular the competence, tasks, and powers of data protection authorities (“DPAs”). The EDPB adopted its Opinion in response to this request and in order to promote the consistent interpretation of the boundaries of the competences, tasks, and powers of DPAs.




A simple question for my Privacy Professional friends. Why? I’d like to understand how we got this right.
Rita Heimes reports
The past few years have seen an explosion of data-related crises, from the Snowden revelations about government surveillance to the Cambridge Analytica scandal at Facebook to the constant drumbeat of data breaches at leading global companies, including Marriott, Equifax, and Under Armour. This in turn has boosted an industry of privacy professionals, experts versed not only in law and policy but also in technology and management of personal data. Uniquely in a corporate context, particularly in tech-related markets, the privacy profession displays gender parity all the way from entry-level positions to senior leadership roles.
Read more on Dark Reading.




“The first thing we do, let's automate all the judges.”
Can AI Be a Fair Judge in Court? Estonia Thinks So
Government usually isn't the place to look for innovation in IT or new technologies like artificial intelligence. But Ott Velsberg might change your mind. As Estonia's chief data officer, the 28-year-old graduate student is overseeing the tiny Baltic nation's push to insert artificial intelligence and machine learning into services provided to its 1.3 million citizens.
"We want the government to be as lean as possible," says the wiry, bespectacled Velsberg, an Estonian who is writing his PhD thesis at Sweden’s UmeĆ„ University on how to use AI in government services. Estonia's government hired Velsberg last August to run a new project to introduce AI into various ministries to streamline services offered to residents.
… In the most ambitious project to date, the Estonian Ministry of Justice has asked Velsberg and his team to design a “robot judge” that could adjudicate small claims disputes of less than €7,000 (about $8,000). Officials hope the system can clear a backlog of cases for judges and court clerks.
The project is in its early phases and will likely start later this year with a pilot focusing on contract disputes. In concept, the two parties will upload documents and other relevant information, and the AI will issue a decision that can be appealed to a human judge. Many details are still to be worked out. Velsberg says the system might have to be adjusted after feedback from lawyers and judges.




I’m surprised that this isn’t already common on Wall Street.
Looking for economic indicators? Check Tweets and the internet search queries
Apurv Jain has used some unconventional data to predict the course of U.S. employment: 1.2 billion tweets and 830 million web searches.
It’s all part of the fast-growing world of alternative data, which “can provide details about the economic narrative of our country that the existing government data simply cannot,” said Jain, 41, now a visiting researcher at Harvard Business School. He presented his findings last week at a New York conference on artificial intelligence and data science in trading.




Gosh AI is wonderful! Before, you needed a PhD in the Humanities to ask, “Would you like fries with that?”
McDonald's is buying a startup that uses AI to try to make you spend more
McDonald's is buying a tech startup that it hopes will help it sell customers more of what they want.
… McDonald's said it would use the startup's technology to tailor the items displayed on menu boards at drive-thru outlets based on the weather, how busy the restaurant is and the time of day. It will also instantly recommend extra items based on a customer's initial order.




For my techie students who still think all big companies are profitable.
How Can a Company with $1.8 Billion in Revenue Lose $1.9 Billion? WeWork Shows How




For the Security Toolkit.
Search Encrypt
Search Encrypt uses local encryption to secure your searches. It combines AES-256 encryption with Secure Sockets Layer encryption. Search Encrypt then retrieves your search results from its network of search partners. After you’re done searching, your search terms expire so they are private even if someone else has access to your computer.”




FINALLY! A diet I can live with.
We salute the Army vet who dropped 25 pounds by consuming nothing but beer for weeks




What have I done to amuse/irritate Russia? This is my visitor count for Sunday, March 24th.




No comments: