Another encryption that doesn’t need a backdoor?
https://www.schneier.com/blog/archives/2020/08/blackberry_phon.html
BlackBerry Phone Cracked
Australia is reporting that a BlackBerry device has been cracked after five years:
An encrypted BlackBerry device that was cracked five years after it was first seized by police is poised to be the key piece of evidence in one of the state's longest-running drug importation investigations.
In April, new technology "capabilities" allowed authorities to probe the encrypted device....
No details about those capabilities.
The law plays catch-up.
Protester Surveillance May Test Constitutional Privacy in Courts
Julia Weng reports:
Protests over racial inequality are exposing tensions between law enforcement access to digital data and citizen rights against unwarranted searches, which may force courts to grapple with how to protect people’s privacy.
Law enforcement use of social media posts, drones, cameras, and cell location data catchers called “dirtboxes” during the civil unrest related to the George Floyd protests may push federal courts to expand Fourth Amendment protections to digital data, like geolocation and real-time mobile information. As police surveillance tactics change, constitutional privacy protections are likely to evolve as well.
Read more on Bloomberg Law.
Privacy, as it should be done.
Passport to Privacy: Lessons From EU Guidance on COVID-19 and Personal Data
Rachel R. Marmor and Emily Bruemmer of Davis Wright Tremaine write:
Attempts by U.S. legislators to address the privacy issues raised by the ongoing COVID-19 pandemic have stalled. But for companies seeking to balance the goals of furthering public health and protecting individuals’ privacy, the European Union is providing policy guidance that may be exportable.
Guidance from the European Data Protection Board (EDPB) has made clear that rights to privacy and to data protection persist, even—or especially—during a pandemic. For public authorities, this means balancing public health concerns against individuals’ rights and freedoms. For private entities, this means conducting screening or requesting that individuals provide health information only when permitted by national or local employment laws.
Read more on the Privacy & Security Law Blog.
The downside of computer support.
https://krebsonsecurity.com/2020/08/robocall-legal-advocate-leaks-customer-data/?web_view=true
Robocall Legal Advocate Leaks Customer Data
A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.
The Blacklist Alliance provides technologies and services to marketing firms concerned about lawsuits under the Telephone Consumer Protection Act (TCPA)
… Unfortunately for the Blacklist paying customers and for people represented by attorneys filing TCPA lawsuits, the Blacklist’s own Web site until late last week leaked reams of data to anyone with a Web browser. Thousands of documents, emails, spreadsheets, images and the names tied to countless mobile phone numbers all could be viewed or downloaded without authentication from the domain theblacklist.click.
The directory also included all 388 Blacklist customer API keys, as well as each customer’s phone number, employer, username and password (scrambled with the relatively weak MD5 password hashing algorithm ) .
Any help is welcome?
EDPB Guidance Emerges in the Aftermath of the Schrems II Case
The Schrems II judgment in mid-July was a bombshell for companies that transfer data between Europe and the United States, effectively invalidating many (if not all) of these agreements. The effect of the decision ripples out to the rest of the world as well, as it also forces U.S. companies to evaluate the security adequacy of any third-party vendors in other countries who handle this data. Much-needed European Data Protection Board (EDPB) guidance began to emerge late last week in the form of a “frequently asked questions” document, and the picture looks about as grim as possible for impacted companies thus far.
Perspective. (What is going on here?)
Microsoft’s Talks to Buy TikTok’s U.S. Operations Raise Ire in China
Washington’s push for Chinese company to sell American operations hardens suspicions in China that the U.S. aims to sabotage its technology
(Related)
https://techcrunch.com/2020/08/03/trump-calls-tiktok-a-hot-brand-demands-a-chunk-of-its-sale-price/
Trump calls TikTok a hot brand, demands a chunk of its sale price
Today the president appeared to bless the budding Microsoft-TikTok deal, continuing his evolution on a possible transaction. After stating last Friday that he’d rather see TikTok banned than sold to a U.S.-based company, Trump changed his tune over the weekend.
… Then today the president, endorsing a deal between an American company and ByteDance over TikTok, also said that he expects a chunk of the sale price to wind up in the accounts of the American government.
(Related)
Microsoft Should Refuse Trump’s TikTok Payoff
Paying the U.S. government a cut of TikTok’s sale price would be a dangerous precedent that could blow up in corporate America’s face
No comments:
Post a Comment