I wonder if their lawyers warned them in time to avoid this? Where was the ball dropped?
Millions of Facebook Users Pass on $650 Million Privacy Jackpot
Facebook Inc. will be making payouts to only about a quarter of the 6 million Illinois residents eligible for the biggest consumer privacy settlement in U.S. history.
Based on a tally filed in court after Monday’s claims deadline, some 1.57 million people will probably pocket more than $300 each – after about a third of the $650 million settlement fund is set aside for their attorneys and administrative costs – from a lawsuit in which the social network was accused of collecting biometric images from its photo-tagging feature without consent.
As class actions go, with nickel-and-dime payouts often not worth the effort of filing a claim, a case that ends up with a 25% buy-in from consumers is a success story. Frequently, fewer than 10% of eligible people file claims.
A summary for my Computer Security students.
Data Breach Cases: An Analysis of Standing and Best Causes of Action
Despite the rules and security measures that many organizations put in place to protect the personal information of their clients or customers, sensitive information may still fall prey to hackers and other kinds of breaches. Those affected may seek counsel to aid in bringing suit to hold an entity liable for its intermediary role when a third party commits a data breach.. While data breaches have become too common, case law and statutory law governing redress for data breaches is limited. This column explores standing and potential causes of action in data breach suits.
At least an occasional (annual?) review by someone who did not do the original setup?
Fairchild Medical Center server was exposing patient information for 4.5 years until a security firm alerted them
Ugh. Fairchild Medical Center had a misconfigured server exposing PHI from December 16, 2015 until they were alerted to the problem in late July by an unnamed security company who discovered the exposure.
Here’s their press release, below.
Could we do this in the US? (Aren’t we doing it already?)
https://thenextweb.com/readme/2020/11/26/how-to-build-a-search-engine-for-criminal-data/
How to build a search engine for criminal data
Whether it’s a WhatsApp message arranging the distribution of cocaine from São Paulo to Amsterdam or other encrypted conversations to lure the enemy into a deadly ambush; criminals have long tried to keep their digital footprints hidden.
The evidence of crime is all stored in the digital archive: emails, photos, and cloud storage data. Law enforcement agencies can use these digital clues to find out where criminals have been, and what they’re currently doing.
Data analysis platforms are becoming increasingly crucial in the fight against crime. We spoke with two forensic software experts from Hansken about how they support law enforcement agencies, like the Dutch National Police and the Dutch Fiscal Information and Investigation Service.
An interesting ‘what,’ but the question is ‘who?’ Can an internal review be trusted?
https://www.mclane.com/assets/docs/Weaver_-_Assessment_of_Artificial_Intelligence_Systems.pdf
Everything Is Not Terminator
Many information security and privacy laws such as the California Consumer Privacy Act1 and the New York Stop Hacks and Improve Electronic Data Security Act2 require periodic assessments of an organization’s information management systems. Because many organizations collect, use, and store personal information from individuals—much of which could be used to embarrass or impersonate those individuals if inappropriately accessed—these laws require organizations to regularly test and improve the security they use to protect that information.
As of yet, there is no similar specific law in the United States directed at artificial intelligence systems (“AIS”), requiring the organizations that rely on AIS to test its accuracy, fairness, bias, discrimination, privacy, and security.
However, existing law is broad enough to impose on many organizations a general obligation to assess their AIS, and legislation has appeared requiring certain entities to conduct impact assessments on their AIS. Even without a regulatory mandate, many organizations should perform AIS assessments as a best practice.
This column summarizes current and pending legal requirements before providing more details about the assessment process.
High probability, even with Presidential distractions?
IoT Update: Congress Passes IoT Cybersecurity Improvement Act of 2020
The bipartisan Internet of Things (“IoT”) Cybersecurity Improvement Act of 2020 (S. 734, H.R. 1668 ) has passed the House and the Senate and is headed to the President’s desk for signature. The bill was sponsored in the House by Representatives Hurd (R-TX) and Kelly (D-IL), and in the Senate by Senators Warner (D-VA) and Gardner (R-CO). President Trump is expected to sign the measure into law.
Perspective. Brick and mortar stores don’t own all the brick an mortar. Apparently you need a lot of room to store all that virtual…
Stock-Market Titans Amazon, Google and Facebook Are Also Driving Commercial Real Estate
The biggest U.S. tech companies are providing a jolt to the slumbering commercial real-estate business, emerging as major tenants and acquirers of office and other space while many nontech firms are trying to tear up their leases.
Five of the biggest property owners in the tech industry— Amazon.com Inc., Facebook Inc., Apple Inc., Google parent Alphabet Inc. and Microsoft Corp. —together occupy around 589 million square feet of U.S. real estate, according to CoStar Group. That is more than all of the office space in New York City, or the equivalent to about 220 Empire State Buildings. It marks a fivefold increase from a decade ago.
No comments:
Post a Comment