Will this change be reversed? Probably.
US border agents must get warrant before cell phone searches, federal court rules
A federal district court in New York has ruled that U.S. border agents must obtain a warrant before searching the electronic devices of Americans and international travelers crossing the U.S. border.
The ruling on July 24 is the latest court opinion to upend the U.S. government’s long-standing legal argument, which asserts that federal border agents should be allowed to access the devices of travelers at ports of entry, like airports, seaports and land borders, without a court-approved warrant.
What is worse than a deepfake?
Kansas Court of Appeals Denies that KU Medical Center has a Duty of Privacy to its Patients
While looking for information on another breach, PogoWasRight stumbled over this blog post by McShane & Brady law firm in Kansas City:
McShane & Brady filed a lawsuit against the University of Kansas Medical Center (KUMC) for a breach of private medical information in which a doctor took a photograph of a patient’s genitals on her personal cell phone and texted the photo to medical students.
The case was filed in the Wyandotte County District Court and assigned to Judge Timothy Dupree. KUMC moved for the case to be dismissed claiming that it did not have a duty to keep patient information confidential. On March 29, 2023, Judge Timothy Dupree dismissed the case finding that the KUMC did not have a duty to keep patient information private. The decision of Judge Dupree was appealed to the Kansas Court of Appeals.
On July 5, 2024, the Kansas Court of Appeal affirmed the District Court’s ruling stating:
“We agree with the district court that Kansas does not recognize a common-law duty for a medical entity to protect the privacy and confidentiality of patients that would give rise to a private cause of action for the alleged breach of that duty.”
“The Court of Appeals thrown medical privacy out the window, “said Maureen Brady.
McShane & Brady is filing a Petition for Review with the Kansas Supreme Court and is seeking justice for all patients who have been victims of the wrongful disclosure of medical information.
Fox4Kc conducted an interview with Maureen Brady to discuss the case. KU Medical Center is expected to comment today. Click here to view the story.
So this is a bit shocking. It’s one thing for HIPAA to have no private cause of action, but for there to be no private cause of action under state law, well, does that leave Kansas residents with any redress if their medical privacy has been violated? What law is left that protects them? From reading the opinion, it sounds like there is none. And although Ms Brady claims the appellate court has “thrown medical privacy out of the window,” it sounds like medical privacy was never in any window in Kansas.
It will be interesting to see what the state supreme court does.
Another reason for AI lawyers?
https://www.bespacific.com/the-race-against-time-to-reinvent-lawyers/
The race against time to reinvent lawyers
Via LLRX – The race against time to reinvent lawyers – Jordan Furlong is a leading analyst of the global legal market and forecaster of its future development. In this insightful article he contends that our legal education and licensing systems produce one kind of lawyer. The legal market of the near future will need another kind. I f we can’t close this gap fast, we’ll have a very serious problem.
Something to consider. Is the software for self driving cars vulnerable to a Crowdstrike type failure?
Providing Security Updates to Automobile Software
Auto manufacturers are just starting to realize the problems of supporting the software in older models:
Today’s phones are able to receive updates six to eight years after their purchase date. Samsung and Google provide Android OS updates and security updates for seven years. Apple halts servicing products seven years after they stop selling them.
That might not cut it in the auto world, where the average age of cars on US roads is only going up. A recent report found that cars and trucks just reached a new record average age of 12.6 years, up two months from 2023. That means the car software hitting the road today needs to work — and maybe even improve— beyond 2036. The average length of smartphone ownership is just 2.8 years.
I wrote about this in 2018, in Click Here to Kill Everything, talking about patching as a security mechanism:
This won’t work with more durable goods. We might buy a new DVR every 5 or 10 years, and a refrigerator every 25 years. We drive a car we buy today for a decade, sell it to someone else who drives it for another decade, and that person sells it to someone who ships it to a Third World country, where it’s resold yet again and driven for yet another decade or two. Go try to boot up a 1978 Commodore PET computer, or try to run that year’s VisiCalc, and see what happens; we simply don’t know how to maintain 40-year-old [consumer] software.
Consider a car company. It might sell a dozen different types of cars with a dozen different software builds each year. Even assuming that the software gets updated only every two years and the company supports the cars for only two decades, the company needs to maintain the capability to update 20 to 30 different software versions. (For a company like Bosch that supplies automotive parts for many different manufacturers, the number would be more like 200.) The expense and warehouse size for the test vehicles and associated equipment would be enormous. Alternatively, imagine if car companies announced that they would no longer support vehicles older than five, or ten, years. There would be serious environmental consequences.
We really don’t have a good solution here. Agile updates is how we maintain security in a world where new vulnerabilities arise all the time, and we don’t have the economic incentive to secure things properly from the start.
No comments:
Post a Comment