CM
ACI-001 Online Ad Campaign r7_response 728x90
AsiaPF15_300x250_Banner_FINAL
CS15_300x250_Banner_FINAL

(Mar 30, 2015) Hackers breached enterprise chat platform Slack in February and accessed a database containing users’ contact information, Quartz reports. In response, Slack said it is now implementing two-factor authentication and enhanced controls for administrators as well as other security improvements. Slack Vice President of Policy and Compliance Strategy Anne Toth said, “We have no indication that the hackers were able to decrypt stored passwords, as Slack uses a one-way encryption technique called hashi... Read More

Daily Dashboard

After Germanwings Disaster, Medical Privacy Debates Begin

(Mar 30, 2015) Employer access to the health records and whether stringent medical privacy rules prevented an airline from knowing the mental health of a copilot who allegedly intentionally crashed a plane are being debated, Bloomberg reports. “The medical secrecy rules are centuries old and touch the core of the medical profession,” said attorney René Steinhaeuser. Time reports that Germany’s strong data protection laws prevented the airline from knowing Germanwings Copilot Andreas Lubitz’s medical history, w... Read More

Daily Dashboard

Premera Faces Class-Action Lawsuits After Breach

(Mar 30, 2015) Premera Blue Cross is now facing a slew of class-action lawsuits for allegedly failing to adequately protect the personal information of users and notify those affected by its recent breach in a timely manner, Modern Healthcare reports. Earlier this month, Premera announced a cyberattack breached the personal data of approximately 11 million customers. According to one of the lawsuits, the organization “breached its duty to protect and safeguard its customers’ personal and health information and... Read More

Daily Dashboard

FBI Director, Europol Chief Call for Legal Tools To Access Encrypted Services

(Mar 30, 2015) U.S. Federal Bureau of Investigation Director James Comey has warned that Congress may have to get involved to help law enforcement access user data on encrypted cell phones and messaging services. “We have a huge problem,” he said. “I think ultimately it’s going to require some kind of legislative fix,” adding he is concerned that encrypted services will “create spaces that are behind the reach of the law in the United States.” Similarly, the chief of European police intelligence agency Europol... Read More

Daily Dashboard

Researchers Find Vulnerability in Hotel Routers

(Mar 30, 2015) “Guests at hundreds of hotels around the world are susceptible to serious hacks because of routers many hotel chains depend on for their WiFi networks,” Wired reports. That’s according to researchers who’ve discovered a vulnerability in systems that “would allow an attacker to distribute malware to guests, monitor and record data sent over the network and even possibly gain access to the hotel’s reservation and keycard systems,” the report states. The vulnerability was found in the firmware of several models of InnGate routers made by Singapore firm ANTlabs, whose software is used in hotels in the U.S., Europe and elsewhere. Read More

Daily Dashboard

New Dating App Allows Users To Connect Within Proximity

(Mar 30, 2015) Fast Company reports on Happn, a new dating app from a French start-up that’s operational in major cities like Paris, London, Berlin, Barcelona and New York City and has now launched in San Francisco. Happn allows users to connect digitally with people they’ve encountered in the real world within a 275-yard radius. “Think of it like Tinder meets Craigslist missed connections,” the report states. But the “close physical proximity between users could raise concerns that things could inch toward stalker territory or at least result in harassment,” the report states, because, by default, Happn users are to list their job title and place of employment. However, it is possible to turn off geolocation. Read More

Daily Dashboard

Court Rules Safari Users Can Sue Google

(Mar 27, 2015) In what some are calling a landmark decision, the UK Court of Appeals has ruled that a group of claimants have the right to sue Google for bypassing the privacy settings on the Safari browser to install cookies to track clicks online, BBC News reports. Google said it is “disappointed with the court’s decision,” while one of the claimants described it as a “David and Goliath victory.” In its judgement, the UK court said, “These claims raise serious issues which merit a trial.” According to the report, the ruling “potentially opens the door to litigation from the millions of Britons who used Apple” products during the time in question. Read More

Daily Dashboard

Monitoring Third-Party Vendors: Managing Your Own Risk

(Mar 27, 2015) In chapter seven of this ongoing series for The Privacy Advisor on the elements of a successful vendor-management program, K Royal, CIPP/E, CIPP/US, discusses the stage in the third-party vendor process in which the chosen vendor has been contracted and the spend has been made. That's not where diligence ends, however. Now it's time to make some management decisions, like the timing and frequency, scope and level of monitoring and who'll be responsible for that. In this report, Royal includes advice from TRUSTe's Debra Farber, CIPP/US, CIPM, CIPT. If you missed the earlier installments in the series, you can find them here at the IAPP Resource Center. Read More

Daily Dashboard

Officials Discuss Ending FTC “Common Carrier” Exemption

(Mar 27, 2015) The Washington Post reports federal officials are discussing ways to end a law that prohibits the Federal Trade Commission (FTC) from regulating “common carriers.” Under the new net neutrality order by the Federal Communications Commission (FCC), Internet service providers (ISPs) and telecommunications companies would be considered utilities, or common carriers. By removing the exemption, both agencies would have more power to regulate the industry. On Wednesday, FTC Commissioner Terrell McSween... Read More

Daily Dashboard

NSTIC Announces Privacy Pilot Funding

(Mar 27, 2015) The National Strategy for Trusted Identities in Cyberspace (NSTIC) National Program Office has announced a new funding opportunity with a focus on privacy enhancing technologies. “NSTIC is soliciting applications from eligible applicants to pilot privacy-enhancing technologies that embrace and advance the NSTIC vision and contribute to the maturity of the Identity Ecosystem the NSTIC envisions: Promote secure, privacy-enhancing and user-friendly ways to give individuals and organizations convenience in their online interactions,” the NSTIC announcement states. The new privacy pilot program awards are expected to range from approximately $750,000 to $1.5 million per year for up to two years. The deadline to apply is May 28. Read More

Daily Dashboard