Privacy News | Daily Dashboard

Breaking news. In-depth articles. Global coverage.

Save time searching the headlines for privacy news in the media. Get the latest breaking privacy and data protection news from around the globe all in one place—The Daily Dashboard. Our FREE daily e-newsletter summarizes the day’s top privacy stories with links to the full articles—sent directly to your desktop each weekday!

Subscribe now!

Top Privacy News

PRIVACY ENGINEERING—U.S.

NIST Seeks Answers To Engineering Privacy

April 17, 2014

Last week, the National Institute of Standards and Technology (NIST) held a two-day workshop with public- and private-sector experts to explore the concept of privacy engineering. Three trends that recurred throughout the workshop, according to Jenner & Block’s Mary Ellen Callahan, CIPP/US, and Esteban Morin, included the lack of privacy technical standards, the role engineers can play in protecting privacy and the role NIST should play moving forward. In this installment of Privacy Perspectives, Morin and Callahan, who was also a workshop panelist, discuss these trends and why they think the workshop was a success.
Full Story

CLOUD COMPUTING

Why Attempts To Physically Control Data Make No Sense

April 17, 2014

“With cloud computing, many fear losing control. True, supply chains may be complex … However, users can retain control in cloud computing—depending,” writes cloud computing expert Kuan Hon in this Privacy Tracker post. Using examples of the evolution of the EU Data Protection Directive and cases from the EU Court of Justice and the Danish Data Protection Agency, Hon outlines reasons the data export restriction and the “transfer to a third country” provisions are antiquated in today’s technological environment. “Nowadays, physically confining data to the EEA does not equate to or guarantee data protection. Yet vast amounts of time and resources are poured into compliance with the restriction, which could be better spent on improving information security,” Hon writes. (IAPP member login required.) Editor's Note: The IAPP and TRUSTe will present a free web conference, The Role of Privacy Seals and Certifications in Building Trust and Global Interoperability, on May 8.
Full Story

GEOLOCATION—U.S.

Marketers Thrilled with iPhone Update Allowing Persistent Tracking

April 17, 2014

Following Apple’s update to the iPhone operating system, marketing apps can now keep tabs on users’ of Bluetooth-based iBeacon app even if the app is closed, and marketers are thrilled with the change, NPR reports. “It was the announcement everybody was waiting for,” said industry insider Doug Thompson. But Seattle-based technologist and writer Garrett Cobarr said, “As a privacy researcher, I always get nervous when marketers are celebratory about something.” Cobarr said users would assume an app wasn’t tracking them if they had turned it off, and the fact their location is now still being tracked would “surprise most people and perhaps unnerve them.”
Full Story

ONLINE PRIVACY—U.S.

ECPA Reform Stalled; Courts Avoid Tech Questions

April 17, 2014

A federal appeals court has affirmed an earlier court ruling holding Lavabit founder Ladar Levison in contempt for refusing to turn over the master encryption keys to Lavabit’s 400,000 users, and at the same time, Ars Technica reports, reforms to the Electronic Communications Privacy Act (ECPA) have stalled in Congress. The Center for Democracy & Technology’s Jim Dempsey said, “It has become clear to us in the course of a year and a half, we’re not going to see comprehensive ECPA reform at this time.” Kashmir Hill reports on the Levison and Andrew “weev” Auernheimer court cases and how, in each case, the important technological questions of Internet security were not decided because of court technicalities. Meanwhile, German-based startup Lavaboom is unveiling a new e-mail encryption service inspired by Lavabit.
Full Story

PRIVACY LAW—U.S.

Harassment Continues As Laws Lag Behind Reality

April 17, 2014

It’s a rare occasion that legislators act swiftly to protect against emerging privacy violations, writes Danielle Citron for Forbes, suggesting the law needs sooner-than-later updating to combat privacy invasions facilitated by today’s technologies. She uses as an example the case of Ian Barber, who allegedly posted nude pictures of his ex-girlfriend to Twitter and sent them to her employer and sister. A judge dismissed sexual harassment charges against him because he hadn’t sent the pictures directly to the victim, as required under the law. The case isn’t an anomaly, Citron writes. While 22 states are considering anti-revenge porn legislation, “time will tell” if Congress will respond. Editor’s Note: Jedidiah Bracy, CIPP/US, CIPP/E, recently examined issues of data ownership and revenge porn in this post for Privacy Perspectives.
Full Story

DATA PROTECTION—U.S.

SEC Rolls Out Cybersecurity Roadmap for Wall Street

April 17, 2014

The Securities and Exchange Commission (SEC) has released a blueprint explaining how it plans to ensure Wall Street companies are prepared to detect and prevent cyber-attacks, Reuters reports. The document includes example questions the SEC may ask brokerages and financial firms during inspections and warns firms should be ready to disclose a comprehensive list of when they’ve detected malware, undergone a denial-of-service attack or discovered a breach after January 2013. Former SEC Chief of Internet Enforcement John Reed Stark said the list of questions is unusual but “forward-thinking.” He added, “With the public disclosure of this questionnaire, the SEC is giving up the surprise of one aspect of their exam program and opting to provide to SEC-registered financial firms a rare chance to prepare.”
Full Story

INTERNET OF THINGS

Seeing Is Believing with Google’s New Smart Contact Lens

April 17, 2014

Wired reports on one of the latest projects from Google X lab, a smart contact lens with a built-in camera. An earlier iteration of the lens could be used to monitor blood glucose levels via tear fluid. This latest project would include a sensor, circuit and camera. The sensor could be used to detect light, pressure and temperature to give people a sort of “sixth sense.” According to the report, the technology “isn’t all that far off,” as clunkier versions have been tested, adding, “If these contact lenses ever do come to market, it means you can leapfrog the Glasshole stage and go straight to Lenshole.”
Full Story

PRIVACY LAW—U.S.

What Did You Expect? The Fast Track to an FTC Settlement

April 16, 2014

Whether consumers are checking a credit score while waiting for a flight or buying movie tickets while on the way to the theater, the last thing they are probably worried about is what kind of security tests their smartphone apps’ developers ran a year ago. If an established, well-publicized, highly rated app with millions of downloads and prominent data protection promises can’t be trusted to secure information, after all, who can? And if that data is intercepted, it must be through some new, highly advanced cyber-attack, right? You might be surprised—or then again, maybe not. The FTC recently settled with a pair of companies that likely should have known better. Westin Research Fellow Kesley Finch analyzes where they went wrong for the IAPP FTC Casebook and outlines the simple steps every organization can take to avoid such scrutiny.
Full Story

PRIVACY COMMUNITY

IAPP Announces Two Newest Westin Fellows

April 16, 2014

As the inaugural IAPP Westin Research Fellows Kelsey Finch and Dennis Holmes prepare for life after Portsmouth, NH, the IAPP is proud to announce our second batch of newly graduated students looking to continue their studies in privacy. Patricia Bailin, coming from Tufts’ Fletcher School of Law & Diplomacy, and Arielle Brown of the University of Colorado School of Law will join the IAPP Westin Research Center this fall after wrapping up their current studies. IAPP Publications Director Sam Pfeifle makes introductions.
Full Story

FINANCIAL PRIVACY—U.S.

Audit Finds Most Tax Apps Lacking in Privacy, Security

April 16, 2014

Hewlett-Packard (HP) has warned consumers that many mobile financial apps contain at least one privacy violation, such as unencrypted data storage and transmission and access to user contact lists and geolocation, TechCrunch reports. “The bottom line is that even with all the best intentions of providing fast tax-filing assistance, mobile tax apps could put users at risk,” said HP’s Maria Bledsoe. Privacy does not appear to be designed from the beginning for many of these apps. “A lot of companies are looking at mobile apps as a fancy user interface, and they’re putting their protection on the back-end behind the firewall,” Bledsoe said, adding, “they’re not realizing yet that this is yet another attack vector and is an entry point for the hackers.”
Full Story

DATA PROTECTION—U.S.

Lawyer-Specific App Helps Bolster Attorney-Client Privilege

April 16, 2014

Inside Counsel reports on the importance of keeping communications with clients protected—in this case, in family and employment law—and an app that helps do just that. Privatus, which has been designed with lawyers in mind, is a messaging app that helps keep communications confidential and, according to the report, is not subject to legal discovery. Third parties involved in transmitting the encrypted data never see the content, and such data is not subject to subpoena, the report states.
Full Story

SURVEILLANCE—U.S.

FBI On Track for Facial Recognition Database; NYPD Ends Secret Program

April 16, 2014

New documents released by the FBI indicate the agency is headed toward its goal of a fully operational facial recognition database by this summer, the Electronic Frontier Foundation (EFF) reports. The records were obtained in response to an EFF Freedom of Information Act lawsuit over the FBI’s plans for its Next Generation Identification biometric database that may hold records on up to one-third of the U.S. population, the report states. Meanwhile, the New York Police Department has shut down a secret program that dispatched plain-clothes detectives into Muslim neighborhoods to spy on conversations and build detailed reports on residents.
Full Story