August 7, 2014
The US National Institute of Standards and Technology has updated its guidance “Assessing Security and Privacy Controls in Federal Information Systems and Organisations Building Effective Assessment plans.” Public comment is being sought by 26 September 2014. It is a very influential document within the USA but also Read the rest of this entry »
August 6, 2014
A biting article at Techdirt on FBI dodging its obligations on rules regarding drone usage. The FBI has not undertaken, or at least won’t reveal, a Privacy Impact statement on its use of drones according to FBI Refuses To Let Public Know How Its Drone Usage Affects Their Privacy. Putting it into perspective there is Read the rest of this entry »
Curiously the Privacy Commissioner has today, 6 August, published on the OAIC web site notice titled Consultation on the revised Guide to information security although it is dated Monday 4 August. Time must move more slowly in Canberra.
The statement consultation period closes on Wednesday 27 August 2014. That is 3 weeks from today. Given the nature and importance of the issues surrounding information security, what should constitute reasonable steps and the developments in both law overseas and technological advances (and otherwise) why such an abridged timetable is warranted is more than a little perplexing.
The Consultation draft is found here.
The Consultation Information is found Read the rest of this entry »
Reason reports in California Assembly Passes Bill Requiring Police to Get a Warrant for Surveillance Drones that the lower house of the California legislature has passed a bill requiring police to obtain a warrant before using drones for a criminal investigation.
It provides:
The California Assembly has passed a bill that would require law enforcement agencies to obtain a warrant before using a surveillance drone as part of a criminal investigation. The bill specifically states: Read the rest of this entry »
The impact of the hack attack on Target and the resulting data breach late last year continues. Itnew reports in Retailer Target expects data breach to cost $148 million that apart from the reputational damage, executives resigning the cost of the data breach has been significant to the bottom line.
It provides:
The massive data breach of Target that was announced in December 2013 may end up costing the company $148 million, the retail giant announced on Tuesday. Read the rest of this entry »
The saying “The Cobblers children go shoeless” is apt when viewing the ICO’s media release Information Commissioner ‘sounds the alarm’ on data breaches within the legal profession. The release comes on the back of 15 incidents (so described) of possible data breaches. In an industry/profession which generates a significant volume of data in paper and digital form coupled with the fact that much of that data contains sensitive and usually privileged information, the need for proper data management is important. Unfortunately it is also Read the rest of this entry »
August 5, 2014
Mozilla has had to provide a grovelling apology regarding the loss of data relating to 76,000 members together with 4,000 encrypted passwords. Given Mozilla’s role it is a significant reputational slip. Itnews covers the story in Red-faced Mozilla apologises for leaking user data.
It provides:
The Mozilla Foundation has apologised for an accidental data leak that went unnoticed for a month and which resulted in the exposure of tens of thousands of email addresses and encrypted passwords exposed. Read the rest of this entry »
Bloomberg reports in Brazilian Web Provider Fined $1.6 Million For Selling Browsing Data to Advertisers that the Justice Ministry has fined a Brazilian telecommunications company for selling history of web usage of its customers to advertisers. It would be an egregious breach of APPs Read the rest of this entry »
Another loss of health records in the UK. In Patient record probe is underway at GP surgery the Nuneaton News reports on a bag of patient records being found Read the rest of this entry »
August 4, 2014
Today thePrivacy Commissioenr released a video, the first in a series, on privacy.
It is found here:
https://www.youtube.com/watch?v=wmCE_CkV58I
The transcript provides:
What is privacy?
In Australia, personal information is protected by the Commonwealth Privacy Act. Personal information is information that could identify you, like your name or a photo. Read the rest of this entry »