Search


  • Categories


  • Archives

    « Home

    Archive for the ‘Security’ Category

    FTC Reaches Proposed Settlement With TRUSTe Over Privacy Seal Program

    Tuesday, November 18th, 2014

    The Federal Trade Commission announced that it has reached a proposed settlement with TRUSTe, a provider of privacy certifications for online businesses, over its privacy seal program. TRUSTe faced charges “that it deceived consumers about its recertification program for company’s privacy practices, as well as perpetuated its misrepresentation as a non-profit entity.” The FTC said:

    TRUSTe provides seals to businesses that meet specific requirements for consumer privacy programs that it administers.  TRUSTe seals assure consumers that businesses’ privacy practices are in compliance with specific privacy standards like the Children’s Online Privacy Protection Act (COPPA) and the U.S.-EU Safe Harbor Framework. [...]

    The FTC’s complaint alleges that from 2006 until January 2013, TRUSTe failed to conduct annual recertifications of companies holding TRUSTe privacy seals in over 1,000 incidences, despite providing information on its website that companies holding TRUSTe Certified Privacy Seals receive recertification every year. [...] Read more »

    Kojo Nnamdi Show: GPS Tracking And Law Enforcement

    Monday, November 17th, 2014

    The Kojo Nnamdi Show recently had a discussion with Chris Calabrese, Senior Policy Director at the Center for Democracy and Technology, and Mark Eckenwiler, Senior Counsel at Perkins Coie, about GPS tracking technology and its use by law enforcement officials. The discussion included privacy issues. Here’s the blurb:

    Last week, law enforcement officers used GPS tracking to locate a woman who had been abducted in Philadelphia. The vehicle of her alleged abductor had a GPS device installed by the dealer, which the police then used to find the suspect and the victim. We explore the legal issues around when and how police can use surveillance technology like GPS, and what a 2012 Supreme Court decision means for such cases.

    Update: AT&T stops using tracking ‘supercookies’ on cellphones — for now

    Monday, November 17th, 2014

    Recently, there were news reports that Verizon and AT&T were using tracking “supercookies” to keep tabs on their customers’ online activities. These supercookies were virtually impossible to get rid of. Now, ProPublica reports that AT&T has stopped using the supercookie tracking technology on mobile phones, but it may restart the use of the technology:

    AT&T says it has stopped its controversial practice of adding a hidden, undeletable tracking number to its mobile customers’ Internet activity. [...]

    The tracking numbers can be used by sites to build a dossier about a person’s behavior on mobile devices – including which apps they use, what sites they visit and for how long. Read more »

    Wall Street Journal: Americans’ Cellphones Targeted in Secret U.S. Spy Program

    Friday, November 14th, 2014

    The Wall Street Journal reports on a surveillance program gathering the data of thousands of mobile phones:

    WASHINGTON—The Justice Department is scooping up data from thousands of mobile phones through devices deployed on airplanes that mimic cellphone towers, a high-tech hunt for criminal suspects that is snagging a large number of innocent Americans, according to people familiar with the operations. [...]

    Planes are equipped with devices—some known as “dirtboxes” to law-enforcement officials because of the initials of the Boeing Co. unit that produces them—which mimic cell towers of large telecommunications firms and trick cellphones into reporting their unique registration information.

    The technology in the two-foot-square device enables investigators to scoop data from tens of thousands of cellphones in a single flight, collecting their identifying information and general location, these people said. [...] Read more »

    SC Magazine: Automakers pen ‘privacy principles’ for in-car technology

    Friday, November 14th, 2014

    SC Magazine reports on a letter (pdf) that 19 automakers (part of the Alliance of Automobile Manufacturers and the Association of Global Automakers) sent to the Federal Trade Commission concerning in-car technology and principle of privacy for protecting drivers and passengers. The companies signing on to the principles are Aston Martin, BMW, Chrysler, Ferrari, Ford, General Motors, Honda, Hyundai, Kia, Maserati, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen and Volvo. SC reports:

    Two automaker groups, with representation from major manufacturers, like Ford Motor Company, BMW, Mercedes-Benz and Toyota, have penned a benchmark privacy document for protecting data collected through in-car technologies.  [...]

    In a letter to FTC Chairwoman Edith Ramirez, the groups’ CEOs Mitch Bainwol and John Bozzella said that the principles coincide with the associations’ existing commitments to the National Highway Traffic Safety Administration (NHTSA). In July, the groups agreed to establish an information sharing and analysis center (ISAC) for the auto industry, where information on “cyber-related threats and vulnerabilities in motor vehicle electronics or associated in-vehicle networks” could be communicated, the letter said. Read more »

    New York Times: Oops! Health Insurer Exposes Member Data

    Thursday, November 13th, 2014

    The New York Times reports that health insurance company Anthem Blue Cross sent e-mails to some customers that contained sensitive information in the subject lines:

    On Monday, in a similar error, some California residents received emails from their health insurer, Anthem Blue Cross, with personal details about them contained in the subject line.

    The text of the emails encouraged members to visit their doctors for checkups and to discuss certain medical screening tests. [...]

    But the emails’ subject lines included member-specific demographic details like age range and language. They also listed possible medical screening tests — marked “Y” for recommended tests and “N” for tests not listed in the email. [...] Read more »