Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"

  • Categories

  • Archives

    « Home

    Archive for the ‘Technology’ Category

    Home Depot Confirms Massive Breach of Customers’ Financial Data

    Tuesday, September 9th, 2014

    KrebsOnSecurity reported last week that retailer Home Depot suffered a massive security breach that affected the privacy of millions of customers’ financial information. On Monday, the site reported: “The apparent credit and debit card breach uncovered last week at Home Depot was aided in part by a new variant of the malicious software program that stole card account data from cash registers at Target last December, according to sources close to the investigation.” Now, the New York Times is reporting that Home Depot has confirmed the security breach affecting U.S. and Canadian customers:

    Home Depot confirmed on Monday that hackers had broken into its in-store payments systems, in what could be the largest known breach of a retail company’s computer network.

    The retailer said the exact number of customers affected was still not clear. But a person briefed on the investigation said the total number of credit card numbers stolen at Home Depot could top 60 million. By comparison, the breach last year at Target, the largest known attack to date, affected 40 million cardholders.

    The breach may have affected any customer at Home Depot stores in the United States and Canada from April to early last week, said Paula Drake, a company spokeswoman. [...] Read more »

    IDG News Service: Instagram, Grindr, and more popular Android apps put user privacy at risk, researcher says

    Tuesday, September 9th, 2014

    IDG News Service reports on research from the University of New Haven’s Cyber Forensics Research and Education Group concerning privacy and security problems with popular apps on Google’s Android mobile devices:

    Instagram, Grindr, OkCupid and many other Android applications fail to take basic precautions to protect their users’ data, putting their privacy at risk, according to new study.

    The findings comes from the University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG), which earlier this year found vulnerabilities in the messaging applications WhatsApp and Viber.

    This time, they expanded their analysis to a broader range of Android applications, looking for weaknesses that could put data at risk of interception. The group will release one video a day this week on their YouTube channel highlighting their findings, which they say could affect upwards of 1 billion users. [...] Read more »

    Atlantic: Why Privacy Policies Are So Inscrutable

    Monday, September 8th, 2014

    The Atlantic reviews the privacy policies of 50 of the most popular Web sites in an effort to determine “whether most popular websites respect your privacy as much as they claim to.”

    So we gathered up and analyzed the 145,641 words that make up the privacy policies of the 50 most popular American websites. (Collectively, they amount to a text that’s about as long as The Grapes of Wrath.) What we found was that these policies tell you very little about the data these websites have on you. And that’s the point.

    Today’s privacy policies don’t tell consumers the whole story for two main reasons. First, websites have adopted a kind of precautionary legalese to inoculate themselves against lawsuits and fines. The vaguer and more elastic their language, the more risk reduced. Second, over the past ten years, a new industry of “data brokerage” has arisen to help sites learn more about the people like you and me on the other side of the screen. These firms cross-reference and synthesize data to create richly detailed profiles that can include purchasing habits, political affiliations, sexual orientation, religious beliefs, and medical history. Gathering and analyzing that data is big business, and it creates a strong financial incentive for the firms that collect it to make it as difficult as possible for you to opt out of their net. [...] Read more »

    Opinion at Slate: The Potemkinism of Privacy Pragmatism

    Friday, September 5th, 2014

    At Slate, the University of California at Berkeley’s Chris Hoofnagle has an opinion column about how “use regulation” affects privacy and civil liberties:

    A revolution is afoot in privacy regulation. In an assortment of white papers and articles, business leaders—including Microsoft—and scholars argue that instead of regulating privacy through limiting the collection of data, we should focus on how the information is used. It’s called “use regulation,” and this seemingly obscure issue has tremendous implications for civil liberties and our society. Ultimately, it can help determine how much power companies and governments have.

    In a use-regulation world, companies may collect any data they wish but would be banned from certain uses of the data. In U.S. law, a good example of use regulation comes from credit reporting. Your credit report can be used only for credit decisions, employment screening, and renting an apartment. Or consider your physician: Her professional norms encourage expansive data collection, but she can use medical records only to advance patient care. Read more »

    Events of Interest: DHS Data Privacy Committee Meeting (Sept. 22)

    Thursday, September 4th, 2014

    The Department of Homeland Security’s Data Privacy and Integrity Advisory Committee will hold a public meeting on September 22, 2014. The meeting will discuss DHS cybersecurity as well as the implementation of the DHS data framework. RSVP by sending an e-mail to:

    Date: Monday, September 22, 2014 at 2 p.m. ET
    Location: 1331 F Street, NW, Suite 800; Washington, DC 20004
    For more information:

    Verizon to Pay FCC $7.4 Million to Settle Consumer Privacy Investigation

    Thursday, September 4th, 2014

    The Federal Communications Commission announced that Verizon has agreed to pay $7.4 million to settle charges concerning consumer privacy. The agency said that the telecommunications company had failed to notify about 2 million its customers of their privacy rights before it marketed services to them. The fine, the FCC said, “is the largest such payment in FCC history for settling an investigation related solely to the privacy of telephone customers’ personal information.” The FCC said:

    The Federal Communications Commission’s Enforcement Bureau has reached a $7.4 million settlement with Verizon to resolve an investigation into the company’s use of personal consumer information for marketing purposes. The Enforcement Bureau’s investigation uncovered that Verizon failed to notify approximately two million new customers, on their first invoices or in welcome letters, of their privacy rights, including how to opt out from having their personal information used in marketing campaigns, before the company accessed their personal information to market services to them. In addition to the $7.4 million payment, Verizon has agreed to notify customers of their opt-out rights on every bill for the next three years. [...] Read more »