July 24th, 2014
McClatchy News Service reports that computing company Microsoft wants the public to know it’s working on data security and privacy:
As some of its competitors have been battered over their policies for protecting student data, Microsoft Corp. has sought to make sure that the issue—and what it regards as its strong record on privacy—remain firmly in the public eye.
But as the company moves aggressively to position itself as a protector of student-data privacy, some say it also runs the risk of a backlash if it doesn’t back up its talk with the kind of vigilance the technology giant promises to deliver.
During the past year, Microsoft has supported academic research on privacy and guides for school officials on the subject. Its executives have also kept a steady presence at public forums urging school districts and policymakers, as well as parents and families, to pay attention to the issue. [...] Read more »
July 23rd, 2014
Law professors Woodrow Hartzog and Daniel Solove have released a research paper, “The Scope and Potential of FTC Data Protection,” discussing the Federal Trade Commission and its regulatory powers concerning privacy and data security. Here’s the abstract:
For more than fifteen years, the Federal Trade Commission (FTC) has regulated privacy and data security through its authority to police deceptive and unfair trade practices as well as through powers conferred by specific statutes and international agreements. Recently, the FTC’s powers for data protection have been challenged by Wyndham Worldwide Corporation and LabMD. These recent cases raise a fundamental issue, and one that has surprisingly not been well explored: How broad are the FTC’s privacy and data security regulatory powers? How broad should they be? Read more »
July 22nd, 2014
ProPublica and Mashable report on “canvas fingerprinting,” which is a new kind of online tracking tool. The report discusses a paper documenting canvas fingerprinting, “The Web never forgets: Persistent tracking mechanisms in the wild,” from researchers at Princeton University and KU Leuven University in Belgium. The researchers are: Gunes Acar, Christian Eubank, Steven Englehardt, Marc Juarez1, Arvind Narayanan and Claudia Diaz. ProPublica and Mashable report:
[T]his type of tracking, called canvas fingerprinting, works by instructing the visitor’s Web browser to draw a hidden image. Because each computer draws the image slightly differently, the images can be used to assign each user’s device a number that uniquely identifies it.
Like other tracking tools, canvas fingerprints are used to build profiles of users based on the websites they visit — profiles that shape which ads, news articles, or other types of content are displayed to them.
But fingerprints are unusually hard to block: They can’t be prevented by using standard Web browser privacy settings or using anti-tracking tools such as AdBlock Plus. Read more »
July 21st, 2014
In the latest issue of PLOS One, MIT researchers Yves-Alexandre de Montjoye, Erez Shmueli, Samuel S. Wang, Alex Sandy Pentland announced a system that they say would give individuals more control over their privacy, allowing them to decide what data to share with Web sites and mobile apps. Here’s the abstract from the article, “openPDS: Protecting the Privacy of Metadata through SafeAnswers“:
The rise of smartphones and web services made possible the large-scale collection of personal metadata. Information about individuals’ location, phone call logs, or web-searches, is collected and used intensively by organizations and big data researchers. Metadata has however yet to realize its full potential. Privacy and legal concerns, as well as the lack of technical solutions for personal metadata management is preventing metadata from being shared and reconciled under the control of the individual. This lack of access and control is furthermore fueling growing concerns, as it prevents individuals from understanding and managing the risks associated with the collection and use of their data. Read more »
July 18th, 2014
CBS’s Chicago affiliate reports on statements by Illinois Attorney General Lisa Madigan concerning data security and privacy:
Illinois Attorney General Lisa Madigan on Wednesday called for the formation of a new federal agency to investigate data breaches in much the same way the National Transportation Safety Board investigates plane and train crashes.
WBBM Newsradio’s John Cody reports Madigan said the federal government lacks a single group to determine the extent of damage caused by a data breach, and come up with ways to fix them and prevent them in the future. [...]
Madigan said data thieves are more likely to make online purchases with stolen private information in Chicago than Los Angeles or Miami. [...]
She also said too many companies collect too much private information, and keep it too long, enhancing the risk of identity theft.
July 17th, 2014
The Hill reports that businesses are making moves now on data security and privacy rather than waiting for Congress to act:
Data breaches were thrust in the spotlight after hackers broke into the networks of retailers during last year’s holiday season. Lawmakers held a slew of hearings in the aftermath and many proposed legislation intended to ensure that consumers are warned promptly when their information is put at risk.
But a legislative solution has a long way to go, as bill dealing with privacy must travel through several committees with jurisdiction, including three in the House alone. [...]
With action in Congress unlikely to happen soon, the nation’s largest retailers and financial groups are taking it upon themselves to increase safeguards for consumer information. With their reputations and business on the line, both industries are determined to make progress. Read more »