Group items tagged

"Despite concerns from some privacy groups and U.S. lawmakers about behavioral advertising, most large advertising networks generally comply with a set of privacy and data-handling standards adopted by the Network Advertising Initiative a year ago, the NAI said in a report released Wednesday." ...NAI, whose members include Google, Yahoo and Advertising.com, should be praised for doing a compliance report after skipping it for several years, said Ari Schwartz, vice president and chief operating officer CDT. However, the group should consider using a third party to audit compliance of its privacy guidelines, instead of having NAI staff do the audits, he said. In addition, while NAI members appear to be following most of the guidelines, some of the privacy safeguards are "weak," including the data retention standard, he said. "There's no maximum for data retention -- they just have to state what their data retention policy is," Schwartz added. The NAI report doesn't lessen the need for new privacy laws, Schwartz said. Several online advertising networks are not members of NAI, and the recent public pressure has led to the NAI updating 8-year-old guidelines last year and issuing a compliance report for the first time in several years, although the group had promised regular reports, he said. "It seems that when there's regulatory pressure, they actually do comply with what they said they were going to do," he said. "We certainly wouldn't want to see any regulatory pressure lifted."

Worth a read. The story changes quite a bit from the top to bottom of the story.

The European Commission has moved to sue Sweden after the Nordic state failed to implement the EU's Data Retention Directive in a timely fashion. The Directive was passed back in 2006 and requires all EU member states to implement some form of data retention legislation, with terms of six month to two years. National laws were to be in place by March of this year, but Sweden still has yet to introduce a bill of its own.

Last month, the digital advertising industry's use of behaviorally targeted advertising gained a reprieve of sorts when the Federal Trade Commission issued a final report confirming its earlier support of self-regulation. But some commission members remained concerned about ads that are shown to Web users based on their previous online activities, and in particular the possibility of violations of online privacy. Some form of legal restrictions may be imposed on the industry, the FTC indicated, if the online ad industry isn't up to the task of regulating itself. "Privacy is definitely the biggest concern today," said Joe Apprendi, CEO of Collective Media, an online advertising network based in New York. "There has been the concern that through such approaches as deep-packet technology, companies can leverage information through subscriber-based providers to marry anonymous behavioral segment data and identify real people. "The fact is, online advertising is subject to a higher standard that offline direct marketing tactics," Apprendi said. The FTC report, "Self-Regulatory Principles for Online Behavioral Advertising," continues to advocate voluntary industry self-regulation, in keeping with its principles governing online behavioral advertising issued at the end of 2007, despite the urgings of consumer advocacy groups that it impose rules regulating online advertising. The commission's new guidelines are based on four principles: * Transparency and consumer control. The commission advises that Web sites that collect data for behavioral advertising provide "a clear, concise, consumer-friendly and prominent statement" that the data are being collected to provide ads tailored to the user's interests and that the user has an easy and obvious way to choose whether to allow this. * Security for data retention. Companies that collect data for behavioral advertising should provide "reasonable" protection of that information and reta

The organization charged with administering the Payment Card Industry Data Security Standard (PCI DSS) is trying to give merchants a compliance blueprint. The Prioritized Approach Tool offers six "milestones" that businesses should try to reach in their pursuit of compliance, said Lib de Veyra, the newly appointed chairman of the PCI Security Standards Council, which manages the guidelines. When faced with a standard as robust as PCI DSS, many companies, particularly the smaller merchants, need help deciding which risks they should address first, de Veyra told SCMagazineUS.com on Friday. The tool, to be published Tuesday on the council's website, also helps retailers and their acquiring banks demonstrate and measure progress. Rated by order of criticality, the milestones are: Limit data retention, secure the perimeter, secure applications, control system access, protect stored cardholder data and finalize remaining compliance efforts, ensuring all controls are in place. "You take care of Milestone One and you've significantly reduced the risk in the event of a data breach because, where's the data?" de Veyra said.

Republican politicians on Thursday called for a sweeping new federal law that would require all Internet providers and operators of millions of Wi-Fi access points, even hotels, local coffee shops, and home users, to keep records about users for two years to aid police investigations. The legislation, which echoes a measure proposed by one of their Democratic colleagues three years ago, would impose unprecedented data retention requirements on a broad swath of Internet access providers and is certain to draw fire from businesses and privacy advocates. "While the Internet has generated many positive changes in the way we communicate and do business, its limitless nature offers anonymity that has opened the door to criminals looking to harm innocent children," U.S. Sen. John Cornyn, a Texas Republican, said at a press conference on Thursday. "Keeping our children safe requires cooperation on the local, state, federal, and family level." Joining Cornyn was Texas Rep. Lamar Smith, the senior Republican on the House Judiciary Committee, and Texas Attorney General Greg Abbott, who said such a measure would let "law enforcement stay ahead of the criminals."

Jan 15, 2009 There may be only a handful of days left in the Bush administration, but the brouhaha over White House e-mail retention policies promises to continue right up to the last day. A federal court yesterday extended a preservation order to ensure that the outgoing administration does everything it can to recover any missing White House e-mails. The White House IT staff now has five days to scour workstations for missing e-mail before administration data records are archived on Jan. 20. The ruling, by U.S. District Judge Henry Kennedy Jr., also orders staff of the Executive Office of the President (EOP) to relinquish any digital media that may contain e-mails from March 2003 and October 2005. The legal action is the latest resulting from a lawsuit filed in September 2007 by the National Security Archive against the EOP, seeking to preserve and restore White House e-mails it alleged were missing. "There is nothing like a deadline to clarify the issues," Tom Blanton, the National Security Archive's director, said in a statement. "The White House will complain about the last-minute challenge, but this is a records crisis of its own making." The Archive, an independent nongovernmental research institute based at George Washington University, is a repository of government records and does not receive U.S. government funding. The Citizens for Responsibility and Ethics in Washington (CREW), a left-wing public advocacy group, also filed suit, but its legal action was subsequently consolidated with the Archive's legal action, which is taking place in the U.S. District Court for the District of Columbia. Last May, the White House's top tech staffer acknowledged that three months of data were missing from backup tapes. In earlier testimony before a congressional committee, White House technical staff said millions of e-mails from the past eight years could potentially have been erased. Also yesterday, Magistrate Judge John M. Facciola held an emergency status con

Heartland Payment Systems, a credit card processor, may have had up to 100 million records exposed to malicious hackers. Payment processors CheckFree and RBS Worldpay, and employment site Monster.com have all reported data breaches in recent months, as have universities and government agencies. Experts at Wharton say that personal data is increasingly a liability for companies, and suggest that part of the solution may be minimizing the customer information these companies keep.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

The inability to discard worthless items even though they appear to have no value is known as compulsive hoarding syndrome. Ben Rothke explains why it's a bad habit in the world of IT security. The inability to discard worthless items even though they appear to have no value is known as compulsive hoarding syndrome. If the eccentric Collyer brothers had a better understanding of destruction practices, they likely would not have been killed by the very documents and newspapers they obsessively collected. While most organizations don't hoard junk and newspapers like Homer and Langley Collyer did, they do need to keep information such as employee personnel records, financial statements, contracts and leases and more. Given the vast amount of paper and digital media that amasses over time, effective information destruction policies and practices are now a necessary part of doing business and will likely save organizations time, effort and heartache, legal costs as well as embarrassment and more. In December 2007, the Federal Trade Commission announced a $50,000 settlement with American Mortgage Company of Northbrook, Illinois, over charges the company violated the FTC's Disposal, Safeguards, and Privacy rules by failing to properly dispose of documents containing consumers' credit and personally identifiable information. In announcing the settlement, the FTC put all companies on notice that it is taking such failures seriously. A $50,000 settlement might seem low when measured against the potential for financial harm to individuals as a result of the company's negligence, but in addition to the negative PR for American Mortgage, the settlement includes an obligation to obtain an audit, every two years for the next 10 years, from a qualified, independent, third-party professional to ensure that its security program meets the standards of the order. Any similar failures by this company during the next decade will be met with more severe punishment. That, indeed, is a

Proof that George Bush was actually protecting us by limiting access to government information!

At the National Archives and Records Administration's annual conference Thursday, one keynote speaker asked the crowd of several hundred how many of the archivists in attendance were sold on the use of social media. Only a smattering raised their hands. Clearly, it's a challenge for the government to figure out how to navigate complex archival and e-discovery regulations that require it to capture and store all sorts of new content in the age of social media, cloud computing, and seemingly endless storage. "The federal government is in a constantly evolving records environment," Adrienne Thomas, acting archivist of the United States, said in a luncheon speech to the conference. "These are exciting and challenging times." Obama administration ambitions toward cloud computing and more openness only make that issue more complicated. "Many of us in the federal records administrations have struggled with the implications of this new direction," Paul Wester, director of modern records programs at the National Archives, said in an interview. "We deeply believe in transparency and openness, but we are concerned about FOIA, HIPAA, the Privacy Act, personally identifiable information, and compliance with the Disability Act and Federal Records Act."