Group items tagged

Federal regulators on Tuesday met to hear about whether the benefits of cloud computing justify increased regulation, as privacy activists claim, or whether such an approach would do more harm than good. "We need to be smarter about dealing with technology, and cloud computing is posing (a) risk for us," said Hugh Stephenson, deputy director for international consumer protection at the Federal Trade Commission's Office of International Affairs. The FTC convened the two-day meeting in its offices here, which follows a series of similar workshops held in previous years on topics like spam, privacy, and behavioral advertising. The agency may file lawsuits to halt "unfair or deceptive acts or practices," meaning that if cloud computing is not unfair or deceptive, the FTC would likely not have jurisdiction. To secure personal information on the cloud, regulators may have to answer questions such as which entities have jurisdiction over data as it flows across borders, whether governments can access that information as it changes jurisdiction, and whether there is more risk in storing personal information in data centers that belong to a single entity rather than multiple data centers. The current panoply of laws at the state, national, and international level have had insufficient results; FTC Commissioner Pamela Jones Harbour cited a 2008 PricewaterhouseCoopers information security survey (PDF) in which 71 percent of organizations queried said they did not have an accurate inventory of where personal data for employees and customers is stored. With data management practices that are not always clear and are subject to change, companies that offer cloud-computing services are steering consumers into dangerous territory, said Marc Rotenberg, executive director of the Electronic Privacy Information Center. Already, problems of identity theft are skyrocketing, he said, and without more regulation, data management services may experience a collapse analogous to that

As the National Security Council works on its comprehensive review of federal cybersecurity programs for President Obama, it is going to great lengths to consider privacy and civil liberty issues, some Congress members said Thursday. The House Cybersecurity Caucus on Thursday met with Melissa Hathaway, the acting senior director for cyberspace for the National Security and Homeland Security Councils, who is conducting for the administration a 60-day cybersecurity review. Rep. James Langevin (D-R.I.), co-chair of the House Cybersecurity Caucus, said Hathaway has been meeting with privacy and civil liberties groups to receive their input on how to reform cybersecurity. Those issues are "a forethought rather than an afterthought," he said. "Because these are such powerful tools (to grant federal authorities to regulate cyberspace), we're going to have to have the buy-in of the public and have their support." While the Senate is working on its own plan for White House-run cybersecurity efforts, Langevin said Hathaway's assessment may ultimately suggest a strategy with a stronger emphasis on inter-agency efforts. Langevin said it is still unclear whether Hathaway will recommend that a new office for cybersecurity should be created within the Executive Office of the President--a move some senators are pushing for. Certainly, though, policy will have to come from the White House. "This is going to have to be an ongoing strategy of collaboration and cooperation directed out of the White House," Langevin said. "But there won't be one king, so to speak, at the end of the day. The chief information officers at the departments and agencies are still going to have a role to play."

"The Federal Trade Commission will host a series of day-long public roundtable discussions to explore the privacy challenges posed by the vast array of 21st century technology and business practices that collect and use consumer data. Such practices include social networking, cloud computing, online behavioral advertising, mobile marketing, and the collection and use of information by retailers, data brokers, third-party applications, and other diverse businesses. The goal of the roundtables is to determine how best to protect consumer privacy while supporting beneficial uses of the information and technological innovation."

Those who are superstitious may believe that bad things happen on Friday the 13th, but we will leave it to each individual and entity to formulate conclusions regarding the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), which Congress passed late on Friday, February 13, 2009, and President Obama officially signed into effect on February 17, 2009. The HITECH Act addresses various aspects relating to the use of health information technology (H.I.T.), including providing for federal funding by way of grants and incentive payments in order to promote H.I.T. implementation. This Alert focuses, however, on Subtitle D of the HITECH Act, which includes important, new and far-reaching provisions concerning the privacy and security of health information that will materially and directly affect more entities, businesses and individuals in more diverse ways than ever before. These changes are further elaborated upon below, but this Alert can only highlight certain prominent issues under the HITECH Act and is by no means a comprehensive review of this lengthy and complex Act. For questions and additional guidance on the HITECH Act, contact your Fox Rothschild attorney or the authors of this Alert. New Privacy and Security Requirements * Security Breach Notification Requirements: Security breach notification requirements under the HITECH Act go into effect 30 days after the date that interim final regulations are promulgated, which will be no later than 180 days after the date of enactment of the HITECH Act (August 16, 2009). Covered entities, business associates and vendors who handle personal health records are required to abide by breach notification requirements. Violations of this requirement by vendors would be treated as an unfair and deceptive act or practice in violation of the Federal Trade Commission Act. If a breach affects more than 500 individuals of a particular state, notice also must be provided to prominent media outl

You're watching Jon Stewart's "The Daily Show," when suddenly you see a commercial for the Mustang convertible you've been eyeing - with a special promotion from Ford, which knows you just ended your car lease. A button pops up on the screen. You click it with the remote and are asked whether you want more information about the car. You respond "yes." Days later, an information packet arrives at your home, the address on file with your cable company. This is the future of cable TV advertising: personal and targeted. Cable TV operators are taking a page from online advertising behemoths like Google Inc. to bring these so-called "addressable" ads onto the television. "It hasn't really been done on TV before," said Mike Eason, chief data officer of Canoe Ventures, a group formed by the nation's six largest cable operators to launch targeted and interactive ads on a national platform starting this summer. They're betting they can even one-up online ads because they also offer a full-screen experience - a car commercial plays much better on your TV than on your PC. As such, they hope to charge advertisers more. The stakes are high: Cable companies get only a small portion of the $182 billion North American advertising market. Eason said the cable operators, which sell local ads on networks like Comedy Central, get roughly 10 percent of the commercial time on those channels. With targeting, they are hoping to expand that. But they have to tread carefully. Privacy advocates worry the practice opens the door to unwanted tracking of viewing habits so ads can target consumers' likes or dislikes. They also fear it could lead to discrimination, such as poorer households getting ads for the worst auto-financing deals because they are deemed credit risks. "You've got to tell people you're doing it and you've got to give people a way to say no," said Pam Dixon, executive director of World Privacy Forum in Carlsbad, Calif. "Otherwise, it's just not fair."

Update on Feb. 18, 8:33 a.m.: Facebook is backing off changes to its terms of service, informing users on their official blog that they will remain intact. "Over the past couple of days, we received a lot of questions and comments about the changes and what they mean for people and their information," Facebook CEO Mark Zuckerberg writes in the blog. "Based on this feedback, we have decided to return to our previous terms of use while we resolve the issues that people have raised." To learn more, read our original post below. Facebook is having trouble dousing the flames in a firestorm over its trustworthiness. A recent change in its terms of use -- the legalese tacked onto the bottom of most websites -- has sparked concerns that the social networking giant plans to own all users' information forever. Founder and CEO Mark Zuckerberg claimed in a blog post Monday that "on Facebook people own and control their information." But privacy advocates still aren't satisfied. "I think in simple terms it's a tug of war over user data," says Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC) in Washington. "People put information on a Facebook page to share with friends. But it's pretty much with the understanding that they're deciding what to post and who has access to it. Facebook, like any other company, is trying to obtain maximum commercial value from its users."

Eight years ago, a woman we'll call Sarah discovered that she was not biologically related to the father she had known all her life. Sarah, her mother revealed, was "donor-conceived." Her parents, after trying without success for a pregnancy of their own in the late 1970s, turned to a fertility center, where Sarah's mother was artificially inseminated with sperm from an anonymous donor. At the time sperm banks did not offer detailed donor profiles. Upon discovering the truth, Sarah was told what her parents had been told about her biological father: He was a medical student, possibly of Scandinavian ancestry. Sarah, who describes her family as "loving and stable," was shocked. Today she is also sick. A year before finding out about her conception, she began to experience severe, unexplained bladder problems. She has been seeing doctors at Johns Hopkins; so far they haven't figured out the cause. Recently married, Sarah worries that she may pass the illness on to future children. The medical history of her biological father could provide a crucial piece of the diagnostic puzzle. But in the early days of artificial insemination, clinics often shredded or burned files to ensure donor anonymity and client privacy. Sarah's father's identity may be locked away in storage somewhere, or it may have been destroyed. Although aware of the likely futility of her search, Sarah still continues-writing the clinic, nurses, her doctor-in the hope that someone can help. Faced with stories like this, the fertility industry and a few state governments are trying to come up with a way to ensure that future donor-conceived children will have access to their fathers' medical files. A national registry, for example, could allow banks to monitor how many times a man donates semen and how many children are born from his seed, to share updates about medical issues and to facilitate long-term research on health outcomes. But any such registry poses a threat to the p

Defunct behavioral targeting company NebuAd did not just spur complaints by lawmakers and privacy advocates. This week, NebuAd's defense lawyers filed papers with the federal district court in San Francisco asking to withdraw as counsel in a privacy lawsuit. In a motion dated Monday, attorney Thomas Gilbertsen alleges that NebuAd is behind on its legal bills -- in some cases by more than 45 days. He also argues that because NebuAd is out of business, no officers or employees are available to help with the defense. "Because NebuAd has essentially ceased to exist, it can no longer participate in this case," states the motion. Gilbertsen also asked that the case be delayed pending NebuAd's liquidation and the resolution of creditors' claims. Gilbertsen also says in court papers that counsel and NebuAd have "irreconcilable differences." He did not elaborate in the motion or return messages seeking comment.

"Kathy Silver, CEO of University Medical Center, learned three weeks ago that names, birth dates and Social Security numbers for at least 21 patients were leaked from the hospital - a crime being investigated by the FBI. But the hospital still has not disclosed the breach to the patients, Silver told a committee of legislators Wednesday. She spoke as if this was not a problem. The law allows 60 days from the time UMC learns of a security breach to inform patients, she said. One victim says that is too long to wait to tell patients they may be at risk of identity theft. The hospital should have disclosed the breach immediately, said a 40-year-old UMC patient whose personal information - the kind that can be used for identity theft - was leaked. The man, who went to the public hospital Nov. 1 after a motorcycle accident, learned his privacy had been breached only when a Las Vegas Sun reporter told him Wednesday afternoon. The man was stunned and angry to learn from someone other than hospital officials that his data had been leaked. Hospital officials should have notified him "way sooner," he said. "I would've given them two or three days after they initially found out. But this is a major thing - a priority thing!""

ACTA (Anti-Counterfeiting Trade Agreement) has concerned many consumer rights organizations for some time now. Given that it could easily affect criminal laws in many countries around the world, it's not hard to see why there is demand for public disclosure and allow public debate in the matters. Still, to this day, ACTA is being negotiated behind closed doors by many countries around the world and now consumer groups want to, at least, have the negotiations disclosed to them. When it comes to the privacy and surveillance debates, which are in various stages in different countries right now, many say that for national security concerns, further surveillance measures should be taken in the law books. Many policy makers want to know every detail of day-to-day communications of millions of people including who you talk to, when, how, where, and, with a warrant, what the contents of those messages are. Unsurprisingly, consumer rights groups have a problem with that. Meanwhile, when it comes to the highly secretive negotiations happening with ACTA, many consumer rights organizations want a clear indication on how the new international standard is forming and the contents of the legislation and to have such things disclosed to the public. Ironically, policy makers seem to have a problem with that.

Hartmut Mehdorn's days as the boss of German rail operator Deutsche Bahn look to have come to an end as the embattled executive offers his resignation amid a damaging, ongoing data privacy scandal. Mehdorn said he was offering to go because the "destructive debates" over his future were damaging the company. "I have made an offer to terminate my contract with the supervisory board chairman," Mehdorn said Monday, March 20, at a press conference to announce Deutsche Bahn's annual financial results. "I assume that a successor will be appointed before the summer holidays" begin in July. Mehdorn, who has run the state-owned firm since 1999, has been under increasing pressure ever since it was revealed earlier this year that Deutsche Bahn accessed confidential staff data as far back as 1998.

President Barack Obama's plan to overhaul U.S. infrastructure includes constructing a nationwide "smart grid" that promises to help address many of our current energy challenges. The smart grid plan offers the hope that it "will save us money, protect our power sources from blackout or attack, and deliver clean, alternative forms of energy to every corner of our nation." While these are noble societal goals, smart grid technologies and systems as envisioned also raise concerns about individual privacy rights. Part of what makes the smart grid "smart" is its ability to know a lot about the energy-consuming devices in our homes and to monitor activity for those devices to help determine when power should be used or limited. Such knowledge is useful in regulating power consumption to use energy more efficiently. In addition to reaching into homes to regulate devices, information about usage and activities could be extracted from homes. Home energy consumption patterns could be gathered and analyzed on a room-by-room and device-by-device basis to determine which devices are used and at what time of day. Although this sort of information may not be considered terribly invasive for some, for others anything that violates the sanctity of "home" may cause tremendous concern.

"The U.S. Department of Health and Human Services issued an interim final rule to beef up penalties for violations of the Health Insurance Portability and Accounting Act (HIPAA), as several Congressmen criticize the agency for leaving dangerous loopholes in the law. The new rules significantly increase penalty amounts that the U.S. Department of Health and Human Services can impose for HIPAA violations of patient privacy, according to a statement from HHS. The new rules reflect requirements enacted in the Health Information Technology for Economic and Clinical Health (HITECH) sections of the American Recovery and Reinvestment Act (ARRA) of 2009. Before HITECH, maximum penalties were $100 for each violation or $25,000 for all identical violations of the same provision. A covered health care provider, health plan, or clearinghouse could be exempt from civil financial penalties if it demonstrated it did not know it violated the HIPAA rule. The HITECH act increases civil financial penalties by establishing tiered ranges of increasing minimum penalties, with a maximum $1.5 million for all violations of identical provisions. And a "covered entity" can plead ignorance as a protection only if it fixes the violation within 30 days of discovery."

"The Electronic Frontier Foundation said it sued the Justice Department and other U.S. agencies to get information about their policies for using social networks including Facebook and Twitter in investigations, data collection and surveillance. The civil rights group said in a complaint filed yesterday in federal court in San Francisco that the government has used social-networking sites in conducting investigations and hasn't clarified the scope of that use or whether there are any restrictions or oversight to prevent abuses. The EFF said in its complaint that it is seeking the information to "help inform Congress and the public about the effect of such uses and purposes on citizens' privacy rights and associated legal protections." It cited news articles that reported police searching Facebook photos for evidence of underage drinking and an FBI search of an individual's home after the person sent messages on Twitter during the G-20 Summit notifying protesters of police movements. Facebook, based in Palo Alto, California, is the world's largest social networking site with more than 300 million users who post photos, messages and other information on their own free Facebook pages. Twitter, based in San Francisco, is a free Web service with 58 million users that lets people send 140- character messages, called "tweets," to multiple followers. EFF, also based in San Francisco, filed Freedom of Information Act requests with federal agencies in October. None of the agencies had completed processing the requests by the applicable 20-day deadline, according to the complaint. The lawsuit seeks a court order for the government to process the requests and produce documents."

"For five days as her husband lay in his hospital bed suffering from kidney cancer, Regina Holliday begged doctors and nurses for his medical records, and for five days she never received them. On the sixth day, her husband needed to be transferred to another hospital -- without his complete medical records. "When Fred arrived at the second hospital, they couldn't give him any pain medication because they didn't know what drugs he already had in his system, and they didn't want to overdose him," says Holliday, who lives in Washington. "For six hours he was in pain, panicking, while I ran back to the first hospital and got the rest of the records." Despite a federal law requiring hospitals and doctors to release medical records to patients who ask for them, patients are reporting they have a hard time accessing them leading to complications like the ones the Holliday family experienced. 'What part of "Give us our damn data" do you not understand?'"

Privacy law matters in ways not readily apparant until they hit home.

"A federal prosecutor tracked down a Seattle fraud suspect in Mexico this year through his Facebook posts. A man's Twitter messages to fellow demonstrators at a recent protest in Pittsburgh led to an FBI search of his home and short-lived charges of interfering with police. The CIA and other U.S. intelligence agencies reportedly are investing in a software firm that monitors half a million social networking Web sites each day. There's nothing wrong with law enforcement agencies' using Internet technology to investigate crimes, Bay Area privacy advocates say. But they want the federal government to say how, when and why its agents look at Americans' social networking accounts."

The global recession manifests itself in big and small ways, most gloomy, some quirky and often reflecting the inventive human spirit. Here is a look at some signs of the times. * With record defaults on consumer loans, collection agencies in the United States are going to extra lengths to recover the money. Illinois resident and Mercedes driver James Ricobene says an agency hired by JP Morgan Chase left a post on his daughter's MySpace page threatening action that could lead to prison, unless she contacted the agency within five days about its efforts to repossess her father's car. Ricobene has sued the collection agency and JP Morgan for libel, fraud and invasion of privacy.

Even a booster of electronic systems like David Blumenthal, who just started his Washington post as the national coordinator of health IT, points to a myriad of challenges when it comes to digitizing the nation's medical records. Just take a look at his piece this month in the New England Journal of Medicine, in which he cites technical concerns and worries about patient privacy, among other things. In an interview with the WSJ, he said problems can crop up if the systems are installed too quickly and without enough technical support. There are plenty of potential advantages that electronic records can bring, from helping hospitals and doctors get information quickly on patients' medical histories to making catches when two drugs are being prescribed that may interact dangerously together. But there are also risks: Take a look at a study in Pediatrics that cites the case of Children's Hospital of Pittsburgh, which initially saw a rise in the death rate for certain patients after computerizing its order-entry system, perhaps because it took longer to begin their treatment. (The hospital told the WSJ the study was "flawed," adding the mortality rate had fallen since then.) The WSJ also cites the case of a patient who was initially given an incorrect diagnosis based on a mix-up involving electronic records and a test result for another patient. Health Blog Question of the Day: What's been your experience with electronic records? Do they prevent safety problems or create new risks?

Former Booz Allen Hamilton management consultant Melissa Hathaway's much anticipated 60-day review of U.S. cybersecurity policy is scheduled to hit President Obama's desk this Friday. All eyes of the tech security community will be watching. It will signal what approach Obama will take in the complicated task of stemming cyber threats. Obama has said he will make the Internet safer for citizens and businesses, while playing catchup to China and Russia who are far ahead in the cyberwarfare arms race. "We're trying to do cybersecurity in a democracy," says Leslie Harris, President and CEO of the Center for Democracy & Technology. "Doing cybersecurity in China, my guess, is a lot easier." CDT held a press briefing this morning at which it warned that a cybersecurity bill, introduced earlier this month by Sen. John Rockefeller, D-W.Va, and Sen. Olympia Snowe, R-Maine, is the first of several that likely will be proposed once Hathaway's review is out. Harris said CDT agrees with a provision in the Rockefeller-Snowe bill that would create a cabinet-level cybersecurity adviser reporting directly to President Obama, but questions some of the extraordinary federal enforcement powers that could be created. CDT says it doesn't want citizens' civil liberties trampled upon. CDT general counsel Greg Nojeim gave Hathaway high marks for keeping her review process relatively open, in contrast to the Bush administration's penchant for secrecy. "So far the White House review team gets high grades on transparency," Nojeim said. Hathaway has held closed briefings in the past several weeks with Congressional committees, industry groups and privacy organizations, said Nojeim. "But the real test will be whether their recommendations reflect a commitment to transparency in the execution of the program," said Nojeim.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

Bruce Schneier is the chief security technology officer at BT and a celebrated writer and speaker on privacy, cryptography and security issues. Welcome to the future, where everything about you is saved. A future where your actions are recorded, your movements are tracked, and your conversations are no longer ephemeral. A future brought to you not by some 1984-like dystopia, but by the natural tendencies of computers to produce data. Data is the pollution of the information age. It's a natural byproduct of every computer-mediated interaction. It stays around forever, unless it's disposed of. It is valuable when reused, but it must be done carefully. Otherwise, its after effects are toxic. And just as 100 years ago people ignored pollution in our rush to build the Industrial Age, today we're ignoring data in our rush to build the Information Age. Increasingly, you leave a trail of digital footprints throughout your day. Once you walked into a bookstore and bought a book with cash. Now you visit Amazon, and all of your browsing and purchases are recorded. You used to buy a train ticket with coins; now your electronic fare card is tied to your bank account. Your store affinity cards give you discounts; merchants use the data on them to reveal detailed purchasing patterns.