Group items tagged

A Microsoft-led group set up three years ago has backed away from its original goal of pushing for comprehensive U.S. privacy legislation. Originally, the Consumer Privacy Legislative Forum was set up to bring a diverse array of consumer companies, technology vendors and even advocacy groups together and help drive privacy legislation. But now the group has been renamed the Business Forum for Consumer Privacy and is instead being billed as "an organization focused on fostering innovation in consumer privacy governance," according to the group's new mission statement. The Forum has released a white paper at the International Association of Privacy Professionals conference held in Washington this week. "What the organization is doing is developing the framework that would make new governance possible," said Martin Abrams, an adviser to the Forum who is executive director with the Centre for Information Policy Leadership at Hunton & Williams, an international law firm. Two of the Forum's original members, Symantec and the Center for Democracy and Technology, say they have dropped out. Eastman Kodak has also dropped out, according to Abrams. He was not authorized to say who the current members are, but the group appears to include Microsoft, Hewlett-Packard, eBay and Google. U.S. consumers are covered by a patchwork of state and federal laws that are confusing for companies, and which often force consumers to work hard to protect their own data. Many of the Forum's members would like to change things, but it appears that coming up with legislative proposals was too much.

Social networkig may seed malware spread. Education is still one of the most successful computer security tools

Websense CTO Dan Hubbard outlines four ways companies can protect their information from threats and compromise on the social Web. 1) Most Web Posts on Blogs and Forums are Actually Unwanted Content (Spam and Malware) As more and more people interact with each other on sites allowing user-generated content, such as blogs, forums and chat rooms, spammers and cybercriminals have taken note and abuse this ability to spread spam, post links back to their wares and direct users to malicious sites. Websense research shows that 85 percent of all Web posts on blogs and forums are unwanted content - spam and malware - and five percent are actually malware, fraud and phishing attacks. An average active blog gets between 8,000 and 10,000 links posted per month; so users must be wary of clicking on links in these sites. Click here to find out more! Additionally, just because a site is reputable, doesn't mean its safe. Blogs and message boards belonging to Sony Pictures, Digg, Google, YouTube and Washington State University have all hosted malicious comment spam recently, and My.BarackObama.com was infected with malicious comment spam.

By now, many employees are uncomfortably aware that their every keystroke at work, from email on office computers to text messages on company phones, can be monitored legally by their employers. What employees typically don't expect is for the company to spy on them while on password-protected sites using nonwork computers. But even that privacy could be in jeopardy. A case brewing in federal court in New Jersey pits bosses against two employees who were complaining about their workplace on an invite-only discussion group on MySpace.com, a social-networking site owned by News Corp., publisher of The Wall Street Journal. The case tests whether a supervisor who managed to log into the forum -- and then fired employees who badmouthed supervisors and customers there -- had the right to do so. The case has some legal and privacy experts concerned that companies are intruding into areas that their employees had considered off limits. "The question is whether employees have a right to privacy in their non-work-created communications with each other. And I would think the answer is that they do," said Floyd Abrams, a First Amendment expert and partner at Cahill Gordon & Reindel LLP in New York. The legal landscape is murky. For the most part, employers don't need a reason to fire nonunion workers. But state laws in California, New York and Connecticut protect employees who engage in lawful, off-duty activities from being fired or disciplined, according to a report prepared by attorneys at the firm Proskauer Rose LLP. While private conversations might be covered under those laws, none of the statutes specifically addresses social networking or blogging. Thus, privacy advocates expect to see more of these legal challenges. In February, three police officers in Harrison, N.Y., were suspended after they allegedly made lewd remarks about the town mayor on a Facebook account. The officers mistakenly thought the remarks were protected with a password, but city officials view

A group of U.S. companies, led by technology giants Microsoft, Hewlett-Packard and eBay, is set to outline recommendations for new federal data-privacy legislation that could make life easier for consumers and lead to a standard federal breach-notification law. The recommendations, which were developed by a group of industry players called the Consumer Privacy Legislative Forum, are set to be released at an upcoming privacy conference six weeks from now, according to Peter Cullen, Microsoft's chief privacy officer. The companies have been working for the past three years to encourage the adoption of federal consumer data-privacy laws and to answer the question of what federal legislation should look like, Cullen said in an interview. Other forum members include Google, Oracle, Procter & Gamble and Eli Lilly. One idea is that laws should make it easier for consumers to understand what they're getting into when they share their personal data with Web sites, Cullen said. "The whole focus on consent really puts an unfair burden on the consumer," he said. "My mom doesn't know what an IP address is." The recommendations will cover rules around data use and the ability of consumers to correct inaccurate data. And they will cover data breach notification, which is now covered by a patchwork of state laws. Simplifying breach-notification laws by creating a single federal standard is important, Cullen said Wednesday while speaking at a discussion of privacy policy in San Francisco. "It's not that there is no privacy law. There's actually too much privacy law," he said. "If you think about data-breach notification laws just as an example, there are 38 state laws, many of them very different." "We need to think about much more of a framework approach." Congress has passed some laws covering consumer data privacy, such as the 1996 Health Insurance Portability and Accountability Act (HIPAA), but existing laws do not comprehensively cover consumer privacy in general.

The think tank Future of Privacy Forum announced this week that it tapped ad agency WPP to come up with new ways of notifying Web users about online behavioral advertising. Director Jules Polonetsky hopes that advertising creatives will be able to come up with something more intelligible than the lengthy jargon-filled policies that are all too often incomprehensible. Federal Trade Commission Chair Jon Leibowitz, who has urged Web companies to provide clear and succinct notice about ad targeting, is cheering the project. "I'm very heartened with what the Future of Privacy Forum has announced," he tells MediaPost. "Most current online privacy policies are essentially incomprehensible for even the savviest online users."

The enormous international focus on privacy is growing more urgent in the face of business and government pressure to get the economy moving again and restore trust in our most basic institutions. To help rebuild trust and bolster bottom lines in a down market, it pays to prioritize privacy. The time is right to make smart investments in an organization's privacy professionals-the experts in the eye of the storm that must work collectively to find the right solutions to privacy challenges. The IAPP, which now boasts 6,000 members across 47 countries, is convening its annual Privacy Summit in Washington DC from March 11-13, 2009-the largest and most global privacy event in the world. Attendees will have the unique opportunity to interact with privacy regulators from Canada, France, Spain, Israel, the UK, Italy, the U.S. and the experts who help shape their policies across 60 different educational and networking sessions. Keynote speakers include Frank Abagnale (of Catch Me if You Can fame), one of the world's most respected authorities on forgery, embezzlement and secure documents as well as internationally renowned security technologist Bruce Schneier. The Future of Privacy Forum will be strongly represented at this year's Summit. Jules Polonetsky and Chris Wolf will be co-presenting a session entitled Cheers & Jeers: Who is Doing Privacy Right and Who Deserves Detention. Jules and Chris will also cover Behavioral Advertising Secrets: What Your Marketing and IT Team Didn't Think You Needed to Know. Both topics should be big draws for the expected 1500 attendees at the Summit! It's this sort of event that advances our profession and helps privacy professionals work together to reclaim trust. Registration is open and we look forward to seeing you in DC.

Is it time for Web publishers and their users to have the privacy talk? At most Web sites, privacy policies are ridiculously long and convoluted scrolls of legalese that only a hearty privacy watchdog would read. For most users it remains a mystery just how publishers collect, use and share the data trails consumers leave behind while traversing a site. But publishers now are partnering more deeply with third party ad networks who plant their own cookies in their users' browsers and hit them again with ads out on their own networks with other publishers. How should a site broach the topic of privacy and ownership of data with its own customers? The industry-funded Future of Privacy Forum is hoping to get at this issue in a new research initiative that explores different ways sites can communicate with users about their online advertising experience and how a use's data trail is recorded and used. The study will try to find ways that publishers can raise user awareness about the use of online behavioral data and be more transparent about how it is harvested and shared.

"If you live in Texas, your medical records are definitely up for sale by the state. If you live anywhere else in the United States, they probably are for sale there, too. Medical health records provide key information to researchers, who have lobbied hard to keep them accessible, despite government concerns about the privacy of patient data. The controversy dates back to 1996, when Congress passed the Health Insurance Portability and Accountability Act (HIPAA) to protect patients. "Researchers have very broad access rights to health care records under HIPAA," says Pam Dixon, director of a non-profit called the World Privacy Forum "The rules are pretty loose, and there are a lot of ways to get around them." That's especially true since the act wasn't designed to cover common scenarios today: records stored online in a vast, hackable cloud. In the rush to digitize all electronic health records, Dixon says not everyone is taking the proper steps to de-personalize the data and protect patients."

"Beginning next week, the FTC will hold a series of public roundtables covering the growing number of challenges to consumer privacy on the Internet. Dubbed "Exploring Privacy," the daylong discussions will focus on "the collection and use of information by retailers, data brokers, third-party applications, and other diverse businesses." Hold that yawn. Behavioral tracking and ad targeting have everything to do with the pesky "Warning!" pop-up blinking behind your browser window right now. The one that could shatter your online privacy. In advance of the roundtables, Fast Company spoke with online privacy advocates Jules Polonetsky, co-chair and director of the Future of Privacy Forum, and Ari Schwartz, vice president and chief operating officer of the Center for Democracy and Technology. Below, Polonetsky and Schwartz highlight five of most nefarious techniques used to trick and track you." 1. "Malvertising Gangs" 2. Flash Cookies 3. "Cookie appends" 4. Personal Health Data 5. ISP Tracking

Tomorrow is Data Protection and Privacy Day. Events around the world will mark the occasion. In Brussels, the European Parliament, European Commission and EDPS will host a variety of workshops and the winners of the "Think Privacy," competition will be unveiled. In Canada, events will be held in Newfoundland and Labrador, Ontario, Alberta and elsewhere, with regulators and companies hosting various forums. For a comprehensive list of global events, visit the Data Privacy Day Web site. After hours, privacy pros will gather in cities across the world for IAPP Privacy After Hours events. Click here to find an event near you.

Data Protection & Privacy Day Tomorrow

"Facebook tightens security as it deals with the continuing fallout over changes to its privacy settings." ...Earlier on May 13, Facebook had a meeting where employees asked executives questions about privacy. Facebook officials would not comment on exactly what was said. "We have an open culture and it should come as no surprise that we're providing a forum for employees to ask questions on a topic that has received a lot of outside interest," a spokesperson said.

Hey Zuck! Privacy & security are NOT the same thing. Misdirection is not the response FB users are seeking.

You're watching Jon Stewart's "The Daily Show," when suddenly you see a commercial for the Mustang convertible you've been eyeing - with a special promotion from Ford, which knows you just ended your car lease. A button pops up on the screen. You click it with the remote and are asked whether you want more information about the car. You respond "yes." Days later, an information packet arrives at your home, the address on file with your cable company. This is the future of cable TV advertising: personal and targeted. Cable TV operators are taking a page from online advertising behemoths like Google Inc. to bring these so-called "addressable" ads onto the television. "It hasn't really been done on TV before," said Mike Eason, chief data officer of Canoe Ventures, a group formed by the nation's six largest cable operators to launch targeted and interactive ads on a national platform starting this summer. They're betting they can even one-up online ads because they also offer a full-screen experience - a car commercial plays much better on your TV than on your PC. As such, they hope to charge advertisers more. The stakes are high: Cable companies get only a small portion of the $182 billion North American advertising market. Eason said the cable operators, which sell local ads on networks like Comedy Central, get roughly 10 percent of the commercial time on those channels. With targeting, they are hoping to expand that. But they have to tread carefully. Privacy advocates worry the practice opens the door to unwanted tracking of viewing habits so ads can target consumers' likes or dislikes. They also fear it could lead to discrimination, such as poorer households getting ads for the worst auto-financing deals because they are deemed credit risks. "You've got to tell people you're doing it and you've got to give people a way to say no," said Pam Dixon, executive director of World Privacy Forum in Carlsbad, Calif. "Otherwise, it's just not fair."

Last week, the government took another step toward closing a legal loophole in federal privacy and security rules for emerging Health 2.0 information technology applications by issuing proposed rules aimed at covering an estimated 900 companies and organizations offering personal health records and electronic systems connected to them. The Federal Trade Commission was careful to point out its new interim proposed rule on federal breach notification requirements for the developers of electronic PHR systems did not apply to covered organizations or their business associates as defined by the Health Insurance Portability and Accountability Act of 1996, heretofore the key federal privacy and security regulation. The FTC, operating under new authority given it by the American Recovery and Reinvestment Act of 2009, noted that its new rule seeks to cover previously unregulated entities that are part of a Health 2.0 product mix. FTC staff estimates that about 200 PHR vendors, another 500 related entities and 200 third-party service providers will be subject to the new breach notification rule. The staffers estimate that the 900 affected companies and organizations, on average, will experience 11 breaches each per year at a total cost of about $1 million per group, per year. Costs include investigating the breach, notifying consumers and establishing toll-free numbers for explaining the breaches and providing additional information to consumers. Pam Dixon, founder and executive director of the World Privacy Forum, said that this isn't the first involvement of the FTC in healthcare-related regulation, noting the consumer protection agency joined with the Food and Drug Administration in a joint statement on the marketing of direct-to-consumer genetic tests. The FTC also has worked in the field of healthcare competition. She noted the compliance deadline with the FTC's "red flag rules" on provider organizations that provide consumer credit to patients for installment payment

Individuals have been at risk of having their personal information stolen and used to commit identity-related crimes long before the emergence of the Internet. What the Information Age has changed, however, is the method by which identity thieves can access and exploit the personal information of others. One method in particular leaves hundreds of thousands, and in some cases tens of millions, of individuals at risk for identity theft: large scale data breaches by skilled hackers. In this method, criminals remotely access the computer systems of government agencies, universities, merchants, financial institutions, credit card companies, and data processors, and steal large volumes of personal information on individuals. Such large scale data breaches have revolutionized the identity theft landscape as it relates to fraud on existing accounts through the use of compromised credit and debit card account information. Large scale data breaches would be of no more concern than small scale identity thefts if criminals were unable to quickly and widely distribute the stolen information for subsequent fraudulent use (assuming, of course, that the breach would be quickly detected). Such wide-scale global distribution of stolen information has been made possible for criminals with the advent of criminal websites, known as "carding forums," dedicated to the sale of stolen personal and financial information. These websites allow criminals to quickly sell the fruits of their ill-gotten gains to thousands of eager fraudsters

Like this http://www.hdfilmsaati.net Film,dvd,download,free download,product... ppc,adword,adsense,amazon,clickbank,osell,bookmark,dofollow,edu,gov,ads,linkwell,traffic,scor,serp,goggle,bing,yahoo.ads,ads network,ads goggle,bing,quality links,link best,ptr,cpa,bpa. www.killdo.de.gg

One of the more interesting panel discussions at the IDC Cloud Computing Forum on Feb 18th in San Francisco was about managing the complexities of security, privacy and compliance in the Cloud. The simple answer according to panelists Carolyn Lawson, CIO of California Public Utilities Commission, and Michael Mucha, CISO of Stanford Hospital and Clinics is "it ain't easy!" "Both of us, in government and in health, are on the front-lines," Lawson proclaimed. "Article 1 of the California Constitution guarantees an individual's right to privacy and if I violate that I've violated a public trust. That's a level of responsibility that most computer security people don't have to face. If I violate that trust I can end up in jail or hauled before the legislature," she said. "Of course, these days with the turmoil in the legislature, she joked, "the former may be preferable to the later." Stanford's Mucha said that his security infrastructure was built on a two-tiered approach using identity management and enterprise access control. Mucha said that the movement to computerize heath records nationwide was moving along in fits and starts, as shown by proposed systems likeMicrosoft (NSDQ: MSFT)'s Health Vault and Google (NSDQ: GOOG)'s Personal Health Record. "The key problem is who is going to pay for the computerized of health records. It's not as much of a problem at Stanford as it is at a lot of smaller hospitals, but it's still a huge problem." Mucha said that from his perspective security service providers in the cloud and elsewhere are dealing with a shrinking security parameter or fence, which is progressing from filing cabinets, to devices, to files, and finally to the individual, who under the latest Health Insurance Portability and Accountability Act (HIPAA) privacy rules has certain rights, including rights to access and amend their health information and to obtain a record of when and why their Protected Health Information (PHI) record has bee

If behavioral targeting is the key to providing Web users with advertising that's better tailored to their particular needs and interests--instead of banner ads that they ignore--then what's the harm to consumers? That was a central question tackled by a panel of privacy and online marketing experts Thursday at the OMMA Behavioral conference in New York. Whether online user tracking--even when anonymous--represents a growing threat to privacy has become a hotly debated issue in the last year, with FTC, Congress and state governments considering increased regulation of behavioral targeting. For Jules Polonetsky, co-chair and director of the AT&T-funded think tank Future of Privacy Forum, that debate has become almost superfluous. Whatever side one takes, he emphasized that there is now a widespread perception among consumers and regulators that online tracking is creepy at the very least. The key to diffusing the controversy is for publishers and marketers to give Web users notice that their behavior is being tracked in order to provide them with more relevant content, recommendations and marketing offers.

It is hard work looking for a job, Matt Sawyer said. "Well with the economy being down right now, it's pretty hard," said Sawyer. Like most job hunters, Matt is posting his resume on various online job sites. But you have to be careful when sending out your personal information over the Internet, privacy expert Pam Dixon said. "The problem is, if you don't use it correctly, it can come back to haunt you," she said. Dixon runs the World Privacy Forum and warns job hunters to be cautious with their personal information when posting their resume. "In fact any competent job site will give you the option of hiding your personal information," said Dixon. Scam artists have been known to steal personal information from resumes and use it to apply for credit. That is why Dixon said you should only include your first initial and last name, no full names, when writing your resume. She also said not to include your phone number or address. Dixon said you should create an email address that is temporary and just use it for your job search. Dixon said scam artist will even call people from their resume and ask for detailed information like a copy of their driver's license or social security number or even their credit card information. The scammers will claim it's for a background check but it's only to steal from the job seeker. Matt admits if he was approached for a job he might give away too much information. "I think when people first get that call and they're real excited about it, they might just jump into it and go ahead and do it," he said.

In May 2008, the Office of the National Coordinator for Health Information Technology (ONC) awarded an approximately $450,000 contract to Booz Allen Hamilton to assess and evaluate the scope of the medical identity theft problem in the U.S. Medical Identity Theft Medical identity theft is a specific type of identity theft which occurs when a person uses someone else's personal health identifiable information, such as insurance information, Social Security Number, health care file, or medical records, without the individual's knowledge or consent to obtain medical goods or services, or to submit false claims for medical services. There is limited information available about the scope, depth, and breadth of medical identity theft. Dr. Robert Kolodner, National Coordinator for Health Information Technology, has noted that medical identity theft stories are being documented at an increasing rate, bringing to light serious financial, fraud, and patient care issues. ONC recognizes that health IT is an important tool to combat the threat of medical identity theft. We are seeking input from the public and other government agencies to better understand how health IT can be utilized to prevent and detect medical identity theft as well as build consumer trust in electronic health information exchange. ONC believes it is imperative to obtain a more comprehensive understanding of this issue from a variety of perspectives, and to create an open forum for dialogue to work proactively to address medical identity theft. Medical Identity Theft final report. The report summarizing health IT and medical identity theft issues raised at the town hall was completed January 15, 2009 and sets forth potential actions the Federal government and other stakeholders can undertake in working toward prevention, detection, and remediation of medical identify theft.

Salesmen and parents know the technique well. It's called the takeaway, and as far as Keith Mularski is concerned, it's the reason he kept his job as administrator of online fraud site DarkMarket. DarkMarket was what's known as a "carder" site. Like an eBay for criminals, it was where identity thieves could buy and sell stolen credit card numbers, online identities and the tools to make fake credit cards. In late 2006, Mularski, who had risen through the ranks using the name Master Splynter, had just been made administrator of the site. Mularski not only had control over the technical data available there, but he had the power to make or break up-and-coming identity thieves by granting them access to the site. And not everybody was happy with the arrangement. A hacker named Iceman -- authorities say he was actually San Francisco resident Max Butler -- who ran a competing Web site, was saying that Mularski wasn't the Polish spammer he claimed to be. According to Iceman, Master Splynter was really an agent for the U.S. Federal Bureau of Investigation. Iceman had some evidence to back up his claim but couldn't prove anything conclusively. At the time, every other administrator on the site was being accused of being a federal agent, and Iceman had credibility problems of his own. He had just hacked DarkMarket and three other carder forums in an aggressive play at seizing control of the entire black market for stolen credit card information. ....In the end they would regret that decision. Iceman was right

DAVOS, Switzerland (Reuters) - Two years ago anyone uttering the words "state" and "regulation" in the same sentence would have been sneered at in high-powered banking circles gathered by the ski slopes of Davos. Now, more than 18 months into the biggest financial upheaval in the last eighty years, those bank executives that still have jobs are preparing to swallow large doses of regulatory medicine to help cure a crisis they are accused of causing. With bank lending still frozen, the world sliding into recession and more than 300,000 financial jobs already gone, policymakers are replacing bankers in the driving seat at this year's World Economic Forum (WEF) to discuss short- and long-term solutions to the sector's woes. "Two years ago nobody could see the problems and the risks," said Marc Weil, head of EMEA Financial Services at consultancy firm Oliver Wyman, which is publishing a report on the state of the global financial services industry this week. "It is clear now that the financial services industry is like no others and anyone that poses systemic risks needs tighter regulation."