Group items tagged

Rogue employees and hackers were the most commonly cited sources of data breaches reported during the first half of 2009, according to figures released this week by the Identity Theft Resource Center, a San Diego based nonprofit. The ID Theft Center found that of the roughly 250 data breaches publicly reported in the United States between Jan. 1 and Jun. 12, victims blamed the largest share of incidents on theft by employees (18.4 percent) and hacking (18 percent). Taken together, breaches attributed to these two types of malicious attacks have increased about 10 percent over the same period in 2008. Some 44 states and the District of Columbia now have laws requiring entities that experience a breach to publicly disclose that fact. Yet, few breached entities report having done anything to safeguard data in the event that it is lost or stolen. The ITRC found only a single breach in the first half of 2009 in which the victim reported that the lost or stolen data was protected by encryption technology. "It is a dual problem here undeterred by law or common sense," said ITRC co-founder Linda Foley. "You would think if all these organizations have to notify, that they would take some steps to make sure their data doesn't get exposed in the first place."

The loss of personally identifiable information, such as an individual's Social Security number, name, and date of birth can result in serious harm, including identity theft. Identity theft is a serious crime that impacts millions of individuals each year. Identity theft occurs when such information is used without authorization to commit fraud or other crimes. While progress has been made protecting personally identifiable information in the public and private sectors, challenges remain. GAO was asked to testify on how the loss of personally identifiable information contributes to identity theft. This testimony summarizes (1) the problem of identity theft; (2) steps taken at the federal, state, and local level to prevent potential identity theft; and (3) vulnerabilities that remain to protecting personally identifiable information, including in federal information systems. For this testimony, GAO relied primarily on information from prior reports and testimonies that address public and private sector use of personally identifiable information, as well as federal, state, and local efforts to protect the security of such information. GAO and agency inspectors general have made numerous recommendations to agencies to resolve prior significant information control deficiencies and information security program shortfalls. The effective implementation of these recommendations will continue to strengthen the security posture at these agencies. Identity theft is a serious problem because, among other things, it can take a long period of time before a victim becomes aware that the crime has taken place and thus can cause substantial harm to the victim's credit rating. Moreover, while some identity theft victims can resolve their problems quickly, others face substantial costs and inconvenience repairing damage to their credit records. Some individuals have lost job opportunities, been refused loans, or even been arrested for crimes they did not commit as a result of identit

The loss of personally identifiable information, such as an individual's Social Security number, name, and date of birth can result in serious harm, including identity theft. Identity theft is a serious crime that impacts millions of individuals each year. Identity theft occurs when such information is used without authorization to commit fraud or other crimes. While progress has been made protecting personally identifiable information in the public and private sectors, challenges remain. GAO was asked to testify on how the loss of personally identifiable information contributes to identity theft. This testimony summarizes (1) the problem of identity theft; (2) steps taken at the federal, state, and local level to prevent potential identity theft; and (3) vulnerabilities that remain to protecting personally identifiable information, including in federal information systems. For this testimony, GAO relied primarily on information from prior reports and testimonies that address public and private sector use of personally identifiable information, as well as federal, state, and local efforts to protect the security of such information. GAO and agency inspectors general have made numerous recommendations to agencies to resolve prior significant information control deficiencies and information security program shortfalls. The effective implementation of these recommendations will continue to strengthen the security posture at these agencies. Identity theft is a serious problem because, among other things, it can take a long period of time before a victim becomes aware that the crime has taken place and thus can cause substantial harm to the victim's credit rating. Moreover, while some identity theft victims can resolve their problems quickly, others face substantial costs and inconvenience repairing damage to their credit records. Some individuals have lost job opportunities, been refused loans, or even been arrested for crimes they did not commit as a result of identit

"Every day thousands of people download new applications onto their smart phones without much care for the terms of service they so easily agree to. What most of these people don't know is they may be volunteering information and allowing for companies to gather data without their consent. Recently a company called Pinch Media was charged with being a little too invasive when it comes to gathering information through their iPhone apps. According to one iPhone developer, applications using Pinch Media can retrieve information like your phone's personal ID number and can work in conjunction with other applications like Facebook to determine your gender, birth year and even your exact longitude and latitude. Pinch Media has been accused of gathering information that has nothing to do with its applications. Instead, they have been using this data collection for advertisements and other marketing purposes. Worse, is that this information is often taken without the consent of the user and more often than not does not allow the user the option to stop the information gathering. Pinch Media has fought back by arguing that they are completely within their rights to retrieve the information as long as the user gives consent when they agree to the terms of the application. Regardless of whether or not the information they gathered is being used for good or ill mannered purposes one thing is certain. Smart phone users should pay more attention to the terms of service they agree to. A simple visit to a software developer's web site can be the difference between you using your applications and your applications using you. Take the time out to read the fine print, and if you aren't sure about something - email the company directly with your questions or concerns."

"In a case that could prove to be one of the most important privacy rights battles of the modern era, the 3rd U.S. Circuit Court of Appeals will hear argument this week on the proper legal standard to apply when prosecutors demand cell phone location data. The data, which are recorded about once every seven seconds whenever a cell phone is turned on, effectively track the whereabouts and the comings and goings of every cell phone user. Justice Department lawyers argue that, by statute, they need only show "reasonable grounds" to believe that such records are "relevant and material to an ongoing criminal investigation." But a federal magistrate judge in Pittsburgh strongly disagreed in February 2008, issuing a 52-page opinion that said the prosecutors must meet the "probable cause" standard. "This court believes that citizens continue to hold a reasonable expectation of privacy in the information the government seeks regarding their physical movements/locations -- even now that such information is routinely produced by their cell phones -- and that, therefore, the government's investigatory search of such information continues to be protected by the Fourth Amendment's warrant requirement," U.S. Magistrate Judge Lisa Pupo Lenihan wrote."

Turn the cell phone off and put on your tin foil hat so the government and aliens can't track you!

"We all know that Internet and communications technology is changing rapidly, creating huge opportunities for business innovation and individual self-expression. Most people are probably not aware, however, that privacy law is not evolving nearly as quickly. It is time to update legal protections to reflect the impact the digital revolution is having on modern life. Cloud computing -- a bit of tech-jargon meaning the use of remote servers to store and process data -- is a great example. The movement of personal and proprietary data off desktop computers and into "the cloud", which is made up of server farms and broadband connections, is a major disruptive trend in computing. Unless our laws change to account for cloud computing and other equally momentous technology developments, the Constitution's protection against unreasonable search and seizure will become a relic of the past. The federal law setting standards for government access to personal communications -- the Electronic Communications Privacy Act (ECPA) -- was written more than two decades ago, before the Internet took off. "

"In a bizarre case of cyber crime, the Wall Street Journal reported today that Russian hackers may have stolen tens of millions of dollars from Citigroup, a charge the bank denies. " Citing anonymous government officials, the newspaper reported that the hackers were connected to a Russian cyber gang and that two other computer systems, at least one connected to a U.S. government agency, were also attacked. The FBI is investigating the case, according to the Wall Street Journal, but the company has flatly denied the story. "We had no breach of the system and there were no losses, no customer losses, no bank losses," the banking giant said in a statement. "Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true."

"You probably don't analyze the chatter or quality of your social media connections, but creditors may be doing just that. In their quest to identify creditworthy customers, some are tapping into the information you and your friends reveal in the virtual stratosphere. Before calling the privacy police, though, understand how it's really being used."

The social media outlets you use may affect credit offers!

China has denied allegations that it hacked into a Pentagon IT system and recovered plans for the Joint Strike Fighter (JSF). The combat aircraft which is to be procured by Britain as well, is being produced by Lockheed Martin. In allegations first reported in the Wall Street Journal, hackers stole "several terabytes of data related to design and electronics systems". The most sensitive data however on weapons systems and its stealth technology was not breached since it is kept on computers not connected to the internet. IT experts have said that they suspect the hackers came from China although it will be difficult to identify their exact origins. Hacking into IT systems as complex as the DoD's would require the help and capabilities of another government. Recovering data on the JSF would allow countries or rogue groups who could face the aircraft in future conflicts to develop counter measures based on the aircraft's weaknesses. The Chinese strongly denied that the breach originated from their country. "China has not changed its stance on hacking. China has always been against hacking and we have cracked down very hard on hacking. This is not a Chinese phenomenon. It happens everywhere in the world," a spokesperson for the Foreign Ministry said. This is not the first time the JSF's security has been breached. Early on in the contract the DoD and Lockheed Martin admitted that there was no universal IT security policy for the 1,200 sub contractors and that leaks may have occurred. BAE subsequently admitted that their IT security for JSF material was lax and that leaks could have occurred. Britain is scheduled to buy 150 of the aircraft by 2018.

When you put out the trash, don't expect a constitutional right to privacy of the contents. The Supreme Court of Canada unanimously ruled Thursday that police can sift through garbage if it has been set out at the edge of your property for municipal collection because "abandoned" goods do not trigger Charter of Rights and Freedoms protection.

The Securities and Exchange Commission announced Wednesday that it has reopened the public comment period on a proposal for a model privacy form that financial institutions could use to provide disclosures required by the Gramm-Leach-Bliley Act (GLBA). The commission is reopening the comment period in order to solicit public comment on the results of recent quantitative consumer testing conducted to evaluate the form. In March 2007, pursuant to the Financial Services Regulatory Relief Act of 2006, the SEC, together with seven other federal regulators, proposed a model privacy form designed to allow consumers easily to compare privacy practices of financial institutions. The jointly developed model form uses easily readable type font and is designed to be succinct and comprehensible. Under the proposal, financial institutions that chose to use the model privacy form would satisfy GLBA disclosure requirements and could take advantage of a legal "safe harbor." The SEC has reopened the comment period on the proposal to provide all persons who are interested in this matter an opportunity to comment on the results of the recent testing of the model privacy form.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

Prop 8 maps, a mashup of Google Maps and Prop 8 Donors, shows the names of those who contributed money to the passage of California's Proposition 8, which prohibits same-sex marriage. The mashup also shows the streets where these people live. This kind of mashup is useful, but to some, it's also intrusive and scary. While these contribution records are public record, the idea that your name and mapped street are online could be considered unnecessarily invasive. The mashup offers great information, but is the backlash and privacy invasion worth it? This particular mashup, while not on a news site, raises questions about when and how journalists should use this type of online application.

Kaiser Permanente says that the personal information of 29,500 employees in Northern California may have been exposed in a security breach. "A handful" of employees have reported identify theft, the Oakland, Calif.-based managed-care giant said. Police in San Ramon, Calif., seized a computer file containing the employee information from a suspect who was arrested. The suspect was not a Kaiser Permanente employee, and officials declined to provide further details. The file contained the names, addresses, phone numbers, Social Security numbers and dates of birth of the Kaiser workers. No health plan member information or personal health information was involved in the data breach, according to Kaiser officials. "We regret that this unfortunate incident occurred, and we understand the anxiety and worry that some employees may feel," said Gay Westfall, senior vice president for human resources at Kaiser Foundation Health Plan and Hospitals, Northern California, in a written statement. Kaiser is providing one year of free credit-monitoring to workers whose information was in the file.

To address important consumer privacy concerns associated with online behavioral advertising, the staff of the Federal Trade Commission today released a set of proposed principles to guide the development of self-regulation in this evolving area. Behavioral advertising is the tracking of a consumer's activities online - including the searches the consumer has conducted, the Web pages visited, and the content viewed - in order to deliver advertising targeted to the individual consumer"s interests. For more than a decade, the FTC has engaged in investigation, law enforcement, studies, and other privacy developments to protect consumers' privacy online. Concepts used to develop the principles emerged from the agency's longstanding privacy program and, more recently, from two conferences hosted by the FTC. In the fall of 2006, a three-day public hearing, "Protecting Consumers in the Next Tech-ade," examined technology developments that could raise consumer protection policy issues, including privacy, over the next decade. This past November, building on the Tech-ade hearings, the FTC hosted a Town Hall entitled "Ehavioral Advertising: Tracking, Targeting, and Technology," to focus in on privacy issues raised by behavioral advertising. "The purpose of this proposal is to encourage more meaningful and enforceable self-regulation to address the privacy concerns raised with respect to behavioral advertising. In developing the principles, FTC staff was mindful of the need to maintain vigorous competition in online advertising as well as the importance of accommodating the wide variety of business models that exist in this area," according to its proposal "Behavioral Advertising: Moving the Discussion Forward to Possible Self-Regulatory Principles." The proposal states that behavioral advertising provides benefits to consumers in the form of free content and personalized advertising but notes that this practice is largely invisible and unknown to consumers. To address the

Mary Kay Hoal tried everything she could to keep her daughter off of MySpace. She put password locks on the computer and blocked the site. Still, her daughter found ways to log on. Hoal's concerns stemmed from statistics that showed 29,000 registered sex offenders were on MySpace, one out of every five kids are sexually solicited online, and nine out of ten children are exposed to pornography online. When she looked for alternative safe sites for kids, she found none, so she decided to do something about it. Story continues below ↓advertisement | your ad here Click Here! The result is www.yoursphere.com, the only social networking site for kids and teens that's backed by the Federal Trade Commission through the site's Privacy Vaults approval. The site's Chief Technology officer worked at the California Department of Justice tracking anonymous online sex offenders, as well as the Megan's Law database. Moreover, it requires verified parental consent for a minor to join. Other features include: -- Requires verifiable parental consent to join -- Confirms the identity of the parent providing consent -- Confirms that the parent or guardian providing consent is not a registered sex offender -- Is exclusively for kids and teens through age 18. -- Exceeds COPPA (Children's Online Privacy Protection Act) and Federal Trade Commission (FTC) guidelines for protecting kids online through our approval by Privacy Vaults Inc. -- Whose policy is "no creepers allowed" -- lurkers are removed and banned. -- No fake profiles. (No one is anonymous on Yoursphere.com) "The bottom line is that we're the only place in the online world that that has taken extraordinary measures to help ensure the safety of its members and meets or exceeds standards set by the government," Hoal said. "Our opinion is that if it's a behavior that is illegal, immoral or unacceptable offline, then it's unacceptable online." About Mary Kay Hoal After researching the disturbing la

An insurance company seeking to challenge the authority of Canada's privacy legislation and the privacy commissioner in an auto injury case will have to go to the Federal Court to make its case, the New Brunswick Court of Appeal has ruled. In State Farm Mutual Automobile Insurance Company v. Privacy Commissioner of Canada and Attorney General Canada, State Farm argued that Canada's privacy regime does not apply to surveillance tapes the insurer commissioned following a motor vehicle accident in 2005. In March 2005, Jennifer Vetter, insured by State Farm, was involved in a motor vehicle collision with Gerald Gaudet. State Farm subsequently hired a lawyer in anticipation of litigation by Gaudet against Vetter. The insurer also hired private investigators that conducted video surveillance on Gaudet. Gaudet filed a request under Canada's privacy legislation, the Personal Information Protection and Electronic Documents Act (PIPEDA), that State Farm turn over to him the personal information it had compiled, including copies of the surveillance reports and tapes. State Farm went to the New Brunswick Court of Queen's Bench asking for "declaratory" relief on several issues. Among other things, the insurer asked for a court order declaring that PIPEDA did not apply to information obtained in a bodily injury damages claim. It also asked the court for an order confirming that the privacy commissioner had no right or authority to compel State Farm to turn over the documents. The privacy commissioner asked for a stay of proceedings in the New Brunswick court, arguing that the authority of the privacy commissioner was a matter for the Federal Court (which has jurisdiction over federal legislation such as the PIPEDA). The New Brunswick Appeal Court noted both the provincial and federal courts have jurisdiction to hear cases about the constitutionality of federal legislation. But only the Federal Court could determine the outcome of a direct challenge to the authority of the p

Big Brother may be at it again. Behavioral advertising - the tracking of consumer's Internet surfing activity to create tailored ads - has triggered an intense legal controversy that has law firms scrambling to stay on top of a burgeoning practice. Attorneys say that behavioral advertising is raising privacy, litigation and regulation fears among consumer advocates, the electronic commerce and advertising industries and legislators. Law firms are busy helping companies come up with a transparent way of letting consumers know that their online activities are being tracked and possibly shared. "Lawmakers and companies are having a tough time keeping up with this new frontier of Internet privacy issues, and there is growing consumer unrest about behavioral advertising, leading in some cases to consumer rebellion," said Lisa Sotto, a partner and head of the privacy and security data group in the New York office of Richmond, Va.-based Hunton & Williams. "Consumers find this type of tracking intrusive, and businesses are starting to take the consumer reaction seriously," she said. The buzz over behavioral advertising has been building since congressional hearings that were held last year, during which Congress called on Internet service providers (ISPs) to testify about a highly controversial advertising practice known as "deep-packet inspection." The practice gives companies the ability to track every Web site consumers visit and provides a detailed look at everything they're doing, such as where they're going on vacation, who is going, how much they spent on the trip and what credit card was used. But then came the first class action targeting behavioral advertising, filed against Foster City, Calif.-based NebuAd Inc., an online advertising company accused of spying on consumers from several states and allegedly violating their privacy and computer security rights. The lawsuit specifically alleges that NebuAd engaged in deep-packet inspection. Valentine v. Ne

Securing our Nation against cyber attacks has become one of the Nation's highest priorities. To achieve this objective, networks, systems, and the operations teams that support them must vigorously defend against external attacks. Furthermore, for those external attacks that are successful, defenses must be capable of thwarting, detecting, and responding to follow-on attacks on internal networks as attackers spread inside a compromised network. A central tenet of the US Comprehensive National Cybersecurity Initiative (CNCI) is that 'offense must inform defense'. In other words, knowledge of actual attacks that have compromised systems provides the essential foundation on which to construct effective defenses. The US Senate Homeland Security and Government Affairs Committee moved to make this same tenet central to the Federal Information Security Management Act in drafting FISMA 2008.

Hackers broke into the Federal Aviation Administration's computer system last week, accessing the names and national identification numbers of 45,000 employees and retirees, a union leader says. Tom Waters, president of American Federation of State, County and Municipal Employees Local 3290, said FAA officials briefed union leaders Monday about the security breach. FAA spokeswoman Laura Brown confirmed the agency's computers were hacked last week. Story continues below ↓advertisement | your ad here Waters said union leaders were told hackers gained access to two files. One file had the names and Social Security numbers of 45,000 employees and retirees on the FAA's rolls as of February 2006. Social Security is the U.S. government-directed pension system, and in the absence of a national identity card, other people's social security numbers can be used to steal identities for illicit purposes. Waters said the other file contained medical information that was encrypted. "These government systems should be the best in the world, and apparently they are able to be compromised," said Waters, an FAA contracts attorney. "Our information technology systems people need to take a long hard look at themselves and their capabilities. This is malpractice in their world." FAA officials told union leaders the incident was the first of its kind at the agency. But Waters said his union complained about three or four years ago about an incident in which employees received anti-union mail that used names and addresses that appeared to be generated from FAA computer files.

For the second time in the same case, law enforcement in Denver turned away a key component in hundreds of instances of identity theft. The first time, it was a box full of stolen documents found in a storage unit, turned away by a Denver Police officer. This time, it was the main suspect, turned away by the Denver Sheriff's Department. The Denver Sheriff's Department admits the man believed to be at the center of an identity theft operation, 46-year-old Paul Simmons, tried to turn himself in at the Denver City Jail 16 hours before police arrested him. A warrant had been issued for his arrest and was entered into the system at 10:15 a.m, according to Sonny Jackson, Denver Police Spokesman. Sheriff's spokesperson Capt. Frank Gale told 9Wants to Know Tuesday that Simmons walked into the Denver City Jail around 8 p.m. Monday night. The Denver Sheriff's Department runs the city jail. It is not staffed by the Denver Police Department. Gale says Simmons told a sheriff's deputy he had received a call from an investigator with Denver Police saying he was wanted for questioning in connection with the identity theft case featured on 9NEWS. Gale says the sheriff's deputy then told Simmons there was not a record of him being wanted in the computer, but sent Simmons to check in with the Denver Police Department housed in a separate building across the courtyard at 1331 Cherokee St. Gale said the deputy did not know if Simmons ever made it to the Denver Police building. Denver Police spokesperson Sonny Jackson said Simmons never did. "We really wish he would have taken the 50 steps across the courtyard and talked to us, that would have saved us a lot of time today." Jackson said. "If he [Simmons] really wanted to turn himself in we would have been more than happy to take him into custody."

It is hard work looking for a job, Matt Sawyer said. "Well with the economy being down right now, it's pretty hard," said Sawyer. Like most job hunters, Matt is posting his resume on various online job sites. But you have to be careful when sending out your personal information over the Internet, privacy expert Pam Dixon said. "The problem is, if you don't use it correctly, it can come back to haunt you," she said. Dixon runs the World Privacy Forum and warns job hunters to be cautious with their personal information when posting their resume. "In fact any competent job site will give you the option of hiding your personal information," said Dixon. Scam artists have been known to steal personal information from resumes and use it to apply for credit. That is why Dixon said you should only include your first initial and last name, no full names, when writing your resume. She also said not to include your phone number or address. Dixon said you should create an email address that is temporary and just use it for your job search. Dixon said scam artist will even call people from their resume and ask for detailed information like a copy of their driver's license or social security number or even their credit card information. The scammers will claim it's for a background check but it's only to steal from the job seeker. Matt admits if he was approached for a job he might give away too much information. "I think when people first get that call and they're real excited about it, they might just jump into it and go ahead and do it," he said.