Online and data privacy issues have triggered the creation of a Privacy Task Force by Connecticut’s Attorney General. This development was announced last September 15th in response to the rapidly increasing number of internet privacy concerns and data breaches. According to the announcement, the task force’s main focus is on public education regarding data protection requirements.
The Attorney General’s office has recognized the need for an initiative that will directly address these two big issues. Internet and data privacy problems have been affecting consumers and the broad public interest in general. To date, there are at least a dozen ongoing investigations regarding security breaches. Most of these cases resulted in the loss of medical records of patients, insurance records or personal information of customers. There are also those that involve the collection of unauthorized personally identifiable information.
To boost the campaign to protect the privacy of consumers, the office has also asked the help of giant tech companies. While the investigations are ongoing, Google and Facebook have also committed to take part in consumer protection. To some extent, the willingness of these companies to participate in the campaign is gaining success.
On the part of the Task Force, it will take charge of all investigations regarding consumer privacy breaches that are being conducted by the office. It will also be responsible for educating the public and the business community. It will focus on protecting sensitive personal data and informing the affected individuals of the occurrence of data breaches.
The office also hopes to serve as a resource center where individuals and businesses can go to seek assistance. Particularly, those who need assistance either for protecting their own information or that of their customers can just contact the office. It also recognizes the fact that customers are really involved in a challenging and evolving technological environment, and they need assistance to cope with it.
The Task Force is composed of four attorneys who have expertise, interest and experience in data privacy issues. Somehow, this initiative will serve as a model for others to follow. Data protection programs cannot be left alone to the public. There has to be an expert group that will lead them into an awareness about the consequences of data breaches and how they can avoid such situations.
Image: Keattikorn / FreeDigitalPhotos.net
Thursday, September 22, 2011
Monday, September 19, 2011
Have You Committed Felony Lately?
Internet users may not be aware that they could be put to jail for falsifying their personal information on the internet. Facebook users, after knowing this, may have to think many times before providing any false information on their account. This may sound absurd, but there have been a number of cases where users were penalized for breach of the terms of use of the websites that they visit.
The U.S. Congress is more likely to expand the scope of laws that pertain to “cybersecurity”. The existence of the so-called Computer Fraud and Abuse Act, which was passed in 1986, seems insufficient. This law mainly deals with the provisions that pertain to computer hacking. Since its inception, the law has been periodically broadened, and it now extends far beyond hacking.
One of its provisions is that it is a criminal act for any user to exceed “authorized access”. This means that users must not go beyond the terms and conditions stipulated by the website’s owner. Once this is broken, the user faces a criminal liability, especially if breaking those terms and conditions are committed within an office environment.
This is a revelation to those who intentionally falsify their information for any reason. Social networking users, more often than not, lie about their names and ages. Once put in place, faking would constitute a crime and would be punishable by law. Many users would be facing penalties once Congress approves the consideration of such acts as felony.
There were a few cases in the past that involved ridiculous disputes that were filed by private parties. It was reported that a company owner sued a former employee for visiting Facebook and sending personal emails using the company’s facility. Another ridiculous case involved a company that prohibited competitors from visiting its site. It ended up with the company suing a competitor for breach of its “terms of use”.
Concerned groups suggest that Congress must plainly define those cases that involve crimes. Even if there is a need to take legal action on real offenders, the law has to be humane. No one would want federal courts to be swamped with cases that involved mere violation of a promise.
Image: jscreationzs / FreeDigitalPhotos.net
The U.S. Congress is more likely to expand the scope of laws that pertain to “cybersecurity”. The existence of the so-called Computer Fraud and Abuse Act, which was passed in 1986, seems insufficient. This law mainly deals with the provisions that pertain to computer hacking. Since its inception, the law has been periodically broadened, and it now extends far beyond hacking.
One of its provisions is that it is a criminal act for any user to exceed “authorized access”. This means that users must not go beyond the terms and conditions stipulated by the website’s owner. Once this is broken, the user faces a criminal liability, especially if breaking those terms and conditions are committed within an office environment.
This is a revelation to those who intentionally falsify their information for any reason. Social networking users, more often than not, lie about their names and ages. Once put in place, faking would constitute a crime and would be punishable by law. Many users would be facing penalties once Congress approves the consideration of such acts as felony.
There were a few cases in the past that involved ridiculous disputes that were filed by private parties. It was reported that a company owner sued a former employee for visiting Facebook and sending personal emails using the company’s facility. Another ridiculous case involved a company that prohibited competitors from visiting its site. It ended up with the company suing a competitor for breach of its “terms of use”.
Concerned groups suggest that Congress must plainly define those cases that involve crimes. Even if there is a need to take legal action on real offenders, the law has to be humane. No one would want federal courts to be swamped with cases that involved mere violation of a promise.
Image: jscreationzs / FreeDigitalPhotos.net
Saturday, September 17, 2011
Changes in Public Disclosure Laws
Today’s businesses cannot just take it for granted when their customers’ email addresses are stolen or lost. Such occurrences might already carry with it legal obligation to notify their customers about the data breach. Changes are going on here and there in the privacy arena that serves as a wake-up call to businesses and CIOs.
Major changes are being implemented in the way businesses are held accountable for the safety of personal information. Public disclosure of data breaches is applied on a wider scale so quickly that it seems difficult for many businesses to cope with it. They have one question, and that is “which kind of data legally requires public disclosure?”.
It used to be that businesses and CIOs had only to deal with the problem if “personally identifiable information” was lost or stolen . This means that a company is required to disclose only if it collects information that can identify, or be traced back to a person. This is data that involves, among others, a user’s bank accounts, Social Security numbers, medical information and others. The business has the obligation to inform the owners of any data breach.
When only the names of customers are lost or stolen, the business is not required to notify the customers involved. It would not be the same if together with the stolen names are the customers’ Social Security numbers or their email addresses. With these, there is enough information that could give hackers a better chance at intruding into the privacy of the customers.
Hackers will try all means to figure out the password to an email address. When he or she succeeds, it would open them to the virtual world of the account’s owner. Many users use the same passwords in their email, banking, and social networking accounts despite continuous education. This situation alone explains why businesses should not be lenient when it comes to protecting personally identifiable information.
After the hackers gain access to users’ accounts, it is possible for customers to receive emails from one of their “contacts”. Chances are that users would treat the email as reliable because it comes from one of their associates. But when the customers enter their usernames and passwords, all of their useful information, which could also include those of their contacts, is stolen. This case shows that simple loss of email addresses can pose a great risk. It then becomes an issue of public disclosure on the part of any business community.
Image: sheelamohan / FreeDigitalPhotos.net
Major changes are being implemented in the way businesses are held accountable for the safety of personal information. Public disclosure of data breaches is applied on a wider scale so quickly that it seems difficult for many businesses to cope with it. They have one question, and that is “which kind of data legally requires public disclosure?”.
It used to be that businesses and CIOs had only to deal with the problem if “personally identifiable information” was lost or stolen . This means that a company is required to disclose only if it collects information that can identify, or be traced back to a person. This is data that involves, among others, a user’s bank accounts, Social Security numbers, medical information and others. The business has the obligation to inform the owners of any data breach.
When only the names of customers are lost or stolen, the business is not required to notify the customers involved. It would not be the same if together with the stolen names are the customers’ Social Security numbers or their email addresses. With these, there is enough information that could give hackers a better chance at intruding into the privacy of the customers.
Hackers will try all means to figure out the password to an email address. When he or she succeeds, it would open them to the virtual world of the account’s owner. Many users use the same passwords in their email, banking, and social networking accounts despite continuous education. This situation alone explains why businesses should not be lenient when it comes to protecting personally identifiable information.
After the hackers gain access to users’ accounts, it is possible for customers to receive emails from one of their “contacts”. Chances are that users would treat the email as reliable because it comes from one of their associates. But when the customers enter their usernames and passwords, all of their useful information, which could also include those of their contacts, is stolen. This case shows that simple loss of email addresses can pose a great risk. It then becomes an issue of public disclosure on the part of any business community.
Image: sheelamohan / FreeDigitalPhotos.net
Thursday, September 15, 2011
Emails and Employees' Rights
In their daily work schedule, employees cannot keep from using the company’s IT facilities to send and receive private emails. This is aside from the business-related ones which are considered official. These emails could stay in an employees’ inbox for an indefinite period of time, and it is understood that private emails are only for that particular employee’s own personal consumption.
The issue with this situation is when an employer needs to access an employee’s email account when the latter is unavailable or absent for any length of time. Legal implications have been associated with employers who are opening their employee’s emails. The German Higher Labor Court early this year ruled that employers have the right to access and review an employee’s work-related email correspondence. It said that the requirements of the “secrecy of telecommunications” do not hold true in these cases. The company cannot be considered a “provider of telecommunication services” although the employee was allowed to use the employer’s email services.
A case once involved a worker who was not present at work due to a long-term illness. The employer was unable to obtain the employee’s consent despite repeated attempts. The employer then opened the employee’s email account, but only those emails that were business-related were read and printed. The owner did this in the presence of two eligible witnesses. Employee’s emails that were “private” and not business-related were neither read nor printed.
As a result, the employee tried to get a court order prohibiting her employer from accessing her email account in the future without her permission. The court denied her, and further repeated that her employer was not a “provider of telecommunication services”. The circumstances do not meet the criteria to fall under such a category.
The Higher Court made it clear that the employee’s use of the company’s email system is just a “side effect” of her normal daily routine. There is no adequate basis to decide that it actually falls under the scope of the Telecommunication s Act. With this present court ruling in Germany, employers can open an employee’s email account even without permission. The limitation would be that only business-related email messages in an employee’s email inbox would be opened, read or printed.
Image: Master isolated images / FreeDigitalPhotos.net
The issue with this situation is when an employer needs to access an employee’s email account when the latter is unavailable or absent for any length of time. Legal implications have been associated with employers who are opening their employee’s emails. The German Higher Labor Court early this year ruled that employers have the right to access and review an employee’s work-related email correspondence. It said that the requirements of the “secrecy of telecommunications” do not hold true in these cases. The company cannot be considered a “provider of telecommunication services” although the employee was allowed to use the employer’s email services.
A case once involved a worker who was not present at work due to a long-term illness. The employer was unable to obtain the employee’s consent despite repeated attempts. The employer then opened the employee’s email account, but only those emails that were business-related were read and printed. The owner did this in the presence of two eligible witnesses. Employee’s emails that were “private” and not business-related were neither read nor printed.
As a result, the employee tried to get a court order prohibiting her employer from accessing her email account in the future without her permission. The court denied her, and further repeated that her employer was not a “provider of telecommunication services”. The circumstances do not meet the criteria to fall under such a category.
The Higher Court made it clear that the employee’s use of the company’s email system is just a “side effect” of her normal daily routine. There is no adequate basis to decide that it actually falls under the scope of the Telecommunication s Act. With this present court ruling in Germany, employers can open an employee’s email account even without permission. The limitation would be that only business-related email messages in an employee’s email inbox would be opened, read or printed.
Image: Master isolated images / FreeDigitalPhotos.net
Tuesday, September 6, 2011
Cyberattacks on the Loose
Last August, there was a public disclosure of the most threatening and pervasive online espionage. This disclosure, prepared by internet security experts at Silicon Valley, after years of investigation, said that the cyberattacks have been going on for at least five years. The targets were identified as some U.S. companies and government agencies. Obviously, these attacks are threats to the country’s national security and economy.
According to McAfee, there were 72 organizations targeted, but the total number could reach into the thousands, and may include companies and government agencies. It was found that the attacks were mostly aimed at obtaining sensitive information. Going deep into the nature of the attacks, the experts suspected that the perpetrator is a particular nation. At present, the experts choose not to identify the offender.
A McAfee spokesperson said that the surveillance slowly eats up both the economic and national security advantages of the U.S. He considers the activities to be very serious as they steal valuable intellectual property. Consequently, these will adversely affect jobs and the condition of the economic community. The spokesperson did not give details of the data that is being stolen because doing so might raise privacy concerns of the targeted organizations. He simply reiterated that a particular nation is behind all these attacks.
Of the targets, McAfee identified that 49 are found in the U.S. These include a solar power company, defense contractors, tech companies, news organizations, real estate companies, and a county government. Targets outside of the United States include, among others, a government agency in Taiwan and some Olympic organizations.
Another cybersecurity expert said that China and Russia are two of the most active opponents of the U.S. when it comes to cyberspace. However, a Chinese government representative earlier denied any involvement by China in any such activities. He said that China is willing to work with other countries against these kinds of attacks, and emphasized that it is also a victim. He added that China is not happy with the way some people linked the country to hacker attacks.
The toll on the U.S. economy brought about by stolen data might not be felt for years. It is estimated by experts that the country loses as much as $20 billion every year to online espionage. It is possible that the attacker is first trying to weaken the country’s competitive edge before finally dropping the full weight.
Image courtesy of:
Image: vichie81 / FreeDigitalPhotos.net
According to McAfee, there were 72 organizations targeted, but the total number could reach into the thousands, and may include companies and government agencies. It was found that the attacks were mostly aimed at obtaining sensitive information. Going deep into the nature of the attacks, the experts suspected that the perpetrator is a particular nation. At present, the experts choose not to identify the offender.
A McAfee spokesperson said that the surveillance slowly eats up both the economic and national security advantages of the U.S. He considers the activities to be very serious as they steal valuable intellectual property. Consequently, these will adversely affect jobs and the condition of the economic community. The spokesperson did not give details of the data that is being stolen because doing so might raise privacy concerns of the targeted organizations. He simply reiterated that a particular nation is behind all these attacks.
Of the targets, McAfee identified that 49 are found in the U.S. These include a solar power company, defense contractors, tech companies, news organizations, real estate companies, and a county government. Targets outside of the United States include, among others, a government agency in Taiwan and some Olympic organizations.
Another cybersecurity expert said that China and Russia are two of the most active opponents of the U.S. when it comes to cyberspace. However, a Chinese government representative earlier denied any involvement by China in any such activities. He said that China is willing to work with other countries against these kinds of attacks, and emphasized that it is also a victim. He added that China is not happy with the way some people linked the country to hacker attacks.
The toll on the U.S. economy brought about by stolen data might not be felt for years. It is estimated by experts that the country loses as much as $20 billion every year to online espionage. It is possible that the attacker is first trying to weaken the country’s competitive edge before finally dropping the full weight.
Image courtesy of:
Image: vichie81 / FreeDigitalPhotos.net
Thursday, September 1, 2011
It's Better with Anonymous Proxy
Data theft and data breaches have become so common that there is a need for a more secure online connection. At present, one can only hope that data thieves can be prevented from monitoring a user’s online activities. There have been many attempts to deal with this concern, but only a few effectively gave users satisfaction.
Once a user’s IP address is known to unscrupulous people, it is easy for them to get his or her personal information. Literally, the user cannot hide anything from them - what kind of sites he or she visits, how long he or she stays there, what products he or she usually buys, etc. But if the user’s IP address is hidden from them, these annoying and actually unsafe scenarios are not possible.
One’s IP address can be effectively hidden by using Anonymous Proxy. With this online defense, a user maintains online anonymity in his or her surfing activities. No one can trace the location where he or she is surfing from so his or her online transactions can no longer be tracked. Anonymous Proxy helps a user keep his or her personal information secure. With all these, he or she does not have to worry when transacting online. These are but some of the personal reasons why one should use Anonymous Proxy.
Anonymous Proxy can give lots of security and convenience to those who are in online business. They can now carry out an anonymous study of their competitors. Being hidden, chances are that they will be able to “look” at their competitors’ strengths and weaknesses. They can also publish their web sites anonymously, making it difficult for their rivals to block them.
Travelers, who can be businessmen, can maximize the benefits of Anonymous Proxy. Using Anonymous Proxy can spell the difference when it comes to security, inasmuch as almost all of them rely on Wifi access while they travel. Access to Wifi services at airports or hotels can never be totally free from possible intrusion. With Anonymous Proxy, browsing from hotels and airports can be safe and secure. Businessmen can do financial transactions without having to worry that they are under scrutiny.
These and other benefits make Anonymous Proxy a must for those who want a more secure and safe online activity for so long.
Image courtesy of:
Image: jscreationzs / FreeDigitalPhotos.net
Once a user’s IP address is known to unscrupulous people, it is easy for them to get his or her personal information. Literally, the user cannot hide anything from them - what kind of sites he or she visits, how long he or she stays there, what products he or she usually buys, etc. But if the user’s IP address is hidden from them, these annoying and actually unsafe scenarios are not possible.
One’s IP address can be effectively hidden by using Anonymous Proxy. With this online defense, a user maintains online anonymity in his or her surfing activities. No one can trace the location where he or she is surfing from so his or her online transactions can no longer be tracked. Anonymous Proxy helps a user keep his or her personal information secure. With all these, he or she does not have to worry when transacting online. These are but some of the personal reasons why one should use Anonymous Proxy.
Anonymous Proxy can give lots of security and convenience to those who are in online business. They can now carry out an anonymous study of their competitors. Being hidden, chances are that they will be able to “look” at their competitors’ strengths and weaknesses. They can also publish their web sites anonymously, making it difficult for their rivals to block them.
Travelers, who can be businessmen, can maximize the benefits of Anonymous Proxy. Using Anonymous Proxy can spell the difference when it comes to security, inasmuch as almost all of them rely on Wifi access while they travel. Access to Wifi services at airports or hotels can never be totally free from possible intrusion. With Anonymous Proxy, browsing from hotels and airports can be safe and secure. Businessmen can do financial transactions without having to worry that they are under scrutiny.
These and other benefits make Anonymous Proxy a must for those who want a more secure and safe online activity for so long.
Image courtesy of:
Image: jscreationzs / FreeDigitalPhotos.net
Subscribe to:
Posts (Atom)