New Rules Announced for Border Inspection of Electronic Devices

Threatpost

Cloud Security Cryptography Government Mobile Security Privacy ACLU cameras computers digital privacy digital search Electronic Frontier Foundation Encryption passcodes phones reasonable suspicion tablets U.S. The U.S. Customs and Border Patrol announced new restrictions on when agents can copy data from digital devices at border crossing points.

Security Vulnerability in ESS ExpressVote Touchscreen Voting Computer

Schneier on Security

Of course the ESS ExpressVote voting computer will have lots of security vulnerabilities. It's a computer, and computers have lots of vulnerabilities. I am continuously amazed by how bad electronic voting machines are. Yes, they're computers.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Security and Privacy Implications of Zoom

Schneier on Security

Over that same period, the company has been exposed for having both lousy privacy and lousy security. In general, Zoom's problems fall into three broad buckets: (1) bad privacy practices, (2) bad security practices, and (3) bad user configurations.

Privacy and Innovation Combined in Information Governance

Everteam

Today’s biggest US tech companies – historically known for their innovation, pragmatism, and willingness to adapt – are by and large failing to comply with privacy laws forth by GDPR. This long-standing tradition of privacy protection is evident in their most recent regulation, GDPR.

HHS Releases Guidance on HIPAA and Cloud Computing

Hunton Privacy

Earlier this month, the Department of Health and Human Services’ Office for Civil Rights issued guidance (the “Guidance”) for HIPAA-covered entities that use cloud computing services involving electronic protected health information (“ePHI”). Health Privacy Security Breach U.S. Federal Law Business Associate Agreement Cloud Computing Department of Health and Human Services HIPAA Mobile Device Protected Health Information Security Rule Service Provider

Podcast Episode 128: Do Security and Privacy have a Booth at CES?

The Security Ledger

In this episode of The Security Ledger podcast (#128): you're going to hear a lot from the annual Consumer Electronics Show (CES) out in Las Vegas this week, but are any of the new gadgets being released secure?

Could a Mobile App Help Contain COVID-19? Balancing Privacy Rights & Public Interest

AIIM

In one such approach, a multidisciplinary group of computer scientists, mathematicians, and epidemiologists at the Big Data Institute at Oxford University have developed a mathematical model instantiated in a mobile application that traces contact. National Electronic Health Records Database. Balancing Privacy Rights and Public Interest. Privacy and Data Governance. Privacy Artificial Intelligence (AI

Utah Governor Signs Electronic Data Privacy Bill Requiring Warrants to Access Certain Types of Data

Hunton Privacy

law to protect electronic information that individuals have shared with certain third parties. Representative Craig Hall, R-Utah, who introduced the bill, stated that the goal “is to provide the same protections we have in the physical world and apply those to the electronic world.” Online Privacy U.S. On March 27, 2019, Utah Governor Gary Herbert signed HB57, the first U.S.

Companies’ Right to Privacy

Data Protection Report

Constitution—infringing the privacy rights of the companies , rather than the users. Note that Airbnb’s and HomeAway’s privacy policies—even prior to the enactment of the local law—required users to accept its terms of use and privacy policy, which included the statement that the company could turn over the information where required or permitted by law. Such clauses are very common, and can be found in almost every posted privacy policy.).

NIST Issues Guidelines on Security and Privacy in Public Cloud Computing

Hunton Privacy

The National Institute of Standards and Technology (“NIST”) has issued draft Guidelines on Security and Privacy in Public Cloud Computing (SP 800-144) (the “Guidelines”) for public comment. The Guidelines provide an overview of the security and privacy challenges pertinent to public cloud computing, and identify considerations for organizations outsourcing data, applications and infrastructure to a public cloud environment.

Microsoft Calls for Legislative Action to Set Rules for Cloud Computing

Hunton Privacy

Microsoft is urging Congress and the information technology industry to act now to ensure that cloud computing is guided by an international commitment to privacy, security and transparency for consumers, businesses and government. Information Security Online Privacy Cloud Computing Computer Fraud and Abuse Act Electronic Communications Privacy Act Microsoft

California Passes New Digital Privacy Law

Hunton Privacy

On October 8, 2015, California Governor Jerry Brown signed into law the California Electronic Communications Privacy Act (“CalECPA”). The law requires police to obtain a warrant before accessing an individual’s private electronic information, such as text messages, emails, GPS data and online documents that are stored in the cloud and on smartphones, tablets, computers and other digital devices. State Law California Cloud Electronic Communications Privacy Act Wiretap

Old Tech Spills Digital Dirt on Past Owners

Threatpost

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined. Cryptography Privacy data breach data disposal data integrity data wiping hard drives insecure data leaky data old electronics personal identifiable information PII secure data

Court Denies Criminal Defendant’s Motion to Suppress Evidence Obtained via Warrantless Search: eDiscovery Case Law

eDiscovery Daily

The defendant was also subject to the Oregon National Guard’s acceptable use policy and Employees of the Oregon National Guard, including the defendant, were required to sign the policy before they received computer access. Case Law Electronic Discovery Email Privacy

Belgium Adopts Law Reforming the Belgian Privacy Commission

Hunton Privacy

In this context, the Belgian legislator adopted the Law reforming the Belgian Privacy Commission, established by the Law of 8 December 1992 implementing Directive 95/46/EC. It replaces the Belgian Privacy Commission with the Belgian Data Protection Authority (“DPA”) ( Autorité de protection des données in French and Gegevensbeschermingsautoriteit in Dutch).

EU to force tech firms to hand over terror suspects' messages

The Guardian Data Protection

Under the plans, judges in one member state will be able to seize electronic evidence held on a service provider in another European country through a transnational European production order. European Union Digital media Europe UK security and counter-terrorism Counter-terrorism policy Social media Politics UK news Privacy Police Brexit Telecommunications industry Data and computer security Data protection

GDPR and The Data Governance Imperative

AIIM

This is the 12th post in a series on privacy by Andrew Pery. Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. What Do the GDPR and new Privacy Laws Mean for U.S.

According to the ABA, Lawyers are “Failing at Cybersecurity”: Cybersecurity Trends

eDiscovery Daily

In these days of increased data privacy emphasis with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), how are lawyers doing with regard to cybersecurity within their firms? Electronic Discovery Privacy Security

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g., Data privacy issues: Cyberattacks often involve identity theft. The post Fund Managers Targeted in Sophisticated Cyberattacks appeared first on Data Matters Privacy Blog.

Fund Managers Targeted in Sophisticated Cyberattacks

Data Matters

For remote access to emails, trading systems and other electronic data containing confidential information, the authentication mechanism should utilize at least two of the following factors: what a person knows (e.g., Data privacy issues: Cyberattacks often involve identity theft. The post Fund Managers Targeted in Sophisticated Cyberattacks appeared first on Data Matters Privacy Blog.

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

Related: How the Middle East has advanced mobile security regulations Over the past couple of decades, meaningful initiatives to improve online privacy and security, for both companies and consumers, incrementally gained traction in the tech sector and among key regulatory agencies across Europe, the Middle East and North America. These developments would have, over the next decade or so, steadily and materially reduced society’s general exposure to cybercrime and online privacy abuses.

The battle between privacy and law enforcement isn't going away | Deanna Paul

The Guardian Data Protection

But the US supreme court has pushed back Every time we interact with computers, smart devices or electronics, we leave detailed trails of our daily experiences. Police are tapping the surveillance power of everyday devices like cellphones. Law enforcement agencies are beginning to grasp the wealth of information new technologies provide, and courts have already made use of data from Fitbits and pacemakers.

New Class Action Complaint Alleges Privacy Violations by ISP Using NebuAd Device

Hunton Privacy

A class action complaint filed on December 9, 2009, in Illinois federal court alleges that WideOpen West, Finance, LLC ("WOW"), an Internet service provider, violated its users’ privacy by "installing spyware devices on its broadband networks." Behavioral Advertising Marketing Online Privacy Advertisement Class Action Computer Fraud and Abuse Act Electronic Communications Privacy Act Illinois

Regulating Privacy Across Borders in the Digital Age

Hunton Privacy

On November 10, 2010, the American Bar Association’s Section of Antitrust Law’s International Committee and Corporate Counseling Committee hosted a webinar on “Regulating Privacy Across Borders in the Digital Age: An Emerging Global Consensus or Vive la Difference?”. A panel of senior officials and private sector experts provided insights on emerging cross-border data privacy and security issues.

Court Denies Plaintiff’s Request to Avoid Forensic Imaging of Devices in Apple Performance Case: eDiscovery Case Law

eDiscovery Daily

Superior Court , argued that “[p]ersonal devices, like those at issue here, are afforded special privacy protections under the law. Did the court properly weigh the balance of privacy and discovery in this case? Case Law Collection Electronic Discovery Privacy

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

The Securities and Futures Commission of Hong Kong (SFC) issued new guidance to regulate the use of external electronic data storage providers (EDSPs 1 ) by licensed firms that intend to keep (or have previously kept) records or documents required to be maintained pursuant to the statutory recordkeeping rules and anti-money-laundering regime (Regulatory Records) in an online environment. 2 Circular to Licensed Corporations – Use of external electronic data storage (October 31, 2019).

Why Are Businesses Opting for Edge, AI, and IoT – and Are They Wise to Do So?

ARMA International

Edge computing is increasingly associated with at least two “trending” terms in the IT and information arenas: Internet of Things (IoT) and artificial intelligence (AI). Broadly speaking, the term refers to computing that’s done at or near the source of the data.

U.S. Supreme Court to Weigh in on Extraterritorial Search Warrant Dispute

Data Matters

government’s request for review of a lower court decision that rejected the government’s construction of the Stored Communications Act (SCA) and embraced a more restrictive view that Microsoft had advanced, backed by much of the tech industry and many privacy groups. The decision now under review held that electronic communications that are stored exclusively on foreign servers cannot be reached by U.S. officials, by using computers and personnel based in the United States.

Friday the 13th is Unlucky for the City of New Orleans. Almost. Maybe.: Cybersecurity Trends

eDiscovery Daily

” As a precautionary measure, the NOLA tweet confirmed, the city’s IT department gave the order for all employees to power down computers and disconnect from Wi-Fi. Electronic Discovery Security

What IG Professionals Should Know About the Internet of Bodies

ARMA International

Another common name for the IoB is embodied computing , where the human body is used as a technology platform. Wearable technology began as any kind of electronic device designed to be worn on the user’s body. Do health information privacy rules apply? Privacy Policy Template.

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

eDiscovery Daily

Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Privacy Settings on Social Networking Sites May Determine Protection Under Stored Communications Act

Hunton Privacy

The court left open the question of whether Crispin’s wall postings and comments should be disclosed pending a more thorough review of his online privacy settings. The SCA generally prohibits an entity that provides an “electronic communication service” (“ECS”) or a “remote computing service” (“RCS”) to the public from disclosing the contents of certain communications that are carried, maintained or stored on that service. On May 26, 2010, the court in Crispin v.

Court Declines to Order Plaintiff to Produce Cell Phone in Employment Discrimination Case: eDiscovery Case Law

eDiscovery Daily

Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data. In Santana v.

My Love for What I Do: eDiscovery Love Story

eDiscovery Daily

I once wrote an article about CAR systems back in the mid-80s – Computer Assisted (microfilm) Retrieval (good luck finding that article today) – and it seemed like the wave of the future back then. Electronic Discovery Industry TrendsIt’s Valentine’s Day!

Draft Released in the Philippines Implementing Rules for the Data Privacy Act

Hunton Privacy

On June 17, 2016, the National Privacy Commission (the “Commission”) of the Philippines released draft guidelines entitled, Implementing Rules and Regulations of the Data Privacy Act of 2012 (“IRR”), for public consultation. Such security measures include the designation of a privacy officer, limitations on physical access and the adoption of technical and logical security measures. Consent of the data subject has to be evidenced by written, electronic or recorded means.

2019 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

Today, let’s take a look back at cases related to disputes regarding proportionality vs. relevancy vs. privacy. PROPORTIONALITY vs. RELEVANCY vs. PRIVACY. Case Law Electronic Discovery

Ignoring Internet of Things Devices Could Be IdIoTic: eDiscovery Trends

eDiscovery Daily

Further, it addresses topics including data privacy, fog computing, smart cities and more. Electronic Discovery Industry Trends

IoT 58

STEPS FORWARD: How the Middle East led the U.S. to adopt smarter mobile security rules

The Last Watchdog

When it comes to securing mobile computing devices, the big challenge businesses have long grappled with is how to protect company assets while at the same time respecting an individual’s privacy.

MDM 173

2019 eDiscovery Case Law Year in Review, Part 1

eDiscovery Daily

Last year, eDiscovery Daily published 66 posts related to eDiscovery and data privacy case decisions and activities over the past year, covering 56 unique cases ! Pennsylvania Supreme Court Rules that Forcing Provision of Computer Password Violates the Fifth Amendment : In Commonwealth v.

Tuesday’s Relativity Fest 2019 Sessions: eDiscovery Trends

eDiscovery Daily

This year’s International Panel will present legal perspectives from across the globe, updating you on the latest developments in cross-border e-discovery, conflict of laws, and data privacy and protection. New Cross-Border & Privacy Concerns in the Age of GDPR Fines.