UK Parliament Seizes Internal Facebook Privacy Documents

Data Breach Today

court documents to reveal internal Facebook discussions about data security and privacy controls, as Parliament probes Facebook and other social media firms, as well as Russian interference and fake news

The Privacy Penalty for Voting in America

Data Breach Today

States Shouldn't Serve Up on a Platter Voters' Email Addresses and Phone Numbers Voting in the United States carries a huge privacy cost: states give away or sell voters' personal information to anyone who wants it. In this era of content micro-targeting, rampant misinformation and identity theft schemes, this trade in voters' personal data is both dangerous and irresponsible

Opioid Crisis Raises Tough Privacy Issues

Data Breach Today

Facebook Slammed With Maximum UK Privacy Fine

Data Breach Today

Failings Leading to Cambridge Analytica Scandal Earn Sharp Rebuke From Regulator Facebook has been slammed with the maximum possible fine under U.K.

Facebook Breach: Attackers Exploited Privacy Feature

Data Breach Today

Attackers Hacked Three Separate Bugs to Breach 50 Million Accounts Facebook says that whoever hacked 50 million user accounts, putting the privacy of those users' personal data at risk, did so by abusing its "View As" privacy feature. Facebook says the attack successfully targeted three separate bugs in its video-uploading functionality

GDPR: The Global Impact on Privacy

Data Breach Today

Richard Henderson of Infosec Global Sizes Up the EU Law's Influence So Far Richard Henderson of Infosec Global discusses the impact of the European Union's General Data Protection Regulation and how the law is influencing privacy frameworks globally

NIST Announces Privacy Framework Effort

Privacy and Cybersecurity Law

Department of Commerce’s National Institute of Standards and Technology (NIST) announced the start of a collaborative project to develop a voluntary privacy framework to help organizations manage privacy related risk. On September 4, 2018, the U.S.

Privacy for Tigers

Schneier on Security

Privacy matters for tigers, for snow leopards, for elephants and rhinos ­ and even for tortoises and sharks. datacollection naturalsecurity privacyRoss Anderson has some new work : As mobile phone masts went up across the world's jungles, savannas and mountains, so did poaching.

Mozilla Releases Annual Privacy Guide to Holiday Shopping

Adam Levin

The Mozilla Foundation has released the second installation of *Privacy Not included, the organization’s annual privacy guide to internet-connected gifts. The list was started to promote the idea that privacy and security by design can and should be a major selling point.

Update: NIST Preparing Privacy Framework

Data Breach Today

Building on the success of the NIST Cybersecurity Framework, the National Institute of Standards and Technology is in the early stages of developing a privacy framework. The effort will kick off with a workshop Tuesday in Austin, Texas, explains Naomi Lefkovitz, who is leading the project

Strengthening Privacy Rights with Privacy Enhancing Technologies


Moreover, there seems to be momentum developing for a more comprehensive US Federal Privacy initiative consistent with GDPR. The current US data privacy regime is somewhat fragmented and sectoral in nature and is perceived to be an impediment to competing in the digital economy.

Equifax Hit With Maximum UK Privacy Fine After Mega-Breach

Data Breach Today

Multiple Failures' Cited as Watchdog Levies Maximum Possible Pre-GDPR Fine Credit bureau Equifax has been hit with the maximum possible fine under U.K.

How DNA Databases Violate Everyone's Privacy

Schneier on Security

academicpapers databases dna privacyIf you're an American of European descent, there's a 60% you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public.

Manage Your Privacy Journey: GDPR, CCPA and Beyond


Some might think the privacy adventure is over as we are now six months past the compliance deadline of May 28, 2018. The most notable of these is the California Consumer Privacy Act (CCPA) with its deadline of January 2020. I love adventures!

Privacy and Security of Data at Universities

Schneier on Security

Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII. The privacy frontier facing research universities spans open access practices, uses and misuses of data, public records requests, cyber risk, and curating data for privacy protection.

Automotive Privacy

Adam Shostack

[Update: clarified a sentence about whose privacy is touched, and where.]. When we did a privacy threat model at the Seattle Privacy Coalition, we found these issues. personal security privacy surveillance

California's New Privacy Law: It's Almost GDPR in the US

Data Breach Today

But Tech Giants are Taking Aim at the Law, Which Can Be Amended Until 2020 California's legislature has quickly introduced and passed new privacy legislation, making the state's laws the strongest in the U.S.

Puzzling Health Dept. Privacy Incident Exposes HIV Data

Data Breach Today

Thousands of Individuals' Data Was Allegedly Accessible to All Agency Workers An incident involving an unsecured database containing information about thousands of HIV/AIDS patients in Tennessee is shining a spotlight on privacy risks involving sensitive health data

New Privacy Issues for Amazon

Data Breach Today

An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15

New Privacy+ Committee Seeks Volunteers

IG Guru

In the crown of PRISM International, perhaps there is no jewel so prestigious as Privacy+, the international certification program that the division offers, allowing information management companies to demonstrate commitment to ensure the privacy of information.

Why California's New Privacy Law is a 'Whole New Ballgame'

Data Breach Today

While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why

Instagram Privacy Tool Exposed Passwords

Dark Reading

The 'Download Your Data' tool, intended to improve users' privacy, actually became a privacy risk

OCR Considering HIPAA Privacy Rule, Enforcement Changes

Data Breach Today

But Agency Will Seek Public Input First Federal regulators are considering potential changes to HIPAA privacy rule and enforcement regulations, but aim to first engage the healthcare sector and public for input, says the nation's top HIPAA enforcer.

Analysis: California's Groundbreaking Privacy Law

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach

Yet Another Twist in Messy Aetna Privacy Breach Case

Data Breach Today

Health Insurer Sues Organizations That Represented HIV Patients in Earlier Privacy Dispute A messy legal case involving a 2017 privacy breach that has already cost Aetna about $20 million in settlements has taken yet another twist.

Facebook's Security and Privacy Overhaul Comes at a Price

Data Breach Today

CEO Mark Zuckerberg Reports Decreased Profitability, GDPR Impact Facebook is making substantial investments to improve its data security and privacy practices.

GDPR and the Next Generation of Privacy Legislation

Data Breach Today

Cisco's Michelle Dennedy on theSignificance of New Privacy Laws Barely one month after the enforcement date of the EU's General Data Protection Regulation, California passed its own landmark new data privacy legislation.

Call for Speakers – Privacy+Security Forum

IG Guru

The post Call for Speakers – Privacy+Security Forum appeared first on IG GURU. IG News Information Governance information privacy information security Call for Speakers Privacy+SecuritySpeaker Submission Link.

Europe's Strong GDPR Privacy Rules Go Into Full Effect

Data Breach Today

After a two-year grace period following the passage of the legislation, member states' data privacy watchdogs are now enforcing the strong privacy rules, which offer worldwide protection for Europeans It's May 25: Do You Know What Your Data Protection Polices Are?

California Passes New Privacy Law

Schneier on Security

The California legislature unanimously passed the strongest data privacy law in the nation. A ballot initiative was already going to be voted on in November, one with even stronger data privacy protections. datacollection dataprotection laws privacy

Analysis: Opioid Legislation Stripped of Privacy Provision

Data Breach Today

Although the passage by Congress of the Support for Patients and Communities Act this week is an important step in the nation's battle against the opioid drug addiction crisis, it lacks a critical privacy provision, says Geisinger Health CIO John Kravitz, who analyzes the implications

NIST Launches Privacy Framework Effort

Hunton Privacy

On September 4, 2018, the Department of Commerce’s National Institute of Standards and Technology (“NIST”) announced a collaborative project to develop a voluntary privacy framework to help organizations manage privacy risk. We’ve had great success with broad adoption of the NIST Cybersecurity Framework, and we see this as providing complementary guidance for managing privacy risk,” said Under Secretary of Commerce for Standards and Technology and NIST Director Walter G.

California Enters the Privacy Regulation Arena

IG Guru

California Enters the Privacy Regulation Arena California is the first state in what undoubtedly will be a wave of United States privacy laws on the European model. The post California Enters the Privacy Regulation Arena appeared first on IG GURU.

Helen Nissenbaum on Data Privacy and Consent

Schneier on Security

This is a fantastic Q&A with NYU Law Professor Helen Nissenbaum on data privacy and why it's wrong to focus on consent. datacollection dataprotection interviews privacy

White House Facial Recognition Pilot Raises Privacy Alarms


Privacy facial recognition secret service White HouseThe facial recognition pilot will identify “subjects of interest" around the White House.

HHS Weighs Changes to Health Data Privacy Regulations

Data Breach Today

Privacy and Security Experts Offer Insights on What Changes Make Sense HHS is considering making changes to federal privacy regulations governing health data - including HIPAA and the 42 CFR Part 2 law.

NIST Begins Developing a Voluntary Online Privacy Framework

IG Guru

Friday, November 2, 2018 The Department of Commerce’s National Institute of Standards and Technology (“NIST”) announced in early September intention to create a Privacy Framework. This Privacy Framework would provide voluntary guidelines that assist organizations in managing privacy risks.

Amazon's Healthcare Expansion: Analyzing Privacy Concerns

Data Breach Today

As Amazon expands its activities in healthcare, include a high-profile venture into the pharmacy business, the online retail giant will face a wide variety of important privacy issues, attorneys Jeffrey Short and Todd Nova explain

Retail 100

Fintech Apps: Consumer Privacy Concerns Remain High

Data Breach Today

But those users are concerned about data privacy and want more control over the financial data their apps can access, says David Fortney of The Clearing House, who reviews the results of a survey Nearly one-third of U.S. banking consumers use online and mobile fintech apps to help manage their money.

Toymaker VTech Settles FTC Privacy Lawsuit For $650,000

Data Breach Today

Message From FTC to Toymakers: Don't Mess With Kids' Privacy One of the most alarming breaches of 2015, involving Hong Kong toymaker VTech, has resulted in a $650,000 settlement with the U.S.

Google Vows Privacy Changes in Chrome Browser After User Backlash


The tech giant promised that it will be more transparent about users' data in Chrome 70 after coming under fire for its privacy policies earlier this week. Privacy Web Security chrome chrome 69 chrome 70 Data Privacy google Google Privacy

'Virtual Assistant' EHR Tools: Privacy, Security Issues

Data Breach Today

Data integrity and privacy issues are among potential concerns related to voice-activated "virtual assistant" tools that some vendors are beginning to offer for their electronic health record systems, says privacy and security expert Kate Borten

Tools 100

EU Mass Surveillance Alive and Well, Privacy Groups Warn

Data Breach Today

Groups 150