Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

Report – Fostering The Advancement of the Internet of Things

Department of Commerce Internet Policy Task Force & Digital Economy Leadership Team report, Fostering the Advancement of the Internet of Things, January 2017.

“The Internet of Things (IoT) – in which connected devices are proliferating at an unprecedented rate–is a technological development that is transforming the way we live and do business. IoT continues the decades-long trend of increasing connectivity among devices and the Internet, bringing online everything from refrigerators to automobiles to factory inventory systems. At the same time, IoT encompasses a widening scope of industries and activities and a vastly increasing scale and number of devices being connected, thus raising the stakes and impacts of broad connectivity. The prospective benefits of IoT to personal convenience, public safety, efficiency, and the environment are clear. IoT has the potential to make our highways safer by enabling connected vehicles to interact with each other to prevent accidents, to make quality health care more accessible through remote monitoring devices and telehealth practices for those who cannot easily travel, and to reduce waste and improve efficiency both in factory supply chains and in the running of cities. It even has the potential to create new industries and consumer goods that have yet to be imagined. For the full potential to be realized, however, the necessary infrastructure and policies must be in place,including strategies to respond to the challenges raised in areas such as cybersecurity and privacy. Due to its expertise in the issues raised by IoT, as well as its economy-wide perspective, the Department of Commerce (Department) is well placed to meet these challenges and to champion the development of a robust IoT environment that benefits consumers, the economy, and society as a whole. With an April 2016 Request for Comment, “The Benefits, Challenges, and Potential Roles for the Government in fostering the Advancement of the Internet of Things,” the Department of Commerce sought to review the current technological and policy landscape relating to IoT. A broad array of stakeholders – from the private sector, academia,government, and civil society–offered perspectives in response to the request. In September 2016, the Department hosted a workshop to delve deeper into the questions raised by the Request for Comment, and to explore some of the related issues arising from the public comments. This paper represents the Department’s analysis of those comments. It also identifies key issues that can impact the deployment of IoT technologies, highlights potential benefits and challenges, and discusses what role, if any, the U.S. Government, particularly the Department of Commerce, should play in this evolving landscape.”

Regulating Software When Everything Has Software

Ohm, Paul and Reid, Blake Ellis, Regulating Software When Everything Has Software (November 16, 2016). George Washington Law Review, Vol. 84, No. 6, 2016. Available for download at SSRN: https://ssrn.com/abstract=2873751 “This Article identifies a profound, ongoing shift in the modern administrative state: from the regulation of things to the regulation of code. This shift has… Continue Reading

Data Breach Incidents, Causes, and Response

Data Breach Incidents, Causes, and Response, 12/12/2016“In October and November of 2012 the Society of Corporate Compliance and Ethics and the Health Care Compliance Association conducted a survey among compliance professionals to better understand the impact and frequency of data breaches. At the time breaches were very much in the news, just as they are today. To assess whether and… Continue Reading

IRS IG – Improvements Are Needed to Ensure the Protection of Data the IRS Transfers to External Partners

“When the Internal Revenue Service (IRS) has shared data, including Personally Identifiable Information, taxpayer information, and other sensitive data, with external entities, it has not always adequately protected the data through secure file transfer technology, according to an audit report that the Treasury Inspector General for Tax Administration (TIGTA) released today. The IRS shares data… Continue Reading

USSS Faces Challenges Protecting Sensitive Case Management Systems and Data

“We performed this audit as a follow-up to a September 2015 Office of Inspector General (OIG) investigation regarding United States Secret Service (USSS) employees improperly accessing and distributing sensitive information onthe agency’s Master CentraIndex (MCI) mainframe system. Our objective was to determine whether adequate controls and data protections were in place on systems to which… Continue Reading

NIST study – Security Fatigue

Security Fatigue, Issue No. 05 – Sept.-Oct. (2016 vol. 18) ISSN: 1520-9202 pp: 26-32 DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2016.84 “Security fatigue has been used to describe experiences with online security. This study identifies the affective manifestations resulting from decision fatigue and the role it plays in users’ security decisions. A semistructured interview protocol was used to collect… Continue Reading

Federal Information Security: Actions Needed to Address Challenges

Federal Information Security: Actions Needed to Address Challenges, GAO-16-885T: Published: Sep 19, 2016. Publicly Released: Sep 20, 2016. “Cyber incidents affecting federal agencies have continued to grow, increasing about 1,300 percent from fiscal year 2006 to fiscal year 2015. Several laws and policies establish a framework for the federal government’s information security and assign implementation… Continue Reading

Article excerpt from new book – “Rise of the Machines: A Cybernetic History”

This article is published via the Passcode – Modern field guide to security and privacy from The Christian Science Monitor”: The cypherpunk revolution-How the tech vanguard turned public-key cryptography into one of the most potent political ideas of the 21st century, by Thomas Rid, July 20, 2016. “…But amid the hype [in the 1990s with… Continue Reading

ACRL – Keeping Up With Cybersecurity, Usability, and Privacy

Snipped – via Bohyun Kim. Associate Director, Library Applications and Knowledge Systems, at the University of Maryland-Baltimore, Health Sciences and Human Services Library – Keeping Up With Cybersecurity, Usability, and Privacy What is Cybersecurity? Cybersecurity is a broad term. It refers to the activities, practices, and technology that keep computers, networks, programs, and data secure… Continue Reading

CRS – Stealing Trade Secrets and Economic Espionage

Stealing Trade Secrets and Economic Espionage: An Overview of the Economic Espionage Act, Charles Doyle, Senior Specialist in American Public Law. August 19, 2016. “Stealing a trade secret is a federal crime when the information relates to a product in interstate or foreign commerce, 18 U.S.C. 1832 (theft of trade secrets), or when the intended… Continue Reading

BYU – Why We Disregard Security Warnings

BYU Marriott School News – “Software developers listen up: if you want people to pay attention to your security warnings on their computers or mobile devices, you need to make them pop up at better times. A new study from BYU, in collaboration with Google Chrome engineers, finds the status quo of warning messages appearing… Continue Reading

Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems

Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems, GAO-16-501: Published: May 18, 2016. Publicly Released: Jun 21, 2016. “In GAO’s survey of 24 federal agencies, the 18 agencies having high-impact systems identified cyber attacks from “nations” as the most serious and most frequently-occurring threat to the security of their systems. These agencies… Continue Reading