Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Privacy

Secret court authorizes continued telephone metadata collection

The Guardian UK: “After a decade in the shadows, a secretive surveillance court that authorises the bulk collection of American telephone records seized on its last chance to show off a little personality on Tuesday [June 30, 2015]. “Plus ça change, plus c’est la même chose, well, at least for 180 days,” wrote judge Michael Mosman in an unusually colourful, and public, ruling that granted an extension to the programme one last time. Congress banned the bulk collection of telephone metadata – first revealed by National Security Agency whistleblower Edward Snowden in the Guardian in 2013 – by passing sweeping NSA reforms in the USA Freedom Act earlier this month. But the legislation also proposed a six-month transition period while the NSA moves to a new system that relies on asking telephone companies for specific records rather than maintaining a central government database.”

OPM – Actions to Strengthen Cybersecurity and Protect Critical IT Systems

“The recent intrusions into U.S. Office of Personnel Management (OPM) systems that house personnel and background investigation data for Federal employees and other individuals have raised questions about the security of OPM data and the integrity of its Information Technology (IT) assets. Since Director Archuleta arrived at OPM, she has led the agency in takingContinue Reading

GAO Report – Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies

Cybersecurity: Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies, GAO-15-725T: Published: Jun 24, 2015. Publicly Released: Jun 24, 2015 “GAO has identified a number of challenges federal agencies face in addressing threats to their cybersecurity, including the following: Designing and implementing a risk-based cybersecurity program. Enhancing oversight of contractors providing IT services.Continue Reading

Massive Government Data Breach Even Worse than Reported

EPIC:  “A Congressional hearing on the Office of Personnel Management data breach has now revealed one of the worst data breaches in US history. The agency initially reported that the personal information of 4 million government employees was obtained, but news reports suggest the breach was much larger–exposing the social security numbers of more thanContinue Reading

UK: Information Security Breaches Survey 2015

PWC: “We have been commissioned by the Department for Business, Innovation and Skills (BIS) to survey companies across the UK on cyber security incidents and emerging trends…The key observations from the 2015 survey were: The number of security breaches has increased, the scale and cost has nearly doubled. Eleven percent of respondents changed the natureContinue Reading

Facebook research reveals facial recognition accuracy

NextGov: “Facebook has gotten so good at recognizing people from images that it doesn’t even need to see their faces anymore. At the Computer Vision and Pattern Recognition conference in Boston earlier this month, the social network presented research that shows it can identify individuals with 83% accuracy, according to The New Scientist.  

Government Credentials on the Open Web

Follow up to Massive hack of federal personnel files included security-clearance database – related news – “Recorded Future identified the possible exposures of login credentials for 47 United States government agencies across 89 unique domains. As of early 2015, 12 of these agencies allowed some of their users access to computer networks with no form of two-factorContinue Reading

OPM IG Report – Infrastructure and IT Controls Improvement

“The U.S. Office of Personnel Management (OPM) Office of the Inspector General (OIG) is issuing this Flash Audit Alert to bring to your immediate attention serious concerns we have regarding the Office of the Chief Information Officer’ s (OCIO) infrastructure improvement project (Project). This Project includes a full overhaul ofthe agency’s technical infrastructure by implementing additional information technologyContinue Reading

Report – hacker had access to U.S. security clearance data for one year

Follow up to previous posting, Massive hack of federal personnel files included security-clearance database, again via Washington Post: “The recently disclosed breach of the Office of Personnel Management’s security-clearance computer system took place a year ago, giving Chinese government intruders access to sensitive data for a year, according to new information. The considerable lag time between breachContinue Reading

DOJ Prevailed Over Google on Email Privacy Case

Ryan Gallagher – The Intercept: “The Obama administration fought a legal battle against Google to secretly obtain the email records of a security researcher and journalist associated with WikiLeaks. Newly unsealed court documents obtained by The Intercept reveal the Justice Department won an order forcing Google to turn over more than one year’s worth of data from the GmailContinue Reading

FCC Implements Strict Rules to Halt Unwanted Telemarketing

EPIC: “The Federal Communications Commission has adopted new rules that impose strict limits on telemarketing practices. Under the rules, consumers can halt unwanted messages by telling companies to stop calling. The rules also allow phone companies to offer call-blocking services to screen out automated telemarketing calls. In 2014, the FCC received more than 215,000 complaintsContinue Reading

Bing to implement HTTPS summer 2015

Bing Moving to Encrypt Search Traffic by Default: “At Microsoft, we’re committed to helping users keep their data safe and secure. That’s why we support the industry’s move to use of TLS protocols as part of our effort to expand encryption across our networks and services. Bing has already been offering users the option toContinue Reading