Accurate, Focused Research on Law, Technology and Knowledge Discovery With Daily Postings Since 2002
“Attorney General Eric T. Schneiderman today issued a new report examining the growing number, complexity, and costs of data breaches in the New York State. Using information provided to the Attorney General’s Office pursuant to the New York State Information Security Breach & Notification Act, the report, titled “Information Exposed: Historical Examination of Data Security in New …
CRS – Stealing Trade Secrets and Economic Espionage: An Overview of 18 U.S.C. 1831 and 1832. Charles Doyle, Senior Specialist in American Public Law. July 25, 2014. “Stealing a trade secret is a federal crime when the information relates to a product in interstate or foreign commerce, 18 U.S.C. 1832 (theft of trade secrets), or when the intended beneficiary …
New America Foundation – “It has been over a year since The Guardian reported the first story on the National Security Agency’s surveillance programs based on the leaks from former NSA contractor Edward Snowden, yet the national conversation remains largely mired in a simplistic debate over the tradeoffs between national security and individual privacy. It is time …
The Centre for International Governance Innovation (CIGI) – Aaron Shull, June 2014 “Examining global cybercrime as solely a legal issue misses an important facet of the problem. Understanding the applicable legal rules, both domestically and internationally, is important. However, major state actors are using concerted efforts to engage in nefarious cyber activities with the intention of …
BloombergBusinessWeek – Mike Riley: “In October 2010, a Federal Bureau of Investigation system monitoring U.S. Internet traffic picked up an alert. The signal was coming from Nasdaq. It looked like malware had snuck into the company’s central servers. There were indications that the intruder was not a kid somewhere, but the intelligence agency of another country. …
Report and Recommendations of the Visiting Committee on Advanced Technology of the National Institute of Standards and Technology, July 2014 “This report from Visiting Committee on Advanced Technology (VCAT) of the National Institute of Standards and Technology (NIST) to the NIST Director contains the VCAT’s recommendations on how NIST can improve the cryptographic standards and guidelines …
Arvind Narayanan and Edward W. Felten. July 9, 2014 “Paul Ohm’s 2009 article Broken Promises of Privacy spurred a debate in legal and policy circles on the appropriate response to computer science research on re-identification techniques. In this debate, the empirical research has often been misunderstood or misrepresented. A new report by Ann Cavoukian and Daniel Castro is full of such inaccuracies, …
Jeff Goldman – eSecurity PlanetJeff Goldman – “A recent survey of 599 security executives at utility, oil and gas, energy and manufacturing companies in 13 countries has found that 67 percent have experienced at least one security breach in the past 12 months that led to the loss of confidential information or the disruption of operations. The survey, conducted …
American Banker: “MDM [mobile device management] software has been available for awhile, but it is being slowly adopted by banks. Many of these banks once used only BlackBerry products, but the Ponemon study found that 23% of banks are migrating from BlackBerry to a multi-OS mobile environment and 18% plan to do so. And a recent Forrester …
“EAST [European ATM Security Team] has just published its second European Fraud Update for 2014. This is based on country crime updates given by representatives of 19 countries in the Single Euro Payments Area (SEPA), and 3 non-SEPA countries, at the 33rd EAST meeting held at the European Cybercrime Centre (EC3) at Europol in The …
EFF – “Wikipedia readers and editors can now enjoy a higher level of long-term privacy, thanks to the Wikimedia Foundation’s rollout last week of forward secrecy on its encrypted connections. Forward secrecy is an important Web privacy protection; we’ve been tracking its implementation across many popular sites with our Encrypt the Web Report. And though it may sound …
Familiarity Breeds Contempt: The Honeymoon Effect and the Role of Legacy Code in Zero-Day Vulnerabilities, by Clark, Fry, Blaze and Smith “Work on security vulnerabilities in software has primarily focused on three points in the software life-cycle: (1) finding and removing software defects, (2) patching or hardening software after vulnerabilities have been discovered, and (3) measuring the rate of …
