- Fitbits will get hacked.
- The E.U. and U.S. fight on datat security will continue
- Businesses should have data security policy & do risk assessments
- Data Security will be guided by industry specific standards
- Telephone Consumer Protection Act will be a new source of data security lawsuits
- Company issued electronic devices vs. personal electronic devices means more now that we’re in the age of data security
- Curate and protect your social media like you do your health data from your…
Monthly Archives: January 2016
Lege Trend: Data Encryption Bans. 4 Bits of Informed Intel.
- Which states have pending legislation to penalize fully encrypted cell phones? California & New York
- What fine is being imposed under these bills? $2500
- What’s the goal of these encryption bans?
- help law enforcement better combat human trafficking and other serious criminal activities that are being conducted over hidden encrypted networks and locked devices.
- What groups oppose these encryption penalties? The tech and privacy community
Business Trend: No Taxes on Data Breach Protection Services. 2 Bits of Informed Intel.
The IRS has ruled that businesses can go tax free for credit monitoring & identity theft protection services that:
- are provided by employers to employees following a data breach
- are provided before a data breach
national law review | Tax Benefit for Early Cybersecurity Protections
Trending: Libertarians, Civil Libertarians & Privacy Advocates Want to Repeal 2015 Federal Data Security Laws
4 Key points to know now:
- Incentives for corporations to share data is a ruse for law enforcement to access data without a warrant
- Libertarians are calling the 2015 law, “the worst anti-privacy law since the USA Patriot Act”
- Undermine government accountability
- Erode American privacy protections
The Hill | Critics urge lawmakers to repeal recently passed cyber law
INTERIM Lege Trend: Creating a Privacy and Consumer Protection Committee
California Assembly has a new committee to handle privacy and technology issues. What’s the committee jurisdiction?
- drones
- data security & breaches including in health care
- Smart cities that use technologies to communicate with residents
- security of networks
- oversight of state computer data security
The Recorder | Calif. Lawmaker Forecasts Busy Year in Privacy
INTERIM. Home of the Ducks is now Home of Data Security. 5 Bits of Informed Intel from a new Data Security State Law.
- data breach defined in new Orgegon law as:
- “an unauthorized acquisition of computerized data that materially compromises the security, confidentiality or integrity of personal information that a person maintains.”
- personal information that triggers the notification statute
- Social Security number;
- Driver license number or state identification card number issued by the Department of Transportation;
- Passport number or other United States issued identification number;…
Teacher Data Hacked. 3 Keys from the ISD Response.
What did hackers breach? Lawrence, MA Public Schools’ online database
How did the hackers breach the school database? A phishing attack
What did hackers take? Teachers’ personal information:
- names
- phone numbers
- addresses
- Social Security numbers
- calendar year 2015 gross earnings
How did the school district respond?
- email to teachers informing them of the breach
- explained that the district would:
- mitigate the breach
- directing teachers to sign up for 90 days of free credit…
- mitigate the breach
Trend: Police Officer Body Cameras Data Storage and Data Safety. Top 3 Concerns for 1 State.
Maryland’s concerns over data storage and security for police body cameras include:
- Price tag to store the data is prohibitively expensive
- The data costs have stopped police departments from using body cameras
- The storage retention policies differ for the recordings.
- General 90 day retention
- If there is an ongoing investigation data retention is for the length of the investigation
- any video considered evidence must be maintained for 4 years
INTERIM. Lege Trend: Data Security Proposal. 3 Points to Know Now.
What kind of data breach triggered data breach law changes in Maine? A health care data breach affecting 120,000.
What requirements does the legislator weant? Extended credit monitoring & fraud protection services requirement to total 2 years.
Are these legislative changes from a chairman? Yes, the Maine legislator behind this push is the House chairman of the Insurance and Financial Services Committee.
Kennebec Journal| Waterville legislator seeks more protection for victims of…
INTERIM. 8 Elements of Data Security Laws & Regulations.
- Data Breach Definition.
- What data was breached?
- The level of knowledge the data holder must have of the breach before notification is triggered. Did they know? Is it reasonable that this data was breached?
- How to treat good faith access to data by an unauthorized employee
- How to treat the breach of account creditial information.
- user name, passwords, and security questions
- Timing.
- When must notification be given?
- How to treat data processors, people who hold the data but…