Category Archives: Internet Privacy

Subscribe to Internet Privacy RSS Feed

Equifax confessed that it failed to protect personal data of 143+MILLION CUSTOMERS!

The New York Times reported “that hackers had gained access to company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers and driver’s license numbers.”  The September 7, 2017 report entitled “Equifax Says Cyberattack May Have Affected 143 Million Customers” included the bad news: Potentially adding to criticism of … Continue reading this entry

US Cyber insurance market exceeds $2.49 Billion!

A report to the Cybersecurity (EX) Task Force explains the growth of cyber insurance to more than $2.49 billion in 2016 because “Cybersecurity breaches can cause a major drain on the U.S. economy”…and in particular “Financial Services Sector is perhaps the most under attack from cyber criminals.”  The August 6, 2017 “Report on the Cybersecurity … Continue reading this entry

Cyber intrusions reporting will ramp up around the world in 2018 under GDPR (think EU Privacy Laws)!

On May 25, 2018 the new General Data Protection Regulation (GDPR) will take effect and according my friend Benjamin Wright who wrote a paper for the SANS Institute GDPR “is motivating organizations worldwide to improve existing technical controls for securing personal information. Organizations should be especially aware that the GDPR and other recent legal developments … Continue reading this entry

Anthem agrees to pay $115 million for 2015 cyber intrusion to settle litigation! reported that “Anthem Inc., the largest U.S. health insurance company, has agreed to settle litigation over a hacking in 2015 that compromised about 79 million people’s personal health information for $115 million, which lawyers said would be the largest settlement ever for a data breach.”  The June 26, 2017 report entitled “Anthem to pay … Continue reading this entry

Facebook lied to the EU about privacy & will pay a $122 million fine!

The Washington Post reported that “Facebook was not honest about its ability to identify users who had both Facebook and WhatsApp accounts and link those accounts” during Facebook acquisition in 2014.  The May 18, 2017 report entitled “Facebook will pay $122 million in fines to the E.U.” included these details: When Facebook notified the acquisition … Continue reading this entry

Arizona passes a law recognizing that Blockchain is secure!

CIO from IDG reported that the first state to legalize Blockchain with this description “A record or contract that is secured through blockchain technology is considered to be in an electronic form and to be an electronic record.” The May 4, 2017 article entitled “Is blockchain technology secure for your company’s transactions?” described countries that … Continue reading this entry

IoT Privacy Lawsuit- Bose sued for taking headphone data without consent!

A class action was filed against Bose which alleges that Bose “Unbeknownst to its customers, however, Defendant designed Bose Connect to (i) collect and record the titles of the music and audio files its customers choose to play through their Bose wireless products and (ii) transmit such data along with other personal identifiers to third-parties—including … Continue reading this entry

GUEST BLOG: It’s time to wake up and figure out how GDPR affects you!

My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. You’ve heard about … Continue reading this entry

HIPAA data risk in IoTs among 10 security risks with Wearables

CSOonline reported that most IoT (Internet of Things) wearable companies that collection personal data “don’t carefully anonymize health-related data have effectively acquired what’s known as electronic Protected Health Information (ePHI), ‘which puts you squarely in the HIPAA world.’” The March 29, 2017 report entitled “10 security risks of wearables” included these 10 security risks, many … Continue reading this entry

IBM Watson using Blockchain to protect Electronic Medical Records (EMRs)!

Computerworld announced that “IBM’s Watson Health artificial intelligence unit has signed a two-year joint-development agreement with the U.S. Food and Drug Administration (FDA) to explore using blockchain technology to securely share patient data for medical research and other purposes.” The January 11, 2017 article entitled “IBM Watson, FDA to explore blockchain for secure patient data … Continue reading this entry

GUEST BLOG: User training is the best way to protect against Cyber Phishing, is that so hard to understand?

My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. Since … Continue reading this entry

D-Link opposes the FTC lawsuit that its routers and baby cameras are exposed to cyberattacks!

The Cause of Action Institute (CoA Institute) filed D-Link’s Motion to Dismiss in response to the FTC lawsuit which claims are based on D-Link’s “failure to secure devices from cyberattacks!”  The  CoA Institute Motion was filed on January 31, 2017 and is set for a hearing on March 9, 2017 and stated that the FTC claims … Continue reading this entry

$3.2 million HIPAA fine for violations since 2006!

The Office for Civil Rights (OCR) issued a Final Notice that Children’s Medical Center of Dallas among other things failed “to implement risk management plans, contrary to prior external recommendations to do so, and a failure to deploy encryption or an equivalent alternative measure on all of its laptops, work stations, mobile devices and removable … Continue reading this entry

Do you want China to control cyber and IT news? Think about this - China Oceanwide is acquiring news media giant IDG

Computerworld announced that “tech journalism pioneer International Data Group [IDG], publisher of Computerworld, PCWorld and hundreds of other tech publications worldwide” is being acquired by China Oceanwide for a price of “less than $1 billion.” The January 19, 2017 report entitled “China Oceanwide, IDG Capital to acquire Computerworld-parent IDG” included this background about “IDG, a … Continue reading this entry

BIG SURPRISE! - Fraud and identity theft a real problem for online dating sites!

The FBI announced that “John Edward Taylor allegedly trolled dating websites to find unsuspecting women for his ‘romance’ scam, designed to steal their money.”  The January 3, 2017 FBI news release entitled “Alleged Confidence Man Charged With Luring Victims Through Matchmaking And Networking Sites To Commit Fraud And Identity Theft” included these comments about Taylor’s … Continue reading this entry

Privacy Laws will likely cause conflicts with Big Data in 2017

Privacy concerns regarding big data were highlighted by the Federal Trade Commission report entitled “Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues” in January 2016 and will grow in importance given the predicted growth of big data reported by Infoworld which included a report that market research and advisory firm “Ovum estimates … Continue reading this entry

Take a minute and read Yahoo’s 238 word CONFESSION about the Cyber theft of 1+ billion user accounts!

Yahoo’s public confession entitled “Important Security Information for Yahoo Users”  about the August 2013 theft of “data associated with more than one billion user accounts” including “the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions … Continue reading this entry

Healthcare is the biggest target for Cyberattacks in 2017!

Experian reported that the “healthcare sector may continue to be the focal point for hackers as medical identity theft remains lucrative and easy for cyber criminals to exploit.”  The November 28, 2016 report entitled “2017 Fourth Annual Data Breach Industry Forecast” included this takeaway advice: As attackers shift their focus, an increase in hospital breaches … Continue reading this entry

Hacker gets 45 months in jail for stealing encrypted personal data & launching cyber attacks

A federal judge sentenced NullCrew hacker Timothy Justen French to prison for playing a “central role in an extensive, deliberate, and destructive hacking campaign that inflicted widespread and serious harm to businesses, governments, non-profits, and thousands of individuals”…which “ cyber-attacks caused at least $792,000 in monetary loss to victim companies, universities and governmental bodies.” On … Continue reading this entry

VIDEO: How does the EU Privacy Shield impact privacy for non-PII data or PCI?

Companies that transfer their accounting records between countries should know whether the new EU Privacy Shield applies to data whether it contains Personal Identifiable Information (PII) or PCI credit card information.  To learn more, please watch my recent video entitled “Data Transfer Agreements: What You Need to Know.” The video interview by SmartPros is part … Continue reading this entry

Amazon, Google, and LinkedIn support Microsoft’s lawsuit against the US challenging the SCA

Many major Internet players endorsed Microsoft’s April, 2016 lawsuit against the US that the SCA (Stored Communications Act) (part of the Electronic Communications Privacy Act (ECPA) 18 U.S.C. § 2705(b)) violates the First and Fourth Amendments since the Constitution should “afford people and businesses the right to know if the government searches or seizes their … Continue reading this entry

Unencrypted PHI (Protected Health Information) on iPhone leads to $650,000 HIPAA penalty!

The HIPAA violation in violation of a Business Associate Agreement (BAA)  resulted from extensive PHI on an iPhone which “included social security numbers, information regarding diagnosis and treatment, medical procedures, names of family members and legal guardians, and medication information” according to a recent report from the Office for Civil Rights (OCR) of U.S. Department … Continue reading this entry

HIPAA News Update: Ransomware reporting requirements have been issued!

“The FBI has reported an increase in ransomware attacks and media have reported a number of ransomware attacks on hospitals” and as a result the Office for Civil Rights (OCR) for the US Department of Health & Human Services (HHS) issued a Fact Sheet and report on July 11, 2016 entitled “Your Money or Your … Continue reading this entry