Maybe those ads won’t follow you around any more

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Face­book will intro­duce a new pri­va­cy con­trol set­ting after nego­ti­a­tions with the Irish data pro­tec­tion com­mis­sion­er. The social net­work­ing giant will allow peo­ple to opt out of “inter­est-based” adver­tis­ing using a new con­trol in its set­tings. The move, Face­book says, is a result of dis­cus­sions with Irish reg­u­la­tors and will apply inter­na­tion­al­ly. Inter­est-based ads are ads that appear in a user’s Face­book time­line based on oth­er web­sites or apps that the user has vis­it­ed. Up to now, Face­book users have had to go look­ing for opt-outs using phone set­tings or by vis­it­ing the Dig­i­tal Adver­tis­ing Alliance’s web­site on a PC. Now, the social net­work­ing giant will allow users to switch off the ad-track­ing func­tion with­in Facebook’s set­tings. Source: The (Dublin) Independent

Settling company business

sh_phishing email scams_750Iden­ti­ty theft attack­ers are expand­ing from tar­get­ing indi­vid­u­als to tar­get­ing com­pa­nies. Busi­ness iden­ti­ties are har­vest­ed using meth­ods such as email phish­ing/s­pear-phish­ing attacks. Attack­ers seek access to a company’s secure inner net­work to steal intel­lec­tu­al prop­er­ty or sen­si­tive finan­cial infor­ma­tion. With the advent of “open com­put­ing” trends intro­duced with cloud apps and the use of per­son­al devices, orga­ni­za­tions allow work­ers to con­nect to com­pa­ny net­works from any­where at any time, which makes hack­ers hard­er to fight. Busi­ness­es should con­sid­er cen­tral­ized threat mon­i­tor­ing, pol­i­cy def­i­n­i­tion and enforce­ment infra­struc­ture that allows end-to-end vis­i­bil­i­ty across on-premis­es sys­tems and cloud appli­ca­tions by rolling up intel­li­gence from mul­ti­ple secu­ri­ty tools, enter­prise sys­tems and busi­ness appli­ca­tions. Source: CSO Online

That secret’s not so secret any more

An audit has found laps­es in inter­nal sys­tems used by the Secret Ser­vice and Immi­gra­tion and Cus­toms Enforce­ment. The Depart­ment of Home­land Secu­ri­ty also needs to estab­lish a cyber train­ing pro­gram for ana­lysts and inves­ti­ga­tors, the audit said, with offi­cials from sev­er­al agen­cies blam­ing short-term bud­get allo­ca­tions from Con­gress for their train­ing cuts. “We iden­ti­fied vul­ner­a­bil­i­ties on inter­nal web­sites at ICE and USSS that may allow unau­tho­rized indi­vid­u­als to gain access to sen­si­tive data,” accord­ing to the report by the Office of the Inspec­tor Gen­er­al for DHS. The web­sites are used by ICE and Secret Ser­vice agents to report inves­ti­ga­tion sta­tis­tics, case track­ing and infor­ma­tion shar­ing, it said. Source: AOL News

Don’t share my picture

Six­teen Min­neso­ta cities have peti­tioned the state for a tem­po­rary dec­la­ra­tion that police body-cam­era data be pre­sumed pri­vate in most instances. It’s the lat­est move to put lim­its around footage col­lect­ed by the small devices that more police offi­cers are wear­ing to record their inter­ac­tions with the pub­lic. “Body-worn cam­era tech­nol­o­gy presents pri­va­cy con­cerns of a nature not pre­vi­ous­ly antic­i­pat­ed or fore­seen,” the cities write in the appli­ca­tion, not­ing the vol­umes of data cap­tured that cities could be expect­ed to sort through to com­ply with pub­lic records requests. Gov. Mark Dayton’s admin­is­tra­tion, which will decide on the request, reject­ed a sim­i­lar request last win­ter and said it was an issue bet­ter suit­ed for state law­mak­ers. The Leg­is­la­ture dead­locked in the spring, so city offi­cials want to wall off the data while law­mak­ers revis­it the top­ic next year. Source: The St. Paul Pio­neer Press

Spreading the wealth of information

sh_cyber share_280The Man­hat­tan Dis­trict Attorney’s Office is using funds from one of the largest bank set­tle­ments to found an inter­na­tion­al cyber­se­cu­ri­ty threat-shar­ing orga­ni­za­tion, the office announced. The Glob­al Cyber­se­cu­ri­ty Alliance will be devel­oped with $15 mil­lion of the $447 mil­lion PNB Paribas paid last year to set­tle claims that it flout­ed U.S. sanc­tions. The non­prof­it is designed to allow gov­ern­ments and com­pa­nies to share cyber threat data in real time. Call­ing the alliance a “vol­un­tary clear­ing­house,” Man­hat­tan DA Cyrus Vance said that the group will help ease the flow of infor­ma­tion across a cur­rent­ly Balka­nized secu­ri­ty envi­ron­ment. London’s police depart­ment and the non­prof­it Cen­ter for Inter­net Secu­ri­ty will joint­ly spear­head the ini­tia­tive with Vance’s office. The group says it has attract­ed Aet­na, Amer­i­can Express, Bar­clays Bank, Citibank, U.S. Bank and oth­ers as mem­bers. Source: The Hill

Yes, we need privacy, Microsoft exec says

Microsoft Pres­i­dent and Chief Legal Offi­cer Brad Smith says in a blog post that pri­va­cy in tech­nol­o­gy needs sig­nif­i­cant reform. Specif­i­cal­ly, Smith speaks to the inad­e­qua­cy of the Elec­tron­ic Com­mu­ni­ca­tions Pri­va­cy Act, which was passed in 1986 and which he con­sid­ers archa­ic. “Cer­tain­ly, any­one who uses the Inter­net today—which, of course includes a few bil­lion people—would agree that pri­va­cy is a seri­ous issue,” he said. Smith sup­ports sig­nif­i­cant changes to cur­rent law that would severe­ly restrict law enforcement’s access to infor­ma­tion stored in cloud ser­vices that reside out­side of U.S. bor­ders. To that end, he’s push­ing a recent­ly intro­duced bill, the Law Enforce­ment Access to Data Abroad Act (LEADS), that would explic­it­ly define how law enforce­ment agen­cies can gain access to such elec­tron­ic infor­ma­tion. Source: Win­Be­ta

Watch where—and how—you’re going!

sh_auto production_280Two U.S. sen­a­tors have asked the world’s biggest automak­ers for infor­ma­tion on what they’ve done to pro­tect cars from being hacked, fol­low­ing the first car recall over a cyber bug. Sens. Edward Markey, D-Mass., and Richard Blu­men­thal, D-Conn., wrote to 18 automak­ers ask­ing about efforts tak­en to secure vehi­cles, includ­ing 2015 and 2106 mod­els. They asked automak­ers how they test elec­tron­ic com­po­nents and com­mu­ni­ca­tions sys­tems to ensure attack­ers can­not gain access to onboard net­works. Con­cerns about auto cyber­se­cu­ri­ty have grown since researchers gained remote con­trol of a mov­ing Jeep, prompt­ing Fiat Chrysler to recall some 1.4 mil­lion vehi­cles for a soft­ware update. Source: Reuters

Come on, say it’s settled

Face­book is hop­ing a fed­er­al appeals court will approve a $20 mil­lion set­tle­ment of a sweep­ing pri­va­cy chal­lenge to its use of social-media images in adver­tis­ing fea­tures. In a case rais­ing con­cerns about the use of teenagers’ images in social media ads, Face­book on Thurs­day will urge a fed­er­al appeals court in San Fran­cis­co to leave intact a hard-fought set­tle­ment of a class-action brought on behalf of Face­book users that cen­tered on claims that the now-aban­doned “Spon­sored Sto­ries” ad fea­ture vio­lat­ed pri­va­cy rights. While lawyers who led the pri­va­cy case against Face­book strong­ly defend the deal’s terms, a group of parents—backed by the con­sumer advo­ca­cy group Pub­lic Citizen—has inter­vened to block a set­tle­ment approved in 2013. Pub­lic Cit­i­zen argues that the set­tle­ment still makes it too easy for Face­book to use the images of minors with­out parental con­sent, vio­lat­ing pri­va­cy laws in at least sev­en states, includ­ing Cal­i­for­nia. Source: The San Jose (Calif.) Mer­cury News

Text messages can’t be used against you

sh_text message_220The British Colum­bia Court of Appeal has struck a blow for Inter­net pri­va­cy at the expense of free­ing a man accused of drug traf­fick­ing because of his text mes­sages. It is believed to be the first Cana­di­an appel­late court rul­ing on the expec­ta­tion of pri­va­cy in texts that have been deliv­ered, even when sent for crim­i­nal pur­pos­es. “(It) seems to me that the social norm is to expect that text mes­sages remain pri­vate com­mu­ni­ca­tions between the sender and recip­i­ent,” wrote Jus­tice Har­vey Grober­man. “In ordi­nary cir­cum­stances, the sender and recip­i­ent expect the record to be tran­si­to­ry, and not to be shared.” Grober­man con­clud­ed texts were anal­o­gous to ephemer­al cell­phone con­ver­sa­tions: They are pri­vate com­mu­ni­ca­tions intend­ed only for the recip­i­ent. In effect, then, they should be accessed by police only under the author­i­ty of a search war­rant. Source: The Van­cou­ver (Cana­da) Sun

Do they have coverage for this?

A stor­age device con­tain­ing the per­son­al details of thou­sands of Lloyds Pre­mier Account hold­ers was stolen from one of the bank’s part­ners. The device was tak­en from RSA Insur­ance, which pro­vides emer­gency home insur­ance for Pre­mier Account hold­ers, on July 30. RSA con­firmed the theft in a state­ment on its web­site. The box con­tained names, address, account num­bers, and sort codes of cus­tomers. RSA says it is con­tact­ing affect­ed cus­tomers and work­ing with inves­ti­ga­tors. It also is offer­ing iden­ti­ty pro­tec­tion for two years. The data breach only affects Lloyds Pre­mier cus­tomers who opened an account from 2006 to 2012, then made a claim on the home insur­ance pol­i­cy. Source: Busi­ness Insider