Your face might be scanned if you travel outside the United States

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

U.S. cit­i­zens board­ing inter­na­tion­al flights might have to sub­mit to a face scan. The Depart­ment of Home­land Secu­ri­ty says it’s the only way to suc­cess­ful­ly expand a pro­gram that tracks non­im­mi­grant for­eign­ers. They have been required by law since 2004 to sub­mit to bio­met­ric iden­ti­ty scans—but to date have only had their fin­ger­prints and pho­tos col­lect­ed pri­or to entry. Now, DHS says it’s ready to imple­ment face scans on departure—aimed main­ly at bet­ter track­ing visa over­stays but also at tight­en­ing secu­ri­ty. But, the agency says, U.S. cit­i­zens also must be scanned for the pro­gram to work. Pri­va­cy advo­cates say that over­steps Con­gress’ man­date. “Con­gress autho­rized scans of for­eign nation­als. DHS heard that and decid­ed to scan every­one. That’s not how a democ­ra­cy is sup­posed to work,” said Alvaro Bedoya, exec­u­tive direc­tor of the Cen­ter on Pri­va­cy and Tech­nol­o­gy at George­town Uni­ver­si­ty. Tri­als are under­way at six U.S. airports—Boston, Chica­go, Hous­ton, Atlanta, Kennedy Air­port in New York City and Dulles in the Wash­ing­ton, D.C., area. DHS aims to have high-vol­ume U.S. inter­na­tion­al air­ports engaged begin­ning next year. Dur­ing the tri­als, pas­sen­gers will be able to opt out. But a DHS assess­ment of the pri­va­cy impact indi­cates that won’t always be the case. Source: ABC News

Amazon, WhatsApp chided for poor privacy practices

Pri­va­cy group the Elec­tron­ic Fron­tier Foun­da­tion scold­ed Ama­zon and What­sApp over their “dis­ap­point­ing” pri­va­cy prac­tices. The Who Has Your Back pri­va­cy report ana­lyzed the poli­cies and pub­lic actions of 26 com­pa­nies, rat­ing them on indus­try best prac­tices, pri­va­cy poli­cies and their deal­ing with governments—including “promis­es not to sell out users” and “stands up to Nation­al Secu­ri­ty Let­ter gag orders”. Nine com­pa­nies earned top rat­ings, includ­ing Adobe, Drop­box, Lyft and Uber. Ama­zon and What­sApp were sin­gled out for low scores. Source: The Guardian

Trump hotel guests’ personal information exposed

Guests at 14 Trump prop­er­ties, includ­ing hotels in Wash­ing­ton, New York and Van­cou­ver, British Colum­bia, have had their cred­it card infor­ma­tion exposed, mark­ing the third time in as many years that a month­s­long secu­ri­ty breach has affect­ed cus­tomers of the chain of lux­u­ry hotels. The lat­est instance occurred from August 2016 to March 2017, accord­ing to the company’s web­site, and includ­ed names, address­es and phone num­bers, as well as cred­it card num­bers and expi­ra­tion dates. The breach took place on the sys­tems of Sabre Hos­pi­tal­i­ty Solu­tions, a reser­va­tion book­ing ser­vice. Source: The Wash­ing­ton Post

European rules could boost cybersecurity insurance sales

The Euro­pean Union’s Gen­er­al Data Pro­tec­tion Reg­u­la­tion, to be rolled out in May 2018, will require manda­to­ry noti­fi­ca­tion of seri­ous data breach­es. That like­ly will cre­ate a marked growth in cyber insur­ance rev­enues and “a shot in the arm” for the non-U.S. cyber mar­ket, accord­ing to A.M. Best. The rat­ings agency report says stricter report­ing of data breach­es will increase trans­paren­cy and spread risk aware­ness from major cor­po­ra­tions to small-l and medi­um-size busi­ness­es, which will cre­ate high­er demand for insur­ance pro­tec­tion. Source: Insur­ance Jour­nal

Heavy hitters participate in net neutrality protests

More than 80,000 web­sites, includ­ing Face­book, Ama­zon and Google, par­tic­i­pat­ed in an online protest this week against an FCC plan to roll back net neu­tral­i­ty rules. In 2015, rules were enact­ed that required inter­net ser­vice providers such as Com­cast, Char­ter and AT&T, to treat all inter­net con­tent equal­ly; they can’t block con­tent or speed up or slow down data from cer­tain web­sites. The FCC says drop­ping these rules will boost invest­ment in new tech­nol­o­gy. Source: CNBC

Russian hackers suspected of targeting U.S. nuclear plants

Russ­ian gov­ern­ment-spon­sored hack­ers are sus­pect­ed of being behind the pen­e­tra­tion of com­put­er sys­tems at sev­er­al U.S. nuclear pow­er plants. The hack­ers accessed com­put­er sys­tems at at least a dozen nuclear pow­er sta­tions. Tech­niques used by the hack­ers mim­ic­ked those used by Russ­ian hack­ing group Ener­getic Bear, which is believed to have been respon­si­ble for attacks on the glob­al ener­gy sec­tor since 2012. Source: Newsweek

Voter fraud commission backs off request for citizens’ data 

Pres­i­dent Trump’s com­mis­sion on iden­ti­fy­ing vot­er fraud has halt­ed its request for sen­si­tive vot­er infor­ma­tion after mul­ti­ple legal chal­lenges com­pli­cat­ed the man­date. An offi­cial from the com­mis­sion asked states not to give up the infor­ma­tion, which includes par­ty reg­is­tra­tion and par­tial Social Secu­ri­ty num­bers, until a judge makes a deci­sion on a law­suit that claims the data request vio­lates pri­va­cy laws. The com­mis­sion orig­i­nal­ly asked elec­tion offi­cials in all 50 states and the Dis­trict of Colum­bia to hand over sen­si­tive infor­ma­tion about vot­ers, includ­ing their vot­ing his­to­ry. Dozens of states refused to com­ply. Source: The Hill

Apple plans facility in China to comply with cybersecurity laws

Apple is set­ting up its first data cen­ter in Chi­na, in part­ner­ship with a local inter­net ser­vices com­pa­ny, to com­ply with tougher cyber­se­cu­ri­ty laws. The tech com­pa­ny said it will build the cen­ter in the south­ern province of Guizhou with data man­age­ment firm Guizhou-Cloud Big Data Indus­try. The cen­ter is part of a planned $1 bil­lion invest­ment in the province. “The addi­tion of this data cen­ter will allow us to improve the speed and reli­a­bil­i­ty of our prod­ucts and ser­vices while also com­ply­ing with new­ly passed reg­u­la­tions,” Apple said. Source: Reuters

Verizon customers’ data exposed on unprotected server

A tech­nol­o­gy com­pa­ny exposed mil­lions of Ver­i­zon cus­tomer records, ZDNet has learned. As many as 14 mil­lion records of sub­scribers who called the phone giant’s cus­tomer ser­vices in the past six months were found on an unpro­tect­ed Ama­zon S3 stor­age serv­er con­trolled by an employ­ee of Nice Sys­tems. The data was down­load­able by any­one with the easy-to-guess web address. Chris Vick­ery, direc­tor of cyber risk research at secu­ri­ty firm UpGuard, who found the data, pri­vate­ly told Ver­i­zon of the expo­sure short­ly after it was dis­cov­ered in late June. It took over a week before the data was secured. Source: ZDNet

Kaspersky Lab falls from favor with administration

The Trump admin­is­tra­tion has moved to restrict gov­ern­ment agen­cies from using prod­ucts pro­duced by the Russ­ian cyber­se­cu­ri­ty firm Kasper­sky Lab. A spokesman for the Gen­er­al Ser­vices Admin­is­tra­tion said it had “made the deci­sion to remove Kasper­sky Lab-man­u­fac­tured prod­ucts” from a list of out­side prod­ucts approved for use by gov­ern­ment agen­cies that is main­tained by the GSA. As such, agen­cies will not be able to pro­cure the tech­nolo­gies using GSA con­tracts. Source: The Hill