California Dreamin’: Golden State Considers New Privacy Legislation

california_privacyCalifornia has everything: big cities, small towns, tall mountains, dry deserts, farms, factories, miners, fishermen, surfers, hipsters, yuppies, startups, and people of all walks of life. You can look at the state of California and see everything that makes America great. Unsurprisingly, California also has some of the most comprehensive privacy laws in the country. The Golden State is a national leader when it comes to privacy legislation. California was the first state to pass a breach notification law, and other states soon followed suit. State privacy laws from coast to coast are often modeled, in some way or another, after California legislative precedents. So goes California, so goes the nation.

Currently, a handful of privacy bills have made their way through committees and at least one house of the state legislature. These bills reflect an evolving attitude towards the protection of more data from new technological services We can expect that within the next year each bill will come up for a vote, possibly expanding privacy rights for all Californians. Because of California’s leadership on the privacy issue, businesses and consumers across the country may expect to see their own states adopt several of California’s protections.

»» Read More

Posted by Zach Heck
Data Security
July 29, 2015

Uber Hires a Privacy Mechanic: A Lesson in Both Physical Fitness and Privacy by Design

uberUber may be a smooth ride for those looking to get downtown in a hurry, but its privacy policies are in desperate need of a mechanic. In March, I summarized many of the privacy issues facing the transportation company as it defends itself against a potentially massive class action suit (see Reviewing the Rules of the Road Following Uber’s 2015 Data Breach Response). In that post, I explained how Uber faces a bumpy road in the press as increased reports of data breaches, lax cyber security protocols, and even outright abuses of data collecting features garner more and more attention: Uber suffered a data breach affecting approximately 50,000 of its current and former drivers but waited nine months to report; the security key used during the breach was allegedly made publicly available on the internet via app development webpages; Uber executives have casually informed members of the media that the company can acquire personal information about journalists that had written critical articles about Uber; Uber’s New York City general manager breached the firm’s privacy policy by spying on a Buzzfeed technology reporters using the company’s in-house “God View” tool which allows employees to access customers’ personal information. At the surface, a casual observer would be justified in thinking that Uber does not hold customer privacy in high regard. Coincidentally (or perhaps not), Uber is today operating at $470 million in operating losses, with $415 million in revenue.

»» Read More

Posted by Zach Heck
Data Security
July 1, 2015

Cyber Crisis: Finding the Opportunity following China’s Hack of the U.S. Government

china_data securityThe Chinese word for “crisis” is comprised of two characters. One represents “danger,” and the other represents “opportunity.” On Thursday, June 4, 2015, the United States was reminded of both the dangers and opportunities faced in the digital age after news broke that Chinese hackers allegedly breached government personnel records belonging to millions of current and former federal employees. In response, the Chinese government denied responsibility for the hack, and described any accusations as “irresponsible and unscientific.” Feel free to pause and collect yourself after such a surprising response.

The facts surrounding the hack and China’s involvement are still developing. Many questions remain unanswered: How did this happen? Why did this happen? What happens next?  Likewise, many Americans have questions about what this hack means both for their own personal information and for our country’s standing in the world. The whole situation is terrifying because it is so easy to see the danger. But in addition to outlining the danger caused by the hack, this post also aims to reveal the opportunities for those of us wondering where we go from here.

THE DANGER

»» Read More

Posted by Zach Heck
Data Security
June 8, 2015

Next Page »