Privacy Regulation

Has india cracked BlackBerry's code?

By

India's government claims it has found a way to monitor email sent via BlackBerry, something even manufacturer Research In Motion (RIM) claims it can't do.

A room of her own: Philips Electronics North America and Wisegate

A room of her own: Philips Electronics North America and Wisegate

By

A privacy officer at a global company found a way to collaborate efficiently at a top level, while ensuring the protection of company assets, reports Greg Masters.

Stern oversight in the United States

Stern oversight in the United States

By

U.S. agencies argue that monitoring social media will arm them with "situational awareness" to thwart potential attacks.

Canadian privacy challenge exposes double standard

By

Canadian lawyers may have opened a legal can of worms by requesting the public release of heavily censored photographs.

Education Dept. proposes new privacy, data sharing rules

By

As part of a broad effort to better safeguard student privacy, the U.S. Department of Education hired its first ever chief privacy officer.

Privacy laws must change

Privacy laws must change

Consumers have adopted personalized applications of all varieties, yet the way things stand, they must be prepared to sacrifice something at least as valuable: their privacy.

The university perimeter has expanded beyond the campus

The university perimeter has expanded beyond the campus

By

Learning, teaching and scholarship is not restricted anymore to the campus, says Dennis Devlin, the CISO of Brandeis University, who will be a featured speaker at next month's SC World Congress

Calif. breach notification bill going back to the governor

By

A signature from Gov. Arnold Schwarzenegger is the only thing standing in the way of a new measure that would strengthen California's groundbreaking data breach notification bill.

Online child protection guidance falls short

A ruling by the Supreme Court of Canada makes it clear that it is the responsibility of internet users to ascertain the age of people they chat with, but falls short of saying how.

Rockefeller, Pryor introduce federal data security law

By

Yet another federal data security and breach notification bill has been introduced in Congress.

Rite Aid to pay $1 million fine for HIPAA violation

By

Pharmacy chain Rite Aid will pay a $1 million fine and take corrective actions to settle charges of violating the HIPAA Privacy Rule.

New consumer privacy bill introduced in the U.S. House

By

Reactions are mixed to a proposed U.S. House bill that would govern the collection, use and dissemination of consumer information and impose fines of up to $5 million for violators.

Connecticut leads probe into Google Wi-Fi data collection

By

After already being hit with at least three lawsuits over its admitted collection of information from unprotected Wi-Fi networks, Google now is being subject to a multistate investigation into the privacy blunder.

Google sued for data collection via Wi-Fi

By

Google this week was hit with a third class-action lawsuit over its collection of information from unprotected Wi-Fi networks.

Alberta becomes first province to enact data breach notification law

Alberta has become the first province to add a data breach notification requirement into its legislation.

Congressmen propose draft online privacy bill

By

Federal lawmakers this week released a controversial draft bill intended to protect the privacy of personal information that appears online.

Health worker is first HIPAA privacy violator to get jail time

By

A former UCLA Health System employee, apparently disgruntled over an impending firing, has been sentenced to four months in federal prison after pleading guilty in January to illegally snooping into patient records, mainly those belonging to celebrities.

California Senate again OKs breach notification law update

By

California Sen. Joe Simitian has reintroduced legislation that would stiffen the state's landmark breach notification bill by requiring breached organizations to provide customers with additional information.

National data breach notification bill passed in U.S. House

By

The Data Accountability and Trust Act would require any organization that experiences a breach of electronic data containing personal information to notify all affected U.S. residents.

Mass. data law finalized

By

The Massachusetts Office of Consumer Affairs and Business Regulation this week filed a finalized version of its data security regulations, scheduled to take effect March 1, 2010. The requirements must be followed by companies handling the personal data of Bay State residents. The final version clarifies the deadline by which companies must impose the provisions on their third-party providers. Existing contracts with these third parties must include safeguard rules by March 1, 2012, but new or updated contracts must meet the March 1, 2010 deadline. -- DK

House panel OKs law addressing cyberstandards

By

A draft bill approved Wednesday by a U.S. House subcommittee would require the National Institute of Standards and Technology to coordinate government in the development of cybersecurity standards, a move to make the creation process more streamlined.

Survey finds lax health care privacy in United States

By

Despite regulations mandating protection of health care records, more than half of American hospitals fail to take appropriate steps to safeguard the privacy of patients, according to a new survey of health care IT security professionals.

Schwarzenegger negs update to California breach law

By

In an apparent surprise move, Gov. Arnold Schwarzenegger rebuffed a bill that would have updated the 2003 landmark California data breach notification law.

Bill to bolster California breach law awaits governor

By

California Sen. Joe Simitian is close to seeing another of his privacy bills get signed into law -- this one requiring that data breach notification letters contain more details.

Group urges Congress to pass privacy laws

By

Lawmakers expect to consider privacy laws when they return from summer recess.

Mass. data law revised

By

The deadline to comply with Massachusetts' new data security regulations -- considered among the strictest in the nation -- has been extended three months, until March 1, 2010, the state announced last week. The provisions also were updated to reflect a risk-based approach for developing a written information security policy, a move meant to assuage small businesses that have expressed concern over meeting the demands. The new language dictates that in implementing safeguards, organizations should take into account their size, the types of records they maintain and the ID theft threat they pose. — DK

Top websites using Flash cookies to track user behavior

By

Little-known Adobe Flash cookies are being used by some websites to get around users' attempts to avoid being tracked by advertising networks, according to research from University of California, Berkeley.

Leahy, for third time, submits federal data security law

By

A Vermont senator is trying again with a law that would, among other things, standardize requirements on data breach notification.

Health care organizations unprepared for digital transition

By

Most health care organizations do not have data loss prevention technologies or a CISO, while, for many, tight security budgets and required third-party interactions pose additional challenges, according to a new study by Deloitte.

Facebook bloggers reveal way to peek at private profiles

By

Another day, another social-networking threat -- this one involving the potential of information disclosure on Facebook.

Sign up to our newsletters

POLL