The Stroz Friedberg Cyber Brief


email : Webview : Cyber Brief: States Push Digital Privacy Bills
The Cyber Brief
Today's Top Story
MONDAY, JANUARY 25, 2016
STATES PUSH DIGITAL PRIVACY BILLS
Policymakers in sixteen states and the District of Columbia partnered with the ACLU to propose a raft of new laws intended to protect the digital privacy of millions of Americans. The measures, which vary widely, include among others things proposals requiring law enforcement to obtain a warrant before accessing emails, place restrictions on location-tracking technology, and limit the collection of student information. "A bipartisan consensus on privacy rights is emerging, and now the states are taking collective action where Congress has been largely asleep at the switch," said Anthony Romero, head of the ACLU.

Early last year, President Obama called for legislation that would establish a nationwide standard for when companies have to notify consumers that their personal data was stolen or misused, but that went nowhere at least partly because some critics said it would have undercut stronger state laws. (WashPost, CNNMoney, ArsTechnica)
Ukraine Airport: Authorities will review cybersecurity measures in place at airports and railway stations following a cyberattack on Kiev's main airport reportedly launched from a server in Russia. There is no indication yet if the Kremlin was behind the incident. However, Ukrainian intelligence officials have blamed Russia for a cyberattack on two power distribution companies last month. (Reuters, Wired)

Hyatt Hotels: The Chicago-based hotel chain said guests who stayed at some 250 of its properties between August and December of last year may have had their credit card information stolen. (LATimes)

Linux Bug: For nearly three years, a zero-day vulnerability has left millions of Linux PCs and servers exposed, along with some two-thirds of Android phones and tablets. Hackers exploiting the weakness could gain root access to a device. (Wired)

TalkTalk: The British telecom firm lost 250,000 customers following a cyberattack on its website in October 2015. (IBT)

Passwords: With the proliferation of sites requiring user authentication, many are turning to password management tools. Wired magazine reviews a handful of these that may come in handy. (Wired)
Krebs Hacker: A Ukrainian man, Sergey Vovnenko, who was accused of trying to frame cybersecurity reporter Brian Krebs for heroin possession pleaded guilty to credit card fraud and illegally accessing thousands of computers. He faces a minimum two-year prison sentence. (ArsTechnica)
FAA: Advocates for broader drone use as well as those pushing for greater restrictions on the remote-controlled craft are filling the halls of Congress. Lobbyists are currently focusing on a reauthorization bill for the FAA that gives the agency guidance on regulations and funding for projects like commercial drone testing sites. (NYT)

SEC: The Securities and Exchange Commission this month highlighted cybersecurity as a priority issue for 2016. The agency signaled its intent to ramp up enforcement after it censured RT Jones Capital Equities, a St Louis-based investment adviser, for not having adequate data security policies in place before being hit by a cyberattack from China. (FT)
CyberCom: More than two dozen declassified Pentagon documents revealed details about the role of Cyber Command. Several experts say its position under the wing of Strategic Command could undermine the country's ability to confront growing threats in cyberspace. (CSM)

Background Checks: The Defense Department will take over the storage of records from federal background checks, part of an overhaul prompted by the massive cybersecurity breach at the Office of Personnel Management. An new agency, the National Background Investigations Bureau, will be created to manage the data. (NYT)
Twitter: The social networking company is in the midst of a major overhaul of its top ranks in the next few weeks, from its eight-member board to key executives. Twitter has reportedly failed to attract droves of new users, and its shares have dropped nearly 55 percent in the last year. (NYT)

FireEye: The California-based cybersecurity firm said that it has acquired the threat intelligence firm iSight for $200 million, bringing together two giants in the industry. (The Hill)

RFID: Radio-frequency identification chips are increasingly helping retailers solve complex logistical problems, industry analysts say. RFID chips — which don’t use battery or electricity and cost just pennies to make — can give every item in a store a unique identifier. (WashPost)
EU-U.S. Data-Sharing: France’s top privacy regulator, Isabelle Falque-Pierrotin, has emerged as one of the most important watchdogs for how U.S. companies handle the personal data of Europeans. (NYT)

Ireland: Government websites reportedly came under a sustained cyberattack that caused massive disruptions for citizens and public services. The attack began overnight and was resolved by the afternoon. No group has taken credit for the attack. (Irish Times)
Must Reads
When Big Data Meets Big Brother: “Critics say China’s internet is fast becoming a laboratory where big data meets big brother, where the march of technology combined with profit-driven private companies, authoritarian politics and weak civil liberties is creating a toxic cocktail. If unchecked, the “social credit” system, according to some, could be used to assign citizenship scores to everyone based on “patriotic” criteria such as whether they buy imported products, or the content of their postings on social media,” writes Charles Clover for the Financial Times.

Why Doesn’t Silicon Valley Hire Black Coders? “Pressured by employees and the press, companies began disclosing the demographics of their workforces. One figure stood out: African Americans, about 13 percent of the U.S. population, made up no more than 1 percent of technical employees at Google, Facebook, and other prominent Silicon Valley companies. This was at least partly because of the way companies recruited: From 2001 to 2009, more than 20 percent of all black computer science graduates attended an historically black school, according to federal statistics—yet the Valley wasn’t looking for candidates at these institutions,” writes Christopher Gregory for Bloomberg.

Congress Should Learn From States on Data Privacy: “On practically every issue they cover, the new state bills would represent new measures limiting the collection, sharing or storage of data types that Congress has yet to address. In some cases, they also highlight how certain states, namely California, are already ahead of the feds on protecting Americans’ personal data. Here are the central ways the 16 states are trying to advance those new privacy protections,” writes Andy Greenberg in Wired.
Top Op-Eds
Follow us:

EDITOR-IN-CHIEF, KAREN J. GREENBERG, DIRECTOR, CENTER ON NATIONAL SECURITY, FORDHAM LAW SCHOOL
Stroz Friedberg
powered by emma