privacy Archives - Page 3 of 4 - JusticeHub Innovation Lab

Google appeals “right to be forgotten” law

September 25, 2015 Abby Shulman Leave a comment Business, Ethics, Government

Google appealed EU’s “right to be forgotten” law that allows citizens to apply for the removal of false or damaging information indexed by search engines. Although the company is willing to comply by the law for European domains, like Google.fr, France’s data regulation authority (CNIL) ordered Google to comply by the law for its international domain, Google.com.

If Google refuses, the company may suffer significant fines or sanctions. Google officials argue that applying the EU’s “right to be forgotten” rule to its international server is both time and resource consuming, and may result in widespread censorship. Google does not have the right to appeal again until it has been fined for violating the CNIL order. After that, however, the company will be given the chance to refute the fines in France’s Supreme Court. The EU’s recent regulatory fine structure could charge Google for up to 5 percent of the company’s international operation cost, which would amount to roughly € 3 billion.

Google’s global privacy officer Peter Fleischer released a statement: “We believe that no country should have the authority to control what content someone in a second country can access.”

Article via Legaltech News, September 22, 2015

Photo: Review of the Latvian Presidency via European Parliament [Creative Commons Attribution-NonCommercial-NoDerivs]

Hackings in healthcare, education, and government

September 24, 2015 Abby Shulman Leave a comment Cybercrime, Education, Government, Health Justice, Privacy, Security

Recent hackings have been found to especially target three main platforms: healthcare, education, and government. This has compromised the security of healthcare provider Excellus BlueCross BlueShield, the Cal State University System, and the U.S. Department of Energy.

It was discovered last week that over 10 million people are at risk due to a Excellus computer system hacking that’s been occurring since December of 2013. It doesn’t appear that the hackers stole or utilized any important personal information, though they were able to access and view customer names, birth dates, social security numbers, and financial claims. The attack was one of the worst 20 breaches in healthcare of all time. The hacking also parallels recent incidences at Anthem, Office of personnel Management, Sony and Ashley Madison. In all cases, the attacks were committed by people disguised as employees, using stolen credentials to gain access to corporate networks.

Roughly 80,000 students from the Cal State University System lost general information after enrolling in a class on sexual harassment. Their names, numbers, emails, gender, race, and relationship status were provided to a contractor as part of a program on sexual harassment. The contractor, “We End Violence” was hacked, as reported in the Los Angeles Times earlier this month.

The U.S. Department of Energy’s computer systems were attacked 159 times between 2010 and 2014. Officials declined to comment, however, on the nature of what was accessed by hackers or whether any foreign governments were responsible.

Article via ECT News Network, September 16, 2015

Photo: Longmont Power and Communications-3 via You Belong in Longmont [Creative Commons Attribution-NonCommercial-NoDerivs]

Data hack exposes 10 million health records from insurer

September 17, 2015 Astrid Countee Leave a comment Health Justice, News

Health insurer Excellus BlueCross BlueShield and a partner company experienced a data breach of their health care records. The sophisticated cyber attack on more than 10 million records was disclosed by the company last wednesday, September 9th 2015. This comes just a couple of months after a similar hack at UCLA’s health system in July in which 4.5 million records were accessed.

Excellus claims that this hack exposed social security numbers, medical claims, as well as other identifying information. The FBI is investigating the crime. In a statement by Excellus CEO Christopher Booth he says, “protecting personal information is one of our top priorities and we take this issue very seriously…”. The frequency of data breaches in health care is alarming and is causing some to say that health records in the US are not safe. Why?

Health records are extremely attractive to data hackers. The information is valued over credit card information when sold on the black market. The records are attractive simply because the data is so rich. Personal information like social security numbers, identification information and medical history can allow an attacker to use the data in a variety of ways. These uses range from opening a bogus account, committing income tax fraud, to getting health insurance under someone else’s name.

The possibilities are plentiful, and therefore the health care industry remains a primary target.

Article via CNET, 10 September 2015

Photo: A Doctor Looks Over Patient Medical Records via World Bank Photo Collection [Creative Commons Attribution-NonCommercial-NoDerivs]

Tech companies protect against government surveillance

September 13, 2015 Abby Shulman Leave a comment Business, Citizen Justice, Government, Privacy, Social Media, Tech

The best protection against widespread government surveillance now comes from major tech companies, including those accused of collecting mass amounts of data to sell to other companies seeking targeted advertising.

The FBI has accused Apple of aiding criminals by offering default encryption in the new iPhones it sells. Government reproach is also directed towards Google, which is offering the same encryption for its new Android phones. However, the majority of Americans are grateful for the tech companies’ new developments; a recent Pew survey found that 65 percent of people believe that there aren’t enough limits on government surveillance.

Smartphone encryption is not the only guard against surveillance, either. Google and Yahoo announced that they’re both working on end-to-end encryption in email, and Facebook was established on a Tor hidden services site so that people with access to network traffic can’t access user data.

Encryption tools are generally difficult to operate, and thus only tech-savvy users have been able to achieve full privacy. As a result, anyone using encryption tools was unique and therefore suspicious to government officials. With new integrated encryption, privacy will be more universal, and those previously using encryption systems will be better camouflaged.

Articles: The Center for Internet and Society, September 9, 2015

Photo: DC Ralley Against Mass Surveillance via Susan Melkisethian [Creative Commons Attribution-NonCommercial-NoDerivs]

New regulations on cell-site simulators

September 7, 2015 Shelby Bice Leave a comment Government, Privacy, Tech

The Department of Justice has put stricter regulations on the use of cell-site simulators by requiring a warrant to be issued before one can be used, except in the case of “exigent” or “exceptional circumstances”, according to the CNN report covering the announcement. Cell-site simulators, which acquire locational data from cellphones by posing as cell towers, have not been regulated previously. The use of cell-site simulators have proven very helpful to law enforcement trying to locate kidnapping victims, terrorists, and other fugitives. While effective, these simulators also gather information about citizens who have not committed any crimes. This breach of privacy calls into question the ethics behind using cell-site simulators which in turn led to the announcement from the Department of Justice.

The new regulations have been praised as a step in the right direction for protecting citizen’s privacy after previous scandals of government agencies hiding their surveillance technology from the public. However, the Department of Justice’s announcement only applies to federal agencies, not local or state law enforcement. The staff attorney for the American Civil Liberties Union, Nathan Freed Wessler, stated that “Congress should act to pass more comprehensive legislation to ensure that Americans’ privacy is protected from these devices and other location tracking technologies” by including law enforcement agencies that purchased cell-site simulations with federal funding under the new regulations.

Articles via ABA Journal, September 4, 2015: CNN, September 3, 2015

Photo: Timelaps with Oneplus One Cellphone via Damien Thorne [Creative Commons Attribution-NonCommercial-NoDerivs]

Hacking Team’s clientele- corrupt governments

September 4, 2015 Abby Shulman Leave a comment Cybercrime, Economy, Government, Human Rights, Justice, News, Privacy, Security, Tech

In July of 2015, 400 gigabytes of documents outlining the dealings of spyware company Hacking Team were released. The for-profit surveillance firm was found to work with oppressive regimes across the globe, including those of Russia, Ethiopia, Azerbaijan, Kazakhstan, Vietnam, Saudi Arabia, and Sudan. Also benefiting from the company’s exploitive surveillance tools is the US Bureau of Investigation, which has spent $775,000 on Hacking Team tools since 2011.

Hacking Team’s abilities are expansive. The firm can steal pre-encrypted data and passwords typed in Web browsers, as well as activate the microphone and camera on a target device. Users of Google Play and Apple stores may also be activating surveillance malware coded by Hacking Team.

Privacy and human rights advocates are outraged by the lack of legislation regulating firms like Hacking Team and its rival Gamma International, but regulation can be tricky. Badly drafted export controls could create red tape for journalists to circumvent when trying to access communications mechanisms or antivirus software. Syrian activists, for example, have cited American export controls as one of the leading obstacles of installing anti-surveillance software on phones and computers to protect their communications from the Assad regime.

The discussion is subtle, as it must take into account the personal liberties of global citizens, the dynamic nature of the technology industry, and the diverse interests of country governments.

Article via Committee to Protect Journalists, July 13, 2015

Photo: On the Phone via Artform Canada [Creative Commons Attribution-NonCommercial-NoDerivs]