European Study Finds Faults with Minors’ Privacy Online

The European Commission, which is still finding its way in regulating the Internet, published a study on how social networking sites treat minors. The most compelling result it found: Only Bebo and Myspace (which is owned by News Corp., publisher of this blog) “have default settings to make minors’ profiles accessible only to their approved list of contacts.

Read the article: http://gigalaw.com/2011/06/21/european-study-finds-faults-with-minors-privacy-online/ (Source: The Wall Street Journal)

PENTAGON SAYS COMPUTER SABOTAGE EQUALS ACT OF WAR

The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force. The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military.

IS SONY SORRY?

By Abu Bakar Munir

Following the attack, Sony’s CEO apologized to millions of PlayStation Network and Qriocity users. In the letter posted on the PlayStation blog, Howard Stringer states, “I know this has been a frustrating time for all of you…..Let me assure you that the resources of this company have been focused on investigating the entire nature and impact of the cyber-attack we’ve all experienced and on fixing it. We are absolutely dedicated to restoring full and safe services as soon as possible and rewarding you for your patience. We will settle for nothing less…As a company we – and I - apologize for the inconvenience and concern caused by this attack.”

Criticisms of Sony was for several reasons, among others, (1) the delay between discovering the problem and notifying customers, (2) the lack of meaningful updates as to when service would be restored, and (3) the seeming confusion over exactly what information had or had not been stolen. On the first issue, Sony’s CEO responded by saying, “This was an unprecedented situation. Most of these breaches go unreported by companies. Forty – three percent notify victims within a month. We reported in a week. You’re telling me my week wasn’t fast enough?”

What are the reactions of the privacy advocate and security professionals? Senior technology consultant at Sophos said that the breach “certainly ranks as one of the biggest data losses ever to affect individuals”. The Australian Privacy Minister, Brendan O’Connor, said he was “very concerned” about the theft of personal information and expressed disappointment that Sony took “several days” to inform about the breach. He further stated that this meant a mandatory “data breach notification” system now “appears necessary”.

Similarly, the Canada Privacy Commissioner said, “I was very disappointed that Sony did not pro-actively notify my office of the breach”. The British Information Commissioner’s Office stated that Sony will be questioned, and that an investigation will take place to discover whether Sony had taken adequate precautions to protect customer details. US Senator Richard Blumenthal of Connecticut demanded answers from Sony about the data breach. Sony had been asked to testify before a congressional hearing on May 2, 2011, but sent a letter instead.

FACEBOOK FLAW GAVE PERSONAL DATA TO ADVERTISERS

A security vulnerability on Facebook Inc. for years gave advertisers and other third parties a way to access users’ accounts and personal information, according to security firm Symantec Corp. But Facebook said it had fixed the problem and found no evidence of the issue resulting in private information being leaked.

Read the article: http://ow.ly/4RHnF (Source: The Wall Street Journal)

PRIVACY ADVOCATES APPLAUD DO-NOT TRACK BILL

Several privacy and civil rights groups voiced support for an online do-not-track bill introduced in the U.S. Senate, saying the legislation would give Web users control over their personal data. Senator John “Jay” Rockefeller’s bill would create a national do-not-track mechanism, a “crucial civil liberties protection for the 21st century,” said Chris Calabrese, legislative counsel at the American Civil Liberties Union (ACLU).

Read the article: http://ow.ly/4QPqW (Source: PCWorld)

SONY'S CEO APOLOGIZES

Sony Chief Executive Officer Howard Stringer apologized to users of its PlayStation Network, breaking his silence on one of the biggest Internet security break-ins ever, but failing to provide a date when services would resume. Stringer’s comments come after he faced criticism of his leadership since Sony revealed hackers had compromised the data of more than 100 million accounts.

Read the article: http://ow.ly/4OoPe (Source: Reuters)

SONY SHUTS DOWN ONLINE - GAMING AFTER SECOND ATTACK

Less than a week after news of a security breach sparked an uproar, Sony Corp. has shut down its online-gaming unit after a hacker infiltrated the network in the second such attack on the company in the last month. Sony Online Entertainment, known for creating massive multi-player games such as EverQuest and The Matrix Online, suspended service, according to a statement.

Read the article: http://ow.ly/4Lz3A (Source: Los Angeles Times)

SONY WAS ATTACKED AGAIN

Less than a week after news of a security breach sparked an uproar, Sony Corp. has shut down its online-gaming unit after a hacker infiltrated the network in the second such attack on the company in the last month. Sony Online Entertainment, known for creating massive multi-player games such as EverQuest and The Matrix Online, suspended service, according to a statement.

Read the article: http://ow.ly/4Lz3A (Source: Los Angeles Times)

SONY PLAYSTATION DATA DISCLOSURE

Sony acknowledged that the personal information of its PlayStation Network customers has been compromised. The company posted an update on its blog warning its more than 70 million customers that their personal information, including customer names, addresses, e-mail addresses, birthdays, PlayStation Network and Qriocity passwords, and user names, as well as online user handles, was obtained illegally by an “unauthorized person.”

Read the article: http://ow.ly/4HzfK (Source: CNET News)

LAWSUIT FILED AGAINST SONY

Gamers and government officials are irate over Sony’s admission that a massive security breach gave hackers access to large amounts of personal data from the company’s PlayStation Network and, surprise(!), one gamer has already filed a lawsuit. Meanwhile, analysts estimate the hammered game company could lose billions of dollars from the debacle.

Read the article: http://ow.ly/4IAfA (Source: msnbc.com)

SWISS COURT SAYS GOOGLE STREET VIEW VIOLATES PRIVACY

Switzerland’s top administrative court backed the Swiss privacy watchdog and ruled against Google Inc.’s Street View map service in Switzerland, saying the service infringes privacy in a ruling. Switzerland’s Federal Data Protection Commissioner Hanspeter Thuer and Google had been locked in a battle over the Web giant’s popular Street View application ever since the mapping service went live there in 2009.

Read the article: http://ow.ly/4t8r6 (Source: The Wall Street Journal)

GOOGLE SETTLES PRIVACY CHARGES WITH FTC FOR BUZZ

Google settled with the Federal Trade Commission over charges of deceptive privacy practices in its introduction last year of Buzz, the social networking tool in Gmail. Under the settlement, Google agreed to start a privacy program and undergo privacy audits for 20 years; it faces $16,000 fines for future privacy misrepresentations.

Read the article: http://ow.ly/4pMES (Source: The New York Times)

GERMAN COURT CALLS GOOGLE STREET VIEW LEGAL

A Berlin court has ruled, according to Deutsche Welle, that it’s legal for Google to take the street-level pictures, striking down a lawsuit brought on by a German woman who sued Google over Street View and cited privacy and property rights. The case is complicated, because the woman who sued did so out of the possibility that her privacy might be invaded — e.g. if Google Street View happened to take photos of the front of her house, and that the camera on top of the Google Street View vehicle would see over the hedge in front of it.

Read the article: http://ow.ly/4jfzY (Source: CNET News)

CYBERCRIMINALS FOCUSING ON CORPORATE TRADE SECRETS

Cybercriminals are increasingly moving from stealing just personal data to capturing trade secrets and other corporate intellectual capital that they can easily sell through the underground market, according to a new report from McAfee and the SAIC. In the release of a new study, “Underground Economies: Intellectual Capital and Sensitive Corporate Data Now the Latest CybercrimeScience Applications International Corporate find that the theft of trade secrets, marketing plans, R&D data, and even source code is on the rise, especially as such information is often unprotected. Currency”, McAfee and the

Read the article: http://ow.ly/4o1ez (Source: CNET News)

INDIA TO BLOCK NEW DOMAINS ENDING IN .XXX

India will seek to block the internet’s newly-formed red-light district after a global agency governing the web approved .xxx suffix for pornography websites, a senior government official said. “India along with many other countries from the Middle East and Indonesia opposed the grant of the domain in the first place, and we would proceed to block the whole domain, as it goes against the IT Act and Indian laws,” said a senior official at the ministry of IT.

Read the article: http://ow.ly/4niYY (Source: The Economic Times)

JUDGE REJECTS SETTLEMENT FOR GOOGLE BOOKS DEAL

March 22, 2011

A U.S. judge rejected a $125 million settlement that would have allowed Google Inc. to create the world’s biggest digital-book library. Opponents of the deal said it violated international law.

• Read the article: Bloomberg

ICANN APPROVES .XXX DOMAIN AS PROTESTS CONTINUE

The agency governing Internet addresses approved the creation of a new red-light district on the Web, but the decision may not end years of fighting over the contentious plan. The Internet Corporation for Assigned Names and Numbers authorized the creation of an .xxx suffix for pornography Web sites.

Read the article: http://ow.ly/4hYBa (Source: The New York Times)

EU OFFICIAL STRESSES PRIVACY RULES FOR WEBSITES

Social-networking sites such as Facebook, or search engines such as Google, may face court action if they fail to obey planned EU data privacy rules, European Union justice chief Viviane Reding said. Reding will propose an overhaul of the EU’s 16-year-old laws on data protection in the coming months to enforce more safeguards on how personal information is used.

Read the article: http://ow.ly/4goOK (Source: Reuters)

TWITTER SETTELES PRIVACY CHARGES WITH FTC

The Federal Trade Commission accepted a settlement with Internet messaging service Twitter Inc. to resolve charges that Twitter deceived consumers and put their privacy at risk by not safeguarding personal information. The settlement bars Twitter from misleading consumers about the extent to which it protects the security, privacy and confidentiality of non-public consumer information for 20 years, according to a statement posted on the FTC website.

Read the article: http://ow.ly/4dwYi (Source: Bloomberg)

BRITISH MAN GOES TO JAIL AFTER BLOGGING ABOUT GIRLFRIEND

When most people end a relationship, they don’t start creating websites to insult, embarrass and terrorize their exes. Unfortunately, that’s exactly what one British man did — and now he’s been jailed for it.

Read the article: http://gigalaw.com/2011/03/10/british-man-goes-to-jail-after-blogging-about-girlfriend/ (Source: msnbc.com)

SINGAPORE TO HAVE DATA PROTECTION ACT IN 2012

The Minister for Information, Communications and the Arts, Lui Tuck Yew, told the Singapore Parliament in February that a data protection review had now been completed. The Government has concluded that it would be in Singapore’s overall interests to put in place a data protection regime, in order to protect individuals’ personal data against unauthorised use and disclosure for profit,The announcement came in response to a question from MP Lee Bee Wah, in view of what he said were “reports of offers to sell personal and contact information of key officers in various Government Ministries”. Minister Lui said that the proposed (data protection) law is intended to curb excessive and unnecessary collection of individuals’ personal data by businesses, and include requirements such as obtaining the consent of individuals to disclose their personal information. He further said, “It will also enhance Singapore’s overall competitiveness and strengthen our position as a trusted hub for businesses and a choice location for global data management and processing services.”

OBAMA ADMINISTRATION SPEAKING OUT AGAINST ICANN

The California nonprofit organization that operates the Internet’s levers has always been a target for global heavies like Russia and China that prefer the United Nations in charge of the Web. But these days, the Internet Corporation for Assigned Names and Numbers is fending off attacks from a seemingly unlikely opposition: the Obama administration.

Read the article: http://ow.ly/458Sl (Source: The Washington Post)

U.S GOVERNMENT SEEKS VETO POWER OVER NEW DOMAINS

The Obama administration is quietly seeking the power for it and other governments to veto future top-level domain names, a move that raises questions about free expression, national sovereignty, and the role of states in shaping the future of the Internet. At stake is who will have authority over the next wave of suffixes to supplement the venerable .com, .org, and .net. At least 115 proposals are expected this year, including .car, .health, .nyc, .movie, and .web, and the application process could be finalized at a meeting in San Francisco next month.

Read the article: http://goo.gl/htxmp (Source: CNET News)

FACEBOOK AGREES TO PRIVACY CHANGES IN GERMANY

Facebook, facing potential fines for violating strict privacy laws in Germany, agreed to let users in the country better shield their e-mail contacts from unwanted advertisements and solicitations it sends. Facebook, which has more than 10 million users in Germany, agreed to modify its Friend Finder service to let Germans better block its ability to contact people, including non-Facebook users culled from a user’s e-mail address books.

Read the article: http://goo.gl/52O4f (Source: The New York Times)

GOOGLE DELETES DATA COLLECTED BY STREET VIEW CARS

Personal data collected by Google’s UK Street View cars has been deleted. The UK Information Commissioner’s Office (ICO), which has been criticised for not taking a more hardline stance against Google, confirmed the deletion.

Read the article: http://goo.gl/WpjSL (Source: BBC News)

WOMAN SUES GOOGLE FOR SHOWING UNDERWEAR

A Japanese woman is suing Google for displaying images of underwear hanging on her washing line on its Street View function. The woman, who has not been named, is suing the Internet giant for 600,000 Yen, claiming the images caused her psychological distress, according to Japan’s Mainichi newspaper.

Read the article: http://goo.gl/n46qk (Source: The Telegraph)

SMARTPHONES SHARING PERSONAL DATA, PROBE FINDS

Few devices know more personal details about people than the smartphones in their pockets: phone numbers, current location, often the owner’s real name — even a unique ID number that can never be changed or turned off. These phones don’t keep secrets. They are sharing this personal data widely and regularly, a Wall Street Journal investigation has found.

Read the article: http://goo.gl/hI0z6 (Source: The Wall Street Journal)

DATA BREACH EXPOSES McDONALD'S CUSTOMERS' INFO

McDonald’s Corp. says some of its customers’ private information was exposed during a data breach. The company said Monday that a third party was able to get past security measures and see into a database of its customer information that included e-mail, phone numbers, addresses, birthdates and other specifics that they provided when signing up for online promotions or other subscriptions to its websites.

Read the article: http://goo.gl/XZ6JX (Source: The Atlanta Journal-Constitution)

FTC ENDORSES "DO NOT TRACK" PRIVACY PLAN ONLINE

The Federal Trade Commission advocated a plan that lets consumers on the Internet choose whether they want information about their browsing habits to be collected, an option known as “do not track.” The FTC’s proposal, a framework for commercial use of consumer data, would make consumer privacy the default position and would let Web users decide whether Internet sites and advertisers can build profiles of their browsing and buying habits as well as collect other personal information.

Read the article: http://goo.gl/AqS0J (Source: The New York Times)

HACKER CLAIMS ATTACK ON WIKILEAKS WEBSITE

A computer hacker who calls himself “The Jester” claimed responsibility for the cyber attack which took down the WikiLeaks site, shortly before it started posting hundreds of thousands of classified U.S. diplomatic cables. The Jester, who describes himself as a “hacktivist for good,” said he took the controversial site down “for attempting to endanger the lives of our troops, ‘other assets’ & foreign relations.”

Read the article: http://goo.gl/mfMlA (Source: CNN)