The U.S. Federal Trade Commission announced a settlement with ASUSTeK Computer over sloppy security settings tied to its routers.
Tag Archives: FTC
Oracle Settles with FTC Over ‘Deceptive’ Java Security Updates
Oracle will be required to provide users with a mechanism to uninstall older and vulnerable versions of Java, following a settlement with the Federal Trade Commission.
Just Like Old Days: IOT Security Pits Regulators Against Market
A panel discussion at the Security of Things Forum debated the need for regulation to ensure the security and privacy of connected devices.
FTC, Experts Push Startups to Think About Security From the Beginning
About a decade ago, many large software makers learned some very difficult lessons about software security and building security into their products from the start. Some are still learning. The FTC and a variety of security experts are hoping that today’s crop of start-ups will not have to go through that same painful process. The FTC […]
FTC can punish organisations with poor cybersecurity
FTC has the authority to hold organisations to account for failing to deliver tough cybersecurity measures.
The post FTC can punish organisations with poor cybersecurity appeared first on We Live Security.
Court Rules FTC Has Authority to Punish Wyndham Over Breaches
In the latest installment of a long and winding court case related to multiple data beaches at Wyndham Worldwide several years ago, an appellate court has upheld the authority of the Federal Trade Commission to punish the hotel chain for lax security practices that allegedly led to the breaches. The decision by the United States Court of […]
Government Asks for Security Community’s Help on Technical Issues
LAS VEGAS–Washington is looking for a few good hackers. Politicians and policymakers in the United States generally are not thought of as being the most technically savvy lot. It’s a reputation that’s well-earned in some cases, with some politicians boasting about their inability to use email and affinity for flip phones. But the lack of understanding […]
Ed Felten Joins White House as Deputy CTO
Ed Felten, a professor at Princeton University and a well-respected voice on security and privacy issues, is joining the White House as the deputy CTO. In his new role, Felten will be working under Megan Smith, the CTO of the United States and a former Google vice president. Felten has been at Princeton in various […]
Why you should celebrate Data Protection Day 2015
So what is Data Protection Day? It’s a holiday proclaimed by the Council of Europe on January 28, 2007. The goal is to raise awareness and promote privacy and data protection best practices.
It is globally celebrated and in the U.S. often referred to as Data Privacy and Protection Day, but it’s still a holiday! So tell your boss, and take a day to yourself. In the words of Madonna, rather the spirit, perhaps we should “Celebrate.”
If we took a data day, took some time to celebrate,
Just one data out of life
It would be, it would be so nice
Everybody spread the word… We’re gonna have a celebration
All across the world, In every nation
It’s time for the good data practices… Forget about the bad, oh yeah…
We need a holiday…
On this anniversary of Data Protection Day, the promise is matched only by the tension. In the past year, we’ve seen unprecedented data hacks, continued instances of government surveillance, and an ongoing tide of commercial data collection and use practices that don’t always bode well for consumers.
This is amplified by real concerns for people’s safety, life, and liberty. Criminal enterprises continue to engage in identity theft and financial fraud. Terrorist attacks, like those recently in France, further fuel our fears and heighten the impulse to use more invasive state surveillance techniques.
Add to this the sea-change in the landscape created by mobile devices, which will look like nothing compared to the changes ushered in by the Internet of Things. We have more data, more collection points, more providers, more sensitive information, and growing commercial and state appetites to use the data that define our lives.
So why celebrate? Well, a set of forces seems to be converging that indicates a corresponding change in attitude to better protect consumers and change the pH of the ecosystem so it’s more habitable for businesses and users alike.
The FTC released a thoughtful report on IoT that gives us a framework to get ahead of the changes. President Obama recently proposed new cyber-security and data breach legislation that is promising, provided the voices of civil society advocates like CDT and the EFF remain engaged.
The EU continues to work on updating the data protection act to address both the technological and societal changes that have occurred since it was first drafted. More importantly though, the heat in this space has been turned up. There is more debate. More industry leaders are devoting increasingly more mind share. Notions of choice, transparency, control, and reasonable defaults – the very threads that weave the fabric of trust that we depend upon – are no longer dirty words.
While these may seem like concepts beyond your desktop, there is a lot each of us can do to take back some of our privacy. Today, I actively managed my privacy settings in iOS. I disabled location services for all those apps where it didn’t make sense. Why for example do the camera or ADP (payroll) apps need to use my location in the background when I’m not using them? Something doesn’t seem right.
Some apps, I was pleasantly surprised to find, like Google Maps and ESPN’s SportsCenter, do give me the option to turn location services on only “while using.” This makes sense to me and is an example of privacy forward design that gives users better and more refined choices. The fact that the interface exists at all is an example of transparency that didn’t exist in earlier versions of iOS, and a good sign that things are changing.
All this is to say – the tide is shifting. In this transition, there is more opportunity than we can imagine. We don’t believe that users have to trade privacy and security to benefit from the wealth of data-enabled services available now and soon to come.
Today there is growing interest in shaping a future that is more people-centric than device-centric, and that properly reflects the human rights that we expect. I am optimistic that there is more future than there is past. That’s something to celebrate.