Digital Privacy & Security Update (Nov. 25, 2012)

A non-random sampling of recent developments in digital privacy & security . . . .

Online tracking.

• More Companies Are Tracking Online Data, Study Finds (Natasha Singer/Nov. 12, 2012/New York Times)
• Privacy considerations of online behavioural tracking (Nov. 14, 2012/European Network and Information Security Agency)
• European Commission shows concern over the slow development of the Do-Not-Track standard (Cynthia O’Donoghue/Nov. 14, 2012/Global Regulatory Enforcement Law Blog)
• Google privacy settlement with FTC wins court approval (Brandon Bailey/Nov. 16, 2012/San Jose Mercury News)
• Amazon Settles Privacy Case (Wendy Davis/Nov. 16, 2012/Online Media Daily)
• Obama’s Approach to Big Data: Do As I Say, Not As I Do (Kate Kaye/Nov. 16, 2012/Ad Age)
• Your Online Attention, Bought in an Instant (Natasha Singer/Nov. 17, 2012/New York Times)
• Amazon settles suit over alleged manipulation of IE browser settings (John Cook/Nov. 18, 2012/GeekWire)
• Amazon Settles “Flash Cookie” Lawsuit (Kristi Cercone/Nov. 20, 2012/InsidePrivacy)
• Internet Explorer 10′s ‘Do Not Track’ Function Is NOT Located In Its Privacy Settings (Jim Edwards/Nov. 21, 2012/Business Insider)
• Opinion: Is Ad blocking the next legal battleground? (Guy Burgess/Nov. 23, 2012/Computerworld)
• FTC Announces Agenda for Workshop Exploring Practices, Privacy Implications of Comprehensive Collection of Web Data (Nov. 23, 2012/Federal Trade Commission)

Data breach.

• Twitter Security Email Gets Mixed Reaction (Evan Koblentz/Nov. 9, 2012/Law Technology News)
• Cybersecurity: Does Your Company Have Insurance For Claims Arising Out Of An Alleged Data Breach? (Nov. 9, 2012/Corporate Insurance Blog)
• World of Warcraft maker hit with lawsuit over data breach, authentication (Nov. 12, 2012/infosecurity)
• Businesses Consider Abusing ICO Data Breach Fine ‘Loophole’ (Tom Brewster/Nov. 13, 2012/TechWeekEurope)
• Adobe investigates alleged customer data breach (Jeremy Kirk/Nov. 13, 2012/Computerworld)
• Adobe Hacker Says He Used SQL Injection To Grab Database Of 150,000 User Accounts (Kelly Jackson Higgins/Nov. 14, 2012/Dark Reading)
• Insurance Coverage for Data Breach Claims (Richard D. Milone, Edward E. Weiman and Cameron R. Argetsinger/Nov. 14, 2012/The Corporate Counselor)
• NASA suffers major data breach over stolen laptop that wasn’t encrypted (Lisa Vaas/Nov. 15, 2012/Naked Security)
• Nasa to encrypt data after its latest laptop loss (Nov. 15, 2012/BBC)
• Data Breach Class Action against Popular Video Game Developer Dismissed for Failure to Plead Adequate Damages (Alan Pate/Nov. 16, 2012/Data Privacy Monitor)
• FreeBSD.org intrusion announced November 17th 2012 (Nov. 17, 2012/FreeBSD)
• Jail Looms for Man Who Revealed AT&T Leaked iPad User E-Mails (Tom Simonite/Nov. 19, 2012/MIT Technology Review)
• Hacker Found Guilty of Breaching AT&T Site to Obtain iPad Customer Data (Kim Zetter/Nov. 20, 2012/Threat Level)
• Why Risk Data Breaches? (Judy Selby/Nov. 20, 2012/Law Technology News)
• Court Kicks Data Breach Claim Against Valve – Grigsby v. Valve (Venkat Balasubramani/Nov. 20, 2012/Technology & Marketing Law Blog)
• South Carolina Offers Details of Data Theft and Warns It Could Happen Elsewhere (Robbie Brown/Nov. 20, 2012/New York Times)
• South Carolina Department of Revenue: Public Incident Response Report (Nov. 20, 2012)
• Hackers hit Nationwide Mutual, steal data on 28,000 in Ga. (J. Scott Trubey/Nov. 20, 2012/Atlanta Journal-Constitution)
• Attackers Had Access for Months in South Carolina Data Breach (Michael Mimoso/Nov. 21, 2012/threat post)

Email security.

• Napolitano: I Don’t Use E-mail. At All. (Josh Smith/Sept. 28, 2012/NationalJournal)
• Report details perils of email encryption (John P. Mello Jr./Nov. 6, 2012/TheEmailAdmin)
• Ex-Spy Chief David Petraeus Gave His Mistress Access To His Email (Kashmir Hill/Nov. 11, 2012/Forbes)
• Petraeus Fallout: 5 Gmail Security Facts (Matthew J. Schwartz/Nov. 13, 2012/InformationWeek)
• Surveillance and Security Lessons From the Petraeus Scandal (Chris Soghoian/Nov. 13, 2012/ACLU)
• Email Users Can’t Count On Privacy Protections (Geoffrey A. Fowler and Evan Perez/Nov. 14, 2012/Wall Street Journal)
• As CIA Chief Scandal Looms, Lawmakers Consider Tightening E-Mail Privacy (David Kravets/Nov. 15, 2012/Threat Level)
• Lawsuit Against Google for Scanning Minors’ Emails without Consent (Melissa Maalouf/Nov. 16, 2012/Law Across the Wire and Into the Cloud)
• Senate bill rewrite lets feds read your e-mail without warrants (Declan McCullagh/Nov. 20, 2012/CNET)
• Leahy scuttles his warrantless e-mail surveillance bill (Declan McCullagh/Nov. 20, 2012/CNET)
• Key E-Mail-Privacy Senator Denies a Turn to the Dark Side (David Kravets/Nov. 20, 2012/Threat Level)

Cybersecurity.

• The Hacker Debate (Nov. 2, 2012/Steptoe Cyberblog)
• With Millions Paid in Hacker Bug Bounties, Is the Internet Any Safer? (Kim Zetter/Nov. 8, 2012/Threat Level)
• The New Face of Energy Insecurity (Blake Clayton/Nov. 9, 2012/The National Interest)
• Researchers find vulnerability in Call of Duty: Modern Warfare 3 (Jeremy Kirk/Nov. 9, 2012/Computerworld)
• The Globalization Of Cyberespionage (Kelly Jackson Higgins/Nov. 12, 2012/Dark Reading)
• Hardcoded passwords leave Telstra routers wide open (Darren Pauli/Nov. 13, 2012/SC Magazine)
• Russia Software Tycoon: US Cyber Tracing May Not Work (Owen Fletcher/Nov. 13, 2012/Wall Street Journal)
• Terrorist Attack on Power Grid Could Cause Broad Hardship, Report Says (Matthew L. Wald/Nov. 14, 2012/New York Times)
• Russia’s Hacked Media Sites Fight Back (Lukas I. Alpert/Nov. 14, 2012/Wall Street Journal)
• Security hole allows anyone to hijack your Skype account using only your email address (updated) (Emil Protalinski/Nov. 14, 2012/The Next Web)
• Will it Take a ‘Cyber Pearl Harbor’ to Break Congressional Deadlock? (Ward Carroll/Nov. 15, 2012/DefenseTech)
• Political Gridlock Leaves U.S. Facing Cyber Pearl Harbor (Eric Engleman and Michael Riley/Nov. 15, 2012/Businessweek)
• Congress Kills Cybersecurity Bill, White House Action Expected (J. Nicholas Hoover/Nov. 15, 2012/InformationWeek)
• Cybersecurity Bill Fails Again In Senate (William J. Weber/Nov. 15, 2012/Data Privacy Monitor)
• Kill the Password: Why a String of Characters Can’t Protect Us Anymore (Mat Honan/Nov. 15, 2012/Gadget Lab)
• Adequate Attack Data and Threat Information Sharing No Longer a Luxury (Michael Mimoso/Nov. 15, 2012/threat post)
• Facebook Enabling HTTPS by Default for North American Users (Dennis Fisher/Nov. 19, 2012/threat post)
• Scientists Find Cheaper Way to Ensure Internet Security (John Markoff/Nov. 20, 2012/New York Times)
• HTTP Strict Transport Security becomes Internet standard (Lucian Constantin/Nov. 22, 2012/Computerworld)

EU privacy.

• Anonymisation: managing data protection risk code of practice (Nov. 2012/U.K. Information Commissioner’s Office)
• Google’s cloud database management service offers EU-only data storage and processing (Nov. 12, 2012/Out-Law.com)
• How one law student is making Facebook get serious about privacy (Cyrus Farivar/Nov. 15, 2012/ars technica)
• UK ICO Gathers Views on Privacy Seals (Nov. 15, 2012/Privacy and Information Security Law Blog)
• Most popular EU websites don’t ask permission to install cookies (Loek Essers/Nov. 16, 2012/ComputerworldUK)
• Information Commissioner’s Office set to issue first fines under the Privacy and Electronic Communications Regulations (Cynthia O’Donoghue/Nov. 19, 2012/Global Regulatory Enforcement Law Blog)
• Commission to renegotiate Council of Europe Data Protection Convention on behalf of EU (Nov. 19, 2012/European Union)
• Why big data could sink Europe’s ‘right to be forgotten’ (David Meyer/Nov. 20, 2012/GigaOM)
• Facebook says proposed European data protection fines could lead to court battles (Zeljka Zorz/Nov. 20, 2012/Help Net Security)
• New Player in E.U. Data Privacy Battle (Kevin J. O’Brien/Nov. 20, 2012/New York Times)
• Guarding a ‘Fundamental Right’ of Privacy in Europe (Eric Pfanner/Nov. 20, 2012/New York Times)
• European Governments Staying Out of the Cloud (Kevin J. O’Brien/Nov. 20, 2012/New York Times)
• The right to be forgotten – between expectations and practice (Nov. 20, 2012/European Network and Information Security Agency)
• EU Announces Plans for a Cyber-Security Bill (Cynthia O’Donoghue/Nov. 20, 2012/Global Regulatory Enforcement Law Blog)
• New code of practice to minimise privacy risks in anonymised data (John Burn-Murdoch/Nov. 21, 2012/The Guardian)

Biometrics.

• When a Palm Reader Knows More Than Your Life Line (Natasha Singer/Nov. 10, 2012/New York Times)

Miscellaneous.

• How to deal with personal data for multinational companies? (Nicole Borofsky, Cecile Martin, Jeremy M. Mittman and Daniel Ornstein/Oct. 31, 2012/International Labor Law)
• Privacy Compliance Review of the NOC Publicly Available Social Media Monitoring and Situational Awareness Initiative (Nov. 8, 2012/U.S. Department of Homeland Security)
• 70% of cloud data centers keep customers in the dark about storage locations (Nov. 8, 2012/info security)
• Companies that Own and Manage Payday Lending and Check Cashing Stores to Settle FTC Charges That They Tossed Sensitive Consumer Data into Trash Dumpsters (Nov. 7, 2012/Federal Trade Commission)
• Social Codes: Sharing Your Genes Online (Daniela Hernandez/Nov. 9, 2012/Wired Science)
• Where There’s Smoke There’s Fire: Powering eDiscovery with Data Loss Prevention (Allison Walton/Nov. 12, 2012/e-discovery 2.0)
• Zittrain: Peer-to-peer transactions risk privacy (David Perera/Nov. 12, 2012/FierceGovernmentIT)
• How-To Video: Facebook Privacy (Brian Donohue/Nov. 13, 2012/threat post)
• Edelman Study Finds Global Businesses Unprepared to Meet Customer and Regulator Expectations around Privacy and Data Security (Nov. 13, 2012)
• U.S. FTC chief: Kids’ Internet privacy rules done by year’s end (Nov. 13, 2012/Reuters)
• Video Interview: Discussing the International Conference of Data Protection & Privacy Commissioners with LXBN TV (Christopher Wolf/Nov. 13, 2012/Chronicle of Data Protection)
• Google Says Government Surveillance Growing (Thomas Claburn/Nov. 13, 2012/InformationWeek)
• Transparency Report: Government requests on the rise (Dorothy Chou/Nov. 13, 2012/Google Public Policy Blog)
• The U.S. Government’s Growing Appetite for Google Users’ Data (Tom Simonite/Nov. 13, 2012/MIT Technology Review)
• Judge mulls over Facebook’s offer in ‘sponsored stories’ suit (Dara Kerr/Nov. 15, 2012/CNET)
• Facebook takes another shot at settling privacy lawsuit (Dan Levine/Nov. 15, 2012/Reuters)
• Grappling With Mixed Signals From the Ninth, Judge Considers Facebook Settlement (Vanessa Blum/Nov. 15, 2012/The Recorder)
• How Did Private Companies Become The Guardians Of Our Online Privacy? (Antone Gonsalves/Nov. 15, 2012/ReadWrite)
• FTC, Consumer Actions Shape Advertising and Marketing Landscape (Marc S. Roth and Edward Kabak/Nov. 16, 2012/New York Law Journal)
• California’s Shine the Light Law: Litigation Update (Steven Boranian and Joshua Marker/Nov. 16, 2012/Global Regulatory Enforcement Law Blog)
• A Search for Privacy in a Nonprivate Age (Interview of FTC chairman Jon Leibowitz/Nov. 16, 2012/Wall Street Journal)
• Court Orders Password Turnover and In Camera Review of Social Media Accounts – EEOC v. Original Honeybaked Ham Co. (Venkat Balasubramani/Nov. 18, 2012/Technology & Marketing Law Blog)
• ‘Big Data’ can change the world (Nov. 19, 2012/Los Angeles Times)
• Protecting Companies’ Intellectual Property From Cyber Crime (Ernest E. Badway and Daniel A. Schnapp/Nov. 19, 2012/New York Law Journal)
• Building an Iconography for Digital Privacy (Somini Sengupta/Nov. 19, 2012/New York Times)
• Privacy Candy From Apple (Nov. 19, 2012/Holland & Knight)
• Facebook Asks Users If It Can Abolish Their Right To Vote On Future Site Governance Changes (Josh Constine/Nov. 21, 2012/TechCrunch)
• Facebook criticised over decision to stop public privacy votes (Dave Lee/Nov. 22, 2012/BBC)
• Saudi Arabia criticised over text alerts tracking women’s movements (Luke Harding/Nov. 23, 2012/The Guardian)