This week, the Computer & Communications Industry Association (CCIA) released the report Fair Use in the U.S. Economy (.pdf) concluding that industries that rely on the “fair use” exception in copyright law contributed $4.7 trillion or 16% of the U.S. gross domestic product in 2007, growing faster than the other sectors of the U.S. economy. The report credits the fair use of copyrighted works for the success of search engines,… More
Monthly Archives: April 2010
Incident of the Week: “Huge Social Networker” Indicted For Threatening Spam Email Campaign Against New York Life
Yesterday, a federal grand jury in New York issued an indictment (.pdf) against Anthony Digati based on his threats to use spam email and the www.newyorklifeproducts.com domain to drag New York Life Insurance Company “through the muddiest waters imaginable.” Both the U.S. Attorney’s Office press release (.pdf) and the FBI press release announced the indictment.
Digati was arrested on March 8,… More
This week Google rolled out its Government Requests tool that quantifies the number of government requests it receives from various countries around the world. The move was announced by David Drummond, Google’s Chief Legal Officer on Tuesday on the official Google blog. In his post, Drummond stated:
So it’s no surprise that Google, like other technology and telecommunications companies, regularly receives demands from government agencies to remove content from our services.… More
Regulators Provide Online Privacy Notice Builder to Help Financial Institutions Comply with Gramm Leach Bliley Act
Last week a number of federal regulatory agencies rolled out an online privacy notice builder for financial institutions subject to one or more of the Gramm Leach Bliley Act (GLBA) regulations. The agencies involved include the Federal Trade Commission (FTC), Securities and Exchange Commission (SEC), Office of Comptroller of Currency (OCC), Federal Deposit Insurance Corporation (FDIC ),… More
On Wednesday, a federal grand jury in Maryland indicted Thomas A. Drake, a former employee of the National Security Agency (NSA), on charges that he emailed classified NSA documents and information to Siobhan Gorman, then a reporter for the Baltimore Sun. Drake worked for the NSA first as a contractor and then as a high level employee in the NSA’s Signals Intelligence Directorate between 1991 and 2008,… More
On Monday, the Financial Industry Regulatory Authority (FINRA) announced that brokerage firm D.A. Davidson & Co. had consented to the imposition of a $375,000 fine for lax security measures that allowed hackers working for an “international crime group” to obtain personal information on thousands of customers.
The breach itself occurred in December 2007 when hackers used a “SQL injection” attack to obtain data on over 100,000 Davidson’s customers from the firm’s online account system. … More
One Million Impacted by Blue Cross Blue Shield of Tennessee Data Breach: How Do You Remediate on that Scale?
Blue Cross Blue Shield of Tennessee announced last week that nearly 1 million of its members have been affected by the theft of hard drives containing unencrypted personal data. BCBSTN had previously announced in January that 1.6 million files with unencrypted personal and protected health information of about 500,000 members in 32 states were breached in October 2009, due to a theft of 58 hard drives.
While the breach itself is significant for its size,… More
In the April 11, 2010, Boston Globe, there is an extended discussion of an article by Cormac Herley of Microsoft entitled, "So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users." In his paper, Mr. Herley argues thoughtfully that compliance with even simple security measures, like changing your passwords, is so time-consuming that it is not worth the effort for most users.… More
Last week was a tough week for Albert Gonzalez, the so-called "leader of the largest hacking and identity theft ring ever prosecuted by the U.S. government." Gonzalez received a sentence of 20 years of imprisonment in two separate federal cases against him. The hacker, known variously as "segvec," "soupnazi" and "j4guar17" pled guilty in the New Jersey and Massachusetts cases for his role as mastermind of the two largest financial data breaches ever,… More