Ransomware is on a rampage! Attacks are happening with ever-increasing frequency, and ransomware is evolving and becoming more powerful. Several major media sites, such as the New York Times, BBC, AOL, and the NFL, were recently infected with malware that directed visitors to sites attempting to install ransomware on their computers. Ransomware has the potential […]
Bernard Harcourt’s Exposed: Desire and Disobedience in the Digital Age (Harvard University Press 2015) is an indictment of our contemporary age of surveillance and exposure — what Harcourt calls “the expository society.” Harcourt passionately deconstructs modern technology-infused society and explains its dark implications with an almost poetic eloquence. Harcourt begins by critiquing the metaphor of […]
Back by popular demand, it’s time for another round of the funniest hacker stock photos. Because I create information security awareness training (and HIPAA security training too), I frequently find myself in need of a good hacker photo. But good hacker photos are hard to find. I often browse through countless images, each one more […]
A dramatic legal battle is taking place that will have dramatic implications for the future of technology, privacy, security, and the extent of government power. The FBI obtained an order from a magistrate judge to force Apple to develop software to help the FBI break into an encrypted iPhone.
The Federal Trade Commission (FTC) has become the leading federal agency to regulate privacy and data security. The scope of its power is vast – it covers the majority of commercial activity – and it has been enforcing these issues for decades. An FTC civil investigative demand (CID) will send shivers down the spine of […]
I created a new poster about information security training, which is debuting at the RSA conference. This poster is based on the fact that the vast majority of information security incidents and data breaches occur because of human mistakes. Information security is only in small part a technology problem; it is largely a human problem. […]
I’m pleased to announce a new training program: Spot the Risks: Privacy and Security. The program is a Where’s Waldo style risk-spotting game that takes about 5 minutes to complete. Trainees are asked to spot the risks in an office. Feedback is provided about each risk so trainees learn many of the most important best […]
The passing of Justice Antonin Scalia has brought a wave of speculation about current and future U.S. Supreme Court cases. One area where there might be a significant impact will be the 4th Amendment, which provides the primary constitutional protection against government surveillance and information gathering. A new justice could usher in a dramatic expansion […]
One way to enter the privacy profession is to do a fellowship, and fortunately, an increasing number of fellowship opportunities are emerging. I have written about the challenges of breaking in to the privacy law profession, especially the challenges that recent law school graduates will face. There are no established career paths in this field […]
Last year, the death of the US-EU Safe Harbor Arrangement sent waves of shock and despair to the approximately 4500 companies that used this mechanism to transfer personal data from the US to the EU. But a new day has dawned.