Posts about Encryption by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
The U.S. Court of Appeals for the 5th Circuit just issued a blistering attack on HIPAA enforcement by the U.S. Department of Health and Human Services (HHS). In University of Texas M.D. Anderson Cancer v. Department of Health and Human Services (No. 19-60226, Jan. 14, 2021), the 5th Circuit struck down a fine and enforcement […]
In the annals of what must be one of the most ridiculous data security incidents, a law firm employee sent a client file on an unencrypted thumb drive in the mail. The file contained Social Security information and other financial data. Seriously? The envelope arrived without the USB drive. The firm contacted the post office. […]
A recent article in Wired argues that it is time to kill password recovery questions. Password recovery questions are those questions that you set up in case you forget your password. Common questions are: In what city were you born? What is your mother’s maiden name? Where did you go to high school?
Ransomware is on a rampage! Attacks are happening with ever-increasing frequency, and ransomware is evolving and becoming more powerful. Several major media sites, such as the New York Times, BBC, AOL, and the NFL, were recently infected with malware that directed visitors to sites attempting to install ransomware on their computers. Ransomware has the potential […]
By Daniel J. Solove Proponents for allowing government officials to have backdoors to encrypted communications need to read Franz Kafka. Nearly a century ago, Kafka deftly captured the irony at the heart of their argument in his short story, “The Burrow.” After the Paris attacks, national security proponents in the US and abroad have been […]
By Daniel J. Solove Co-authored by Professor Paul Schwartz This post is part of a post series where we round up some of the interesting news and resources we’re finding. For a PDF version of this post, and for archived issues of previous posts, click here. We cover health issues in a separate post. News […]
by Daniel J. Solove In a recent report (link no longer available), MIT security experts critiqued calls by government law enforcement for backdoor access to encrypted information. As the experts aptly stated: “Political and law enforcement leaders in the United States and the United Kingdom have called for Internet systems to be redesigned to ensure […]
by Daniel J. Solove There are certainly many hackers with sophisticated technical skills and potent malicious technologies. These threats can seem akin to Leviathan — all powerful and insurmountable. It can be easy to get caught up focusing on the Leviathan and miss the low-hanging fruit of cybersecurity. This low-hanging fruit consists of rather simple […]
By Daniel J. Solove The recent breach of the Office of Personnel Management (OPM) network involved personal data on millions of federal employees, including data related to background checks. OPM is now offering 18 months of free credit monitoring and identity theft insurance to victims. But as experts note in a recent Washington Post article, […]
by Daniel J. Solove According to a survey commissioned by Thales e-Security, the use of encryption by organizations is increasing. Ten years ago, only 15% had an enterprise-wide encryption strategy. Now, 36% have such a strategy. Some other interesting findings from the survey also found, according to a ZDNet article: