Higher Education & Privacy
2.3K views | +0 today
Follow
Higher Education & Privacy
Data Privacy and Online Privacy in Higher Education
Your new post is loading...
Your new post is loading...
Scooped by Higher Ed InfoSec Council
Scoop.it!

Facebook, Twitter, email passwords made private under California law

Facebook, Twitter, email passwords made private under California law | Higher Education & Privacy | Scoop.it

Californias companies and universities will be banned from asking for your social media or personal email passwords under new laws signed by Governor Jerry Brown.

 

"The Golden State is pioneering the social media revolution, and these laws will protect all Californians from unwarranted invasions of their personal social media accounts," Brown said in a statement.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Identity crisis: how Social Security numbers became our insecure national ID

Identity crisis: how Social Security numbers became our insecure national ID | Higher Education & Privacy | Scoop.it

The SSN-as-ID thing has got to stop. How did we get here, and can we get out?

 

"Last week, the White House announced $9 million in funding for five pilot projects as part of its National Strategy for Trusted Identities in Cyberspace initiative, a federal effort to establish a secure, universal online identity ecosystem led by the private sector.

Critics say any kind of top-down identification system would be a security risk and an encroachment on civil rights. But the fact is that the United States already has a universal ID: the unique nine-digit number issued to US citizens and residents by the Social Security Administration, which has turned out to be no less than a gift to identity thieves. While Social Security numbers work pretty well for tracking Social Security, they weren't designed to be secure.

 

Americans are reluctant to institute a national ID. But in the absence of one, the market adopted a poor substitute — and the millions of Social Security numbers for sale online for cheaper than a cup of coffee is one of the consequences of that disastrous indecision."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

20 security and privacy apps for Androids and iPhones

20 security and privacy apps for Androids and iPhones | Higher Education & Privacy | Scoop.it
Encrypted storage, malware scanners, missing-phone-finders and more: Here are 20 apps to help protect your smartphone, your privacy and your data.
more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Ad Industry, Privacy Advocates Spar Over 'Do Not Track'

Ad Industry, Privacy Advocates Spar Over 'Do Not Track' | Higher Education & Privacy | Scoop.it

"Lawmakers and the Federal Trade Commission are being lobbied to intervene to help settle differences between some advertising industry representatives and privacy advocates over how to implement a “do-not-track” option giving consumers the choice of whether they want to be tracked online. 

 

Many companies now track consumers by placing text files called "cookies" on their computers when they visit certain websites in order to tailor ads to them based on their preferences. In response to the growing use of online tracking for advertising and market research, many privacy advocates have called for giving consumers a do-not-track option. The idea gained momentum after the FTC first endorsed the idea in a draft privacy report in December 2010.


Some of the browser providers including Mozilla’s Firefox, Apple’s Safari and Microsoft’s Internet Explorer have begun including a do-not-track choice in their browsers. But it is unclear how websites will respond to these do-not-track requests."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Information Security Awareness Video & Poster Contest for students

Information Security Awareness Video & Poster Contest for students | Higher Education & Privacy | Scoop.it

The EDUCAUSE & Internet2 Higher Education Information Security Council (HEISC) is conducting its fifth contest in search of short information security awareness videos and posters developed by college students, for college students. The contest is sponsored by CyberWatch and the National Cyber Security Alliance (NCSA). Winners will receive cash prizes. The videos and posters will be featured on the EDUCAUSE website and may be used in campus security awareness campaigns. Winners will be notified in April 2013.

 

Google is a proud supporter of this Information Security Awareness Video and Poster Campaign for students.

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

NCSA Announces Theme for Data Privacy Day; Forms New Advisory Committee

NCSA Announces Theme for Data Privacy Day; Forms New Advisory Committee | Higher Education & Privacy | Scoop.it

"The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online and official coordinator of Data Privacy Day (DPD), today announced the official theme for DPD, the creation of a distinguished advisory committee and a new Data Privacy Day Web portal available at: http://staysafeonline.org/data-privacy-day/ . Data Privacy Day is an international awareness effort celebrated across the United States, Canada, Europe and other countries on January 28th every year.

 

NCSA and the advisory committee worked together to create the theme for Data Privacy Day entitled: 'respecting privacy, safeguarding data and enabling trust.' The statement speaks to the need for everyone - from individuals and companies - to handle personal information with care and protect it from loss. When we respect privacy and safeguard data we contribute to a safer and more trusted Internet. Additionally, the new portal for Data Privacy Day is a place for any person, organization or company that wants to participate in Data Privacy Day to get ideas, tip sheets and graphics to help them celebrate Data Privacy Day."

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Information Security
Scoop.it!

How Secure Are You Online: The Checklist

How Secure Are You Online: The Checklist | Higher Education & Privacy | Scoop.it

"Think you do enough to secure your passwords, browsing, and networking? Prove it.

 

Not all computer security is about tin foil hats and anonymous browsing. Everyone who uses a computer has a horse in the security race. For the purpose of this post, we're breaking down online security into four essential parts: passwords, browsers, at-home Wi-Fi and networking, and browsing on public Wi-Fi. Within those categories we'll give you a checklist of everything you should do, from the bare minimum to the tin-foil-hat best."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Google To Beef Up Privacy Team: Seeking "Data Privacy Engineers"

Google To Beef Up Privacy Team: Seeking "Data Privacy Engineers" | Higher Education & Privacy | Scoop.it

"Faced with a series of high-profile privacy gaffes, Google intends to hire computer "ninjas" to flag potential snafus before they pose problems.

 

The company recently posted a job announcement seeking data privacy engineers for the "privacy red team." The company says in the job description that it's seeking candidates to "independently identify, research, and help resolve potential privacy risks across all of our products, services, and business processes in place today."

 

Google's move comes two weeks after the company agreed to pay $22.5 million to settle privacy charges brought by the Federal Trade Commission. The fine in that case resulted from Google's decision to circumvent the no-tracking settings on the Safari browser."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Future of Privacy Forum Director: Browser Settings Should Be as Easy To Navigate as a Car

Future of Privacy Forum Director: Browser Settings Should Be as Easy To Navigate as a Car | Higher Education & Privacy | Scoop.it

"In many ways the privacy challenge isn’t centered around how to be super private, how to be invisible, but rather how to make sure that your data is used on the terms that you choose. Most of us want to connect, to share, to communicate, but we don’t want to feel targeted, profiled, taken advantage of or embarrassed by the data we provide. Companies are increasingly providing controls and options, but they are too complicated for busy people who don’t want to have to read a manual to quickly do their business. Cookie controls, Facebook controls, Do Not Track, app permissions, location services—you have to be a full-time privacy expert just to navigate the options. I can rent a car model that I have never driven before, in a strange city—a machine that can kill people if I choose the wrong lever—but yet I can drive it safely without reading the manual. Why can’t my browser be as easy to use? We need to do the hard consumer work and testing to make the data options we deal with every day useable for the average person."

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Information Security
Scoop.it!

BYOD: What Can We Learn from China?

BYOD: What Can We Learn from China? | Higher Education & Privacy | Scoop.it

"So how do Chinese companies handle Android's BYOD shortcomings? Chinese companies take a more heterogeneous, browser-based approach to bring a sense of order to a sea of BYOD smartphones. This might mean no VPN or multi-form factor authentication, says Li. 'Corporate infrastructure in the U.S. is more secure than in China.'

 

This might lend credence to the possibility that U.S. companies make too much out of the BYOD mobile security risk. "Yes, it's being blown way out of proportion," John Mensel, director of security services at Concept Technology, a 10-year-old IT consulting firm, told CIO.com.

 

Either way, Chinese companies do a better job of educating workers about using BYOD smartphones. Even U.S. companies say employee education is key to security. Li says many Chinese companies use short two-minute videos and animation to get their point across, whereas U.S companies expect employees to thumb through pages of policy documents.

 

And who reads those boring policies anyway? Many employees will sign the newly crafted BYOD policy without giving it much thought, which is a shame because they could be signing away their privacy rights."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Technology Renders Privacy Laws Obsolete

Technology Renders Privacy Laws Obsolete | Higher Education & Privacy | Scoop.it

"E-mail, the World Wide Web, social media, and the cloud have led to outdated privacy laws that have left federal officials perplexed about how to collect and use information about citizens, even those suspected of crimes.

 

The Government Accountability Office's latest of several reports on the issue recommends Congress act to update federal law to align with modern technologies."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

‘We Know Your House’ Uses Twitter To Find Out Where You Live, Posts It Online

‘We Know Your House’ Uses Twitter To Find Out Where You Live, Posts It Online | Higher Education & Privacy | Scoop.it

"You’ve been living with social media for long enough that you probably know most of the do’s and don’ts. Don’t post pictures of your debit card, or of your billionaire boss shirtless. But be careful when you use the word “home” too; people are watching.

 

WeKnowYourHouse.com is a recently launched website with an apt name. Basically, the site scans Twitter for tweets with location data that also make a reference to “home”. From there, they can take the latitude and longitude, plop it in to Google Maps and get a reasonable estimate of your address. Lastly, they plot it on a map. It’s creepy as all hell, but all just “a social experiment” according to the site."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Track afield: What the FTC's Google case means for your company | BCP Business Center

"By now, most companies have (we hope) gotten the message that what they say in their privacy policies has to line up with their day-to-day operations. But chances are you’re conveying claims not just in your privacy policy, but also where you talk about choice mechanisms, opt-outs, and other ways users can customize their experience. The FTC’s complaint against Google cites — among other things — alleged misrepresentations on the company’s Advertising Cookie Opt-Out Plug-in page. The message for businesses? Like decathletes, prudent companies excel across the board. They know where they make privacy promises, maintain an inventory of the cookies they use, and don’t launch new ones without thinking through the implications."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Facebook Is Now Recording Everyone You Stalk

Facebook Is Now Recording Everyone You Stalk | Higher Education & Privacy | Scoop.it

"Do you like looking at the profiles of people you don’t know that well on Facebook? Of course you do... One wrinkle: there’s now a list of everything you search for on FB.

 

In addition to your other activity, you’ll be able to see the searches you’re making on Facebook. Just as you can choose to delete any of your posts, you can use the same inline control on Activity Log to remove any of your searches at any time. It’s important to remember that no one else can see your Activity Log, including your search activity."

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Information Security
Scoop.it!

Just How Hackable is Your Digital Life?

Just How Hackable is Your Digital Life? | Higher Education & Privacy | Scoop.it

"When Wired News reporter Mat Honan had his digital life hacked and subsequently, virtually wiped outin August, the significant loss of data he endured wasn't the scariest part of the experience. Much more terrifying was the method by which hackers drilled into his digital accounts...

 

If a hacker wanted to ruin your life whether by identity theft or by a simple Honan-esque data wipehow difficult would that objective be to achieve? The answer is that it's likely a lot easier than you think.

Are you an easy target?"

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

In Europe, Facebook Agrees to Stop Facial Recognition

In Europe, Facebook Agrees to Stop Facial Recognition | Higher Education & Privacy | Scoop.it

Facebook Can ID Faces, but Using Them Grows Tricky

"The company promised European regulators that it would forgo using facial recognition software and delete the data used to identify Facebook users by their pictures.

 

The decision could have wide repercussions on how facial recognition technology — a particularly sensitive technological advance — is used globally as surveillance cameras are increasingly installed in public spaces."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Think Carefully Before Collecting Data

Think Carefully Before Collecting Data | Higher Education & Privacy | Scoop.it

"In this age of ever plummeting storage costs, some businesses are electing to "store it all" when it comes to consumer data. That is, businesses are storing data regardless of whether there is an actual need with the assumption that it might be of value in the future. This approach, however, can lead to liability from several sources.

 

First, cardholder information arising from credit card transactions is strictly controlled by the PCI Data Security Standards, as well as the card association rules. Storing and retaining more data than absolutely required by the transaction may run afoul of these requirements. Second, with the growing number of complex and conflicting state and federal (as well as international) laws and regulations governing personally identifiable data, businesses should be inclined to limit the data they collect to that which is required for the transaction, as opposed to retaining excess data that is not required. Possession of that data may, in and of itself, violate applicable law or simply increase the potential for liability because of the increased volume of data that must be secured."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

On Reverse Engineering Privacy Law

On Reverse Engineering Privacy Law | Higher Education & Privacy | Scoop.it

"Michael Birnhack, a professor at Tel Aviv University Faculty of Law, is one of the leading thinkers about privacy and data protection today (for some of his previous work see here and here and here; he’s also written a deep, thoughtful, innovative book in Hebrew about the theory of privacy. See here). In a new article, Reverse Engineering Informational Privacy Law, which is about to be published in the Yale Journal of Law & Technology, Birnhack sets out to unearth the technological underpinnings of the EU Data Protection Directive (DPD). The DPD, enacted in 1995 and currently undergoing a process of thorough review, is surely the most influential legal instrument concerning data privacy all over the world. It has been heralded by proponents as “technology neutral” – a recipe for longevity in a world marked by rapid technological change. Alas, Birnhack unveils the highly technology-specific fundamentals of the DPD, thereby putting into doubt its continued relevance.

 

The first part of Birnhack’s article analyzes what technological neutrality of a legal framework means and why it’s a sought after trait. He posits that the idea behind it is simple: “the law should not name, specify or describe a particular technology, but rather speak in broader terms that can encompass more than one technology and hopefully, would cover future technologies that are not yet known at the time of legislation.” One big advantage is flexibility (the law can apply to a broad, continuously shifting set of technologies); consider the continued viability of the tech-neutral Fourth Amendment versus the obviously archaic nature of the tech-specific ECPA . Another advantage is the promotion of innovation; tech-specific legislation can lock-in a specific technology thereby stifling innovation."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Privacy and Data Management on Mobile Devices [Pew Research Center Study]

Privacy and Data Management on Mobile Devices [Pew Research Center Study] | Higher Education & Privacy | Scoop.it

More than half of mobile application users have uninstalled or avoided certain apps due to concerns about the way personal information is shared or collected by the app, according to a nationally representative telephone survey conducted by the Pew Research Center’s Internet & American Life Project.

more...
No comment yet.
Rescooped by Higher Ed InfoSec Council from Higher Education & Information Security
Scoop.it!

California Raises the Bar on Social Media Privacy

California Raises the Bar on Social Media Privacy | Higher Education & Privacy | Scoop.it

"California residents can keep their passwords to themselves, in school and in the workplace, thanks to a bill passed by the state Assembly on Wednesday.

 

The Golden State became to the first to pass comprehensive social media privacy legislation, with support of a bill that protects employers, employees and job applicants from having or granting access to social media websites, the Recorder noted.

 

As Law Blog reported here, last week California passed a social privacy bill prohibiting colleges and universities from requesting access from students and applicants. Taken together, the laws make California the first state to issue protections for both schools and the workplace."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

How Facebook Design Is Tricking You Into Sharing Info

How Facebook Design Is Tricking You Into Sharing Info | Higher Education & Privacy | Scoop.it

"You already know that Facebook and privacy don't really get along, but many "improvements" to the service are making it easier and easier to share everything without even knowing. Avi Charkham rounded a bunch of these tricks up over at TechCrunch, and they're as subtle as they are sketchy.

 

Some of the changes seem to play on psychology, like swapping out the old pair of "Allow, Don't Allow" buttons for just one that says "Play game" that you either click, or don't. Others, are sort of flagrant once you've noticed them. One Charkham describes as the "The Tiny Hidden Info Symbol Trick" is of those ones."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Don't Build a Database of Ruin

Don't Build a Database of Ruin | Higher Education & Privacy | Scoop.it

"Many businesses today find themselves locked in an arms race with competitors to see who can convert customer secrets into the most pennies. To try to win, they are building perfect digital dossiers, to use a phrase coined by Daniel Solove, massive data stores containing hundreds, if not thousands or tens of thousands, of facts about every member of our society. In my work, I've argued that these databases will grow to connect every individual to at least one closely guarded secret. This might be a secret about a medical condition, family history, or personal preference. It is a secret that, if revealed, would cause more than embarrassment or shame; it would lead to serious, concrete, devastating harm. And these companies are combining their data stores, which will give rise to a single, massive database. I call this the Database of Ruin. Once we have created this database, it is unlikely we will ever be able to tear it apart."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Social Media Privacy For College Athletes? California Senate Says Yes

Social Media Privacy For College Athletes? California Senate Says Yes | Higher Education & Privacy | Scoop.it

"California's state Senate on Tuesday unanimously approved legislation to bar colleges and universities from requiring students to provide administrators with access to their social media usernames and passwords.

 

California is not the first state to pass legislation protecting social media privacy for students. In March, Maryland’s Senate passed a bill to prevent public colleges and universities in the state from requiring students including athletes to provide access to their social accounts.

 

The issue of whether students’ online social lives are completely private or subject to oversight from authority figures has particularly gained attention in recent months in the world of college sports. Some intercollegiate teams monitor their players’ online activity through the use of third-party software services that scan for flagged keywords — “agent,” “doobie” and “beer bong,” for example — then email coaches upon discovery."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

Sharing personal data anonymously with Crowd Blending Privacy

Sharing personal data anonymously with Crowd Blending Privacy | Higher Education & Privacy | Scoop.it

"A new mathematical technique developed at Cornell University could offer a way for large data sets of personal data to be shared and analyzed while guaranteeing that no individual’s privacy will be compromised....

 

The Cornell group proposes an alternative approach called crowd-blending privacy. This method involves limiting how a data set can be analyzed to ensure that any individual record is indistinguishable from a sizeable crowd of other records and removing a record from the analysis if this cannot be guaranteed."

more...
No comment yet.
Scooped by Higher Ed InfoSec Council
Scoop.it!

New Facebook app Facedeals scans your face to offer you deals

New Facebook app Facedeals scans your face to offer you deals | Higher Education & Privacy | Scoop.it

"Everyone loves a discount, especially if you get the money-off code sent straight to your phone without having to do anything. Well, that is, apart from allowing your face to be scanned.

 

Facedeals works like this: a camera is installed in a business, let's say a shop. The Facedeals camera scans your face when you enter the shop, checks you in on Facebook and sends your phone a text message offering you a discount or deal tailored to you, based on your Facebook 'like' history.

 

You'll need to install and authorise the app on Facebook first and let it map your face by scanning through your most recently tagged photos, but anything for a discount, right?"

more...
No comment yet.