I’ve been working on compiling some annual statistics for 2017 for Protenus. This will be their second year of publishing an annual report for U.S. breaches involving health data, and I think readers will find some surprises in the statistics. Sometimes numbers do not match our impressions. But as I was working on entering and…
Category: Commentaries and Analyses
Biometrics Won’t Solve Our Data-Security Crisis
Eduard Goodman of CyberScout writes: The history of proving one’s identity with official documentation dates back 600 years to the realm of King Henry V in England. Prior to that, your name and local reputation was pretty much all you needed to prove who you were. The Safe Conducts Act of 1414 created the first…
Humanitarian data breaches: the real scandal is our collective inaction
Nathaniel A. Raymond, Daniel P. Scarnecchia, and Stuart R. Campo write: The news that a platform used by at least 11 major operational NGOs and UN agencies may be relatively easy to breach, potentially exposing the personal, location, and demographic data of tens of thousands of highly vulnerable people, is deeply disturbing but not surprising….
Superseding indictment filed in Justin Shafer case
As anticipated, federal prosecutors have filed a superseding indictment in their case against dental integrator and vulnerability researcher Justin Shafer. For those in a rush, the TL;DR version is that they have basically transformed a bullshit two-count indictment into a bullshit three-count indictment. [For the benefit of law enforcement in Texas, that preceding sentence is…
When Employees Go Rogue: Are Employers Vicariously Liable for the Privacy Breaches of Their Employees?
Sara D.N. Babich of McCarthy Tétrault LLP has a commentary on employer liability for employee wrongdoing under Canadian law. Her analysis includes discussion of the recent UK decision in the Morrisons data breach case. Here’s how Babich’s article begins: Although there has not yet been a definitive answer to this question in Canada, based on recent…
Inside the Stanford Breach: Sexual Assault, Disciplinary and Financial Data Exposed
A series of cybersecurity vulnerabilities at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations, disciplinary actions and more. The details of what happened—and why it should be an object lesson for higher education. A special three-part blog series. Craig A. Newman of Patterson Belknap writes: Part 1 In three separate…