Nick Bilton reports: Sony has declined to testify at a Congressional hearing on Wednesday, “The Threat of Data Theft to American Consumers,” that seeks to understand how consumers’ private data is protected by corporations. […] The subcommittee sent a letter to Sony on Friday asking the company to answer a number of questions related to the…
Category: Commentaries and Analyses
Customers Stay Despite High-Profile Data Breaches
Jordan Robertson of Associated Press writes: Week after week, thieves break into corporate computer systems to steal customer lists, email addresses and credit card numbers. Large data breaches get overshadowed by even larger ones. Yet people are turning over personal information to online retailers, social networks and other services in growing numbers. The point at…
Ninth Circuit Holds That Violating Any Employer Restriction on Computer Use “Exceeds Authorized Access” (Making It a Federal Crime)
Orin Kerr writes: I had though the world was safe from the nuttiness of the Justice Department’s broad theories of the Computer Fraud and Abuse Act in the Lori Drew case. Not so. Readers may recall I once blogged about a similar case, United States v. Nosal, that raised similar issues in the context of an employee…
Defending the Digital Gates: Universities and Cyber Security
Kevin Lizarazo writes: More than a year and a half ago, in a computer lab in Stony Brook University, Peter Yeh and his friend sat down at their terminals with one goal: to hack into a computer system. The target was the school’s SOLAR System, a web-based service for students and faculty to manage their…
Sony answers some questions, while more inquiries pile on
Sony has posted a Q&A #1 for PlayStation Network and Qriocity Services, responding to some of the concerns raised about their recent breach. Of note, they say that all of the credit card data were encrypted, although they acknowledge that the personal data table was not encrypted. More will come out in time, of course….
Data breach fines can risk more harm than good, experts say
George V. Hulme writes: Are regulatory and security breach fines protecting the consumer, or beginning to unduly drive security policy? As penalties begin to be levied against organizations who have been attacked, or employees violated data policy, some experts now question whether the government is penalizing one of the victims in a crime, rather than…