HHS’ New Harm Standard for Breach Notification

In late August, the Dept. of Health and Human Services (HHS) released an interim final rule on health data breach notification. Through the rule, HHS establishes data security standards that HHS believes are strong enough to eliminate the need to notify consumers of a data breach. That is, if a health care…

Read More

Digital Signage and Consumer Privacy

The digital signage industry is rapidly becoming aware of the privacy issues raised by interactivity and audience measurement techniques. There is, however, no industry-wide consensus about how to address those concerns. Some industry figures agree that privacy guidelines need to be adopted if audience measurement and other digital signage applications are to progress. Others, though, have referred…

Read More

Facebook Taking Steps to Increase User Data Privacy

Facebook took major steps today in protecting user privacy by announcing significant changes to the way third-party applications can access user data. Whereas developers previously had access to all profile data on a user, the new system will require applications to specify categories of information they wish to access and obtain express consent before data is shared….

Read More

New York Times Discusses Government Website Privacy

Yesterday, the New York Times published an editorial on the revising the tracking policy on federal government web sites. This piece aligns closely with recommendations CDT and EFF made recently about updating the “cookie” policy to provide both transparency and privacy protection. As mentioned in a blog post from EFF’s Tim Jones, this piece…

Read More

Deconstructing Green Dam

Last week, China’s Minister of Industry and Information Technology announced that pre-installation of the Green Dam/Youth Escort filtering software on computers sold in China would no longer be mandatory. Officials had previously only delayed implementation of the program. However, the software will still be installed in schools, Internet cafes, and other public venues. And, of course, Chinese authorities still…

Read More

HHS Issues Breach Notification Rule on Heels of FTC Rule

On Wednesday, the U.S. Dept. of Health and Human Services (HHS) released its interim final rule on health data breach notification. The interim rule establishes, among other things, technological standards regarding how to secure health information strongly enough to obviate the need to notify consumers of a data breach. The public has 60 days to comment…

Read More

Privacy in the Age of Big Data

For some years now, when speaking about privacy, I have often told my audience: “Everyone in this room, whether they know it or not, is carrying a tracking device.” I was referring to their cellphones. Every few seconds, whenever it is turned on, a cellphone sends out a signal registering its location — and its…

Read More

Both Hands in the Cookie Jar

The federal government has recently announced its intention to revise the current policy governing how federal agency web sites use cookies and other tracking technologies on the web. This is a really significant development for those interested in technology, open government, and privacy, because it has the potential to change the way that federal agencies interact with citizens…

Read More