The First HIPAA Civil Monetary Penalty

Americans have a legal right to access their medical records under HIPAA, the nation’s foremost health care privacy law, but health care companies and providers don’t always honor patient requests for access. Throughout HIPAA’s history, only a handful of health care companies have been publicly sanctioned for failing to comply with HIPAA privacy and patient access requirements….

Read More

CDT President Talks Internet Freedom with State Department

Last Friday, CDT President Leslie Harris was the guest on "Conversations with America," a series in which the U.S. State Department's senior leadership hosts live conversations with leaders of prominent non-government organizations. Ms. Harris spoke with Assistant Secretary of State Michael Posner about the Department's global Internet freedom strategy. The discussion was moderated by State Department Spokesman P.J. Crowley….

Read More

PrivacyAppCamp Developers: Make Privacy Easy

The developer community has a pretty straightforward need when it comes to including privacy in apps: Make It Easy.  Recently, CDT hosted PrivacyAppCamp at Google's Mountain View, CA campus. PrivacyCamp is an open format event designed to encourage conversation about tough challenges facing consumer privacy. This one focused on privacy issues associated with applications for both mobile and Web platforms….

Read More

Congress Versus the Open Internet, Part Two

Yesterday, while the Senate Judiciary Committee was contemplating COICA’s risky architectural remedies to thwart online intellectual property infringement (see David Sohn’s thoughts here), the House Energy and Commerce Subcommittee on Communications and Technology held a major hearing to question the wisdom of the FCC’s Internet openness rules. And question the rules opponents did: For…

Read More

An Object Lesson in Overblocking

One of our primary concerns with seizing and blocking entire domains to combat illegal content is the risk that doing so can impact much more than just the bad stuff, including protected lawful speech. Now it seems ICE may have proved our point. Torrentfreak reported that a seized domain (, owned by dynamic DNS provider

Read More

Cyberspace is not a War Zone

“Cyberwar” it’s an all-to-easy hook to reach for when looking to describe high profile electronic assaults against U.S. property, either public or private.   Refrains echo from Congress, the Pentagon and corporate boardrooms about the need to prepare for the “battlefield” for a cyberwar that many believe is already at hand. “We disagree,” says an Op-Ed in Wired’s Threat…

Read More

COICA and the Internet “Ecosystem”

The Senate Judiciary Committee today held a hearing on the Combating Online Infringement and Counterfeits Act (COICA) and the problem of online intellectual property infringement. CDT submitted a written statement expressing our serious concerns with the legislation proposed last year. Watching the hearing, though, there were so many references to the “ecosystem” that…

Read More

Privacy and Security Are Not a Zero Sum Game

The United States faces significant cybersecurity threats from state actors, from private actors motivated by financial greed, and from terrorists. Today, the House Armed Services Subcommittee on Emerging Threats and Capabilities held its first hearing on cybersecurity in this Congress. This is an important subcommittee to watch. House Speaker John Boehner (R-OH) tasked its Chairman, Mac Thornberry (R-TX),…

Read More