Archives

Welcome!

The CIPP Guide provides reliable and accurate information to the privacy professional arena. We hope individuals seeking the Certified Information Privacy Professional designation will find further substance specifically targeted at their CIPP pursuit.
Please review the user agreement for the forums and testing services.  CIPP Guide requires registration before use of the testing services.  We hope you find this service useful, and good luck on the exam!

Share

Privacy and Pokémon Go App

Pikachu has the ability to take a peek at you. Just days after its release, the app had more users than Facebook, Snapchat, and Tinder, and boosted Nintendo’s market value by $7.5 billion with shares up 120%. The game isn’t without controversies: the game contributed to an armed robbery, reckless driving, and pedestrian carelessness. But privacy concerns are grabbing the headlines. It turns out, the game has an incredibly broad access to user data which far exceeds what’s needed to play the game. Are Pokémon players getting played?

A Pokémon Primer

The wildly popular game which launched in July 2016, puts users [...]

Share

Update: Alleged Clinton Email Hacker Strikes Deal with the Feds

A previous CIPPGuide.org article addressed the ongoing investigation into former US Secretary of State and potential Democratic Party Presidential Nominee Hillary Clinton’s use of a private email account and server. A Romanian hacker known as Guccifer, 44-year-old Marcel Lehel Lazar, has since stepped forward claiming he accessed Clinton’s server and emails.

Lazar was charged with two cybercrimes separate from Clinton: unauthorized computer access and identity theft. Former Secretary of State Colin Powel and previous Clinton adviser Sidney Blumenthal are the victims. Lazar accepted a plea deal in exchange for cooperating with the FBI in the future. The future may be now, [...]

Share

Phishing and Whaling

Phishing for Information

Phishing scams are an attempt to acquire personal and sensitive information such as credit-cards, usernames and passwords, or identification/account details, from individuals or businesses. Also known as Business E-Mail Compromise (BEC), these attacks are most often realized with the use of email spoofing or online instant messaging. Such scams are usually carried out by tech savvy hackers as part of an increasingly important social engineering aspect of breaches. Comprising 30% the practice of impersonations and identity fraud often constitutes the proverbial “pointy end of the spear”. A phishing scheme will masquerade as a request for information from a [...]

Share

Clinton e-Mail Scandal: Who Cares?

In March 2015, the American public first heard about Hillary Clinton and a personal email account possibly used for government work. Quickly, the story unraveled, and is still in the headlines one year later. Mrs. Clinton, while serving from 2009-2013 as the US Secretary of State, used a personal email address to conduct government business. Not only that, the server was physically located in her home, hosting her domain clintonemail.com. The discovery came during a House committee investigation of the 2012 attack on the US Consulate in Benghazi, Libya. Islamist militants organized that attack, killing Ambassador J. Christopher Stevens and three [...]

Share

The Concept and Process of Privacy by Design and Privacy by Redesign

Dr Ann Cavoukian, considered as one of the pioneer privacy experts on the globe, is famously recognized for the concept she initially introduced, ‘Privacy by Design’. Twenty years passed since it was first introduced, with the expectation that Privacy should be offered by default, from the beginning, and should not be added later on demand or as an afterthought. She presented the foundational principles in her paper Privacy by Design,where she offered guidance and clarification, presenting a reference framework of the idea to system designers. Cavoukian propagated the idea that system designers should be encouraged to embed privacy proactively in [...]

Share