Archives

Welcome!

The CIPP Guide provides reliable and accurate information to the privacy professional arena. We hope individuals seeking the Certified Information Privacy Professional designation will find further substance specifically targeted at their CIPP pursuit.
Please review the user agreement for the forums and testing services.  CIPP Guide requires registration before use of the testing services.  We hope you find this service useful, and good luck on the exam!

Share

Data Obfuscation: Proceed with Caution

There are many methods of guarding private data, and oftentimes companies still need to preserve the data’s utility while doing so. This is especially crucial for enterprises that process data for business without the complexity and time it takes for cryptographics. IT professionals should be aware, in hiding data from view, they may be creating a completely different set of problems.

Data masking and obfuscation allow some parts of sensitive data to remain seen while hiding the entire value. The most widely seen use of masking shortens a Social Security number to the last four digits. Masking also takes place when [...]

Share

Privacy and Pokémon Go App

Pikachu has the ability to take a peek at you. Just days after its release, the app had more users than Facebook, Snapchat, and Tinder, and boosted Nintendo’s market value by $7.5 billion with shares up 120%. The game isn’t without controversies: the game contributed to an armed robbery, reckless driving, and pedestrian carelessness. But privacy concerns are grabbing the headlines. It turns out, the game has an incredibly broad access to user data which far exceeds what’s needed to play the game. Are Pokémon players getting played?

A Pokémon Primer

The wildly popular game which launched in July 2016, puts users [...]

Share

Update: Alleged Clinton Email Hacker Strikes Deal with the Feds

A previous CIPPGuide.org article addressed the ongoing investigation into former US Secretary of State and potential Democratic Party Presidential Nominee Hillary Clinton’s use of a private email account and server. A Romanian hacker known as Guccifer, 44-year-old Marcel Lehel Lazar, has since stepped forward claiming he accessed Clinton’s server and emails.

Lazar was charged with two cybercrimes separate from Clinton: unauthorized computer access and identity theft. Former Secretary of State Colin Powel and previous Clinton adviser Sidney Blumenthal are the victims. Lazar accepted a plea deal in exchange for cooperating with the FBI in the future. The future may be now, [...]

Share

Phishing and Whaling

Phishing for Information

Phishing scams are an attempt to acquire personal and sensitive information such as credit-cards, usernames and passwords, or identification/account details, from individuals or businesses. Also known as Business E-Mail Compromise (BEC), these attacks are most often realized with the use of email spoofing or online instant messaging. Such scams are usually carried out by tech savvy hackers as part of an increasingly important social engineering aspect of breaches. Comprising 30% the practice of impersonations and identity fraud often constitutes the proverbial “pointy end of the spear”. A phishing scheme will masquerade as a request for information from a [...]

Share

Clinton e-Mail Scandal: Who Cares?

In March 2015, the American public first heard about Hillary Clinton and a personal email account possibly used for government work. Quickly, the story unraveled, and is still in the headlines one year later. Mrs. Clinton, while serving from 2009-2013 as the US Secretary of State, used a personal email address to conduct government business. Not only that, the server was physically located in her home, hosting her domain clintonemail.com. The discovery came during a House committee investigation of the 2012 attack on the US Consulate in Benghazi, Libya. Islamist militants organized that attack, killing Ambassador J. Christopher Stevens and three [...]

Share