Archives

Protect America Act

The Protect America Act¬†(PAA). Another perfect example of how government regulations and piece meal privacy protections affect the American populous. And most of us don’t even know it. People check their credit scores, and deal with the occasional letter from their bank or TJX telling them their personally identifiable information was compromised. Sometimes a newspaper prints an article surrounding the warrant violations, or a case is sensationalized on Law and Order. Until now, the Internet was a safer haven.

One of the things that’s come up during my CIPP preparation is the European Union’s approach to personal privacy (European Data Protection Directive). They use what’s called a blanket comprehensive privacy law. Your information is private; if you choose to share that information, it is with that single entity. There are no third party marketing firms or fine print in your Mastercard cardmember agreements. And there certainly aren’t the sorts of lax definitions found in the PAA.

This all came to light with a recent paper on the PAA, “Risking Communications Security: Potential Hazards of the Protect America Act“:

The Protect America Act (Public Law No. 110-55)dropped the warrant requirement for communications (over any medium) of US persons located in the United States with persons ‚Äúreasonably believed to be located outside the United States”.

That’s pretty broad, and could easily translate to friend of a friend types of communications (forwards, distribution lists, etc…) where through no fault of your own you become a person of interest. Because of the nature of networks and the Internet, you have to capture a whole lot of data to grab the interesting bits. Where do you store all that information, and how do you secure it? Policy protections should limit internal snooping, but they can only control insider access of those who want to play within the rules. And if you’ve done any reading, estimates have some 80% of all stolen information comes from the inside! Oops, that was your privacy slipping out the back door…

Share

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>