Privacy Shield

The ways American companies and the United States government can collect, process, transfer, and store European citizens’ private data are changing. In 2015, European Union courts invalidated the US/EU privacy “Safe Harbor,” invalidating the decade-old information sharing agreement. American businesses, European citizens, and privacy advocates all over the globe have closely watched the development of Safe Harbor’s replacement policy. In the summer of 2016, Privacy Shield came to fruition and is enforced as of August 2016. This article takes a look at what Privacy Shield is and how it came to be.

Safe Harbor

Unlike in Europe, the United States does not [...]

Share

Data Obfuscation: Proceed with Caution

There are many methods of guarding private data, and oftentimes companies still need to preserve the data’s utility while doing so. This is especially crucial for enterprises that process data for business without the complexity and time it takes for cryptographics. IT professionals should be aware, in hiding data from view, they may be creating a completely different set of problems.

Data masking and obfuscation allow some parts of sensitive data to remain seen while hiding the entire value. The most widely seen use of masking shortens a Social Security number to the last four digits. Masking also takes place when [...]

Share

Privacy and Pokémon Go App

Pikachu has the ability to take a peek at you. Just days after its release, the app had more users than Facebook, Snapchat, and Tinder, and boosted Nintendo’s market value by $7.5 billion with shares up 120%. The game isn’t without controversies: the game contributed to an armed robbery, reckless driving, and pedestrian carelessness. But privacy concerns are grabbing the headlines. It turns out, the game has an incredibly broad access to user data which far exceeds what’s needed to play the game. Are Pokémon players getting played?

A Pokémon Primer

The wildly popular game which launched in July 2016, puts users [...]

Share

Update: Alleged Clinton Email Hacker Strikes Deal with the Feds

A previous CIPPGuide.org article addressed the ongoing investigation into former US Secretary of State and potential Democratic Party Presidential Nominee Hillary Clinton’s use of a private email account and server. A Romanian hacker known as Guccifer, 44-year-old Marcel Lehel Lazar, has since stepped forward claiming he accessed Clinton’s server and emails.

Lazar was charged with two cybercrimes separate from Clinton: unauthorized computer access and identity theft. Former Secretary of State Colin Powel and previous Clinton adviser Sidney Blumenthal are the victims. Lazar accepted a plea deal in exchange for cooperating with the FBI in the future. The future may be now, [...]

Share

Phishing and Whaling

Phishing for Information

Phishing scams are an attempt to acquire personal and sensitive information such as credit-cards, usernames and passwords, or identification/account details, from individuals or businesses. Also known as Business E-Mail Compromise (BEC), these attacks are most often realized with the use of email spoofing or online instant messaging. Such scams are usually carried out by tech savvy hackers as part of an increasingly important social engineering aspect of breaches. Comprising 30% the practice of impersonations and identity fraud often constitutes the proverbial “pointy end of the spear”. A phishing scheme will masquerade as a request for information from a [...]

Share