Archive for the ‘privacy and security’ Category

The Internet Economy – Regulatory Challenges and Practices

November 20, 2014 Comments off

The Internet Economy – Regulatory Challenges and Practices
Source: OECD

The Internet has become an integral part of the everyday life of households, firms and governments. Its proper functioning over the long run is therefore crucial for economic growth and people’s wellbeing more generally. The success of the Internet depends on its openness and the confidence of users. Designing policies that protect society while allowing for Internet’s great economic potential to be fulfilled, is a difficult task. This paper investigates this challenge and takes stock of existing regulations in OECD and selected non-OECD countries in specific areas related to the digital economy. It finds that despite the regulatory difficulties, the Internet is far from being a “regulation-free” space as there are various industry standards, co-regulatory agreements between industry and the government, and in some cases also state regulation. Most of them aim at protecting personal data and consumers more generally. In many cases generally applicable laws and regulations exist that address privacy, security and consumer protection issues both in the traditional and the digital economy.

About these ads

New From the GAO

November 19, 2014 Comments off

New From the GAO
Source: Government Accountability Office


1. Labor Relations Activities: Actions Needed to Improve Tracking and Reporting of the Use and Cost of Official Time. GAO-15-9, October 23.
Highlights -

2. Health Care Transparency: Actions Needed to Improve Cost and Quality Information for Consumers. GAO-15-11, October 20.
Highlights -
Podcast -

3. Sex Offender Registration and Notification Act: Additional Outreach and Notification of Tribes about Offenders Who Are Released from Prison Needed. GAO-15-23, November 18.
Highlights -

4. Overseas Military Construction: Observations on U.S. Contractor Preference. GAO-15-45, November 18.
Highlights -

5. Public Transportation: Multiple Factors Influence Extent of Transit-Oriented Development. GAO-15-70, November 18.
Highlights -

6. Highway Projects: Many Federal and State Environmental Review Requirements Are Similar, and Little Duplication of Effort Occurs. GAO-15-71, November 18.
Highlights -

7. Human Trafficking: Oversight of Contractors’ Use of Foreign Workers in High-Risk Environments Needs to Be Strengthened. GAO-15-102, November 18.
Highlights -

Related Product

1. Sex Offender registration and Notification Act: Survey of Federally Recognized Tribes on Implementation of the Act (GAO-15-30SP, November 18, 2014), an E-supplement to GAO-15-23. GAO-15-30SP, November 18.


1. Information Security: Additional Actions Needed to Address Vulnerabilities That Put VA Data at Risk, by Gregory C. Wilshusen, director, information security issues, before the House Committee on Veterans’ Affairs. GAO-15-220T, November 18.
Highlights -

Drones and Aerial Surveillance: Considerations for Lawmakers

November 18, 2014 Comments off

Drones and Aerial Surveillance: Considerations for Lawmakers
Source: Brookings Institution

The looming prospect of expanded use of unmanned aerial vehicles, colloquially known as drones, has raised understandable concerns for lawmakers.[1] Those concerns have led some to call for legislation mandating that nearly all uses of drones be prohibited unless the government has first obtained a warrant. Privacy advocates have mounted a lobbying campaign that has succeeded in convincing thirteen states to enact laws regulating the use of drones by law enforcement, with eleven of those thirteen states requiring a warrant before the government may use a drone.[2] The campaigns mounted by privacy advocates oftentimes make a compelling case about the threat of pervasive surveillance, but the legislation is rarely tailored in such a way to prevent the harm that advocates fear. In fact, in every state where legislation was passed, the new laws are focused on the technology (drones) not the harm (pervasive surveillance). In many cases, this technology centric approach creates perverse results, allowing the use of extremely sophisticated pervasive surveillance technologies from manned aircraft, while disallowing benign uses of drones for mundane tasks like accident and crime scene documentation, or monitoring of industrial pollution and other environmental harms.

New From the GAO

November 17, 2014 Comments off

New From the GAO
Source: Government Accountability Office


1. VA Health Care: Actions Needed To Ensure Adequate And Qualified Nurse Staffing. GAO-15-61, October 16.
Highlights –

2. NOAA’s Observing Systems: Additional Steps Needed to Achieve an Integrated, Cost-Effective Portfolio. GAO-15-96, November 17.
Highlights –

3. Information Security: VA Needs to Address Identified Vulnerabilities. GAO-15-117, November 13.
Highlights –

4. Financial Audit: Bureau of Consumer Financial Protection’s Fiscal Years 2014 and 2013 Financial Statements. GAO-15-146R, November 17.

5. Financial Audit: Federal Housing Finance Agency’s Fiscal Years 2014 and 2013 Financial Statements. GAO-15-147R, November 17.

6. Financial Audit: Securities and Exchange Commission’s Fiscal Years 2014 and 2013 Financial Statements. GAO-15-166R, November 17.

Special Publication

1. GAO Performance and Accountability Report Fiscal Year 2014. GAO-15-1SP, November 17.

Americans Consider Certain Kinds of Data to be More Sensitive than Others

November 12, 2014 Comments off

Americans Consider Certain Kinds of Data to be More Sensitive than Others
Source: Pew Research Internet Project

Different kinds of information evoke varying levels of sensitivity among Americans. Social security numbers are universally considered to be the most sensitive piece of personal information, while media tastes and purchasing habits are among the least sensitive categories of data. In general, about half of respondents view the content of phone conversations, email messages and text messages as “very sensitive,” and one in four see that data as “somewhat sensitive.”

There are various demographic patterns that are echoed across many of the responses:

  • Those who have higher levels of income and education report greater sensitivity for nearly every kind of data included in the survey.
  • Those who have heard a lot about government surveillance programs and those who have searched for information connected to their names online report higher sensitivity levels for most categories of information. These differences are especially notable when looking at the sensitivity of phone conversations and email messages.

Drones: The Insurance Industry’s Next Game-Changer?

November 10, 2014 Comments off

Drones: The Insurance Industry’s Next Game-Changer? (PDF)
Source: Cognizant
The Association for Unmanned Vehicle Systems International predicts that within 10 years (from 2015 to 2025) drones will create approximately 100,000 new jobs and around US$82 billio1 in economic activity. Equipped with new capabilities such as integrated audio and text with real-time video feeds and the ability to overlay images over existing footage through augmented reality, next-generation drones could have significant commercial value for businesses across industry segments.

Commercial and personal-lines insurers that cover property risks are likely to be early adopters of drone technology. For example, a property adjuster or risk engineer could use a drone to capture details of a location or building, and obtain useful insights during claims processing or risk assessments. Drones could also be deployed to enable faster and more effective resolution of claims during catastrophes.

While challenges on the regulatory front, privacy concerns and a lack of certain capabilities could stall widespread use of drones in the near future, once these obstacles are overcome, drones could have a significant impact on the P&C insurance industry.

An Administrator’s Guide to Internet Password Research

November 7, 2014 Comments off

An Administrator’s Guide to Internet Password Research
Source: Microsoft Research

The research literature on passwords is rich but little of it directly aids those charged with securing web-facing services or setting policies. With a view to improving this situation we examine questions of implementation choices, policy and administration using a combination of literature survey and first-principles reasoning to identify what works, what does not work, and what remains unknown. Some of our results are surprising. We find that offline attacks, the justification for great demands of user effort, occur in much more limited circumstances than is generally believed (and in only a minority of recently-reported breaches). We find that an enormous gap exists between the effort needed to withstand online and offline attacks, with probable safety occurring when a password can survive 106 and 1014 guesses respectively. In this gap, eight orders of magnitude wide, there is little return on user effort: exceeding the online threshold but falling short of the offline one represents wasted effort. We find that guessing resistance above the online threshold is also wasted at sites that store passwords in plaintext or reversibly encrypted: there is no attack scenario where the extra effort protects the account.


Get every new post delivered to your Inbox.

Join 958 other followers