Security News
NIST has released a Privacy Framework to help you get your house in order. The brand new Privacy Framework 1.0 is the equivalent document for protecting peoples' personal privacy.
The National Institute of Standards and Technology last week announced version 1.0 of its Privacy Framework, a tool designed to help organizations manage privacy risks. NIST published a preliminary draft of the Privacy Framework in September 2019, when it requested public feedback.
The publication also provides clarification about privacy risk management concepts and the relationship between the Privacy Framework and NIST's Cybersecurity Framework. The NIST Privacy Framework is not a law or regulation, but rather a voluntary tool that can help organizations manage privacy risk arising from their products and services, as well as demonstrate compliance with laws that may affect them, such as the California Consumer Privacy Act and the European Union's General Data Protection Regulation.
Osano, a company building the first platform for data privacy transparency, has automated the compliance process for the California Consumer Privacy Act. By automating data privacy for businesses, Osano relieves the cognitive overhead on businesses and sets them up for a productive decade ahead. Activated January 1, 2020, the CCPA enables California residents to demand the sharing or deletion of data held by businesses that meet certain revenue, data-sharing or sales thresholds.
They believe CES, an annual lovefest for gadgets and innovation, should have focused less on hype and more on the security and privacy implications of new surveillance features unveiled at the show. Among a bevy of surveillance cameras in the CES spotlight was a mass-market Blurams smart doorbell that uses AI and facial recognition to send a text-based alert to homeowners about who is at the door - be it a recognizable face or a delivery person.
TechRepublic's Karen Roby talked to Steven Cardwell, vice president of program marketing at HBO, at CES 2020 about its Westworld display and the importance of data privacy. Just given the conversation happening right now at CES, predominantly around data privacy, we thought this was a really great way to integrate into the conversation to not only talk about data privacy, but actually make people experience what it feels like when a company such as Incite actually has the power perhaps for good or bad. SEE: CES 2020: The big trends for business.
For much of Android's existence, Google has adopted a relatively hands-off approach that lets manufacturers ship units with pre-installed bloatware which, in many cases, cannot be easily removed. "Android Partners - who use the Android trademark and branding - are manufacturing devices that contain pre-installed apps that cannot be deleted, which can leave users vulnerable to their data being collected, shared and exposed without their knowledge or consent," the letter states.
These pre-installed apps can have privileged custom permissions that let them operate outside the Android security model. This means permissions can be defined by the app - including access to the microphone, camera and location - without triggering the standard Android security prompts.
A Westworld-themed experience gave CES attendees a creepy glimpse into tech consequences of the future.
Six months after Facebook agreed to a landmark privacy settlement with the U.S. Federal Trade Commission that included a record $5 billion fine, a federal judge is still considering objections from advocacy groups that claim the deal doesn't go far enough. Judge Timothy J. Kelly has given Facebook and the FTC until Jan. 24 to respond to objections raised by several privacy and consumer advocacy groups, including the Electronic Privacy Information Center, which raised concerns about whether the settlement does enough to protect users' data and address privacy concerns, according to court documents filed in the case.