EU Proposes End-to-End Encryption and Other Security Measures.

Last week, the European Parliament’s Committee on Civil Liberties, Justice, and Home Affairs released a draft proposal that would require the use of end-to-end encryption. It would also strike legal attempts to force backdoors in encryption software or weaken the security of services given by communications providers. Amendment 36 Service providers who offer electronic communications […] read more

Sextortion Case Treads A Well-Worn Path: Are Passwords Protected Under the Fifth?.

A case of “sextortion” – blackmailing someone over naked footage (digital footage, more specifically, to reflect the times we live in) – between Instagram celebs has again dredged up the decidedly non-superfluous legal quagmire that’s been repeatedly visited since at least 2009: Is forcing a defendant to spit out his or her password a violation […] read more

Tennessee Updates Law That Required Notification For Encrypted Personal Data Loss.

In 2016, Tennessee created something of a legal furor when it became the first state to require data breach notifications (DBN) even if the lost or stolen data was protected with encryption. Earlier this month, a new law took effect that “clarifies [this] confusion” for companies: they are not required to send DBNs if the […] read more

Children’s Medical Center of Dallas Pays $3.2 Million To Settle HIPAA Violations.

The Children’s Medical Center of Dallas (Children’s) recently settled with the US Department of Health and Human Services (HHS) over multiple failures to encrypt sensitive data in mobile devices. The settlement – $3.2 million dollars – is quite the figure, as is the timeline involved: It looks like an investigation could have been started as […] read more

iPhone Encryption: FL Appeals Judge Says “OK” to Compel Password.

A new iPhone encryption case is making the headlines. Unlike many of the controversial ones to date, I think it can safely be said that in this case, the courts were right in compelling the suspect to unlock his smartphone.   Up-Skirt Videos A voyeur – we’ll call him John Doe, although his name was […] read more

Frequent Password Changes Not A Secure Data Security Practice.

According to the Federal Trade Commission’s Chief Technologist, forcing users to frequently change their password can be counterproductive when it comes to fighting data breaches. Mind you, it’s not the frequency itself that leads to security weaknesses. Rather, it’s what happens at the weakest link in most security systems — individual behavior — that leads […] read more

Russia Most Likely To Require Encryption Backdoors.

Russia’s lower legislative house, the Duma, recently passed a bill that requires messaging apps to provide a backdoor to the country’s secret service. The aim, of course, is to ultimately find a way around encryption.   Anti-Terrorism Laws According to multiple news sources, the bill was sponsored by a Senator who said she is deeply […] read more

Time Limits on Smartphones’ Biometric Access: What Is That All About?.

A lot of ink has been spilled over the past couple of weeks on Apple’s Touch ID. First, it was noted that a Los Angeles court ordered a woman to unlock an iPhone by providing her fingerprint. Soon after, it was revealed that Apple appeared to have changed Touch ID’s settings so that it would […] read more