A few days ago, CAUCE published a blog post entitled "Epsilon Interactive breach the Fukushima of the Email Industry" on our site, and the always-excellent CircleID. A small coterie of commenters was upset by the hyperbolic nature of the headline. Fair enough, an analogy usually has a high degree of probability that it will fail, and clearly, no one has died as a result of the release of what appears to be tens of millions of people's names and email addresses. But, the two situations are analogous in many other ways, and here's why. more
Back in August, FTC chair Jon Leibowitz suggested an Internet do-not-track registry, analogous to the telephone do-not-call registry. At the time, I thought it wasn't a good idea for both technical and non-technical reasons. This week, the FTC published an online privacy report recommending the same thing, and Rep. Ed Markey promises to offer a bill next year to mandate do-not-track for children. With all this interest, might it be a good idea now? Maybe. more
I read, with some small amount of discomfort, an article by Bill Brenner on CSO Online, wherein he interviewed several other CSOs and other "Security Execs" on their opinions on the firing of Pennsylvania CISO Robert Maley. For those who haven't heard about this, Mr. Maley was fired for talking about a security incident during the recent RSA conference without approval from his bosses. more
Google announced Friday that it would now be "personalizing" all searches, not just those for signed-in users. If your browser has a Google cookie, unless you've explicitly opted out, your search results will be customized based on search history. Danny Sullivan, at Search Engine Land, wonders why more people aren't paying attention. more
Well amazingly, it's that time again. Next week, individuals from around the world with a keen interest in Internet policy will head to Panama City, Panama for the second ICANN meeting of the year. As always, Brandsight will be attending to follow all of the important policy work being carried out by the community. Before I head off to the meeting (which based on my research will actually be my 32nd ICANN meeting!), I'd like to share a preview of the major topics slated for discussion. more
Privacy issues have been important to parts of the ICANN community for many years. I can attest to that fact as a long time veteran of Whois debates as far back as 1998 when I was with the U.S. Federal Trade Commission. However, they have started to receive the general ICANN community visibility only relatively recently. These efforts must continue in order to protect rights, to avoid increasing potential conflicts between ICANN rules and applicable laws, and to generally maintain trust in the Internet as a place to be. more
A recent exchange on CircleID highlighted a critical need for data to inform the debate on the impact of ICANN's post-GDPR WHOIS policy that resulted in the redaction of domain name registrant contact data. A bit of background: in my original post, I made the point that domain name abuse had increased post-GDPR. A reader who works with a registrar (according to his bio) commented: "Can you back up that statement with data? Our abuse desk has actually seen a reduction in abuse complaints." more
As businesses adjust to the "new normal" in the ongoing COVID-19 pandemic, it is important to quickly take stock of where your organization stands on privacy and security risk. Even in these unusual circumstances, organizations of all sizes and sophistication continue to be expected to act with reasonable care and comply with their public commitments and regulatory obligations. Enterprises may be finding different or better ways to operate, collaborate, and service customers. more
I have a hypothesis: The Bush administration came to power in December 2000. American telcos were on the precipice about to go into Free fall. We have seen how Bush politicized the Justice Department and are much more aware thanks to John Dean's Broken Government and Charlie Savage's Take Over of the intense desire to aggregate executive power to feed the Addingtons belief in the Unitary Executive. We now know that Cheney was meeting with the energy industry in early 2001 promising them whatever they wanted. We may begin to ask what the domestic telecoms industry was being promised? more
On 8th February, 2015, Internet users celebrated news that the Telecom Regulatory Authority of India had passed regulation prohibiting ISPs from discriminating access to data services based on content". This directive follows similar developments in the U.S, E.U, Chile et al, and is a huge milestone in the fight for Net Neutrality: the principle that ISPs should treat all Internet traffic the same way. Meanwhile, Net Neutrality issues are not unique to India. more
With the first anniversary of the European Union's General Data Protection Regulation (GDPR) approaching in just a few days, Microsoft's Corporate Vice President and Deputy General Counsel, Julie Brill says GDPR has been an important catalyst for progress in privacy protection around the world. more
Earlier this week, Facebook expanded the roll-out of its facial recognition software to tag people in photos uploaded to the social networking site. Many observers and regulators responded with privacy concerns; EFF offered a video showing users how to opt-out. Tim O'Reilly, however, takes a different tack... O'Reilly's point - and face-recognition technology - is bigger than Facebook. more
We learned from The Wall Street Journal yesterday that "Federal Communications Commission Chairman Julius Genachowski gets a little peeved when people suggests that he wants to regulate the Internet." He told a group of Journal reporters and editors today that: "I don't see any circumstances where we'd take steps to regulate the Internet itself," and "I've been clear repeatedly that we're not going to regulate the Internet." We're thankful to hear Chairman Julius Genachowski to make that promise. We'll certainly hold him to it. But you will pardon us if we remain skeptical... more
Vigilantism, in cyberspace or a New York subway, gets rejected in the main because more than just one vigilante results in an unlovely chaos. What the Anonymous cyber-vigilantes - those meting out "payback" for commercial decisions about Wikileaks - don't seem to realize is that chaos begets reaction, and in this case the victim may be the Internet itself. more
Encryption is a way to keep private information private in the digital world. But there are government actors, particularly here in the US, that want access to our private data. The NSA has been snooping our data for years. Backdoors have been snuck into router encryption code to make it easier to break. Today at M3AAWG we had a keynote from Kim Zetter, talking about Stuxnet and how it spread well outside the control of the people who created it. more
A World-Renowned Source for Internet Developments. Serving Since 2002.