Search
Today's Info Policy News
Weekly Archive
Information Policy
FERPA
Protecting your children's privacy: The Facts
WHO'S WATCHING YOUR CHILDREN?
about
contact us
site map
Search
With the exact phrase
With all of the words
With at least one of the words
Without these words
Within these fields
Title
Category Names
Summary
URL
Date range limit
No limit: Show me all items regardless of date captured.
Limit the search to items added since this date.
April 2024
Sun
Mon
Tue
Wed
Thu
Fri
Sat
14
31
1
2
3
4
5
6
15
7
8
9
10
11
12
13
16
14
15
16
17
18
19
20
17
21
22
23
24
25
26
27
18
28
29
30
1
2
3
4
19
5
6
7
8
9
10
11
Item(s) found: 27
Cloud Computing, Regulatory Compliance, and Student Privacy: A Guide for School Administrators and Legal Counsel
Date Captured
Tuesday July 01 2014, 2:48 PM
J. Marshall Journal of Information Technology & Privacy Law 511 (2014) Volume 30 Issue 3 (2014)
CPO on Privacy, Emerging Technologies, and New Uses of Data
Date Captured
Sunday February 10 2013, 6:35 PM
US ED CPO STYLES: Colleges, universities, and other postsecondary institutions often have research agendas that involve data; they often have medical facilities; and most importantly, colleges and universities often function as change agents, particularly for technological and social change. The combination of new technologies and new uses of data create today’s cutting-edge privacy issues, including “Big Data,” matching with wage data, data sharing in general, the use of analytics, cloud computing, MOOCs, and school use of web engagemen
IN THE CLOUD
Date Captured
Wednesday February 06 2013, 2:14 PM
News & policy about the CLOUD. Check paper archives. Updated regularly.
SPOTLIGHT ON CLOUD COMPUTING: IF IN THE CLOUD, GET IT ON PAPER: CLOUD COMPUTING CONTRACT ISSUES
Date Captured
Friday February 01 2013, 11:30 PM
SPOTLIGHT ON CLOUD COMPUTING: IF IT'S IN THE CLOUD, GET IT EDUCAUSE WEBINAR ON CLOUD COMPUTING CONTRACT ISSUES Friday, December 10, 2010 Author(s) Thomas Trappler (UCLA) Source(s) EDUCAUSE Live! Webinars, Webinars
FERPA and the Cloud: What FERPA Can Learn from HIPAA
Date Captured
Tuesday December 18 2012, 7:01 AM
SOLOVE: Parents need to look at what their schools are doing about student privacy and speak up, because the law isn’t protecting their children’s privacy. School officials who want to develop a more meaningful and robust protection of privacy should talk to government officials who are tasked with complying with HIPAA. They can learn a lot from studying HIPAA and following some of its requirements. Congress should remake FERPA more in the model of HIPAA. If Congress won’t act, state legislatures should pass better education privacy laws. Because FERPA does not provide adequate oversight and enforcement of cloud computing providers, schools must be especially aggressive and assume the responsibility. Otherwise, their students’ data will not be adequately protected. School officials shouldn’t assume that the law is providing regulation of cloud computing providers and that they need not worry. The law isn’t, so right now the schools need to be especially vigilant.
FERPA and the Cloud: Why FERPA Desperately Needs Reform
Date Captured
Tuesday December 11 2012, 6:51 AM
SOLOVE: Parents should lobby Congress and their state legislatures to pass laws providing better protections of their children’s data. This is an issue that should be of great concern to parents since educational institutions possess a staggering amount of personal data about students, and this data can currently be outsourced to nearly any company anywhere – even to a cloud computing provider in the most totalitarian country in the world!
Frequently Asked Questions—Cloud Computing
Date Captured
Monday September 24 2012, 10:25 AM
FERPA does not prohibit the use of cloud computing solutions for the purpose of hosting education records; rather, FERPA requires States to use reasonable methods to ensure the security of their information technology (IT) solutions.
Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era
Date Captured
Tuesday July 12 2011, 6:12 PM
Christopher Soghoian - [This paper will argue that this doctrine [[third-party doctrine]] becomes moot once encryption is in use and companies no longer have access to their customers’ private data.] [The real threat to privacy lies with the fact that corporations can and have repeatedly been forced to modify their own products in ways that harm end user privacy, such as by circumventing encryption.] Soghoian, Christopher, Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era (August 17, 2009). 8 J. on Telecomm. and High Tech. L. 359; Berkman Center Research Publication No. 2009-07
The NIST Definition of Cloud Computing (Draft)
Date Captured
Friday February 04 2011, 3:57 PM
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Guidelines on Security and Privacy in Public Cloud Computing
Date Captured
Friday February 04 2011, 3:36 PM
Cloud computing can and does mean different things to different people. The common characteristics most share are on-demand scalability of highly available and reliable pooled computing resources, secure access to metered services from nearly anywhere, and dislocation of data from inside to outside the organization. While aspects of these characteristics have been realized to a certain extent, cloud computing remains a work in progress. This publication provides an overview of the security and privacy challenges pertinent to public cloud computing and points out considerations organizations should take when outsourcing data, applications, and infrastructure to a public cloud environment. Draft Special Publication 800-144
Proposed Security Assessment & Authorization for U.S. Government Cloud Computing
Date Captured
Thursday November 04 2010, 8:10 PM
Proposed Security Assessment and Authorization for U.S. Government Cloud Computing: Over the past 18 months, an inter-agency team comprised of the National Institute of Standards and Technology (NIST), General Services Administration (GSA), the CIO Council and working bodies such as the Information Security and Identity Management Committee (ISIMC), has worked on developing the Proposed Security Assessment and Authorization for U.S. Government Cloud Computing. This team evaluated security controls and multiple Assessment and Authorization models for U.S. Government Cloud Computing as outlined in this document. The attached document is a product of 18 months of collaboration with State and Local Governments, Private Sector, NGO’s and Academia. This marks an early step toward our goal of deploying secure cloud computing services to improve performance and lower the cost of government operations, but we need to improve this document through your input.
Privacy Recommendations for the Use of Cloud Computing by Federal Departments and Agencies Privacy Committee Web 2.0/Cloud Computing Subcommittee -- August 2010
Date Captured
Thursday September 16 2010, 9:02 PM
bstract: Good privacy practices are a key component of agency governance and accountability. One of the Federal government's key business imperatives today is to maintain the privacy of personally identifiable information (PII) we collect and hold. The Office of Management and Budget (OMB) Memorandum 07-16 defines PII as "information which can be used to distinguish or trace an individual's identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name, etc." The purpose of this paper, and of privacy interests in general, is not to discourage agencies from using cloud computing; indeed a thoughtfully considered cloud computing solution can enhance privacy and security. Instead, the purpose is to ensure that Federal agencies recognize and consider the privacy rights of individuals, and that agencies identify and address the potential risks when using cloud computing.
Cloud Computing: Storm Warning for Privacy?
Date Captured
Wednesday July 07 2010, 1:20 PM
[Abstract: “Cloud computing” - the ability to create, store, and manipulate data through Web-based services - is growing in popularity. Cloud computing itself may not transform society; for most consumers, it is simply an appealing alternative tool for creating and storing the same records and documents that people have created for years. However, outdated laws and varying corporate practices mean that documents created and stored in the cloud may not have the same protections as the same documents stored in a filing cabinet or on a home computer. Can cloud computing services protect the privacy of their consumers? Do they? And what can we do to improve the situation?] Ozer, Nicole and Conley, Chris, Cloud Computing: Storm Warning for Privacy? (January 29, 2010). Nicole Ozer & Chris Conley, CLOUD COMPUTING: STORM WARNING FOR PRIVACY, ACLU of Northern California, 2010.
REPORT: FUTURE OF THE INTERNET, CLOUD COMPUTING - The future of cloud computing
Date Captured
Tuesday June 15 2010, 10:50 PM
[The future of cloud computing Technology experts and stakeholders say they expect they will ‘live mostly in the cloud’ in 2020 and not on the desktop, working mostly through cyberspace-based applications accessed through networked devices. This will substantially advance mobile connectivity through smartphones and other internet appliances. Many say there will be a cloud-desktop hybrid. Still, cloud computing has many difficult hurdles to overcome, including concerns tied to the availability of broadband spectrum, the ability of diverse systems to work together, security, privacy, and quality of service. ] Janna Quitney Anderson, Elon University; Lee Rainie, Pew Research Center’s Internet & American Life Project
Coalition pushes ECPA update for online privacy in cloud computing age
Date Captured
Wednesday March 31 2010, 4:46 PM
[A powerful collection of organizations has formed a new coalition to push for an update to the Electronic Communications Privacy Act (ECPA). Members of the coalition include Google, Microsoft, AT&T, AOL, Intel, the ACLU and the Electronic Frontier Foundation. The guidance from the coalition would enshrine principles for “digital due process,” online privacy and data protection in the age of cloud computing within an updated ECPA.]
Digital Due Process
Date Captured
Wednesday March 31 2010, 4:23 PM
[A powerful collection of organizations has formed a new coalition to push for an update to the Electronic Communications Privacy Act (ECPA). Members of the coalition include Google, Microsoft, AT&T, AOL, Intel, the ACLU and the Electronic Frontier Foundation. The guidance from the coalition would enshrine principles for “digital due process,” online privacy and data protection in the age of cloud computing within an updated ECPA.]
THE BROOKINGS INSTITUTION FALK AUDITORIUM - CLOUD COMPUTING FOR BUSINESS AND SOCIETY
Date Captured
Saturday February 20 2010, 7:05 PM
Washington, D.C. - Wednesday, January 20, 2010 Keynote Speaker: BRAD SMITH - Senior Vice President and General Counsel; Moderator: DARRELL WEST - The Brookings Institution Panelists: MICHAEL NELSON; ROB ATKINSON; JONATHAN ROCHELLE;
Sunguard
Date Captured
Saturday November 21 2009, 1:02 PM
[Student Information Management -- eSchoolPLUS is a student management system that helps educators and parents by providing them direct, real-time access to the most relevant student information available. Teachers and administrators can easily manage day-to-day student information and data such as demographics, scheduling, attendance, discipline, standardized tests, report cards and transcripts. With eSchoolPLUS, parents gain the ability to be more informed as to their child’s grades, attendance, assignments and discipline information. Superintendents, principals and other district administrators and school board members can track daily school status, student performance and progress.]
Cloud Standards Effort Could Turn into a Dustup
Date Captured
Monday May 04 2009, 4:32 PM
Digits - Technology News and Insights -- By Ben Worthen - [The Open Cloud Standards Incubator is part of an organization called Distributed Management Task Force. The DMTF was founded in 1992 and has developed standards for managing computers and sharing information on the Web in the past. Its members are a who’s who of the tech industry’s old guard—in addition to IBM and Microsoft they include EMC, H-P, Intel and many others. It’s too early to call the absence of Internet companies a rift, but it’s a split reminiscent of the one that occurred when IBM tried to get companies to sign up for its “Open Cloud Manifesto” a few weeks ago. At the time companies that didn’t participate in IBM’s effort were quick to dismiss the manifesto as meaningless marketing.]
Google Gives Advice on Cloud Computing
Date Captured
Saturday March 21 2009, 6:17 PM
PC Chloe Albanesius writes[Google has commissioned a report that unsurprisingly touts the benefits of cloud computing, and offers recommendations for policy makers looking at the technology. Google called on lawmakers to embrace full connectivity, open access, security, and privacy when considering cloud-based computing.] REPORT LINKED.
Facebook Bug Reveals Private Photos, Wall Posts
Date Captured
Saturday March 21 2009, 12:52 PM
Washington Post Jason Kincaid (with HT to Anjool) writes [This isn't the first privacy bug to affect Facebook - users have previously been able to access private photos and view private profile information in search results. The error also serves as yet another blemish on the privacy controls of web-based services. Only two weeks ago, Google Docs revealed that it had inadvertently shared thousands of documents with users who should not have had access to them.]
Before the Federal Trade Commission Washington, DC 20580 In the Matter of Google, Inc. and Cloud Computing Services
Date Captured
Tuesday March 17 2009, 6:48 PM
EPIC President Marc Rotenberg on Google and Cloud Computing [The recent growth of Cloud Computing Services signals an unprecedented shift of personal information from computers controlled by individuals to networks administered by corporations. Data breaches concerning Cloud Computing Services can result in great harm, which arises from the centralized nature of the services and large volume of information stored "in the cloud." Past data breaches have resulted in serious consumer injury, including identity theft. As a result of the popularity of Cloud Computing Services, data breaches on these services pose a heightened risk of identity theft. The FTC should hold accountable the purveyors of Cloud]
RE: USE OF CLOUD COMPUTING APPLICATIONS AND SERVICES
Date Captured
Thursday February 26 2009, 6:07 PM
Associate Director John B. Horrigan (202-419-4500) - September 2008 - Pew/Internet - [Convenience and flexibility are the watchwords for those who engage in cloud computing activities: 51% of internet users who have done a cloud computing activity say a major reason they do this is that it is easy and convenient. 41% of cloud users say a major reason they use these applications is that they like being able to access their data from whatever computer they are using. 39% cite the ease of sharing information as a major reason they use applications in cyberspace or store data there. At the same time, users report high levels of concern when presented with scenarios in which companies may put their data to uses of which they may not be aware. 90% of cloud application users say they would be very concerned if the company at which their data were stored sold it to another party. 80% say they would be very concerned if companies used their photos or other data in marketing campaigns. 68% of users of at least one of the six cloud applications say they would be very concerned if companies who provided these services analyzed their information and then displayed ads to them based on their actions.]
Cloud computing takes hold despite privacy fears
Date Captured
Thursday February 26 2009, 6:03 PM
Computer Worlds -- Heather Havenstein [Users of online e-mail, storage systems fear the sale of personal data without permission]
Cloud Computing Privacy Tips
Date Captured
Wednesday February 25 2009, 4:11 PM
World Privacy Forum -- February 23, 2009 -- By Robert Gellman and Pam Dixon [Cloud Computing Tips for Consumers: Read the Terms of Service before placing any information in the cloud. If you don’t understand the Terms of Service, consider using a different cloud provider. Don’t put anything in the cloud you would not want the government or a private litigant to see. Pay close attention if the cloud provider reserves rights to use, disclose, or make public your information. Read the privacy policy before placing your information in the cloud. If you don’t understand the policy, consider using a different provider. When you remove your data from the cloud provider, does the cloud provider still retain rights to your information? If so, consider whether that makes a difference to you. Will the cloud provider give advance notice of any change of terms in the terms of service or privacy policy? ]
REPORT: Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing
Date Captured
Wednesday February 25 2009, 3:59 PM
Released February 23, 2009 - Author: Robert Gellman: [This report discusses the issue of cloud computing and outlines its implications for the privacy of personal information as well as its implications for the confidentiality of business and governmental information. The report finds that for some information and for some business users, sharing may be illegal, may be limited in some ways, or may affect the status or protections of the information shared. The report discusses how even when no laws or obligations block the ability of a user to disclose information to a cloud provider, disclosure may still not be free of consequences. The report finds that information stored by a business or an individual with a third party may have fewer or weaker privacy or other protections than information in the possession of the creator of the information. The report, in its analysis and discussion of relevant laws, finds that both government agencies and private litigants may be able to obtain information from a third party more easily than from the creator of the information. A cloud provider’s terms of service, privacy policy, and location may significantly affect a user’s privacy and confidentiality interests.] see policy recommendations in full report.
Does Cloud Computing Mean More Risks to Privacy?
Date Captured
Wednesday February 25 2009, 3:44 PM
NY Times -- Saul Hansell -- [In the United States, information held by a company on your behalf — be it a bank, an e-mail provider or a social network — is often not protected as much as information a person keeps at home or a business stores in computers it owns. Sometimes that means that a government investigator, or even a lawyer in a civil lawsuit, can get access to records by simply using a subpoena rather than a search warrant, which requires more scrutiny by a court.]
Back to Top of Page
