education new york online education new york online education new york online
Search
Today's Info Policy News
Weekly Archive
Information Policy
FERPA
Protecting your children's privacy: The Facts
WHO'S WATCHING YOUR CHILDREN?
about
contact us
site map
Search
With the exact phrase
With all of the words
With at least one of the words
Without these words
 
Within these fields         
 
Date range limit

      Pick Date
 
Item(s) found: 28
Proposed Security Assessment & Authorization for U.S. Government Cloud Computing
Date CapturedThursday November 04 2010, 8:10 PM
Proposed Security Assessment and Authorization for U.S. Government Cloud Computing: Over the past 18 months, an inter-agency team comprised of the National Institute of Standards and Technology (NIST), General Services Administration (GSA), the CIO Council and working bodies such as the Information Security and Identity Management Committee (ISIMC), has worked on developing the Proposed Security Assessment and Authorization for U.S. Government Cloud Computing. This team evaluated security controls and multiple Assessment and Authorization models for U.S. Government Cloud Computing as outlined in this document. The attached document is a product of 18 months of collaboration with State and Local Governments, Private Sector, NGO’s and Academia. This marks an early step toward our goal of deploying secure cloud computing services to improve performance and lower the cost of government operations, but we need to improve this document through your input.
NSF Funds Research to Enable Distributed, Fair, and Privacy-Preserving Collaboration
Date CapturedSaturday September 25 2010, 4:14 PM
Stevens Institute of Technology: [Hoboken, NJ, September 25, 2010 --(PR.com)-- Dr. Susanne Wetzel, Associate Professor of Computer Science, has recently been awarded a $457K research grant from the National Science Foundation (NSF) to investigate privacy and security in the context of enabling collaboration.]
Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
Date CapturedMonday May 03 2010, 11:04 AM
Recommendations of the National Institute of Standards and Technology - [The escalation of security breaches involving personally identifiable information (PII) has contributed to the loss of millions of records over the past few years. Breaches involving PII are hazardous to both individuals and organizations. Individual harms may include identity theft, embarrassment, or blackmail. Organizational harms may include a loss of public trust, legal liability, or remediation costs. To appropriately protect the confidentiality of PII, organizations should use a risk-based approach; as McGeorge Bundy once stated, "If we guard our toothbrushes and diamonds with equal zeal, we will lose fewer toothbrushes and more diamonds." This document provides guidelines for a risk-based approach to protecting the confidentiality of PII. The recommendations in this document are intended primarily for U.S. Federal government agencies and those who conduct business on behalf of the agencies, but other organizations may find portions of the publication useful. Each organization may be subject to a different combination of laws, regulations, and other mandates related to protecting PII, so an organization‘s legal counsel and privacy officer should be consulted to determine the current obligations for PII protection. For example, the Office of Management and Budget (OMB) has issued several memoranda with requirements for how Federal agencies must handle and protect PII. To effectively protect PII, organizations should implement the following recommendations.]
Review: Federal program used to hide flights from public
Date CapturedTuesday April 13 2010, 8:22 PM
USA Today -- By Michael Grabell and Sebastian Jones, ProPublica - [Use of the airspace is considered public information because taxpayers fund air-traffic controllers, radars and runways. "It belongs to all of us," said Chuck Collins, who has studied private jet travel at the Institute for Policy Studies, a progressive think tank. "It's not a private preserve." NBAA spokesman Dan Hubbard said privacy is important to business fliers because competitors can learn of potential deals by tracking planes, and that could affect stock prices. "There are certain circumstances where there is a security concern," he said. In 2000, Congress required websites to stop posting flights of certain planes at the FAA's request. The FAA later agreed to let the aviation group be the clearinghouse. FAA spokeswoman Laura Brown said the agency lacks resources to evaluate whether requests to keep flights secret are justified, so the agency lets the NBAA decide each month the flights kept from public view.]
Security and Privacy? Forget About It
Date CapturedMonday March 08 2010, 8:41 PM
By Richard Adhikari - TechNewsWorld - [As the Obama administration grapples with the thorny issue of beefing up the United States' cybersecurity infrastructure, and as security experts warn of impending cyberwarfare, a debate is raging over how much surveillance is enough. One of the biggest problems about implementing cybersecurity is that it involves a measure of surveillance, and the line between surveillance and snooping is razor thin. Thin enough, in fact, that Einstein 3, the latest iteration of the Federal government's intrusion detection program, has aroused privacy concerns because it can examine the content of email. That, some privacy advocates believe, makes it almost equivalent to warrantless wiretapping. The security community is divided over the issue.] [Using NSA technology almost certainly will lead to an invasion of privacy, the EFF's Rotenberg fears. "The folks over at NSA are not just interested in looking for malware, they're very interested in content," he said. "This is the problem with Einstein 2 and Einstein 3." On the other hand, turning over the responsibility for deep packet inspection to private companies could have its own pitfalls. "Deep packet inspection opens the doors to commercialization," Rotenberg warned. "The companies can say, 'We have to do this because of our security mandate and oh, by the way, there's a marketing opportunity here.'"]
Canadian airlines plead with government to solve U.S. security dilemma
Date CapturedThursday January 07 2010, 8:04 PM
C Jim Bronskill (CP) -- [OTTAWA — Canada's major airlines say they will be forced either to break privacy laws or to ignore new American air security rules unless the federal government comes up with a response to U.S. demands for passenger information.]
Secretary Napolitano Outlines Five Recommendations To Enhance Aviation Security
Date CapturedThursday January 07 2010, 7:53 PM
Secretary Napolitano outlined the following five recommendations: Re-evaluate and modify the criteria and process used to create terrorist watch lists—including adjusting the process by which names are added to the “No-Fly” and “Selectee” lists. Establish a partnership on aviation security between DHS and the Department of Energy and its National Laboratories in order to develop new and more effective technologies to deter and disrupt known threats and proactively anticipate and protect against new ways by which terrorists could seek to board an aircraft. Accelerate deployment of advanced imaging technology to provide greater explosives detection capabilities—and encourage foreign aviation security authorities to do the same—in order to identify materials such as those used in the attempted Dec. 25 attack. The Transportation Security Administration currently has 40 machines deployed throughout the United States, and plans to deploy at least 300 additional units in 2010. Strengthen the presence and capacity of aviation law enforcement—by deploying law enforcement officers from across DHS to serve as Federal Air Marshals to increase security aboard U.S.-bound flights. Work with international partners to strengthen international security measures and standards for aviation security.
Bill Introduced To Repeal Failed Real ID Act (7/31/2009) Bill Would Protect Civil Liberties And Drivers' License Security
Date CapturedSunday August 09 2009, 5:13 PM
WASHINGTON – In a welcome move today, legislation was introduced in the House of Representatives to repeal the discredited Real ID Act of 2005. The REAL ID Repeal and Identification Security Enhancement Act of 2009, introduced by Representative Steve Cohen (D-TN), would repeal Real ID and replace it with the original negotiated rulemaking process passed by Congress as part of the 9/11 Commission recommendations. Twenty-five states have already rejected Real ID, citing its high cost, invasiveness and the bureaucratic hassles it creates for citizens. The Real ID Act of 2005 directs states to issue a federally-approved driver's license or other form of ID that would be necessary for airline travel and become part of a national database. Like state governments from coast to coast, the American Civil Liberties Union has long opposed the Act as too invasive, too much red tape and too expensive.
Testimony of Secretary Janet Napolitano before the House Committee on Homeland Security on DHS, The Path Forward
Date CapturedWednesday February 25 2009, 3:13 PM
Release Date: February 25, 2009 - The Committee’s platform items: [Improving the governance, functionality, and accountability of the Department of Homeland Security; enhancing security for all modes of transportation; strengthening our Nation: response, resilience, and recovery; shielding the Nation’s critical infrastructure from attacks; securing the homeland and preserving privacy, civil rights, and civil liberties; connecting the dots: intelligence, information sharing, and interoperability; implementing common-sense border and port security; and inspiring minds and developing technology – the future of homeland security. ]
Upgraded Biometric Technology Facilitates Visitors' Entry to the United States
Date CapturedThursday January 15 2009, 7:41 PM
For nearly five years, U.S. Department of State (State) consular officers and U.S. Customs and Border Protection (CBP) officers have collected biometric information—digital fingerprints and a photograph—from all non-U.S. citizens between the ages of 14 and 79, with some exceptions, when they apply for visas or arrive at major U.S. ports of entry. State consular officers began collecting 10 fingerprints from visa applicants in 2007. Collecting 10 fingerprints increases fingerprint matching accuracy and reduces the possibility that the system will misidentify an international visitor. It also strengthens DHS's capability to check visitors' fingerprints against the Federal Bureau of Investigation's (FBI) criminal data and enables DHS to check visitors' fingerprints against latent fingerprints collected by Department of Defense (DOD) and the FBI from known and unknown terrorists around the world.
Biometric Center of Excellence (BCOE)
Date CapturedWednesday January 14 2009, 7:54 PM
BCOE will enable the FBI to provide enhanced U.S. government services in the global quest to fight crime and terrorism with state of the art biometrics technology. Headquartered in Clarksburg, West Virginia, the BCOE is the FBI’s focal point to foster collaboration, improve information sharing, and advance the adoption of optimal biometric and identity management solutions across the law enforcement and national security communities.
Matt Blaze's EXHAUSTIVE SEARCH
Date CapturedSunday December 28 2008, 3:21 PM
Cryptography blog and links to research. University of Pennsylvania. Matt bio excerpt [I coined the term, and am one of the inventors of, Trust Management, which provides the abstract layer in which a system decides whether to allow some potentially dangerous action. This work has led to two trust management languages, KeyNote and PolicyMaker, that provide tools for specifying policy, delegating authority, and controlling access. In addition to providing a useful framework for studying and proving security properties of distributed systems, our tools have been used to build powerful policy control mechanisms into several important applications, including the OpenBSD IPSEC implementation.]
E P I C - A l e r t -- Volume 15.25 -- December 23, 2008
Date CapturedTuesday December 23 2008, 6:41 PM
Published by the Electronic Privacy Information Center (EPIC) - Washington, D.C. Table of Contents - [1] Privacy Coalition Members Write to President-elect Obama [2] India Hosts Third Internet Governance Forum [3] Government Issues Final Rules in Education Records Privacy [4] Privacy, Security and Openness at the Internet Governance Forum [5] DHS Releases Fusion Center Privacy Impact Assessment [6] News in Brief
When Hackers Attack: Practicing Cybersecurity at Home
Date CapturedFriday December 12 2008, 2:01 PM
Brian Krebs writes [While Barack Obama has selected key members of his national security team—Defense Secretary, National Security Adviser and Secretary of State—there are calls for the president-elect to make another security appointment. The bipartisan Commission on Cybersecurity for the 44th Presidency suggests that there is a dire need to create a National Office for Cyberspace to protect our nation’s most sensitive computer networks. The need for national cyberspace security is a no-brainer, but who is going to protect us from the digital devices that organize our lives and leaves personal information vulnerable to theft? Here, a behind-the-scenes look at how hackers are unearthing the private details of our lives by attacking our web browsers, cell phones, and personal electronics.]
Securing Cyberspace for the 44th Presidency
Date CapturedMonday December 08 2008, 7:24 PM
The report of the CSIS Commission on Cybersecurity for the 44th Presidency -- Cochairs: Representative James R. Langevin, Representative Michael T. McCaul, Scott Charney, Lt. General Harry Raduege, USAF (Ret). Project Director: James A. Lewis, Center for Strategic and International Studies, Washington, DC. December - 2008.
Freedom Under Surveillance, Part II
Date CapturedThursday December 04 2008, 7:07 PM
Independent Examiner Brian Trent says [On September 17 of this year, the House passed the “School Safety Enhancements Act of 2008.” As part of this $50 million initiative, surveillance equipment is specifically earmarked and encouraged. Why would the federal government be so interested in mandating surveillance equipment for schools? Isn’t that the job of the states in which those schools dwell? And really, isn't this going a little far... for any level of government?] Also says [In 2005, slipped insidiously into an $81 billion bill for "supporting troops" and "tsunami relief" was a tiny law - The Real ID Act - which creates a de facto National ID card. Originally, the law required it be in place by 2008, but it met with ferocious resistance from the states. Yes! The states actually rebelled… but don’t break out the champagne yet. The Feds have "allowed" an extension through 2009 for states that request it. Every driver's license will be required to include "physical security features" and "a common machine readable technology." The cultists who support this National ID card say that it's all voluntary.]
Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment
Date CapturedWednesday December 03 2008, 4:02 PM
National Academies Press - [All U.S. agencies with counterterrorism programs that collect or "mine" personal data -- such as phone records or Web sites visited -- should be required to evaluate the programs' effectiveness, lawfulness, and impacts on privacy. A framework is offered that agencies can use to evaluate such information-based programs, both classified and unclassified. The book urges Congress to re-examine existing privacy law to assess how privacy can be protected in current and future programs and recommends that any individuals harmed by violations of privacy be given a meaningful form of redress.]
CYBER ANALYSIS AND WARNING - DHS Faces Challenges in Establishing a Comprehensive National Capability
Date CapturedTuesday September 23 2008, 10:15 AM
GAO 08-588: We recommend that the Secretary of Homeland Security take four actions to fully establish a national cyber analysis and warning capability. Specifically, the Secretary should address deficiencies in each of the attributes identified for Recommendations for Executive Action • monitoring, including establish a comprehensive baseline understanding of the nation’s critical information infrastructure and engage appropriate nonfederal stakeholders to support a national-level cyber monitoring capability; • analysis, including expanding its capabilities to investigate incidents; • warning, including ensuring consistent notifications that are targeted, actionable, and timely; and • response, including ensuring that US-CERT provides assistance in the mitigation of and recovery from simultaneous severe incidents, including incidents of national significance. We also recommend that the Secretary address the challenges that impede DHS from fully implementing the key attributes, including the following 6 items: • engaging appropriate stakeholders in federal and nonfederal entities to determine ways to develop closer working and more trusted relationships; • expeditiously hiring sufficiently trained cyber analysts and developing strategies for hiring and retaining highly qualified cyber analysts; • identifying and acquiring technological tools to strengthen cyber analytical capabilities and handling the steadily increasing workload; developing predictive analysis capabilities by defining terminology, methodologies, and indicators, and engaging appropriate stakeholders in other federal and nonfederal entities; • filling key management positions and developing strategies for hiring and retaining those officials; and • ensuring that there are distinct and transparent lines of authority and responsibility assigned to DHS organizations with cybersecurity roles and responsibilities, including the Office of Cybersecurity and Communications and the National Cybersecurity Center.
"Cybersecurity Recommendations for the Next Administration”
Date CapturedTuesday September 23 2008, 10:05 AM
Hearing on “Cybersecurity Recommendations for the Next Administration”
"REAL ID Implementation Review: Few Benefits, Staggering Costs"
Date CapturedTuesday June 03 2008, 2:35 PM
EPIC: The final rule includes few protections for individual privacy and security in its massive national identification database. It harms national security by creating yet another “trusted” credential for criminals to exploit. The Department of Homeland Security has faced so many obstacles with the REAL ID system that the agency now plans an implementation deadline of 2017 – nine years later than the 2008 statutory deadline.181 It is an unfunded mandate that would cost billions, with the burden ultimately being placed on the individual taxpayer. Technical experts familiar with the challenges of privacy protection and identification presented the Department of Homeland Security with a variety of recommendations that would have minimized the risks of the REAL ID system. The DHS made some modifications, but left the essential system in place. As REAL ID currently stands, the costs are many and the benefits are few. Public opposition to implementation is understandable.
TESTIMONY OF DANIEL J. SOLOVE -- “RFID TAGS AND INFORMATION PRIVACY”
Date CapturedMonday June 02 2008, 10:34 AM
"The problems, then, don’t end with the collection of data from RFID tags or the implantation of RFID tags. Merely getting people’s consent at these stages is not sufficient enough protection. The problem is what happens to all that data that is stored. We need better downstream protections of the data from RFID tags. We need a way to ensure that the tags can be permanently deactivated. We need a way to ensure that the tags are not read by unauthorized persons. And we need a way to ensure that when people agree to use an RFID tag, that the tags or the information are not later used for different purposes without that person’s consent. The technology of RFID is not malignant or benign in and of itself. It all depends upon how we regulate it. Right now, our law protecting personal information needs to advance much further in order for RFID to be of net benefit to our society.
Marc Rotenberg
Date CapturedSunday June 01 2008, 5:35 PM
Marc is Executive Director of the Electronic Privacy Information Center (EPIC) in Washington, DC. He teaches information privacy law at Georgetown University Law Center and has testified before Congress on many issues, including access to information, encryption policy, consumer protection, computer security, and communications privacy. He testified before the 9-11 Commission on "Security and Liberty: Protecting Privacy, Preventing Terrorism." He has served on several national and international advisory panels, including the expert panels on Cryptography Policy and Computer Security for the OECD, the Legal Experts on Cyberspace Law for UNESCO, and the Countering Spam program of the ITU. He currently chairs the ABA Committee on Privacy and Information Protection.
E P I C A l e r t -- Volume 14.14
Date CapturedTuesday July 17 2007, 9:50 AM
Published by the Electronic Privacy Information Center (EPIC) Washington, D.C. TABLE OF CONTENTS: 1] EU and US Reach Agreements on Data Sharing [2] EPIC Comments on New Phone Customer Privacy Rules [3] EU Commission Opens Inquiry into Google-DoubleClick Merger [4] Appeals Court Dismisses Challenge to Warantless Surveillance Program [5] EPIC Among Groups Discussing National Security Letters With FBI [6] News in Brief [7] EPIC Bookstore: "Computer Crimes and Digital Investigations" [8] Upcoming Conferences and Events
A test for the Regents
Date CapturedSunday April 29 2007, 9:26 AM
Newsday opines, "Meanwhile, the problems of poverty force the schools to divert more money from the classroom - for everything from security to special education - than any other district. And political tweaking of state formulas on behalf of the wealthy means Roosevelt still won't get a fair share of school aid. It's show time Even before the next school year, Mills and the Regents must take these steps. They must find new leaders who will in turn inspire teachers, parents and students. And in so doing, they can create a national model of success for other struggling schools - especially those that fall through the cracks in the suburbs. It's an effort that will take the cooperation of everyone from state educators and lawmakers to local governments that aren't normally involved in education. Everyone from private philanthropists to community groups and parents. It's time to give the students of Roosevelt and their parents the fair shake that was denied the thousands who came before them. This is a test not just of Albany's competency but of its character."
Election results push AFT legislative agenda closer to passage
Date CapturedFriday December 15 2006, 8:51 AM
New York Teacher reports on "a working people’s agenda" and revamping the No Child Left Behind Act. "Other AFT legislative goals include: Securing federal assistance to help districts modernize and rebuild schools; Winning greater national investment in education, health care and job training; Reversing the National Labor Relations Board’s ruling that allows employers to deny union rights to workers by classifying them as 'supervisor'; Raising the federal minimum wage to $7.25 an hour, indexed to inflation; Protecting retirement security for all workers; Expanding access to college by halving interest rates for student loans and raising the maximum Pell grant award to at least $4,500."
October Proclaimed Cyber Security Awareness Month in New York State
Date CapturedMonday October 09 2006, 1:50 PM
Office of Cyber Security and Critical Infrastructure: "Whereas, each of us has a critical role in maintaining the security of cyberspace, and a greater awareness of computer-associated risks will improve the integrity of New York State’s information infrastructure and economy; the Multi-State Information Sharing and Analysis Center, the US Department of Homeland Security and the National Cyber Security Alliance have designated October as National Cyber Security Awareness Month, and New York State joins in the observance of this worthy cause and in support of its crucial goals;"
Endicott principal shows value of warning system
Date CapturedMonday October 02 2006, 7:06 AM
Binghamton Press & Sun-Bulletin reports, "Tomic, who received national recognition for his conduct, was alerted by a hazard warning radio activated by a National Weather Service signal that automatically turns the radio on and announces a potential hazard. They are installed in many schools -- and required in six states (but not New York or Pennsylvania) -- but now the Homeland Security Department has decided to provide $5 million to make sure the radios are in every public school in the United States, some 97,000 in all."
America’s Children: Key National Indicators of Well-Being, 2005
Date CapturedThursday July 13 2006, 10:50 PM
America’s Children: Key National Indicators of Well-Being, 2005 is a biennial report to the Nation on the condition of children in America. Nine contextual measures describe the changing population, family, and environmental context in which children are living, and 25 indicators depict the well-being of children in the areas of economic security, health, behavior and social environment, and education. Racial categories were expanded from four racial groups (American Indian or Alaskan Native, Asian, Black, and White) to five racial groups (American Indian or Alaska Native, Asian, Black or African American, Native Hawaiian or Other Pacific Islander, and White). Expansion of the racial categories and the introduction of multiple race categories—have a direct impact on many of the indicators presented in this report, particularly with respect to trend analyses. Federal Interagency Forum on Child and Family Statistics Highlights. DC: U.S. Government Printing Office.



Back to Top of Page