California lawmakers have taken the lead in trying to address privacy and security issues with Internet of Things (IoT) devices (which we have been writing about for years), by passing the country’s first IoT security bill, which is now headed to Governor Brown’s desk for signature by September 30. One of the issues addressed by … Continue Reading
While meeting with Russian President Vladimir Putin, President Trump was given a soccer ball, symbolic of the 2018 World Cup played in Russia. Bloomberg has reported that the soccer ball contained a chip, known as near-field communication (NFC) tag, which can transmit information to nearby cellphones, presumably including Trump’s as well. The chips can send … Continue Reading
Security researchers at Check Point discovered software vulnerabilities in LG IoT devices which allowed them to potentially gain control over LG refrigerators, ovens, dishwashers and a live feed from a robot vacuum cleaner. A vulnerability in the mobil app and cloud app allowed them to remotely gain access to LG IoT devices with just an … Continue Reading
We continue to try to alert our clients about the changing threat landscape in cybersecurity. We keep saying how the threats are becoming more and more sophisticated and more and more frequent, and that companies must acknowledge and address the threat as a high priority. Cisco publishes cybersecurity reports that outline the threats to businesses … Continue Reading
Everything connected to the Internet is hackable and at risk. But there are some things connected to the Internet that you just don’t think of as risks to an organization. That is, until now. Darktrace has issued its report Darktrace Global Threat Report 2017 that discusses nine unusual cyber threat scenarios that show, among other things, … Continue Reading
Researchers at Stanford University have released a study concluding that wearable fitness trackers provide inaccurate measurements when it comes to providing information to users on how many calories have been burned. The researchers evaluated seven wearable fitness trackers and how they measured heart rate and calories burned. Most of them measured heart rate pretty accurately, … Continue Reading
We often talk about how anything that is connected to the Internet is hackable and unsafe, and to be careful about how you buy and connect devices, products, appliances, home security systems and other wireless “things.” These are called the Internet of Things, or “IoT.” Alexa is an IoT “thing.” Cybersecurity literature constantly warns us … Continue Reading
IT professionals have long understood the importance of changing the default password for network connected hardware devices (printers, switches, wireless access points, etc.). In the world of the Internet Of Things it seems everything is connected to the internet, the locks to your house, the refrigerator, your car, the wireless router from the cable company, … Continue Reading
On June 16, 2016, the IRS announced that it will be making Form 990s available in machine-readable format through Amazon Web Services. While this information has always been available to the public, it was previously only accessible in PDF format, making searching or viewing data in bulk nearly impossible. The IRS announcement is in response … Continue Reading
Last week, the Center for Democracy & Technology (CDT), through the cooperation of Fitbit, Inc. (Fitbit), released new guidance about wearable health tracker devices called “Toward Privacy Aware Research and Development in Wearable Health.” The most important takeaways of this report: “Internal research and development offers a unique window into data practices and policies at … Continue Reading
If you don’t wear contacts now, you may want to start thinking about wearing some if (and when) Sony patents and releases its smart contact lens. Sony has officially filed a patent for smart contact lenses which would allow the ‘user’ the ability to record and play back video. The patent references the ability of … Continue Reading
Bitstamp, the third largest Bitcoin exchange in the world and located in Luxembourg, announced on April 25, 2016, that it has obtained a payment institution license from Luxembourg, which means it is the first nationally licensed Bitcoin exchange in the world. The license was obtained through the European Union’s passport program, which gives reciprocity for … Continue Reading
One in five U.S. consumers are tracking their every movement, from their heart-rate, skin temperature, respiratory rate to their activity levels, food intake, weight, and sleep patterns. With this so-called ‘black box’ for the human body, this data collected through our wearable fitness devices has great potential to be used to bolster or dispute a … Continue Reading
At the PrivacyCon event held by the Federal Trade Commission (FTC) last week in Washington, D.C., the FTC warned that several brands of baby monitors lack basic security features like complex passwords and data encryption, making the transmission of data through connected baby monitors more susceptible to hackers. While the FTC did not reveal the … Continue Reading
Almost one year ago, the Federal Trade Commission (FTC) released its “Internet of Things (IoT): Privacy and Security in a Connected World” report urging companies to implement best practices for consumers’ privacy and data security, and shortly thereafter, introduced the new Office of Technology Research and Investigation unit to protect consumers from IoT failures. Since … Continue Reading
The Connected Health App Challenge (Challenge), co-sponsored by Ford Motor Company and Henry Ford Health System, launches on January 20, 2016 and is open to employees of both entities. What is it? It’s a challenge that seeks to find technology that will expand patient monitoring and management to their cars. The concept is that people … Continue Reading
Connected cars are on the verge. And they are already on our roads. This week, Toyota announced that it will add more connected cars to our roads with some of its 2017 vehicle models which will have “Data Communication Modules” (DCMs) installed to allow for uploading and downloading of information from the vehicles to Toyota’s … Continue Reading
While 2015 will likely be remembered as the year the Federal Rules of Civil Procedure were substantively overhauled to resolve many persistent issues related to e-discovery, 2016 quietly marks ten years since the Federal Rules were amended to expressly recognize, for the first time, that electronically stored information (ESI) was equally as discoverable as its … Continue Reading
As a general rule, the Children’s Online Privacy Protection Act (COPPA) requires operators of websites (including mobile apps) directed to children under the age of 13 to obtain verifiable parental consent before collecting personal information from those users. COPPA sets forth a non-exhaustive list of acceptable methods for obtaining parental consent. For example, operators can … Continue Reading
Google has recently asked a California federal court to dismiss a proposed class action alleging that the company’s practice of scanning Gmail users e-mail for marketing data violates federal and state privacy laws, primarily the Electronic Communications Privacy Act (ECPA). The crux of Google’s motion is that users of the company’s highly popular Gmail consent … Continue Reading
This week, Senator Ed Markey and Senator Richard Blumenthal sent letters to 18 automakers requesting an update on vehicle-to-vehicle communications’ (V2V) privacy and security. The Senators are seeking information on each automakers’ “efforts to protect the privacy and security of the cars [they] sell[ ].” Back in December 2013, the Senators had sent letters to … Continue Reading
On September 18, 2015, the National Institute of Standards and Technology (NIST) issued its draft Framework for Cyber-Physical Systems (CPS), which is “intended to provide a methodology for understanding, designing and building CPS including those with multiple applications.” CPS are smart systems that interact between physical and computational components. These interconnected and integrated systems “can … Continue Reading
Now even the fitness tracker you wear on your wrist is compliant with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. Fitbit’s Corporate Wellness team is one of the fastest growing sectors of the company, and Fitbit voluntarily took this “proactive step” to implement a HIPAA compliance program so that it could broaden … Continue Reading
