Facebook Shows Why We Need Data Security and Breach Notification Requirements

 img
 img

Last week, thanks to investigative reporting, we learned that Facebook discovered in January that it was storing millions of users’ passwords in plain text format, making them fully readable for thousands of its employees. Facebook has acknowledged that this was a serious security error and privacy breach on its side, as its systems, ideally, “are designed to mask passwords using techniques that make them unreadable”, and promised that it “will be notifying everyone whose passwords we have found were stored in this way.” There is no evidence that any of the thousand employees with access to these unencrypted passwords actually accessed them, but Facebook’s decision to remain mum reveals an important lesson for the overarching privacy and security policy debate. Importantly, data security incidents are a widespread problem that goes well beyond Facebook.

Read More

Public Health Practicums: An Impact on Rural Communities Across America

 img

During the winter months leading up to the spring semester, Dr. Tillman presented Ivonne Santiago López , first-year dual degree PharmD/MSPH student, with a unique opportunity to work remotely with Public Knowledge, an organization based in Washington, D.C. Since Ivonne considers professional relationships really important to her work, she recently planned a trip to our nation’s capital to visit with her preceptor, Alisa Valentin.

Read More

We Don’t Have to Sacrifice User Safety and Convenience to Make App Stores Competitive

 img
 img

App stores, such as Google Play and Apple’s App Store, have been good for consumers and independent developers in a number of ways. When they work well, they provide consumers with a convenient way to find and buy software that is safe and functional. I remember when my non-technical friends would never install software on their PCs, assuming that it was all a scam or malware of some kind. Now these same people can confidently install, use, and uninstall apps without fearing that it will ruin their devices or steal their personal information. Again, this is when things are working right. There are always bad actors to be vigilant against, and different app store curators do their jobs more and less well.

Read More

Will the FCC Keep Ignoring Carriers That Sell Your GPS Data?

 img
 img

Over the last three months, Motherboard’s Joseph Cox has produced an excellent series of articles on how the major mobile carriers have sold sensitive geolocation data to bounty hunters and others, including highly precise information designed for use with “Enhance 911” (E911). As we pointed out last month when this news came to light, turning over this E911 data (called assisted GPS or A-GPS), exposing E911 data to third parties -- whether by accident or intentionally, or using it in any way except for 911 or other purposes required by law violates the rules the Federal Communications Commission adopted in 2015 to protect E911 data.

Read More

The Latest