Items tagged "Cybersecurity"

Post

Security Shield: A Label to Educate Consumers and Promote Sustainable Cybersecurity

January 28, 2019 Cybersecurity , IoT , white paper

Last year, we published a white paper recommending stakeholders improve cybersecurity and foster innovation by drawing upon time-tested principles from sustainability management. The paper observed that transitioning to a sustainable approach to cybersecurity embraces the principles of shared responsibility and collective action, frames business costs associated with improved security as an investment in the internet ecosystem, encourages broad adoption of risk-management practices, and supports consumer engagement.

Read More
Post

ITU’s Plenipot: What Happened

November 28, 2018 Cybersecurity , Internet Governance , ITU , Plenipot , Privacy

The International Telecommunication Union (ITU) is a United Nations (UN) agency originally created in 1865 to manage cross-national telegraphic communications, and is increasingly seen by its member states as the technology policy branch of the UN system. While to date it is formally responsible only for telecommunications issues, in recent years the ITU has hosted a global summit on Artificial Intelligence (AI), organized a workshop on e-payments and 5G, held a forum on the Internet of Things and Smart Cities, studied the economic impact of the so-called Over-The-Top (OTT) internet services such as WhatsApp or YouTube, developed a global cybersecurity index, and analyzed privacy in cloud computing. That, on top of ITU’s fundamental mandate and ongoing work to help connect the hundreds of millions who are still unconnected.

Read More
Post

Creating A Cybersecurity “Energy Star”

July 20, 2018 consumer choice , Cybersecurity , sustainability

Although a cybersecurity labeling system similar to Energy Star should prove valuable, we still have some questions to answer, chiefly: What would such a system look like? Who would run it? And how would someone earn the label?

Read More
Post

A Security Baseline for Consumer IoT Devices Will Help to Foster a Sustainable IoT Ecosystem

July 10, 2018 Cybersecurity , Internet of Things , IoT

As we have previously outlined in detail, sustainability management provides a useful conceptual framework for crafting forward-looking cybersecurity policy. A sustainable approach to cybersecurity involves, among other things, acknowledging that cybersecurity is a shared responsibility, framing business choices that prioritize security as investments, and engaging broadly in risk management practices. The Internet of Things (IoT) ecosystem has reached (or, arguably, passed) an inflection point in its development, and a sustainability-based security baseline for consumer-facing IoT is past due.

Read More
Post

With the Rise of Connected Cars, Automakers Must Address Cybersecurity Threats to Consumers

June 21, 2018 Connected Cars , Cybersecurity , IoT

In a late-May vehicle safety review, Consumer Reports noticed a problem with the new Tesla Model 3’s brake performance: It stopped more like a truck than a sedan. Within days Elon Musk’s company was able to identify the issue and resolve it through an over-the-air (OTA) update.

Read More
Post

The FTC Must Be Empowered to Protect Our Privacy

June 18, 2018 Cybersecurity , Data Protection , FTC , Legislation , Privacy

Back in 2011, the Federal Trade Commission alleged that Facebook deceived consumers by failing to keep its promises to protect user privacy. The two parties agreed to settle the charges through something called an “agreement containing consent order.” The Commission also signed a consent agreement with Google that same year. The FTC issued a final Decision and Consent Order regarding the Facebook allegations in 2012. (A consent order is an FTC enforcement tool that operates like a legal settlement.) Without admitting to the complaint’s counts, the parties involved signed a document that basically says, “we both agree to enter this agreement to resolve the allegations in the complaint, so now you have to do the following things, and if you fail to do any of them, the FTC is going to impose financial penalties.”

Read More
Post

For Cybersecurity and Public Safety Efforts, GDPR Creates Uncertainty

May 31, 2018 Cybersecurity , GDPR , ICANN

Last week the General Data Protection Regulation (GDPR) came in to force. We previously shared the view that while the GDPR is not quite right for the United States, there are important aspects that should be incorporated into the ongoing discussion about privacy legislation. This post addresses other aspects of GDPR, which have created some uncertainty around ongoing efforts to improve cybersecurity and support public safety. Two such efforts are cybersecurity information sharing and access to WHOIS data.

Read More
Post

Due Process, and Our Approach to Dominant Online Platforms

May 24, 2018 Antitrust , Competition , Cybersecurity , Online Platforms , Privacy

Today, Public Knowledge released a paper, “Even Under Kind Masters,” that recommends that dominant internet platforms provide users with due process. It is just one component of our plan to increase the work we do relating to internet platforms.

Read More
Post

New White Paper Proposes Adopting Sustainability Practices as a Solution to the Cybersecurity Crisis

April 18, 2018 Cybersecurity , Data Protection , Data Security , Privacy , white paper

Constant cyber hacks and distributed denial-of-service (DDoS) attacks have unfortunately become the new normal in today’s internet-connected society. We’re not even a third of the way through 2018, and already dozens of data breaches and attacks have occurred, including hackers recently stealing information associated with nearly 900,000 credit cards used by Orbitz customers and more than 5 million credit and debit cards used at Saks Fifth Avenue, Saks Off Fifth, and Lord & Taylor stores. This unrelenting onslaught has significantly eroded consumer trust in the broad ecosystem of information and communications technologies (ICTs). The growing distrust risks a calamity of public confidence that could undermine both our economy and democracy, creating a ticking time bomb.

Read More
Post

Will Europe Force the U.S. to Move Faster on Privacy Reform?

April 17, 2018 Cybersecurity , Data Security , European Union , International , Privacy

On April 12th, the Irish High Court elevated a series of questions to the European Court of Justice (ECJ, the Supreme Court of the European Union) regarding the validity of key legal instruments used by American tech companies to process Europeans’ personal data. Judge Caroline Costello of the Irish High Court is concerned about the national surveillance practices of the United States and the level of privacy rights observed there.

Read More