That’s the title of my Slaw post from today.  It reads as follows:

Most of us realize that merely deleting a file doesn’t really remove it from the hard drive or other storage media it resides on.  (For some background on this issue see a post I wrote a while back.)

Given how we use digital devices today – both for work and personal use – we can’t just abandon this issue to our firm IT staff.  Our personal computers at home, our phones, copiers, memory sticks and ipads all probably contain our own personal information, or personal or confidential information of others.  We need to manage that not only while we use those tools – but when we dispose of them as well.   Pulverizing them into dust – aka destruction to the smithereens level – is not always an option.

This Microsoft article is worth a read, as it explains the issue, has some suggestions to reduce the risks, and links to some disk erasing tools.

An article in the Out-Law News entitled Customer data most popular stolen item for departing workers, claims industry survey refers to a survey that found a significant % of workers would take electronic and customer information with them when they leave a job.   The figures should perhaps be taken with a bit of skepticism, as the company doing the survey offers tools to monitor and control employee access.

Nonetheless, it is important to recognize that a significant number of privacy breaches, and leaking of confidential information, are internal – whether that be from a system issue, human error, or an intentional action. 

We can’t just focus on preventing external access.

There is a growing trend for places like restaurants and retail stores to provide free wifi access for customers.  Its easy to set up – just plug a wifi router in to your internet modem, right?  Not quite.  It is important to set it up and maintain it so it is properly protected by a firewall, and is not connected to your internal systems.  You don’t want customers or internet malfeasors to be able to get access to, or compromise your internal systems and the information it contains – such as customer credit card information.

Storefrontbacktalk has a good article that details the risks, and what steps to take to avoid it.

We all backup our data on computers, smartphones, and wherever else it is held.  That’s a good thing – but an article on the StorefrontBacktalk blog entitled  Are Data Backups Unintentionally Expanding Your PCI Scope? talks about how payment card data can seep into places you don’t want it to, which is then in turn backed up.  While the article focuses on payment cards, the issue could apply to any data. 

The entire article is worth a read – whether you deal with credit and debit card information or not - but to get a flavour:

And another post on the same blog entitled iPhone Payment Peril: Mobile Mayhem Omen?  starts by saying:

That’s the title of my Slaw post for today.  It reads as follows.

There has been a lot of press over the latest countries that don’t want Blackberries in their country unless they can get access to monitor user communications.  See, for example, the Washington Post, Techdirt, Engadget.

RIM designed Blackberry communications so they would be secure, in a way that RIM itself can’t even access them.  That’s a great feature that makes privacy advocates, corporate users, and individual users very happy. 

But it also makes some governments very unhappy – particularly those who believe they need to spy on communications.   Some to the extent that they threaten to ban use in their countries unless they get the access they want.   Those countries feel the need to monitor for illegal activity, or for anti-government sentiment that we in North America would consider basic free speech.   And the threat to ban irks governments like the US, because it affects US government officials and users that travel to those countries, and offends their views of free speech and individual empowerment.  The attitude of most of us in North America is that those governments should just lighten up and stop trying to suppress or control the thoughts and activities of people.

But we can’t forget that this is all a matter of degree.   US and Canada ”lawful access” advocates want ways for law enforcement to access electronic communications to fight criminals and terrorists, and have similar concerns about encryption that modern communications technology provides.  Law enforcement has always been able to do things like wiretaps with judicial oversight that requires some standard of reasonable cause before it happens.  (Although one is often suspicious about what wholesale monitoring is done at the national security level of things.)

We need to think these things through very carefully in terms of what access is truly needed and effective to fight crime, and what is merely security theatre.  Also what kind of rules, oversight, checks, and balances must go along with law enforcement access in order to balance that against rights to privacy and confidentiality.

For the London Free Press – July 26, 2010

Read this on Canoe

Customers and regulators take a dim view of companies that don’t safeguard private information

Twitter recently agreed to settle the Federal Trade Commission’s charges that it deceived consumers and put their information at risk through inappropriate and inadequate privacy measures. The charges were that Twitter represented it keeps user information safe, but its actual security measures were not adequate to do that.

On two separate occasions hackers gained unauthorized administrative control of Twitter and access to non-public tweets and user information.

In the first security breach, a hacker used an automated password-guessing tool to access Twitter’s administrative account.

In the second breach, a Twitter employee’s e-mail account was compromised and his or her administrative password inferred from other passwords stored in the e-mail account.

If this had occurred in Canada, it would be regulated by the Personal Information Protection and Electronic Documents Act (PIPEDA). The United States does not have equivalent privacy legislation.

The FTC approach in these situations is to charge the company with misleading advertising for not living up to its privacy policy.

The FTC charged Twitter with making representations regarding its privacy and security measures which were false and deceptive in violation of Section 5(a) of the Federal Trade Commission Act.

The terms of settlement include the following.

Twitter is barred for 20 years from misleading consumers about the extent to which it maintains and protects the security, privacy, and confidentiality of non-public consumer information.

This appears to be little more than a restatement of Section 5(a) of the Federal Trade Commission Act. However, including this in the terms of settlement provides the Federal Trade Commission with more tools for punishment in the event of a violation.

Twitter may be fined $16,000 per violation of the settlement agreement for the life of the agreement.

Twitter must establish a comprehensive information security program. The program is to include detailed risk assessment and safeguards based on that risk assessment.

The safeguards must be regularly tested and re-assessed as its operations and business change.

The security program will be assessed by an independent security auditor every other year for the next 10 years. Those reports must be provided to the FTC.

Twitter also must maintain certain records for the FTC, including any statements it makes regarding security and privacy, customer complaints relating to the FTC complaint and its responses, and any documents that suggest non-compliance with the settlement.

Whether it is the FTC taking action on misleading advertising grounds, the Canadian Privacy Commissioner taking action under PIPEDA, or simply customers becoming upset at security breaches, businesses can’t afford security and privacy breaches.

The lesson is, it’s far better to consider and deal with security and privacy issues on your own at the outset, then to have problems and face the wrath of regulators and customers alike.

That’s the title of my Slaw post for today.  It reads as follows:

The Canadian Privacy Commissioner posted a link to a short test to see how you fare in minimizing the risk of ID theft that is on a website managed by the Australian Privacy Commissioner.

This was created for Privacy Awareness Week, which is an annual promotion by the Asia Pacific Privacy Authorities (APPA) forum which includes the Privacy Commissioners of British Columbia and Canada.

It looks at things such as what’s in your wallet, online shopping, and credit/debit card use.

It’s worth spending the couple of minutes it takes to complete.   My challenge to you is to act on at least one thing you could do better.

A CBS report earlier this week talked about the information that is contained on photocopier hard drives, and how it is there for the taking on used machines.   Many people don’t realize that when photocopiers changed from analogue to digital technology several years ago, they work by storing print and copy jobs on internal hard drives.  

That’s why, for example, when you make 10 photocopies, it scans the original only once, then prints the 10 copies.

Those hard drives store a vast history of whatever documents have been copied, printed, scanned, or received or sent by fax on the machine.

So when one gets rid of a photocopier, those documents, and whatever confidential, sensitive, or personal information is on them, goes with it.   It is important to deal with that so the information cannot be published or get into the wrong hands.

So what should organizations do?

If you are throwing out an old copier that you own, the most effective thing is to remove the hard drive and destroy the platters within it.  Destruction to the “smithereen” level is required.

If you are selling the copier, or if it is going back to a copier company as a trade-in, or at the end of its lease, talk to the copier company.   The most reliable option is retrieving the hard drive before it leaves your premises and destroying it – with the understanding that it will require a new one to be used.

If that’s not practical, hire someone to wipe the drive before it leaves, or get written assurances from the copier company that they will wipe it immediately – preferably before it leaves your premises.

Keep in mind that merely “deleting” files from and memory device is not enough.  That still leaves the actual files there.  

Also that this issue is not just for photocopiers.   It applies to any digital device with memory – such as cell phones, jumpdrives, and that new iPad.   Almost everything is digital, and a computer these days.

For more detail on this issue, see an article I wrote  a while back,  this “secure destruction fact sheet” by the Ontario Privacy Commssioner, and these “Guidelines for media sanitation” by the National Institute of Standards and Technology, which was based on work funded by the US Department of Homeland Security.  (Both of those are pdf files.)

That’s the title of my Slaw post for today.  It reads as follows.

There is a lawsuit  and a criminal investigation underway resulting from a school outside of Philadelphia that secretly took pictures of students with webcams on laptops supplied by the school.

The idea was to use the webcams only in cases where a laptop was reported stolen.   It is alleged however that school officials turned on the webcams simply to spy on the students for their own curiosity.  

More details and commentary can be found on Techdirt, Boing Boing, and this AP story.

It’s hard to sort out reality from posturing, but it doesn’t look good for the school.

A couple of lessons can be learned from this.

First, people are a real weak link in the need to preserve privacy where any kind of surveillance or tracking is possible – despite good intentions behind the system.

Second, if you must use any kind of system that enables surveillance, take all possible steps to limit access, and make clear to those that have access that they will be held accountable if they misuse it.

Security expert Bruce Schneier wrote an article for CNN entitled “Spy cameras won’t make us safer” that’s worth reading.

His basic premise is:

Pervasive security cameras don’t substantially reduce crime. This fact has been demonstrated repeatedly: in San Francisco, California, public housing; in a New York apartment complex; in Philadelphia, Pennsylvania; in Washington; in study after study in both the U.S. and the U.K. Nor are they instrumental in solving many crimes after the fact.