Wireless Security Whitepaper

Finish IT security firm Codenomicon recently posted this white paper on the current status of wireless security.

Businesses Generally Ignoring E-Discovery Rules

According to this article from eweek, a little over a year after the ediscovery rules went into effect, "about two-thirds of U.S. businesses remain unprepared to meet strict court requirements for the discovery and handling of electronic evidence."

E-Discovery Guidelines In US District Courts

The Electronic Discovery Law blog compiled a list of links to the 38 US District Courts that have adopted (or at least considered) local ediscovery rules and guidelines.

Identity Theft Tops FTC Complaint List

According to the FTC's annual report on the subject, identity theft topped the list of FTC complaints for the 7th year in a row. Roughly 32% (or over 260,000) of the Agency's 2007 complaints were due to identity theft. The report also demonstates that the most frequent type of identity theft complaint in 2007 was credit card fraud (23%). The metropolitan areas reporting the highest per capita rates of identity theft were Napa, California; Madera, California; and Greeley, Colorado.

Annonymity On The Net

Is there a First Amendment right to speak annonymously on the internet? A recent California Appellate (Krinsky v. Doe 6) case holds that, under certain circumstances, there is. In that case, plaintiffs argued that the identity of a individual who posted "scathing verbal attacks" on an online message board against corporate officers of a Florida company should be exposed. Plaintiffs served a subpoena to have the identity of "Doe 6" disclosed but the request was denied.

Spam Ring Indicted

A federal indictment was recently unsealed in Detroit, charging 11 people with violations of the CAN SPAM Act. The DOJ release alleges that the defendants set up "an international scheme to make money by manipulating stock prices through illegal spam e-mail promotions." The indictment also alleges that the defendants tried to send their spam through the use of botnets.

Red Flag Regulations

The most recent National Law Journal features an article entitled "Scrambing With ID Theft Programs" (subscription) discussing the so-called "Red Flag Regulations" which implement two sections of the Fair and Accurate Credit Transactions Act. The regulations, formally termed
"Identity Theft Red Flags and Address Discrepancies under the Fair and Accurate Credit Transactions Act of 2003," require financial institutions and companies offering consumer credit to institute identity theft prevention programs to detect "red flags" which might signal possible foul play. The regs go into effect Nov. 1 of this year.

FTC Settlement With Life Is Good, Inc.

The FTC recently announced a Proposed Settlement with clothing company Life Is Good, Inc. The FTC's Complaint against the company had alleged that the company, contrary to it's privacy policy, failed to adequately protect and secure the sensitive information it maintained about its customers. The proposed settlement requires, among other things, that the company designate at least one employee to coordinate the security program and that the company develop reasonable procedures for selecting and supervising service providers that handle customers’ personal information.

Preparing For A Data Breach

Philip Gordon of the Workplace Privacy Counsel blog provides 5 key points for employers to consider as they prepare for the possibility of a data breach: be prepared, train your HR professionals, determine your notice obligations, help your employees, and learn from your mistakes.