Site Map - Privacy

Study Finds Online Privacy Tools Ineffective

- Tools that aim to let Web surfers block companies from tracking their online surfing are currently ineffective, according to a new study from Carnegie Mellon University.

Online Privacy

- A bill (H.R. 1981) designed to thwart producers and consumers of online child pornography has been approved by the House Judiciary Committee. The House of Representatives has not announced whether it will consider the measure.

Sick of Data Protection Rules?

- One medical center finds a healthy approach to meeting all of its compliance requirements.

Morning Security Brief: Counter-Meth Funding Cuts, Prison Cell Phones, HIPAA, and More

- Meth investigations come to a halt after federal funding is cut. Louisiana prisons consider a plan to block cell phone signals. An Android app lets you wipe your phone remotely. And more.

Effective Privacy on a Tight Budget

- Privacy initiatives are often seen as a drain on resources, but program managers can change that by emphasizing common goals.

Analyst Describes Privacy Policy Best Practices

- Many privacy policies could benefit by becoming more concise, legible, and tailored to the privacy-related needs of customers and other relevant readers, according to an analyst at this week’s Gartner Security & Risk Management Summit.

Baking in Strong Privacy Controls

- Successful privacy programs take a business-oriented, risk-based approach and have C-suite support.

Elsewhere in the Courts: Privacy

- The Illinois Court of Appeals has ruled that a public school and a printing company had no duty to safeguard the personal information of school employees and complied with data breach laws. In the case, the school contracted with the printing company to send a notice to former school employees. The employees were erroneously sent a list containing the names, addresses, Social Security numbers, marital status, medical and dental insurers, and insurance plan information for all of the employees. The school sent a letter to the employees asking them to return the list or destroy it. The school also offered the employees one year of credit protection. The employees sued, but the court dismissed the lawsuit, finding that the school and printing company were not guilty of negligence because they had no legal duty to protect the information except under data breach laws, which they complied with.

U.S. Judicial Decisions: Background Screening

- The U.S. Supreme Court has ruled that a background screening program used by a government agency does not violate employee privacy rights. In the case, 28 employees of the California Institute of Technology, under contract to do work for the National Aeronautics and Space Administration (NASA), claim that the government’s screening policy is too intrusive. The policy was implemented in 2004 under a government homeland security directive.


- An employee’s e-mails to her attorney are not privileged because she sent them over the company’s e-mail system, a California appellate court has ruled (.pdf). The employee had no expectation of privacy, ruled the court, because the company had clearly noted that e-mails were not private and could be inspected at any time.


- The Supreme Court of Texas has ruled that the state may withhold the birth dates of employees. In the case, reporters from The Dallas Morning News sued the state when it refused to release employee birth dates, citing a rise in identity theft and a need to protect employee privacy. The newspaper argued that other courts have ruled that the birth dates of state employees are public records.

Worth a Look: VaporStream

- VaporStream takes message security to the next level for even the most privacy-conscious customer.

Facebook Offers Secure HTTPS Option

- Facebook recently announced it will begin letting users connect to its service through an “always on” encrypted connection.

Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.