Tag Archives: online privacy

Online Privacy in Australia Takes a Major Hit. Who’s Next?

The latest law passed by Australian Parliament has outraged global privacy advocates. The Assistance and Access Bill (AA Bill) essentially allows Australian officials to access the content of end-to-end encrypted communications. While it may be an Australian law, global privacy advocates predict it will impact global privacy rights, and other countries may follow suit.

Here’s what you need to know. The most controversial parts of the AA Bill are the “frameworks for voluntary and mandatory industry assistance to law enforcement and intelligence agencies” that allow the Australian government to access encrypted communication content.

  • What does “industry assistance” mean?

It means the Australian government can force “designated communication providers” to use known capabilities to intercept communications or build a new interception capability.

  • Who is a “designated communication provider?”

In short, anyone who touches hardware, software, or data used in end-to-end communication, including online services like websites. Continue reading Online Privacy in Australia Takes a Major Hit. Who’s Next?

Maine Passes Employee Online Privacy Act

Maine’s governor signed H.P.467 to create new provisions for the state’s Employee Social Media Privacy law. The law prohibits an employer from requiring an employee or applicant to:

  • Disclose the login information for a personal social media account;
  • Access a personal social media account in the presence of the employer;
  • Disclose any personal social media account information;
  • Add anyone to the employee’s or applicant’s contact list for a personal social media account; or
  • Alter settings that affect a third-party’s ability to view the contents of a personal social media account.

The law also prohibits an employer from taking adverse action against an employee or applicant who refuses to take part in the above actions.

As more states adopt similar laws, employers should review any relevant policies and procedures to stay compliant with the changing social media privacy landscape. Online and social media privacy legislation for all states can be reviewed here.

Delaware Passes New Online Privacy Protection Laws

Delaware Governor Markell signed 4 bills into law providing increased privacy protections for online activities for the state’s citizens.

Delaware Online Privacy and Protection Act

Key provisions:

  • Prohibits marketing certain age-related products such as alcohol, tobacco, and firearms to children on websites or mobile apps directed towards children
  • Prohibits using a child’s personal information to market those products to that child
  • Requires commercial websites and online apps that collect personally identifiable information about users to post a privacy policy explaining the type of information they collect and the purpose for the information
  • Restricts online book service providers from disclosing information about customer’s reading choices without a court order

Student Data Privacy Protection Act

Key provisions:

Prohibits education technology service providers from –

  • Selling student data
  • Using student data to engage in targeted advertising to students
  • Amassing a profile on students to be used for non-educational purposes
  • Disclosing student data

Requires education technology service providers to –

  • Have reasonable procedures and practices for ensuring the security of student data the collect or maintain
  • Protect student data from unauthorized access, destruction, use, modification, or disclosure
  • Delete student data if appropriately requested to do so by a school or school district

Victim Online Privacy Act

Key provisions:

Prohibits anyone from publicly displaying, posting online, soliciting, selling, or trading online the address, image, or telephone number of a participant in the Address Confidentiality Program for the purpose of provoking someone to commit harm against that person.

Employee Protection for Social Media

Key provisions:

Prohibits employers from requiring employees to disclose information that would allow the employer access to their personal social media accounts.

Ten Easy Ways To Protect Yourself Online

The Oxford Club recently published an article article that eloquently reiterates 10 of the easiest ways for Internet users to best protect themselves.

  1. Use Strong Passwords. The more complex and long a password, is the better. Use a combination of letters, numbers, uppercase, lowercase and special characters. This blog has good recommendations for creating strong passwords.
  2. Change Passwords. Regularly change passwords on your accounts to keep out any unauthorized access.
  3. Use Different Passwords for Each Site. If all of your passwords are uniform across your online accounts, and an attacker gets the password for any one of them, then they can compromise the rest of your accounts.
  4. Ensure Social Sites are Secure. Check privacy settings on your social media accounts. Don’t publicly post sensitive information, like your phone number, or accept random friend requests. Social engineering scams are increasingly moving to the social media sphere.
  5. Update. Update your critical applications regularly. Attackers often take advantage of old, common vulnerabilities in common applications like Adobe or browsers like Internet Explorer.
  6. Secure Wireless Networks. Don’t leave your wireless networks open or with default credentials. This opens the door for attackers to snoop for sensitive information going out to the Internet – credit card numbers, Social Security numbers, etc.
  7. Click Carefully.  If in doubt, don’t click. Don’t click on any attachments or links that you are not expecting or are not from a trusted source. This is the traditional approach for attackers to install malware on your devices.
  8. Use One Card. Only use one credit card online for purchases. If your information is compromised, you will know which card number is breached.
  9. Anti-Virus Software. This is the first layer of defense against malware that might be trying to compromise the network via your device.
  10. Guard Information like Your Wallet. Phishing is the most prevalent way attackers gain access to your information. Always be on alert and don’t reveal any sensitive or personal information to unknown sources.

Oregon Passes Employee Online Privacy Act

Oregon’s governor signed S.B. 185 to amend the state’s social media law. The act prohibits employers from:

  • Requiring or requesting that an applicant or employee establish or maintain a personal social media account;
  • Requiring that an applicant or employee authorize the employer to advertise on his or her personal social media account; or
  • Taking adverse action against an applicant or employee for failing to establish or maintain a personal social media account.

The act is effective January 1, 2016.