Privacy

Massachusetts Eye and Ear Infirmary, a Boston-based hospital, agreed to pay $1.5 million to the U.S. Department of Health and Human Services (HSS) earlier this week, settling a HIPAA violation stemming from a 2010 incident. Read more »

Google Chrome is indeed getting a Do Not Track (DNT) feature according to source code published in the developer’s release of the browser at the end of last week. The feature should clear Google’s dev and beta channels before making its way into the next stable build of the browser before the end of this year. Read more »

Twitter quietly is assembling a serious security team, with the most recent addition being Charlie Miller, the security researcher known for finding a long line of bugs in the iPhone and other Apple products. Miller, a respected and prolific researcher, will join the social network's security team next week. Read more »

The University of Miami Hospital (UMH) has begun to notify patients for the second time this year that some of their personal information may be at risk after the health care institution was hit with a data breach in July. According to a letter being sent to patients this month, two employees at the hospital were found “inappropriately accessing” patients' “face sheets," documents that give doctors a quick glance at patients' information. Read more »

The co-founder of the Apache HTTP Server Project is under fire for a patch that instructs the world's most popular Web server to ignore the Do Not Track privacy setting enabled by default in Internet Explorer 10. Read more »

Cellphone owners now account for 88 percent of the U.S. population, of which some 43 percent say they download applications on their phones. Among these ‘app users,’ 57 percent told the Pew Internet and American Life Project that they have either uninstalled existing applications or made the decision to not install an application altogether after determining the amount of personal information required as a permission to install. Read more »

Several weeks after announcing that some of its users’ log-ins and passwords had been stolen, file storage company Dropbox announced it has added a two-step authentication process over the weekend to help reinforce the security of its users’ accounts.

The added layer of security is currently optional but can be selected after users opt in, then check the ‘Security’ section of their “Settings.’ Read more »

Podcast and Downloads

digital_underground_102.mp3

Dennis Fisher talks with Cesar Cerrudo of IOActive Labs about his research project that used Fortune 500 executives’ corporate email addresses as the starting point to gather data about their online activities. Cerrudo found that he was able to map executives’ activities across a wide range of e-commerce, social networking and other sites with just an email address.

 Read more »

Google, which has come under fire for years for its privacy practices and recently settled a privacy related case with the Federal Trade Commission that resulted in a $22.5 million fine, is building out a privacy "red team", a group of people charged with finding and resolving privacy risks in the company's products. Read more »

A more than three-month old intrusion into networks at the University of South Carolina may have compromised the personal information of some 34,000 individuals associated with the school’s College of Education. Read more »