Autocracy, Anocracy, & Democracy – “Verbal Masterba(bleep!)…” January 25, 2016
Posted by Chris Mark in Laws and Leglslation, Politics.Tags: anocracy, autocracy, Chris Mark, democracy, Dr. Heather Mark, facebook, mark consulting group, politics
3 comments
Election season in the US is always interesting. Passions run high and people are quick to proclaim their positions on government and politics. Unfortunately, as many will likely agree, election season also gives voice to many who should probably remain silent.
Recently I was taken to task on Facebook and lectured on the concept of governance and democracy by a particularly obtuse and offensive individual. When I attempted to explain that democracy should NOT be considered a strictly binary proposition and that the US was indeed a democracy, his attacks became personal and I was accused of (among other things) “verbal masturbation”. According to this master of the English language: “Most folks like me would call your ideas verbal masturbation. They sound good from the outside but are really kinda stupid”…he actually wrote: “Kinda”…somehow this person drew a line between my comments on democracy and his belief that the federal government would force parents to stand by while their 12 year old daughters got abortions without consent. I am at a loss as to the logic… But…I digress. Back to democracy! (more…)
Mobile Privacy October 12, 2012
Posted by Heather Mark in InfoSec & Privacy, Laws and Leglslation, privacy.Tags: Dr. Heather Mark, Heather Mark, Location Privacy Protection Act, mark consulting group, mobile privacy, privacy
add a comment
Smartphones have changed the way we interact with our world. They’ve introduced a new level of convenience, but they’ve also introduced a new potential threat to our privacy. As consumers, we should be informed about the choices that we make on our smartphones and how they might impact us. For example, I upgraded my iPhone to iOS 6 this afternoon. (I know. I’m a little late on that one.) Anyway, when I was done I got two prompts. The first asked if I wanted to enable location services. I said yes, knowing that meant that 1) I could use the “find my phone” app, as well as many other apps that come in handy for a frequent traveler, and; 2) that it meant that Apple would have access to my location data. The next prompt suggested that Apple could improve its products and services if I just allowed my phone to send occasional reports to headquarters. That one I declined. I don’t necessarily want Apple to have access to all of my activities on my smartphone.
Now, I’m not naive enough to believe that my simple selection means that I have safely secured my data and mobile behavior entirely. There are companies that are taking advantage of the fact that privacy laws have not kept pace with technology. We know for example, that there are companies that offer device fingerprinting services for fraud prevention that also happen to sell mobile device behavior analytics to marketers. Consumers don’t have any way of knowing that their behavior is being tracked and they have no way to opt out.
This week, Sen. Franken (D-Minn) and Sen. Blumenthal (D-Conn) introduced a bill designed to protect mobile privacy. The Location Privacy Protection Act of 2011 is meant to protect consumer privacy by informing users of how and with whom their location data is shared. There are four primary requirements of the bill. Distilled to their basics, those requirements are:
1) Gain consumer consent before collecting location data
2) Get consumer consent before sharing that data
3) Assist in understanding and investigating crimes that involve the misuse of location data
and
4) create criminal penalties for those that abuse location services or use so-called “stalking apps.”
While I applaud the move to ensure that mobile users are protected from entities divulging their location without the knowledge or consent of the consumer, I wonder if the law goes far enough in protecting consumer privacy. What about those device fingerprinting activities? Do you think the proposed bill goes far enough? Too far? What would you like to see in terms of mobile privacy protection?
Privacy, Social Media, and Legislation September 29, 2012
Posted by Heather Mark in InfoSec & Privacy, Laws and Leglslation.Tags: AB1844, California, Dr. Heather Mark, Heather Mark, mark consulting group, markconsultinggroup.com, privacy, SB1349, Social media
add a comment
This week marks the opening of a new chapter in the rocky marriage of privacy and social media. California has passed two laws related to the protection of privacy on social media platform.
In SB1349, the state prohibits public or private post-secondary educational institutions from requiring students to provide the organization with access to the student (or student groups) social media sites. Nor can the student or group be forced to divulge information contained on those sites.
AB 1844 is similar in nature, but applies to employers. Specifically, the bill “would prohibit an employer from requiring or requesting an employee or applicant for employment to disclose a username or password for the purpose of accessing personal social media, to access personal social media in the presence of the employer, or to divulge any personal social media. This bill would also prohibit an employer from discharging, disciplining, threatening to discharge or discipline, or otherwise retaliating against an employee or applicant for not complying with a request or demand by the employer that violates these provisions.”
These bills are interesting in that they address a core concern around privacy and labor laws as they relate to social media. Employers (and potential lenders) are prohibited from making decisions based upon race, gender, religion, politics, sexual orientation. Most of this information, though, is available on individuals’ private social media profiles. Amid increasing reports of employers requiring prospective employees to turn over credentials or access their sites in view of the employer, privacy advocates were becoming increasingly, and rightly, concerned that the rights of individuals to protect their personal lives from employers were being diluted. These actions on the part of California serve to protect those rights. Frankly, these actions can also protect employers and schools from being accused of discriminatory behavior by not providing them access to this information, which would otherwise be unavailable to them.
It will be interesting to see how quickly other states follow the lead that California has set. Recall that California was the first state to pass a breach notification law and we now have 46 such laws nationwide. So the question, to me, is when, not if, we are going to see the trend take shape.
Because I Said So September 23, 2012
Posted by Heather Mark in cybersecurity, Industry News, InfoSec & Privacy, Laws and Leglslation, Politics.Tags: cybercrime, cybersecurity, data security, Dr. Heather Mark, Heather Mark, InfoSec
add a comment
Last week, Democratic leaders made some minor news when they sent a letter to President Obama suggesting that he issue an executive order on Cybersecurity. Their position is that, since Congress seems to be at loggerheads over the issue, the president should take the opportunity to force action by issuing an Executive Order. In fact, Secretary of Homeland Security Janet Napolitano told a congressional committee that just such an order was in its final stages. So what might we see in this forthcoming order?
According to reports, the order will attempt to regulate sixteen “critical” industries. The guidelines will be voluntary, after a fashion. Compliance with the standards may determine eligibility for federal contracts. The White House has not made any secret about its intentions on Cybersecurity. In fact, the White House website lists “Ten Near Term Actions to Support Our Cybersecurity Strategy.” Brevity prevents me from getting into a deep discussion about those actions here, but you can read them and draw your own conclusions.
The questions remain, however – 1) how stringent (read intrusive) will the requirements be?; 2) Will they be relevant to the threats in the landscape?; 3) How will compliance be policed? and 4) How much additional cost are we potentially adding our already stretched budgets?
Another question that merits examination is whether or not the standards will be redundant. Many industries are already straining under the weight of a variety of infosec requirements – whether industry-regulated or government mandated? Will another layer of regulation mean increased efficacy of data protection strategies and mandates or will it be just another layer of red tape?
“Democracy or Friendship?” – The US Role in Supporting Democracy July 31, 2012
Posted by Chris Mark in Laws and Leglslation, Politics.Tags: democracy, Dr. Heather Mark, Egypt, Isreal, mark consulting group, US foreign policy, USAID
4 comments
Heather Mark completed her PhD in Public Policy & Public Administration ‘several year’ ago. Her Dissertation was titled: “The Role of the United States Foreign Policy in the Global Adoption of Democratic Governance”. The US has long espoused the position of supporting democracy. Does the US actually practice what it preaches? Here is an excerpt from Heather’s dissertation:
“As the twentieth century wore on, however, the threats to democracy became less specific, but presidents and policymakers continued to use the ideology to frame their policy statements. This begs the question: “Do the actions of the United States actually further the cause of democracy, as policymakers indicate?” If the U.S. public knew the effect of U.S. actions on democracy, would the rhetoric still be as effective?”
Download and read her dissertation here. Make your own decisions regarding the US’s role.
Global Security, Privacy, & Risk Management 