A Missouri court recently handed down a judgement in an ACH/wire fraud dispute between Choice Escrow and BancorpSouth, and in a change from rulings in similar cases, this judgment favored the bank. The judge’s findings may well impact how other cases are decided in the future.
As we head toward the Labor Day Weekend, it is a good time to point out a couple of noteworthy state level legislative developments in the Information Security and Privacy space.
On August 22nd the California State Assembly passed SB 914 which amends the California Penal Code to make clear that police must acquire a search warrant in order to search an individual’s cell phone or other portable electronic device incident to the arrest of that individual.
Another data breach carried out by the “hactivist” group known as “Anonymous” provides an opportunity for businesses to become reacquainted with several important data security concepts. First let’s briefly review the background of the incident.
This time Anonymous hacked the Bay Area Rapid Transit system, commonly known as BART. BART is the second largest public transportation system in Northern California and carries about 40,000 riders a day. Anonymous was able to access and steal personal information on about 2400 BART customers who utilize the myBART website to manage their accounts. The information taken was reported by Anonymous to include system user names and passwords, individual last names, addresses, and telephone numbers.
In October 2005 the Federal Financial Institutions Examination Council (FFIEC) issued updated information security guidance for financial institutions offering internet-based financial products and services. The 2005 Guidance discussed the need for financial institutions to (1) utilize effective and well considered risk assessments in order to carefully evaluate the risk to an institution’s data in light of the nature and scope of the data services offered online; and (2) employ customer awareness and education as an effective means of reducing or eliminating risks associated with online banking.
In the flurry of activity immediately preceding the close of the United States Supreme Court’s term in June, the court accepted Cert on what could be a pivotal 4th Amendment privacy case: United States v. Jones. Jones presents the court with the opportunity to define the extent to which a person has an expectation of privacy with regard to their movements.
First the salient facts. Jones was the owner of a D.C. night club which was under federal investigation for suspected drug trafficking. At the conclusion of the investigation, Jones and the club’s Manager, Lawrence Maynard, were indicted for conspiracy to possess and distribute cocaine. They were tried jointly and convicted.
Whether we like it or not, information really is king. This has been true for a while now, but it is even more clearly so now. In one way or another we now depend upon digital information for almost everything: to protect us, feed us, cloth us, entertain us and, most importantly, inform us. Erosion of trust in the integrity of the information that we mutually consume and produce effects us all in ways which may not be immediately harmful, but are none the less detrimental to us collectively. Information is king, but trust is paramount in such a world.