Rina Steenkamp - Privacy and technology



[January | February | March | April | May | June | July | August | September | October | November | December]


[Consultation on reform of Data Retention Directive - emerging themes and next steps | A coherent framework for building trust in the Digital Single Market for e-commerce and online services | Scarlet Extended SA v [SABAM] | Background document in support of the Digital Agenda for Europe | Judgement ([2011] EWHC 3185 (QB)) | A review of the annexes to the EU-USA PNR agreement and related press release]


[Empirical analysis of data breach litigation | Privacy protection for social networking platforms | Social authentication - harder than it looks | Commission proposes a comprehensive reform of the data protection rules | [SABAM] v Netlog NV | Follow-up report to the 2010 EDPS video-surveillance guidelines | Mapping of the process to commodify personal identifiable information in social media - Mappping and in-depth analysis of corporate profiling techniques | Does it help or hinder? Promotion of innovation on the internet and citizens' right to privacy | Guidelines on security and privacy in public cloud computing | Economics of security - facing the challenges | Using browser properties for fingerprinting purposes | Security threat report 2012 | Ron was wrong, Whit is right | Conundrum]


[2012 data breach investigations report | Search engine use 2012 | The Symantec smartphone honey stick project | Cloud computing use cases white paper | Opinion of the European Data Protection Supervisor on the data protection reform package | Comparative table - Commission for a General Data Protection Regulation - 1995 Data Protection Directive | Identity theft red flags rules | Consumer Sentinel Network data book for January - December 2011 | Study on monetising privacy - An economic model for pricing personal information | The human factor in data protection | Privacy design guidelines for mobile application development | 2011 Mobile threats report | Verizon 2011 investigative response (IR) caseload review | Imperva's hacker intelligence summary report - The anatomy of an Anonymous attack | The fight against cybercrime - Cooperation between CERTs and law enforcement agencies in the fight against cybercrime | [Letter to Google, Inc.] | Consumer data privacy in a networked world - A framework for protecting privacy and promoting innovation in the global digital economy | Case of Romet v. the Netherlands | Mobile apps for kids - current privacy disclosures are disappointing | Computer security incident handling guide (draft) | Common sense guide to prevention and detection of insider threats]


[Getting accountability right with a privacy management program | Unscrubbed hard drives report | Hacker intelligence initiative, monthly trend report #9 | State and trends of the Russian digital crime market 2011 | ICC UK Cookie guide | Smart metering implementation programme - data access and privacy | Security in the age of mobility | Is everything we know about pass-word-stealing wrong? | Opinion [...] on facial recognition in online and mobile services | Procure secure - a guide to montoring of security levels in cloud contracts | Security, trust and assurance registry (STAR) | PICOS - Privacy and Identity Management for Community Services | Protecting consumer privacy in an era of rapid change | Symantec 2011 cost of data breach study, United States | Beyond cyber threats - Europe's first information risk maturity index | Study on data collection and storage in the EU | Protecting patient privacy - strategies for regulating electronic health records exchange]


[A global reality - governmental access to data in the cloud | Governance of enterprise security - CyLab 2012 report | Accepting mobile payments with a smartphone or tablet | A contextual approach to privacy online | 2011 Data breach notifications report | Knowing more about privacy makes users share less with Facebook and Google | National cyber security strategies - Setting the course for national efforts to strengthen security in cyberspace | Email privacy tester | Privacy simplified | Internet security threat report, 2011 trends, volume 17 | SSL pulse - Survey of the SSL implementation of the most popular web sites | Mobile payments - consumer benefits and new privacy concerns | The future of money - smartphone swiping in the mobile age | Twenty-third annual report of the Data Protection Commissioner 2011]


[Outdoing Huxley - forging a high level of data protection for Europe in the brave new digital world | Measuring and predicting anonymity | Digital freedoms in international law - practical steps to protect human rights online | Measuring the cost of cybercrime | Working document [...] with the elements and principles to be found in Processor Binding Corporate Rules | Internet security without law - how service providers create order online | Downtime statistics of current cloud solutions | [O]n the Commission Recommendation on preparations for the roll-out of smart metering systems | Smart metering implementation programme - [...] security risk assessments and audits | From real-time intercepts to stored records - why encryption drives the government to seek access to the cloud | Icebergs in the clouds - the other risks of cloud computing | Opinion 4/2012 on cookie consent exemption | 2012 Trust, security and passwords survey | A view of traffic management and other practices resulting in restrictions to the open Internet in Europe | Proposal for a regulation [...] on electronic identification and trust services for electronic transactions in the internal market | Draft Anonymisation code of practice | Gagged, sealed and delivered - reforming ECPA'ss secret docket | When the government comes knocking, who has your back? | Cookies under control | Guidance on the rules of cookies and similar technologies | Breakthrough silicon scanning discovers backdoor in military chip (DRAFT of 05 March 2012) | McAfee threats report - First quarter 2012 | The impact of cybercrime on business | 2012 Disaster preparedness survey - global findings | A dual consent approach for x-payments]


[So close, yet so far apart - The EU and U.S. visions of a new privacy framework | The dawn of a critical transparency right for the profiling era | Best practices for mobile application developers | Interdependence and predictability of human mobility and social interactions | What facial recognition technology means for privacy and civil liberties | How to increase visibility of government ICT projects for external stakeholders - A case of the Dutch government | Special Eurobarometer 390 - Cyber security | Smart grid security - Recommendations for Europe and member states | Web privacy census | Opinion 05/2012 on cloud computing | WhiteHat Security website statistics report - How does your website security stack up against your peers? | Dissecting Operation High Roller | [Proposed revisions to the draft General Data Protection Regulation] | Case C-173/11 | Incentives and barriers of the cyber insurance market in Europe | From fingerprints to DNA - Biometric data collection in U.S. immigrant communities and beyond | Data privacy - What the consumer really thinks]


[Position paper on the use of RFID in schools | Why passwords have never been weaker - and crackers have never been stronger | Legal risks on the radar | The five neglects - risks gone amiss | Computer security incident handling guide | [Privacy charges against Facebook] | Locating the source of diffusion in large-scale networks | Visual data security white paper | Proposal for a [General Data Protection Regulation - written comments on chapters I and II] | How Apple and Amazon security flaws led to my epic hacking | [Consultation on legislating to give consumers access to data in an electronic, machine readable form] | Threatsaurus - The A-Z of computer and data security threats | Location-based services - An overview of opportunities and other considerations | Online traceability - Who did that? | Smarter protection for the smart grid]


[Reverse engineering informational privacy law | "Not all my friends need to know" - a qualitative study of teenage patients, privacy and social media | Malware report - January - June 2012 | Public attitudes towards robots | Big data for all - privacy and user control in the age of analytics | Have I got Newsforyou - Analysis fo Flamer C&C server | The ZeroAccess Botnet - Mining and fraud for massive financial gain | Symantec intelligence report - August 2012 | Study on impact assessment for legislation on mutual recognition and acceptance of e-Identification and e-Authentication across borders | Drones in domestic surveillance operations - Fourth Amendment implications and legislative responses | Chip and skim - cloning EMV cards with the pre-play attack | Baseline requirements for the issuance and management of publicly-trusted certificates, v.1.0 | A technology-centered approach to quantitative privacy | Reference check - is your boss watching? | Copyright as property in the post-industrial economy - a research agenda | Marketing your mobile app - get it right from the start | McAfee threats report - Second quarter 2012 | Privacy and data management on mobile devices | The 're-identification' of governor William Weld's medical information - a critical re-examination of healt data identification risks and privacy protections, then and now | Behavioral advertising - the offer you cannot refuse | Threat report - H1 2012 | Transparency - A brief Future of Privacy Forum survey of mobile application best practices | Counting the cost of e-crime - Executive summary | Cracking story - How I cracked over 122 million SHA1 and MD5 hashed passwords | On the feasibility of side-channel attacks with brain-computer interfaces]


[Annual incident reports 2011 - Analysis of the Article 13a reports of 2011 | Consumerization of IT - top risks and opportunities | Report on the data protection guidance we gave schools in 2012 | Microsoft security intelligence report | 2012 Norton cybercrime report | Deanonymizing mobility traces - using social networks as a side-channel | Opinion 08/2012 providing further input on the data protection reform discussions | Why the right to data portability likely reduces consumer welfare - antitrust and privacy critique | Privacy and progress in whole genome sequencing | Mobile device location data - Additional federal actions could help protect consumer privacy | Before we knew it - An empirical study of zero-day attacks in the real world | Towards a trusted and sustainable European federated eID system | Internet as data source - Feasibility study on statistical methods on internet as a source of data gathering | IBM X-Force 2012 mid-year trend and risk report | PlaceRaider - Virtual theft in physical spaces with smartphones | Unleashing the potential of cloud computing in Europe | Guidance on the use of cloud computing | The right to be forgotten across the pond | The state of risk-based security management]


[Opinion [...] on the Commission's Communication on "Unleashing the potential of Cloud Computing in Europe" | Privacy considerations of online behavioural tracking | The right to be forgotten - between expectations and practice | Supply chain integrity - An overview of the ICT supply chain risks and challenges, and vision for the way forward | A penny for your privacy - An analysis of the reimbursements in privacy infringement procedures | McAfee Threats report - Third quarter 2012 | Malware report - Q3 2012 | Cyber-security - a shared responsibility | Black tulip - Report of the investigation into the DigiNotar Certificate Authority breach | A survey of privacy and security decreasing third-party content on Dutch websites | Virtual currency schemes | Russian Underground 101 | Monitoring hacker forums | Electric subsector cybersecurity risk management process | Electricity subsector cybersecurity capability maturity model (ES-C2M2) | Cybersecurity for state regulators - with sample questions for regulators to ask utilities | Guide for assessing the high-level security requirements in NISTIR 7628, Guidelines for smart grid cyber security | Lifecycle data protection management - A controbution on how to adjust European data protection to the needs of the 21st century | Facing facts - Best practices for common uses of facial recognition technologies | Neighborhood watch - security and privacy analysis of automatic meter reading systems | 2012 Data breach investigations report | Discussion paper - Australian privacy breach notification]


[Anonymisation - managing data protection risk | Appropriate security measures for smart grids | Cybersecurity - The corporate counsel's agenda | Smartphone security checker | Kapersky security bulletin 2012 - The overall statistics for 2012 | Determined adversaries and targeted attacks - The threat from sophisticated, well-resourced attackers | Everything you need to know about the Data Protection Regulation | It's not how much data you have, but how you use it - assessing privacy in the context of consumer data integration | Mobile apps for kids - disclosures still not making the grade | A loophole in data processing - Why the 'legitimate interests' test fails to protect the interests of users and the Regulation needs to be amended | National cyber security framework manual | An inquiry into the culture, practices and ethics of the press | Mobile privacy - Is there an app for that? On smart mobile devices, apps and data protection | Methodology for privacy risk management / Measures for the privacy risk treatment | Security threat report 2013 - New platforms and changing threats | A case study of Eurograbber - How 36 million euros was stolen via malware | Global Internet user survey 2012 | The dangers of surveillance | The hackback debate | Guidance regarding methods for de-identification of protected health information in accordance with theHealth Insurance Portability and Accountability Act (HIPAA) privacy rule | Proactive detection of security incidents - Honeypots | Annual report 2012]