Jan 212022
 January 21, 2022  Posted by  Govt, Online, U.S.

Brian Krebs reports:

If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a live video feed of their faces via a mobile device.

Read more at KrebsOnSecurity.

Jan 212022
 January 21, 2022  Posted by  Business, Laws, Non-U.S., Online

Ulrike Elteste of Covington and Burling writes:

On 22 December 2021, the conference of German data protection supervisory authorities (“DSK”) published its Guidance for Providers of Telemedia Services (Orientierungshilfe für Anbieter von Telemedien).  Particularly relevant for providers of websites and mobile applications, the Guidance is largely devoted to the “cookie provision” of the German Telecommunication and Telemedia Privacy Act (TTDSG), which came into force on 1 December 2021.  The publication  focuses on the consent requirement for cookies and similar technologies, as well as relevant exceptions, introduced by the law.

Read more at InsidePrivacy.

Jan 212022
 January 21, 2022  Posted by  Govt

I wasn’t sure which of my sites this post by Tim Cushing belongs on, so I’m posting it to both, because the public needs to see what the government is doing to erode transparency and rights.

Tim writes:

Missouri Governor Mike Parson is perhaps best known these days for trying to convert a right-click menu option into criminal hacking with his relentless (and relentlessly uninformed) desire to turn the people who exposed a security flaw in the state’s Department of Education website into nefarious criminals.

Governor Parson seems to believe intimidation is better than accountability. Whatever can be used to deter normal people from exposing the shortcomings of better people (i.e., government employees) is fair game. For years, the state’s public records law have served this same purpose: increasing the distance between the state’s government and the lowly people who have the misfortune of living in this state.

Read more at TechDirt.

Jan 212022
 January 21, 2022  Posted by  Business, Healthcare, Online

Dr. David Lenihan has an OpEd on CPO that has me shaking my head “no.”

He writes, in part:

While one might think that U.S. doctors, pharmacies, hospitals, insurers, medical service providers, and healthcare/wellness facilities are the primary entities that could potentially leak, share, or exploit private patient data, the truth is that the most audacious HIPAA violations are being perpetrated every day by Facebook and Google.

Read more at CPO Magazine.  Eventually, Dr. Lenihan acknowledges that big tech and the social media platforms are not covered by HIPAA. And while he may not be happy about that and want to see that change, calling Big Tech HIPAA violators is misleading and inaccurate. They are not violating a law that they are not covered by.

There are lots of reasons for Congress to impose more privacy protections on big tech. But Dr. Lenihan’s claims do not advance the conversation.