Welcome to "On the 50 Yard Line" The Blog of Stuart L. Pardau, Attorney, Professor and Observer of Political Economy; It’s not just about football.

Saturday, January 18, 2014

Target Data Breach Was the Result of BLACKPOS, an "off the shelf" malware created by a 17-year old

The massive data breach at Target during late last year used an inexpensive "off the shelf" malware known as BlackPOS. The same malware may have also been involved in the Neiman Marcus attack.
 IntelCrawler, a Los-Angeles based cyber intelligence company, announced that the age of BlackPOS malware author is close to 17 years old and the first sample of it was created in March 2013


Wednesday, January 15, 2014

A Bite of the Apple: FTC Requires Apple to Provide Consumer Refunds To The Tune of 32.5 Million For Alleged Charges for Children's Mobile Apps Without Proper Parental Consent

Apple Inc. has agreed to provide full refunds to consumers, paying a minimum of $32.5 million, to settle a Federal Trade Commission complaint that the company billed consumers for millions of dollars of charges incurred by children in kids’ mobile apps without their parents’ consent.
Under the terms of the settlement with the FTC, Apple also will be required to change its billing practices to ensure that it has obtained express, informed consent from consumers before charging them for items sold in mobile apps.
“This settlement is a victory for consumers harmed by Apple’s unfair billing, and a signal to the business community: whether you’re doing business in the mobile arena or the mall down the street, fundamental consumer protections apply,” said FTC Chairwoman Edith Ramirez.  “You cannot charge consumers for purchases they did not authorize.”
The FTC’s complaint alleges that Apple violated the FTC Act by failing to tell parents that by entering a password they were approving a single in-app purchase and also 15 minutes of additional unlimited purchases their children could make without further action by the parent. 


Tuesday, January 14, 2014

Attacking the Victim: Let's Not Forget That Copyright Holders Have Rights Too!

Citing Congressional testimony today before the House Judiciary Committee from both David Nimmer and Glynn Lunney, the EFF takes another opportunity to trash the entire statutory damages regime under the U.S. Copyright Act.

Have there been some isolated high-profile abuses? No question. But the fact remains that statutory damages exist for very good reasons.  Because it may be difficult for the copyright holder to prove actual damages (think of a young and new struggling artist, who still has precious little in the way of sales to support her case for actual damages in the infringement of her copyrighted works) they should have the ability to elect to seek the range of damages specified under the Act.

Too often as well, the debate has been framed with the use of the proverbial "straw man"techniques. The big, bad multinational corporation going after the helpless, morally innocent individual blogger. For every such instance I know of at least as many cases of a small business whose hard-earned copyrighted works have been infringed upon by large corporate enterprises. In the absence of statutory damages, many of these start-ups, small businesses and other nascent enterprises would be further disadvantaged in the marketplace.

Casting this debate as some sort of Manichean struggle of good vs evil is not helpful in advancing the serious discourse of these very important issues.


Senator Leahy reintroduces Data Privacy Legislation

Leahy first authored and sponsored the Personal Data Privacy and Security Act in 2005, and he has reintroduced the legislation in each of the last four Congresses. The bill would establish a national standard for data breach notification, and require American businesses that collect and store consumers’ sensitive personal information to safeguard that information from cyber threats.  Leahy’s bill introduction on Wednesday comes just weeks after the department store chain, Target, suffered a major data security breach involving 40 million credit and debit cards used to pay for purchases at its stores during the busy holiday buying season.


Court Overturns FCC Rules Regarding Net Neutrality

Could a regime where internet access to popular websites be governed paywalls? Given the centrality of this issue, it seems almost certain that this will go to the U.S. Supreme Court


Thursday, January 9, 2014

Use of Social Media for Determination of Credit Status

More lending companies are mining social media such as Facebook and Twitter to help determine a borrower's creditworthiness. Is this a problem legally or otherwise? IMHO, no it is not.  In the absence of the affirmative selection of privacy settings, once someone elects to put their information out there in social media, sorry Charlie, you have, in essence "opted-in" to the widespread sharing of your personal information. Information captured that is more broadly captured on the worldwide web presents a related, though slightly more nuanced, difference. Also subject to widespread access and use, likewise expectations of privacy should be reduced accordingly. That said, what to do about information that may be untrue, inaccurate, or downright defamatory? What protections exist there?


Tuesday, January 7, 2014

Facebook Sued in Northern District for Scanning Private Messages, Selling to Marketers for Targeted Ads

Facebook has been accused of intercepting private messages of its users to provide data to marketers, according to a class-action lawsuit filed in a federal court in California.
The social networking company scanned plaintiffs’ private messages containing URLs (uniform resource locators) and searched the website identified in the URL for “purposes including but not limited to data mining and user profiling,” according to the complaint in the U.S. District Court for the Northern District of California.


Twitter Delicious Facebook Digg Stumbleupon Favorites More

Powered by Blogger