| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
There is one very important fact, most people overlook when considering
privacy and user data: Data cannot be owned. When considering threats to the integrity of your network, advertisers are
not the first thing that comes to mind. Yet the market for user data is so rich
right now that it is ripe for exploitation. The brokers can buy and sell any
data they wish, with no concern for the origin or means of acquiring data. They
are not required to and unwilling to reveal their sources. Some provisions in
the Computer Fraud and Abuse Act open up the opportunity to acquire data
surreptitiously by discouraging the public from discovering what may be
happening to their data. Quiet, quasi-criminal operations could exist that
syphon data that is illegitimately collected and sell to legitimate brokers. The result of this alignment of circumstances is that there is an entirely
unexplored class of attackers that may operate beneath the radar, yet out in the
open. The data market is not something that has the potential for regulation, so
it is incumbent on organizations to be aware of the threat and take appropriate
measures to contain it. BIO: Christie started her career with a BSEE with an
emphasis in digital communications from the University of Kansas. A 15 year
enterprise network engineer career, largely in finance and manufacturing
followed. Starting with a study in anthropology she decided to change fields,
eventually pursuing an old interest in communications security and privacy and a
brief internship in hardware security. Seeking to combine her interests in
technology and society she began pursuing the field from a new perspective,
enrolling as JD candidate at Santa Clara Law. She now consults on privacy issues
related to communications technology while completing her law degree. She has
also cofounded Fork the Law, an effort to bridge the gap between technologists
and legislation.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast