Wired has reported that several government officials involved in the Signal chat exposing sensitive national security plans have also exposed their Venmo accounts by not adjusting their account privacy settings to prohibit...more
On March 7, 2025, the Office of the New York State Attorney General (NY AG) published an Assurance of Discontinuance (Assurance) settling claims against Saturn Technologies, Inc. (company), a developer of a social media app...more
I have the pleasure to present an advanced session on cybersecurity to tax preparers at the IRS’ National Tax Preparers Forum each year. The sessions are well attended, and I enjoy meeting attendees and talking about the...more
More than ever before, consumers are aware of their rights when it comes to their privacy online. Whether they understand the letter of the law exactly or not, the reality is that as privacy rapidly evolves, so do the...more
After the downing of the Chinese spy balloon by U.S. Forces in early February 2023, several additional objects have been identified over U.S. and Canadian airspace. While officials have denied that these were additional spy...more
For some time now, dark patterns have been quite the trending topic for both marketers and privacy professionals. Regulators have frequently railed against dark patterns that purport to manipulate user choices, usually...more
On September 15, 2022, California Governor Newsom announced his signing of A.B. 2273, the California Age-Appropriate Design Code Act, which the legislature passed on August 30. The law – modeled after the United Kingdom...more
California’s Governor signed Assembly Bill (AB) 2273, the first of its kind state legislation that requires businesses that provide online services, products, or features likely to be accessed by children to comply with...more
On August 30, 2022, the California Legislature passed A.B. 2273, the California Age-Appropriate Design Code Act. The bill – which is modeled after the United Kingdom Information Commissioner’s Office code of practice for age...more
This is not the first post discussing location-based services on mobile phones. And it won’t be the last. After reading my colleague’s post on the priest who resigned from his high-profile position after his location was tied...more
Once again, Apple is leading the pack on privacy and implementing new privacy controls, starting next week. What does this mean for you?...more
My mother-in-law lives on a farm in rural Oklahoma. Living out in the country was a dream of my in-laws for a long time, and after retiring, they made it a reality over 19 years ago. They bought 43 acres of land, and the goal...more
The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it will exercise its enforcement discretion for health care providers’ and their business associates’ noncompliance with the HIPAA...more
More and more often industry reports reveal that many individuals perceive less and less control over their own personal information. So it’s not a coincidence that the National Cybersecurity Alliance (NCSA) designated this...more
On January 19, 2021, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Enforcement Discretion (Notice) announcing that it will not impose penalties for...more
The National Security Agency (NSA) recently released helpful guidance on how to effectively limit location data exposure for its staffers, which also can be helpful information for the general public. Businesses likely will...more
1. Help employees manage their individual privacy - Encourage employees to update their individual account privacy settings by visiting Update Your Privacy Settings on staysafeonline.org. ...more
Initially, it is important to recognize that any password security tool is only an aid to increased data security. Use of that tool does not and should not substitute for prudent judgment. You cannot cede you privacy...more
Data scraping is a technique by which automated tools are used to extract data from a website and format the data for analysis. Many companies mine website users’ publicly accessible data in order to tailor products and...more
It is so hard to keep up with the latest ways the bad guys try to infiltrate company data. One new technique is called warshipping, and its implementation is pretty simple and a little old school. ...more
I once again had the pleasure of presenting Cybersecurity for Tax Professionals at the IRS Nationwide Tax Forum today. The conference is designed for tax professionals in small- to medium-sized businesses....more
We predicted last year that hackers would become more malicious in the future, not only stealing and selling data for nefarious purposes, but actually destroying data and even systems. That reality hit email provider VFEmail...more
This was a particularly difficult travel week. In the past 36 hours, I have traveled on five planes in multiple cities (not always on the set itinerary due to diversions and mechanical issues) and the final leg of my travel...more
Ready, set, GO! When litigation is threatened, a critical time period begins. You may only have a matter of days to investigate your opponent or your dispute on social media before savvy parties or witnesses change their...more
In the recent case of Forman v. Henkin, the New York Court of Appeals ruled that “private” Facebook posts were subject to the standard rules of discovery....more