Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
I read, with some small amount of discomfort, an article by Bill Brenner on CSO Online, wherein he interviewed several other CSOs and other "Security Execs" on their opinions on the firing of Pennsylvania CISO Robert Maley. For those who haven't heard about this, Mr. Maley was fired for talking about a security incident during the recent RSA conference without approval from his bosses. more
One of the WIPO decisions published today relates to gillette.ro. The registrant (respondent) didn't make any submissions in their defence, so the decision could have been quite banal. However some of the panelist's comments under the "Registered and Used in Bad Faith" section are quite interesting... more
Yesterday, in my post on three new threats in one day, I posed the question whether it was necessary to develop regulations that would set a minimum standard on cyber security for devices that connect to the Internet. I'm having second thoughts here, which I'll explain in this post, but also try to look at a way forward and ask you to engage. more
Quantum computers are coming, and the American Bar Association's SciTech section is beginning to consider the legal implications. This raises the question, will the legal profession be able to adopt emerging quantum technologies on a tech-business as a usual basis? Or will the developments flowing from quantum mechanical theory present a categorical challenge to the legal-industrial complex? more
In a presentation EU Commissioner Viviane Reding gave a preview of the new Privacy regulation her DG is preparing. As she states, privacy rules need to be brought up to date and harmonized. With all 27 member states having the same rules and tools to enforce, a company only will deal with one privacy commissioner... So, what if we, for the sake of this blog, take this initiative towards spam and cyber crime. What would this do to spam enforcement? more
So far, the debate on mass surveillance has dwelt on the immense resources made available to the agencies (NSA in the US, GCHQ in the UK), on the technological advantage that enables them to access any data and bypass encryption, and on the lack of proper oversight in those two countries. But in order to make their voices heard by their elected representatives, Internet users around the world need to have an even more complete view of the emerging reality. more
Today I released a report on 'National cyber crime and online threats reporting centres. A study into national and international cooperation'. Mitigating online threats and the subsequent enforcing of violations of laws often involves many different organisations and countries. Many countries are presently engaged in erecting national centres aimed at reporting cyber crime, spam or botnet mitigation. more
The highest court in Germany has ruled against telephone and email data retention used to track criminal networks. Melissa Eddy of the Global and Mail reports: "A law ordering data on calls made from mobile or landline telephones and e-mail exchanges be retained for six months for possible use by criminal authorities violated Germans' constitutional right to private correspondence, the Federal Constitutional Court ruled. In its ruling, the court said the law failed to sufficiently balance the need for personal privacy against that for providing security."
more
Earlier this year Okpako Mike Diamreyan was found guilty of wire fraud. The district court recently denied his motion for judgment of acquittal. Diamreyan "was charged with devising a scheme to defraud known as an 'advance fee.'" As the court describes it, this is a "scam . . . where a person asks an individual to pay an advance fee in order to obtain a larger sum of money, which the individual [victim] never receives." ... Two things about the case struck me... more
Sealing the cracks: a proposal to update the anti-cybersquatting regime to combat advertising-based cybersquatting is the title of an article by Christopher Varas in the April issue of the Journal of Intellectual Property Law & Practice. In this article, the author labels "modern cybersquatting" the monetization of domain names through PPC advertisements, and says that brand owners lack effective tools to combat this practice... more
There is an ongoing disagreement among various members and groups in the ICANN community regarding automation -- namely, whether and to what extent automation can be used to disclose registrant data in response to legitimate data disclosure requests. A major contributing factor to the complications around automation has been confusion about how to interpret and apply Article 22 of the GDPR. more
The ACPA and the UDRP provide two separate and distinct methods for resolving domain name disputes. Both alternatives have many critics and proponents, but the true value of each will ultimately be determined by how well each combats cyber-squatting. Separately, the UDRP and the ACPA will probably work well to defuse most of the cyber-squatting that is currently invading the Internet. If combined together the UDRP and the ACPA can be a cost saving and effective way to prevent cybersquatting... more
In an interview with GovInfoSecurity, Sen. Thomas Carper said that the U.S. Senate is considering attaching cybersecurity legislation to a defense authorizations bill. Though clearly a ploy to be able to say "we did something about those evil hackers" before the elections, CAUCE applauds the attempt. There can be no doubt that the United States (and many other countries) sorely needs better laws to deal with these threats. more
In 2012 I wrote a blog on CircleID called State hacking: Do's and don'ts, pros and cons. In this post I give some thoughts to the concept of a government "hacking back" at criminals. The reason for this was an announcement by the Dutch government that it contemplated law along these lines. The proposed law is now here: the Act Computer Criminality III. more
In 1999, the Internet Corporation for Assigned Names and Numbers (ICANN) developed a policy to resolve disputes between trademark owners and registrants of domain names. This policy, the Uniform Domain-Name Dispute Resolution Policy (UDRP) was made available for disputes concerning an alleged abusive registration of a domain name. In the past 10 years alone, more than 16,000 disputes have been filed resulting in more than 10,000 domain name transfers. more
A World-Renowned Source for Internet Developments. Serving Since 2002.