Anti-Phishing Warning Protected by 47 USC 230
By Eric Goldman Associated Bank Corp. v. EarthLink, Inc., No. 05-C-0233-S (W.D. Wis. Sept. 13, 2005). [BNA subscription required] EarthLink’s “ScamBlocker” incorrectly identified Associated Bank’s website as a phishing site, so users trying to access the website saw a huge…
Jill, Meet Best Buy’s Friendly Human Shopbot/Profiler
I’m a little surprised this article hasn’t generated more discussion. Last week, the Washington Post ran an article about Best Buy’s efforts to segment and target its customer base. They have developed a set of consumer profiles that they describe…
Bellia on Spyware, and Searcy v. Microsoft
Patricia Bellia of Notre Dame Law School recently posted a paper on spyware and surveillance laws, Spyware and the Limits of Surveillance Law. She challenges those who believe that the Electronic Communications Privacy or the Computer Fraud and Abuse Act…
Search Engines and Privacy…AGAIN?!
News.com and the Associated Press both ran stories last week about the possible ways that Google aggregates user data in a way that theoretically threatens privacy. Hmm…this sounds familiar…haven’t we heard this story before? Yes, only about a thousand times….
FTC Settles Another Case for Failure to Use Reasonable Security
In the Matter of BJ’s Wholesale Club, Inc., File No. 042 3160. The FTC settled with BJ’S Wholesale Club over BJ’s allegedly deficient security practices. This is the second settlement of its nature in three months (the last being an…
FTC Commissioner: “Somebody has got to pay”
FTC Commissioner Orson Swindle goes off about corporate data security practices. Internet News quotes him as saying “industry has, to a great extent, been irresponsible, and somebody has got to pay.” The article also quotes him as saying the lax…
BNA on Mandatory Disclosure Laws
BNA (registration required) runs an article recapping state-level activity on mandatory security breach notification laws. Seven states (Arkansas, California, Georgia, Indiana, Montana, North Dakota, and Washington) have adopted laws, and Florida is expected to join this list soon. The laws…
Congress Mulls Mandatory Security Breach Disclosure Law
Congress is discussing a national mandatory security breach notification law. In a minor surprise, at least one legislator, Rep. Oxley, is asking the right questions. He observes: “consumers may begin to ignore those notices as just that many more pieces…
NPR on Whois and Privacy
Larry Abramson of NPR ran a story entitled “New Laws on Domain Names Aim to Stem Online Fraud” (specifically referring to the Fraudulent Online Identity Sanctions Act, passed as part of the Intellectual Property Protection in Courts Administration Act). My…
Flash and Cookies
AP reports that there’s a hole in Flash that allows websites to access personal information stored on a user’s hard drive even if the user has wiped the hard drive of the website’s cookies.