German Hacker Group Says It’s Broken The iPhone’s TouchID Fingerprint Reader – Forbes

German Hacker Group Says It’s Broken The iPhone’s TouchID Fingerprint Reader – Forbes.

Within just days of the release of the new iPhone 5s, it appreas that hackers have already found a way to break Apples new fingerprint-based biometric security feature, TouchID.

Apple indicates that it is working on fixes to this apparent vulnerability already, but in the meantime, it just goes to show that reliance on new security standards or features must be done cautiously until that system is thoroughly vetted.

Forewarned, fore-armed.


6 States Bar Employers From Demanding Facebook Passwords | Threat Level |

6 States Bar Employers From Demanding Facebook Passwords | Threat Level |

As of today, there are now a total of six states which have passed laws which specifically prohibit employers from demanding that employees provide the employer with their Facebook passwords: California, Illinois, Michigan, New Jersey, Maryland, and Delaware.

As more and more employers have begun demanding access to employees’ or potential employees’ personal, non-public social media data, these laws represent clearly developing trend towards greater protection of employee privacy. It is important to note, however, that none of the laws enacted to date prohibit employers from reviewing what employees or potential employees publicly post to social media sites.

With this kind of rapidly changing privacy landscape, it is increasingly important for employers to continuously review and update their hiring and other employment policies. What’s more, the most recent laws are most likely only the tip of the iceberg. Many other states are considering similar laws, some of them potentially even more far reaching than those enacted by these first six states. Likewise, the specter of increasing federal laws and regulations dealing with privacy both within and outside the workplace is also increasingly real.

And so, the $100,000 question: “Have you reviewed your company’s employment policies lately?” If not, now is a good time to do so!

Navigating the Legal Pitfalls of Augmented Reality

Navigating the Legal Pitfalls of Augmented Reality. has published an interesting article on the legal implications of Augmented Reality as a marketing and advertising tool.

In the past year, AR has increasingly moved out of the “gee-whiz” phase of just being a technological marvel into becoming a legitimate and increasingly adopted tool in the marketing arsenal of a significant number of companies. (The Mashable article cites Ikea and Philips electronics as two examples, but there are many more, with new-comers jumping on board each day.)

There are, however, a number of significant legal implications that companies need to factor into their decision of whether or not AR is an appropriate tool to use and, if so, how to implement it.

These legal concerns include general privacy and data security issues, truth in advertising regulations, child protection (COPPA) issues, just to name a few.

The takeaway here is: if you are using AR in your marketing and product delivery process OR if you are thinking of adding AR to the mix, make sure that you have thought through and implemented policies and procedures that will keep you on the right side of the applicable laws and regulations that apply. Failing to do so can lead you into a ugly (and expensive) virtual dead-end.

Dead model’s parents can’t get Facebook messages, judge says — Tech News and Analysis

Dead model’s parents can’t get Facebook messages, judge says — Tech News and Analysis.

Another story has hit the media about privacy in the social media sphere. GigaOm and others are reporting about a recent decision by a California probate court in which the court refused to require Facebook to turn over the contents of a deceased woman’s account to her parents (who were the named executors of her estate).

The Court found that federal Stored Communications Act forbids companies not just from sharing user’s e-mails without their permission, but also social media communications, as well.  The GigOm article above links to an interesting artificial by Venkat Balasumbramani which was posted on Eric Goldman’s Technology and Marketing Law blog which discusses in greater detail a number of the recent court cases across the country dealing with privacy and social media issues and some of the landscape which they are beginning to carve out.

It is clear, however, that they law has a lot of catching up to do on this issue of privacy in a world of electronic communications. Eventually the law will catch up on this subject, whether through new legislation or court interpretation of existing legislation.In the meantime, there will be a great deal of uncertainty and inconsistency in the law, leaving rocky shoals to navigate.

Employers Banned From Asking For Social Media Passwords In California | TechCrunch

Employers Banned From Asking For Social Media Passwords In California | TechCrunch.

California has just passed a law that will make it illegal for employers in that state to require applicants and/or employees for the passwords to the their social media accounts. While it is too early to say if this will become a trend, it is clear that there is increasing concern about the extent to which there is some expectation of privacy within the social media sphere. This is the same tension which was played out in the recent case in which Twitter was required by a court in New York to turn over information on an account holder who was arrested in connection with the Occupy Wall Street protests.

This is an area of the law which remains quite unsettled. While the courts catch up on the issue of how to handle privacy issues with respect to social media, it is clear from this new California law that employers need to tread carefully with respect both limiting and investigating their employees and applicants’ use of social media.

Anonymous reminds Apple that UDIDs are creepy — Apple News, Tips and Reviews

Anonymous reminds Apple that UDIDs are creepy — Apple News, Tips and Reviews.

I am not sure which is more creepy, the way in which Apple has been using Unique Device Identifiers (UDIDs) to track iPhone and iPad users’ behavior or the fact that (if the claims of where these leaked UDIDs came from are true) the fact that an FBI agent had a trove of over 12 Million of them, along with other  personally identifiable information matched up to these UDIDs.

In any event, it goes to show that there remain many concerning security and privacy issues surrounding the use of mobile devices.

California state legislature approves Location Privacy Act | Ars Technica

via California state legislature approves Location Privacy Act | Ars Technica.

According to an article on Ars Technica, California’s state legislature passed the Location Privacy Act of 2012 (SB-1434) on Wednesday, which would make it mandatory for law enforcement agencies to obtain a warrant before gathering any GPS or other location-tracking data that a suspect’s cell phone might be sending back to its carrier.

This is a different tack than the federal appeals court took last week in a different case. In that case the appeals court ruled that police were allowed to track a GPS coming from a suspect’s prepaid phone without a warrant.
It is clear that there remains a significant divide between courts and jurisdictions on the issue of expectation of privacy and Fourth Amendment search and seizure issues in the electronic age. It may be quite some time before these issues are decided with clarity. In the meantime the privacy debate rages on.