Encryption & Privacy Tools

Health Industry Cybersecurity Practices: New consensus practices and tools from HHS

The US Department of Health and Human Services (HHS) has produced a set of cybersecurity resources for healthcare provider organizations from small to large. So far, HHS has published four documents: an overview report of cybersecurity issues and practices, two technical volumes, and a toolkit. The documents focus on what an expert multistakeholder consensus group determined to be the five most prevalent cybersecurity threats and the ten core cybersecurity practices. The practices are voluntary, and utilize the NIST cybersecurity framework. The documentation is based in reality, not conjecture, and the documents are not intended to sell any particular products for any particular vendor. This has allowed for a rich and helpful documentation of current challenges along with solutions. See our overview of the four new resources.

WPF moderating seminar on GDPR & biometrics in Brussels, Belgium

WPF executive director Pam Dixon will be moderating a seminar to be held by the Biometrics Institute in Brussels, Belgium on 17 April on the topic of implications and implementation of the GDPR. The event will be held at the Office of the Spanish National Research Council, 7th Floor, Room ...

Top tips for people affected by the recent Yahoo security breach

On December 14 Yahoo announced a serious security breach in which sophisticated data attackers grabbed users' answers to security questions, among other information such as names, email addresses, phone numbers, and birth dates. This breach is particularly worrisome because it culled sensitive information from 1 billion Yahoo customers, which makes ...

Public comments: WPF encourages NIST to refine report on de-identification of personally identifiable information

The World Privacy Forum submitted comments today to the National Institute of Standards and Technology in response to its publication, Draft Report on De-Identification of Personally Identifiable Information (NISTIR 8053). The WPF welcomes the draft NIST report, as the area of de-identification and re-identification of personal data swirls with controversy ...

Consumer Tips: What to do about the NSA address book snooping

The Washington Post published new revelations from Edward Snowden’s leaked documents that revealed that the NSA is scooping up millions of email and IM address books globally. This is a serious piece of snooping business, and it deserves immediate attention on a policy level. For people who are reading this and wondering what you can do today, right now, here are some immediate steps to take.

Consumer Tips: Facebook Privacy Guide - How to Turn On Secure Browsing

Facebook gives you the option to use use secure browsing when a secure connection is available. This is a security option that all Facebook users should use. It is a no-brainer to say yes to. Facebook has turned this option on by default, but the rollout for this option may not have reached your area. Also, there may be some country-level differences. It is worth taking a few steps to make sure turn this option is on. It is well worth it, and we highly recommend it for all users.

Consumer Tips: Search Engine Privacy

We have updated our much-visited Search Engine Privacy Tips in light of recent events surrounding online privacy. First, search engine encryption has become much more important for a number of reasons, which we discuss in the revised tips. Several search engines are now using encryption by default, including Google, DuckDuckGo and others. Additionally, WPF has been receiving reports from consumers about "fake" search engines containing viruses. Our new tipsheet has been refreshed to reflect these recent trends and issues.

WPF opposes censorship bills; supports right to create and use anonymization tools to protect privacy

Stop SOPA & PIPA ---- The World Privacy Forum is deeply concerned about the profound, far-reaching privacy consequences of two bills, SOPA and PIPA. The bills have many negative aspects. In terms of the privacy impacts, one of the serious consequences is that the right to create and use anonymization ...