Law Commons^™

Good Health And Good Privacy Go Hand-In-Hand (Originally Published By Jnslp), Jennifer Daskal

Joint PIJIP/TLS Research Paper Series

No abstract provided.

Resilience: Building Better Users And Fair Trade Practices In Information, Andrea M. Matwyshyn

Andrea Matwyshyn

Symposium: Rough Consensus and Running Code: Integrating Engineering Principles into Internet Policy Debates, held at the University of Pennsylvania's Center for Technology Innovation and Competition on May 6-7, 2010.

In the discourse on communications and new media policy, the average consumer-the user-is frequently eliminated from the equation. This Article presents an argument rooted in developmental psychology theory regarding the ways that users interact with technology and the resulting implications for data privacy law. Arguing in favor of a user-centric construction of policy and law, the Author introduces the concept of resilience. The concept of resilience has long been discussed in …

Recommended Corrective Security Measures To Address The Weaknesses Identified Within The Shapash Nuclear Research Institute, Khadija Moussaid, Oum Keltoum Hakam

International Journal of Nuclear Security

The Shapash Nuclear Research Institute (SNRI) data book was issued by the International Atomic Energy Agency (IAEA) in 2013. The hypothetical facility data book describes the hypothetical site, which is divided into two areas: the low-security area, known as the administrative area, and the very high-security area, known as the protected area. The book contains detailed descriptions of each area’s safety and security measures, along with figures of multiple buildings in both areas, and also includes information about the site’s computer networks.

This paper aims to identify security weaknesses related to the institute’s location, the Administrative Area (AA), the Protected …

Advancing Human Rights-By-Design In The Dual-Use Technology Industry, Jonathon Penney, Sarah Mckune, Lex Gill, Ronald Deibert

Articles, Book Chapters, & Popular Press

It is no secret that technology companies have greased the wheels for human rights abuses around the world — backed by a global web of private sector support and investment that has yielded significant financial returns. For example, the University of Toronto's Citizen Lab recently published research analyzing the use of Internet filtering technology developed by Canadian company Netsweeper in ten countries globally — Afghanistan, Bahrain, India, Kuwait, Pakistan, Qatar, Somalia, Sudan, United Arab Emirates, and Yemen — and concluded these uses likely violated international human rights law. Products like Netsweeper’s Internet filtering systems are often referred to as "dual …

Cover Letter, Laura M. Bedson

Richmond Journal of Law & Technology

The Richmond Journal of Law and Technology is proud to present its second issue of the Twenty-First Volume. As one of the leading publications in the legal technology field, JOLT has the privilege of publishing articles that address topics at the forefront of the law. From the Journal’s inception in 1995, JOLT has strived to be a step ahead of these laws in an effort to help shape the emerging legal landscape. Additionally, JOLT recognizes the practical benefit that many of its articles have on legal professionals and we publish articles with this goal in mind. The following articles …

Book Review: Handbook On Securing Cyber-Physical Critical Infrastructure: Foundations And Challenges (Written By Sajal K. Das, Krishna Kant, Nan Zhang), Katina Michael

Professor Katina Michael

This 800+ page handbook is divided into eight parts and contains thirty chapters, ideal for either an advanced undergraduate or graduate course in security. At the heart of this handbook is how we might go about managing both physical and cyber infrastructures, as they continue to become embedded and enmeshed, through advanced control systems, and new computing and communications paradigms.

Book Review: The Basics Of Information Security: Understanding The Fundamentals Of Infosec In Theory And Practice, Katina Michael

Professor Katina Michael

Dr Jason Andress (ISSAP, CISSP, GPEN, CEH) has written a timely book on Information Security. Andress who is a seasoned security professional with experience in both the academic and business worlds, categorically demonstrates through his book that underlying the operation of any successful business today is how to protect your most valuable asset- “information”. Andress completed his doctorate in computer science in the area of data protection, and presently works for a major software company, providing global information security oversight and performing penetration testing and risks assessment.

Book Review: Security Risk Management: Building An Information Security Risk Management Program From The Ground Up, Katina Michael

Associate Professor Katina Michael

In an age of outsourcing tasks that are not considered to be a core competency of the business, organisations have often relied on external consultants for matters pertaining to security. In actual fact, most companies could have utilized existing skill-sets in-house to produce a security risk management program, if only they knew what steps to take, and how to go about it all. Evan Wheeler in his book on information security risk management does just that- he equips professionals tasked with security, with the thinking required to create a program that is more preoccupied with the complex strategic-level questions than …

Resilience: Building Better Users And Fair Trade Practices In Information, Andrea M. Matwyshyn

Federal Communications Law Journal

Symposium: Rough Consensus and Running Code: Integrating Engineering Principles into Internet Policy Debates, held at the University of Pennsylvania's Center for Technology Innovation and Competition on May 6-7, 2010.

In the discourse on communications and new media policy, the average consumer-the user-is frequently eliminated from the equation. This Article presents an argument rooted in developmental psychology theory regarding the ways that users interact with technology and the resulting implications for data privacy law. Arguing in favor of a user-centric construction of policy and law, the Author introduces the concept of resilience. The concept of resilience has long been discussed in …

Trust Account Fraud And Effective Information Security Management, Sameera Mubarak

Journal of Digital Forensics, Security and Law

The integrity of lawyers’ trust accounts has come under scrutiny in the last few years. There are strong possibilities of information technology security breaches happening within the firms, either accidental or deliberate. The damage caused by these security breaches could be extreme. For example, a trust account fund in an Australian law firm was misused in a security breach in which Telstra charged A$50,000 for phone usage, mainly for ISD calls to Hong Kong. Our study involved interviewing principals of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. …

The Design And Implementation Of An Automated Security Compliance Toolkit: A Pedagogical Exercise, Guillermo Francia, Brian Estes, Rahjima Francia, Vu Nguyen, Alex Scroggins

Journal of Digital Forensics, Security and Law

The demand, through government regulations, for the preservation of the security, integrity, and privacy of corporate and customer information is increasing at an unprecedented pace. Government and private entities struggle to comply with these regulations through various means—both automated and manual controls. This paper presents an automated security compliance toolkit that is designed and developed using mostly open source tools to demonstrate that 1) meeting regulatory compliance does not need to be a very expensive proposition and 2) an undertaking of this magnitude could be served as a pedagogical exercise for students in the areas of collaboration, project management, software …

Communications Policy For The Next Four Years, Conrad Burns

Federal Communications Law Journal

No abstract provided.

Panel Two: Information Policy Making, Allen S. Hammond, Bruce W. Mcconnell, Michael Nelson, Janice Obuchowski, Marc Rotenberg, Fred H. Cate

Federal Communications Law Journal

The second panel of From Conduit to Content: The Emergence of Information Policy and Law addresses the government's response to the policy making challenges presented by information. Panelists from the government and academia explore the question: "How has, and how should, the policy-making process respond to the diversity of issues, interests, and policymakers?" Participants include Fred H. Cate, Allen S. Hammond, Bruce W. McConnell, Michael Nelson, Janice Obuchowski, and Marc Rotenbergaddresses the government's response to the policy making challenges presented by information. Panelists from the government and academia explore the question: "How has, and how should, the policy-making process respond …