Security Newsletter

Technology Security Issues in Arkansas

State Security Office

Newsletter

February 2005	Highlights \| In the News \| Publications \| Policy & Standards Update \| Hot Links
Workshops / Events • The Global Flow of Information Conf 2005 April 1-3, 2005, New Haven, CT • CFP2005: 15th Annual Conf on Computers, Freedom and Privacy. April 12-15, 2005, Seattle WA • 2005 IEEE Symposium on Security and Privacy. May 8-11, 2005, Berkeley, CA • Freedom 2.0 - Distributed Democracy. May 20-24, 2005, Washington D.C. Resources • Disposal of Electronic Devices	Privacy & Identity Theft

	Highlight on Privacy in the Workplace Public organizations should be especially mindful of protecting personal information about Arkansas’ citizens since governments typically collect information about individuals spanning from cradle to grave. Disclosure of personal data can lead to identity theft which was the number one consumer complaint received by the Federal Trade Commission in 2004. The FTC website reports that there were 3,006 fraud and identity theft reports from Arkansas victims in 2003. Privacy of personal information held by the government can also be compromised by phishing, which is the attempt by a person to gain personal and financial information from an unsuspecting person by sending a bogus email that looks like it came from a reputable organization. A public employee could click on a link in a phishing email and download spyware, which could then harvest information off the employee’s computer. Another aspect of privacy is the effective removal of information from electronic devices before recycling or disposal. The Office of Information Technology has recently released a report called “Computer and Electronic Solid Waste Management Security and Privacy of Data Held in Electronic Devices” In the News Feb 1, 2005 - FTC: At Least $548 Million Lost to Identity Theft - Americans lost at least $548 million to identity theft and consumer fraud last year as the Internet provided new victims for age-old scams, according to government statistics released Tuesday. <Read More> <Read the Report> January 27, 2005 - Study: Most Identity Theft Occurs Offline - Despite growing fears about online fraud, a new study by the Better Business Bureau finds that most cases of identity theft originate offline. In half of the cases where the perpetrator is known, identity fraud is committed by someone close to the victim. <Read More> January 27, 2005 - News: Wireless Privacy Act to Protect Georgian's Cell Phone Numbers - Georgia Governor Sonny Perdue recently announced a new legislative initiative to provide privacy protection for consumer's cell phone numbers -- the Georgia Wireless Privacy Act. The legislation will be introduced by State Senators David Shafer and Cecil Staton. <Read More>60%	State Standards, Policy & Best Practices Watch Promulgated Policies and Standards Password Management (PDF) Personnel Security (PDF) Warning Banner (PDF) Virus Scanning (PDF) Hot Links Privacy & Identity Theft Anti-Phishing Working Group Electronic Privacy Info Center (EPIC) Family Educational Rights and Privacy Act Online Guide to Privacy Resources - EPIC HIPAA - The Law HIPAA Resources Identity Theft Resources - Privacy Rights Clearinghouse NASCIO Privacy Committee Privacy.org
	Publications Privacy & Identity Theft Issues Who Are You? I Really Wanna Know: E-Authentication and its Privacy Implications (PDF) NASCIO Privacy Committee, December 2004 A brief providing a high-level overview of how new technologies impact the privacy of citizens’ personal information. Welcome to the Jungle: The State Privacy Implications of Spam, Phishing and Spyware (PDF) NASCIO Research Brief, February 2005 It's a Jungle Out There: In an environment in which 53% of all reported fraud complaints to the Federal Trade Commission (FTC) in 2004 were Internet-related, the Internet and email threats of spam, phishing and spyware all are real threats with real consequences.
	© 2005