Many people see shopping as a hobby or something to look forward to, but for people with autism, it is a hard task that often becomes overwhelming because of the crowds and noises. That is why some stores in the U.S. are now organizing days of “silent shopping” specifically for people on the autism spectrum and just in time for the holidays. Patti Erickson from the Greater Philadelphia Autism Society started the initiative and got her local Toys R Us store to catch on. On Saturday, the store hosted an event that attracted more than 30 families.

For silent shopping, the music normally playing in the store is turned off. “They’re processing it differently, and it could maybe even sound like nails scratching on a chalkboard to them,” said Erickson, who has a 26-year-old daughter with autism. Sensory stations with toys and kinetic sand were set up in the store to offer a distraction that the kids could focus all their attention on if they needed a break. “Different sensory things help them get acclimated to the store and grounds their body so they can really stay focused and can almost ignore anything else around them that would bother them,” according to Erickson.

For families of those on the autism spectrum, shopping can be difficult. Some stores are now offering quiet shopping https://t.co/ck8xndClAM pic.twitter.com/V7o2wXg4aj

— CNN (@CNN) December 9, 2016

Autism is defined by difficulties in social interaction and communication, and engaging in repetitive behaviors. Though some people on the autism spectrum excel at specific skills–like music, art, and mathematics–some cannot function on their own. People with autism often have trouble communicating verbally what they want or how they feel–about a third are nonverbal, but communicate through body or sign language instead. This makes it extra hard for parents who are holiday shopping and trying to determine what their kids want while avoiding situations that can be stressful for their children and people nearby.

We’ve teamed up with @ToysRUs in #Miami for #autism friendly quiet shopping hours on 12/10/2016. Learn more –> https://t.co/6o0CBX7AAx pic.twitter.com/8hegz72VWz

— American Autism Assn (@MyAutism) November 28, 2016

“When you have those parents who mutter under their breath and stare, you know, it hurts. A smile versus a stare makes such a difference,” Linda Moser, mother of 10-year-old Adam who was at the Pennsylvania store, told CNN. But at the same time, it can be good to practice difficult situations both for parents and children. “If we’re avoiding those situations, we’re not able to teach them how to navigate them,” said Candice Colón-Kwedor from the May Institute School for Autism and Developmental Disabilities. The ultimate goal for family members of children with autism is that they can go into stores or public places and enjoy it.

After the silent shopping success, more stores are following the lead this Saturday, like the Target in Lancaster, Pennsylvania and the Toys R Us in Miami. If more businesses join the cause, it could lead to a meaningful lesson in diversity. When more individuals with autism were seen out and about, the general public’s knowledge and acceptance of autism might increase. “When you have something like this, it makes it easier on everyone, and that can mean so much to a family,” Erickson said.

Emma Von Zeipel

Emma Von Zeipel is a staff writer at Law Street Media. She is originally from one of the islands of Stockholm, Sweden. After working for Democratic Voice of Burma in Thailand, she ended up in New York City. She has a BA in journalism from Stockholm University and is passionate about human rights, good books, horses, and European chocolate. Contact Emma at EVonZeipel@LawStreetMedia.com.

The post Stores Organize Silent Holiday Shopping for Kids with Autism appeared first on Law Street.

Welcome to RantCrush Top 5, where we take you through today’s top five controversial stories in the world of law and policy. Who’s ranting and raving right now? Check it out below:

Bolivian Government Won’t Take Bill Gates’ Chickens

Bill Gates, billionaire and philanthropist, has made it his life’s mission to provide aid to impoverished countries. In his most recent efforts, he planned to donate 100,000 chickens to the country of Bolivia, as a part of an initiative called Coop Dreams.

But the response he received was less welcome than expected. The minister of land and rural development in Bolivia told The Financial Times: “[Bill Gates] does not know Bolivia’s reality to think we are living 500 years ago, in the middle of the jungle not knowing how to produce. Respectfully, he should stop talking about Bolivia, and once he knows more, apologize to us.”  Ouch, need some ice water for that burn, Bill?

via GIPHY

Rant Crush

RantCrush collects the top trending topics in the law and policy world each day just for you.

The post RantCrush Top 5: June 16, 2016 appeared first on Law Street.

The fight over who can use which bathroom has a new battleground–Target. The retail chain announced it will allow individuals to use whichever bathroom matches their gender identity. Now, some are boycotting Target over that announcement, with the hashtag #BoycottTarget.

The announcement came on Tuesday, when Target posted a statement on its website. It explained the motivations for the policy, stating in part:

Inclusivity is a core belief at Target. It’s something we celebrate. We stand for equality and equity, and strive to make our guests and team members feel accepted, respected and welcomed in our stores and workplaces every day.

We believe that everyone—every team member, every guest, and every community—deserves to be protected from discrimination, and treated equally. Consistent with this belief, Target supports the federal Equality Act, which provides protections to LGBT individuals, and opposes action that enables discrimination.

When trans-inclusive bathroom policies are enacted, sexual assaults do not increase. What does increase is the safety of those in the transgender community. A 2013 study found that 70 percent of transgender respondents were ‘denied entrance, were harassed or assaulted when attempting to use a public restroom of their identifying gender.’

Yet, that hasn’t stopped #BoycottTarget from trending; as of now, just under 400,00 people have signed the petition, and plenty of people are voicing their views on Twitter, and other forms of social media.

We are announcing boycott of @Target due to their dangerous bathroom policy. https://t.co/GQI0Oe8VAO #BoycottTarget pic.twitter.com/RB11tfeXDW

— American Family Assc (@AmericanFamAssc) April 21, 2016

@Target I have loved shopping at your stores: spent A LOT of money. No longer, though. Bathrooms are biological, not social. #BoycottTarget

— Cathy Knowlson (@Ckbeme) April 21, 2016

It’s gone too far. @Target I used to be proud I once worked for you. #BoycottTarget pic.twitter.com/EUuAfwNmAO

— Proud Trumpkin (@MomBlogs4Trump) April 21, 2016

Why isn’t @Target forced to provide a safe restroom for my daughter yet a baker is forced to bake a cake!?! WTH!?! #boycotttarget

— Jo Anne Smoot ºoº (@joannesmoot) April 20, 2016

It seems like with this boycott of Target, and in light of anti-LGBT laws recently passed in both North Carolina and Mississippi, this is a debate that isn’t going to go away anytime soon. 

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post #BoycottTarget: Backlash After Target Announces Inclusive Bathroom Policies appeared first on Law Street.

America is dealing with a hacking crisis. It seems that every other day we are bombarded with the latest hacking stories from both the private and public sectors. We are told to be cautious with all of our online activity and to remember all uploaded material remains in cyberspace forever. Almost all of us personally know someone who has dealt with identity theft and all the hassles that ensue. Some of the biggest companies in the world with the means to access the most anti-hacking software available aren’t immune to the problem. Even the national government recently made headlines concerning Chinese cyber attacks. So what can be done? In his 2015 State of the Union, President Obama addressed cybercrime. The Obama administration proposed new legislation and amendments to the Computer Fraud and Abuse Act. Will these proposals better protect Americans from hackers?

Case Study: Ashley Madison

Just last week, a new team of hackers were at it again. People are already discreet about dating websites and apps. A level of anonymity is essential for a high volume of users. This is even truer when a dating website revolves around married men and women cheating. Ashley Madison’s slogan is “Life is short. Have an affair.” Some may chalk it up to karma, but the invasion of privacy for these members is real.

The hackers call themselves “The Impact Team.” According to Brian Krebs, the blogger who initially reported the hack, they threatened to release stolen information unless the website shut down entirely. Apparently, the team gathered users’ nude photos, sexual fantasies, names, and credit card information. It also claims to have addresses from credit card transactions.

Members of the website can post basic information and use limited features without charge. The company rakes in money when members exchange messages, photographs, and gifts. The website even offers a feature to “collect gifts” for women to send and men to pay for later. The website also has a $19 deactivation fee. This happens to be one of the major qualms of the hacker team, who claim that information is never truly deleted from the website. The hackers’ manifesto published by Krebs stated, “Full Delete netted $1.7 million in revenue in 2014. It’s also a complete lie…Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed.”

Ashley Madison boasts over 37 million members, making it the second largest dating website in the world, second to Match.com. Ashley Madison’s parent company, Avid Life Media, values itself at $1 billion and was looking to go public on the London market this year. Ashley Madison has done away with the deactivation fee, but has yet to comment on whether or not it will shut down.

Although the majority of people aren’t online dating in order to have an affair, the hack embodies everything scary about online interactions. Personal information and discreet activities on websites or social media applications can be made public in the blink of an eye. Just this past March, 3.5 million AdultFriendFinder users were hacked. The hackers exposed email addresses, usernames and passwords, birthdays, zip codes, and sexual preferences. Overall, the trend doesn’t look good.

Hacking Statistics

Verizon Data Breach Investigations Report

Verizon conducts an annual Data Breach Investigations Report (DBIR). The latest report shows that 96 percent of online security incidents fall into nine patterns: “miscellaneous errors, such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; web app attacks; denial-of-service attacks; cyberespionage; point-of-sale intrusions; and payment card skimmers.” The 2015 report investigates more than 2,100 data breaches and roughly 80,000 reported security incidents. Over 70 organizations around the world help contribute to the report.

The 2015 DBIA reports a $400 million loss from approximately 700 million compromised records in 61 countries. The report shows that in 70 percent of the cases where the hacker’s motivation is known, there is a secondary victim. This is exemplified in the Ashley Madison case. Although the hackers are targeting the owners of the company, the users are violated as well. And in 60 percent of cases, hackers are able to infiltrate a company in a matter of minutes. The time of discovery falls significantly below that level.

The method of tricking people into divulging their information, like credit card numbers, is still around but is a much less effective method. Now, phishing campaigns are a primary source of attacks. A hacker usually phishes by sending an email with malware, usually included as an attachment. Today 23 percent of recipients open these types of email and 11 percent open the attachments. For over two years, more than two-thirds of cyber-espionage included phishing.

In more uplifting news, malware on cellphones doesn’t even account for 1 percent of the problem. Mobile devices are not the preferred medium for data breaches. Only about 0.03 percent of cell phones contained malicious materials.

U.S. Companies Hacked

According to a study conducted by the Ponemon Institute, the financial loss by cybercrime doubled from 2013 to 2014. Retailers lost approximately $8.6 billion in 2014 due to cyber crime. Furthermore, successful cyber attacks resulted in a $20.8 million loss in financial services, $14.5 million loss in the technology sector, and $12.7 million loss in the communications industries.

Last year was plagued by cyber attacks. In January, Target announced 70 million customers had contact information compromised, while 40 million customers had credit and debit card information compromised. In the same month, Neiman Marcus announced that 350,000 customers had credit card information stolen, resulting in fraudulent charges on 9,000 customers’ credits cards. In April, an AT&T worker hacked the system for two weeks and accessed personal information including social security numbers. In May, EBay asked all its customers to switch their passwords after a cyber attack accessed over 233 million EBay customers’ personal information. In August, over 60 UPS stores around the country were hacked, compromising financial data. The list continues…

The Computer Fraud and Abuse Act

In order to combat these cyber attacks, Congress passed the 1986 Computer Fraud and Abuse Act (CFAA). The act made accessing a protected computer a federal crime. Although it was initially established to protect government organizations and a few financial institutions, over the course of time, it eventually broadened. It was first amended in 1994 to allow private citizens to file civil suits against cyber attacks that resulted in loss or damages. It was again broadened in 1996 to encompass any computer used in interstate commerce. After 9/11, the Patriot Act amended the CFAA to permit the search and seizure of records from any Internet Service Providers (ISPs). Later in 2008, the CFAA was again amended to allow companies to file suits when the loss and/or damages did not surpass $5,000.

The CFAA has been subject to its fair share of criticism. Many believe the act to be too broad in scope. Opponents argue that computer policies are often “vague, confusing and arbitrary,” and breaking these policies shouldn’t be a federal violation. Institutions, like the Center for Democracy & Technology, Americans for Tax Reform, the Competitive Enterprise Institute, and the American Civil Liberties Union all have advocate against the CFFA.

The Ninth Circuit Court of Appeals agreed. In a 2012 case, United States vs. Nosal, the court ruled that “a person who violates an employer’s computer use policy is not criminally liable for federal penalties under the Act.” The court argued that the law was not enacted to federally punish smaller crimes. However, a strong dissent left the issue controversial, if not unresolved. The definition of “exceeds authorized access” left ample room for a Supreme Court review. The crime only becomes a felony if it is executed for profit, the gained information is worth over $5,000, and/or the act is committed to further a state or federal crime.

The White House’s New Proposals

The Cyber Security Legislative Proposals aim to enhance cybersecurity information sharing between the private sector and government, modernize law enforcement authorities to combat cyber crime with the appropriate tools and training, and streamline national data breach reporting requirements. Last December President Obama announced,

In this interconnected, digital world, there are going to be opportunities for hackers to engage in cyber assaults both in the private sector and the public sector. Now, our first order of business is making sure that we do everything to harden sites and prevent those kinds of attacks from taking place…But even as we get better, the hackers are going to get better, too. Some of them are going to be state actors; some of them are going to be non-state actors. All of them are going to be sophisticated and many of them can do some damage.

A main target of the proposal is a number of amendments to the already-controversial CFAA. First, the proposal would increase the penalty for “circumventing technical access barriers,” i.e. hacking into a computer by sidestepping security or guessing another’s password. Violators under the current law risk a misdemeanor to a three-year felony. The proposal advocates punishment to start as a three-year felony and maximize as a ten-year felony.

Second, for contract-based crimes, the proposal would officially end the aforementioned circuit split. It states that breaking written policies would be a federal crime and officially defines “exceeds authorized access.” A person would exceed authorized access if he or she accesses information “for a purpose that the accesser knows is not authorized by the computer owner.” Technically, this would include using a work computer for personal activities like Facebook; however, the government would limit criminal liability by requiring the violation fall under one of three conditions: the breach happened on a government computer, the breach results in over $5,000 worth of information, or “if the user violated the written condition in furtherance of a state or federal felony crime.” These changes, along with a variety of others, make up the administration’s proposal.

Conclusion

Whether these proposals will pass through Congress remains to be seen. Broadening the scope of hacking to allow more crimes to fall under federal jurisdiction has traditionally lacked support from the body. The proposals are controversial, with a lot of personal information and accessibility at stake. It will be interesting to see the reaction from the public if these proposals are enacted. Cyber crime is an ongoing problem that affects all citizens, regardless of demographics, and only seems to be exploding. If this isn’t the answer, then what is?

Resources

Primary

White House: Updated Administration Proposal

Additional

Verizon: The 2015 DBIR

CNN Money: Hackers threaten to release names from adultery website

The Heritage Foundation: Cyber Attacks on U.S. Companies in 2014

Jolt Digest: United States vs. Nosal

Tech Target: What is the Computer Fraud and Abuse Act?

The Washington Post: Obama’s proposed changes to the computer hacking statute

The White House: Securing Cyberspace

Verizon: Verizon 2015 Data Breach Investigations Report Finds Cyberthreats Are Increasing in Sophistication

Jessica McLaughlin

Jessica McLaughlin is a graduate of the University of Maryland with a degree in English Literature and Spanish. She works in the publishing industry and recently moved back to the DC area after living in NYC. Contact Jessica at staff@LawStreetMedia.com.

The post Combatting Cyber Attacks: Will Congress Adopt Obama’s Plans? appeared first on Law Street.

If you’ve ever worked retail before you should be familiar with “on-call” scheduling. If not, think of it as a kind of shift limbo, where employees are told whether or not to report to work a day or less before the scheduled shift. But according to New York’s attorney general this common staffing practice could be criminal, violating New York Labor laws.

According to the New York Times, Attorney General Eric Schneiderman sent letters to retailers Friday including Gap, Target, JC Penney, Abercrombie & Fitch, Sears and several others questioning the practice. In the letters Schneiderman wrote:

If the employee is told that his or her services are not needed, the employee will receive no pay for that day. For many workers, that is too little time to make arrangements for family needs, let alone to find an alternative source of income to compensate for the lost pay.

The on-call system currently allows retailers to adjust their staff depending on the projected volume of customers on a given day. These shifts are used as a cost saving measure in order to eliminate potential over-staffing or under-staffing.

In the letters Schneiderman said that the “on-call” practice could be potentially violating a New York law that says employees who report for a scheduled shift on any day have to be paid for at least four hours at the basic minimum hourly wage.

Reuters contacted some accused of the retailers who all invariably denied the allegations writing:

Target said workers are informed of their schedules 10 days before the start of a work week and it does not employ ‘on-call’ shifts. JC Penney said it has a policy against on-call scheduling. The Gap said it is committed to ‘sustainable scheduling practices’ and is conducting research on the matter.

While the U.S. Labor Department is reportedly looking into the matter, the 13 retailers have until May 4 to provide information on how they schedule employee shifts.

As someone who has worked in retail, I can tell you that the last thing you want is an on-call shift. They’re unpredictable and tie up your schedule. When given one of these shifts you’re forced to keep your schedule open in case you might be needed, but if not your wallet is out of luck, and it’s usually too late to make alternate plans. Requiring retailers to pay a minimum wage for workers slighted by these shifts seems only fair. America is ready for retailers and other big businesses to start showing that they respect their workers, and don’t just take them for granted.

Alexis Evans

Alexis Evans is an Assistant Editor at Law Street and a Buckeye State native. She has a Bachelor’s Degree in Journalism and a minor in Business from Ohio University. Contact Alexis at aevans@LawStreetMedia.com.

The post NY Attorney General Questions Legality of On-Call Retail Shifts appeared first on Law Street.

Supplements. They can come in the form of vitamins, minerals, herbs, or amino acids.  My “New Year, new me” brain tells me they’re good for me, but unless they come in cute, chewable gummy form, I’m just not interested. But for more than half of all Americans, taking some form of daily supplement is pretty routine. Do these tiny capsules actually contain what they say they do? The New York Attorney General’s office says no.

In a new investigation, authorities tested top-selling supplement brands from major retailers and found four out of five of the products didn’t even contain their title ingredients. Instead they contained cheap fillers like powdered rice, garlic, mustard, wheat, and asparagus–many of which could be dangerous for people with allergies.

This information is shocking, but not too hard to believe, since the supplement industry operates in a dietary foods gray area, and therefore isn’t too harshly regulated by the Food and Drug Administration. Due to the 1994 Dietary Supplement Health and Education Act, supplements are considered safe until proven otherwise. Well, apparently we’ve proven otherwise.

In a cease and desist letter sent to GNC, Target, Walgreens, and Wal-Mart, the New York Attorney General’s office demanded these retailers explain how they verify the ingredients in their “adulterated” store brand herbal supplements, as well as take products that weren’t truthful off the shelves.

At Walgreens, investigators discovered the store’s popular brand of supposed “physical endurance enhancing” ginseng pills actually contained powdered garlic and rice. Walmart wasn’t any better–its ginkgo biloba supplements actually contained powdered radish, houseplants, and wheat, despite being listed as “gluten-free.”

What even is ginkgo biloba? Apparently, this medicinal herb boasts the ability to improve blood circulation, memory, cognitive thinking, and according to some, sexual performance. But for those with Celiac disease or other gluten sensitivities, the only thing their Walmart tablets will be improving is their frequency of an upset stomach.

Other supplements to avoid include Target’s ginkgo biloba, St. John’s wort, and valerian root, which all tested negative for the herbs on their labels. GNC’s pills also often unlisted ingredients used as fillers, like powdered legumes, the class of plants that includes peanuts and soybeans. Given the prevalence of nut and soy allergies, this revelation is scary for people with those sensitivities.

The Attorney General’s investigation was prompted by an New York Times article in 2013 that raised questions about widespread labeling fraud in the supplement industry.

Americans don’t like to play around when it comes to their health, so these companies better respond to these allegations swiftly. According to the New York Times, a GNC spokesperson said they would cooperate “in all the appropriate ways,” while Walgreens said it would remove the products from its shelves nationwide, even though only New York State had demanded it. Walmart claimed it would reach out to the suppliers of its pseudo supplements “and take appropriate action.”

Are vitamin supplements even worth the hype? While the ones being sold at these retailers are clearly suspect, the usefulness of vitamins in general is still up for debate. For more information, check out this issues post on the subject.

However, the lack of attention paid to allergy concerns is still the most upsetting thing about this entire scandal. I’m wondering if complaints will start to come out of the woodwork claiming anaphylaxis reactions to these retailers’ products. If so, GNC, Target, Walmart and Walgreens can look forward to some very enjoyable civil suits.

Alexis Evans

Alexis Evans is an Assistant Editor at Law Street and a Buckeye State native. She has a Bachelor’s Degree in Journalism and a minor in Business from Ohio University. Contact Alexis at aevans@LawStreetMedia.com.

The post Major Retailers Under Fire for Selling Pseudo Supplements appeared first on Law Street.

In response to Target’s massive data breach affecting nearly 110 million consumers, the Data Security and Breach Notification Act has been introduced in the U.S. Senate. Both Target and its customers were victims of the 2013 cyberattack, which increased susceptibility to identity theft for customers, and tanked profits for the company. The new legislation attempts to increase the security of consumer information, and to set requirements for companies to notify consumers and government agencies of security breaches.

The Act will establish six requirements for companies to increase data security protection: 

1. Create a security policy with respect to the collection, use, sale, dissemination, and maintenance of personal information.
2. Identify a point of contact who is responsible for the management of information security.
3. Create a process to identify and assess possible vulnerabilities within the security systems maintained by the company, including regular monitoring for breaches.
4. Create a process to make necessary changes to security practices used to maintain personal information including architecture, installation, and operating software.
5. Create a process to dispose data in electronic form by destroying, erasing, or encrypting the information.
6. Implement a standard method(s) to destroy paper and other non-electronic data that contains personal information.

While some companies maintain their own security of personal information, others contract this responsibility to third party groups. In the event of a security breach, this legislation requires any group responsible for maintaining personal information to contact the Federal Trade Commission, and to contact all consumers whose information may have been compromised. Consumers must be contacted either by mail, email, or telephone, and it is the company’s responsibility to create a hotline or website to provide additional information to those affected by the breach. If a security breach affects more than 5,000 people, companies are required to notify all major credit reporting agencies. Also, some companies will be responsible for providing at least one free credit report per quarter for each consumer with compromised personal information, for up to two years.

Some covered companies, like small businesses and non-profit organizations, that are unable to provide free credit reports due to cost may be exempt from this practice.  Additionally, companies that find other correspondence methods too costly may employ alternative notification methods like contacting print and broadcast media to inform the public. If a company does not follow the reporting requirements and are not exempted from certain practices, they can be fined.

If this legislation is passed, a company’s data security will not improve as a result of it, but rather in spite of it. Companies are improving security to combat the threat of class-action lawsuits and enormous financial losses as a result of a security breach without federal action. The Data Security and Breach Notification Act fails to understand that companies are also victims when dealing with cyberattacks, and no matter what security measures are in place, all electronic information is vulnerable to being hacked. The bill also fails to acknowledge the role bankcards play in the insecurity of personal information. As noted by David French, Vice President of The National Retail Federation, the bankcard industry prefers magnetic strip cards over PIN-and-Chip technology, which is more secure. Retail companies cannot be the only group held accountable for the actions of cyber criminals.

Requiring companies to notify government organizations, credit reporting agencies, and consumers is a more effective policy.  Although companies are improving cybersecurity, a breach in that security could cause companies to hide or delay informing consumers. This delay may impede a person from contacting their financial institution in time to prevent the misuse of his personal information. Another benefit of requiring companies to inform the public of a breach is that it reduces the consumer burden of proving identity fraud. Consumers need to be protected, and when companies fall short of providing that protection, they have a responsibility to assist consumers in correcting the company’s mistake; however, lawmakers should consider that consumers and companies are victims of data security breaches, and that different industries influence the ability to effectively secure data.

—

Teerah Goodrum (@AisleNotes), is a graduate student at Howard University with a concentration in Public Administration and Public Policy. Her time on Capitol Hill as a Science and Technology Legislative Assistant has given her insight into the tech community. In her spare time she enjoys visiting her favorite city, Seattle, and playing fantasy football.

Featured image courtesy of [Chris Potter/StockMonkeys.com via Flickr]

Teerah Goodrum

Teerah Goodrum is a Graduate of Howard University with a Masters degree in Public Administration and Public Policy. Her time on Capitol Hill as a Science and Technology Legislative Assistant has given her insight into the tech community. In her spare time she enjoys visiting her favorite city, Seattle, and playing fantasy football. Contact Teerah at staff@LawStreetMedia.com.

The post Security Breach: The Senate Wants to Protect Your Information appeared first on Law Street.

December was a bad month for anyone who didn’t want their personal information leaked to hackers or other third-party sources.

Retail giant Target had a problem about two weeks ago when 40 million customer records were stolen. The information contained on the records included names, credit and debit numbers, expiration dates, and security codes. The hackers with that information could easily use it to make fraudulent purchases on customers’ cards.

Popular messaging application Snapchat released that several million of their users’ usernames and corresponding phone numbers were leaked late on New Year’s Eve. There’s actually a site to check if your username was leaked, and it provides tips on how to handle it if it was. If your username was breached, it means that your phone number could be given to spammers or the like.

Skype was also recently breached by the Syrian Electronic Army, a hacking group. Skype has reported, however, that no user information was stolen or lost.

Obviously a breach involving credit card information and a breach involving usernames and phone numbers seem very different, but the truth is that they’re both notably problematic. They indicate a reliance we have on technology that is utterly new to our time, and because that reliance is new, ways to steal from us have also evolved. Everything can be done online, from banking to applying to college to planning a trip. And it’s easy to do those things, it’s easy to trust a site when they say they are secure. But we have to remember that every time we provide our information, there is the possibility that it makes its way into the wrong hands. And retailers have to realize that storing information online can be just as dangerous for them as for a teenager using Snapchat.

The types of breaches that we saw this month definitely aren’t new, and they aren’t the worst in recent history. TJ Maxx Corporation actually had a similar incident in 2006, but instead of 40 million customer records lost, it totaled about 90 million. And in 2009, Heartland, a credit card processing system, had 130 million records stolen.

The former chief security officer of Heartland, Steven M. Elefant, made an important point about security breaches and theft propagated through the internet. He stated, “it’s a game of cat and mouse. We’re dealing with sophisticated bad guys that have many ways to attack.” New security features can be installed and developed. But for every new feature that is developed, a hacker will probably be able to find a way around it. It might take time and effort, but it’s possible.

There are some solutions that could be put in place, but they might be logistically complicated. In Europe, smart chip technology is used. The United States use magnetic strips to hold information, but European cards usually little chips that are much harder to counterfeit. Since the smart-chips were implemented in Europe, fraud and theft have declined. The JobsUnited States seems to be stuck in a time warp. Most of our allies and trading partners use smart-chip cards, but we use the strip cards that were invented in the 1960s. As a result, by October 2015, new chip card standards will be put into place by most major credit card companies, like Visa and MasterCard. While this won’t completely eliminate fraud, it should make some impact.

—

Anneliese Mahoney (@AMahoney8672) is Lead Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

Featured image courtesy of [Brian Klug via Flickr]

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post A December of Hackers appeared first on Law Street.