September 7th, 2017 By: Connor Breza   Credit reporting agency Equifax publicly announced a major data breach yesterday, potentially compromising the personal information of up to 143 million U.S. consumers. The company reported that the breach occurred between mid-May and July this summer and put consumer’s sensitive information at risk, including Social Security numbers and driver’s license numbers. According to the company, “[c]riminals exploited a U.S. website application vulnerability to gain access to certain files,” and there is “no evidence of unauthorized access to core consumer or commercial credit reporting database.”

By: Connor Breza   In August the Trump administration lost several high-ranking cybersecurity officials. The Hill reported that the National Infrastructure Advisory Council (NIAC), the Homeland Security Department responsible for advising the president on cybersecurity and infrastructure, lost 25% of its panel in a group resignation. The resigning officers released a letter, published by Nextgov, detailing their personal motivations behind leaving the administration, and stating that the current administration has not demonstrated that it “is adequately attentive to the pressing national security matters within the NIAC’s purview, or responsive to sound advice received from experts and advisors on these matters”.

By: Connor Breza August 15th, 2017   Concluding its investigation, the FTC reached an agreement with Uber Technologies, Inc., settling charges that Uber, the popular ride share app, “deceived consumers by failing to monitor employee access to consumer personal information and by failing to reasonably secure sensitive consumer data stored in the cloud.” According to the FTC’s press release, as stipulated by the terms of the settlement, “Uber has agreed to implement a comprehensive privacy program and obtain regular, independent audits.”

By: Connor Breza July 17th, 2017   In her press conference Monday, Acting Chairman for the Federal Trade Commission Maureen K. Ohlhausen announced incoming reforms to the Commission’s Bureau of Consumer Protection. The Federal Trade Commission reports that these reforms will “streamline information requests and improve transparency in Commission investigations.” Acting Chairman Ohlhausen first announced her intention to enact reforms in her April 17th press release in response to new presidential directives.

By Ilona Korzha   As is every year, eWhite House Watch had the opportunity to report on the annual International Association of Privacy Professionals (IAPP) Global Privacy Summit in Washington D.C. on April 19-20 this year.    The world’s biggest privacy conference was especially important this year as its more than 3,000 attendees pondered answers to such questions as what impact does the newly adopted European Union’s General Data Protection Regulation (GDPR) have on the U.S. companies that do business in Europe, how to deal with ever increasing cybersecurity risk, how to manage rising customer expectations and effectively handle government investigations of data breaches.

Today the Administration released the Fiscal Year 2016 FISMA Annual Report to Congress.  The Office of Management and Budget (OMB) publishes this report annually and in accordance with the Federal Information Security Modernization Act of 2014, Pub. L. No. 113-283, § 3553 (Dec. 18, 2014) (codified at 44 U.S.C. § 3553). OMB obtained information from the Department of Homeland Security (DHS) and Chief Information Officers and Inspectors General from across the Executive Branch to compile this report. This report primarily includes Fiscal Year 2016 data reported by agencies to OMB and DHS on or before November 13, 2016 in accordance with 44 U.S.C. § 3553.