Morning Security Brief: Gun Violence, Archive Security, and Data Privacy

By Sherry Harowitz

► Ten law enforcement organizations have started the National Law Enforcement Partnership to Prevent Gun Violence, reports The Crime Report. Launched at the International Association of Chiefs of Police annual conference, the new group states six principles, including that "the level and lethality of gun violence directed at police officers requires an organized and aggressive response from policy makers at the federal, state, and local levels," and that "officials must commit to closing gaps in the current regulatory system, including those that enable felons, minors, persons with mental illness, and other prohibited persons to access firearms, and those that allow the trafficking of illegal guns.'
► The U.S. National Archives and Records Administration (NARA) has not effectively implemented information security controls, according to a report on information security from the Government Accountability Office (GAO). Among other things, GAO notes, that the agency does not always protect the the networks by ensuring that all incoming traffic is inspected by a firewall and by enforcing strong user identification and authentication policies. "In addition to weaknesses in access controls, NARA had mixed results in implementing other security controls," says the report. GAO did acknowledge progress made, including use of encryption. NARA has responded that it recognizes improvements are needed.
The Electronic Information Privacy Center (EPIC) President Marc Rotenberg testified before the European Parliament, calling for more comprehensive and effective privacy protections when data is shared between the EU members and the United States. At issue are such things as the Passenger Name Records data that the Department of Homeland Security asks for in order to check for would-be terrorists before they board flights. Privacy advocates object to the sharing of data without a stronger specific justification. "As a general proposition, we reject the proposition that police agencies can investigate people and compel disclosure of private information --absent a reasonable indication of criminal activity," Rotenberg said. EPIC summarizes the position taken: "Mr. Rotenberg said it was time for the US and the EU to develop an effective legal framework that would safeguard the rights of citizens and the users of Internet-based services. EPIC has previously supported the Madrid Privacy Declaration and the Council of Europe Privacy Convention as good models for international privacy frameworks."

View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.