Monday, December 17, 2007

A Legal Analysis of the Sony BMG Rootkit Debacle

Deirdre Mulligan and Aaron Perzanowski of the Berkeley Center for Law & Technology published an article on Sony BMG's deployment of digital rights management (DRM) systems that threaten the security of its customer's computers and the integrity of the information infrastructure in general.The DRM systems were released by Sony BMG on millions of Compact Discs in late 2005.

A summary of the article can be found in Slashdot.

Friday, December 14, 2007

CPO Panel Highlights Privacy Challenges

On Wednesday, December 12, TRUST Policy Director Deirdre K. Mulligan participated in a panel of privacy experts for a discussion on Privacy and the Network of You. The event was hosted by Sun Microsystems and moderated by National Public Radio’s Dr. Moira Gunn. Panelists from industry, academia, and the State of California discussed a number of challenges to personal privacy, data protection, and information security as well as recent events such as the large number of data breach incidents and identity theft cases.

Prof. Mulligan, the Director of the Samuelson Law, Technology & Public Policy Clinic and a Clinical Professor of Law at UC Berkeley, was joined by Chief Privacy Officers from Agilent, Intuit, and Sun as well the Chief of the California Office of Privacy Protection.

Monday, December 10, 2007

CSO Perspective on Security Breach Notification Laws

The Samuelson Law, Technology & Public Policy Clinic at UC Berkeley released a study on the effects of security breach notification laws in the United States. The study, co-funded by TRUST, is based on a thorough literature review as well as in-depth interviews with several Chief Information Security Officers (or their equivalents) from various industries. The CISO interviews provide insight into internal organizational structure around security investment decisions, regulatory and market factors that affect investment decisions, organizational responses to the enactment of security breach notification laws, market effects of security breaches, and industry best practices. This study is part of an ongoing effort to inform public policy with research into how businesses are affected by privacy law.

Engineers Learning People Skills, Too

Shankar Sastry is quoted in an article in the Associated Press yesterday about a change in producing engineering grads that are not only technically capable but able to communicate their expertise effectively.

Dean of the College of Engineering and Director of TRUST, Sastry is asking professors to take a more Socratic approach to teaching, that is, more discussion and less rote drilling.

"The days of boot camp -- where we say "Thou shalt study physics and mathematics and, oh by the way, you'll find out what's going to come out of this next year or the year after' -- I think are gone," says Sastry.

Tuesday, December 04, 2007

Applications for SECuR-IT, WISE and SUPERB available until January 31, 2008

Applications to three summer TRUST programs are now being taken. The closing date for applications is January 31, 2008. The three programs are:

Summer Experience, Colloquium and Research in Information Technology at Stanford University and San Jose State University (SECuR-IT)
June 2 to August 8, 2008: Stanford & San Jose
Deadline for applications: January 31, 2008

Summer Undergraduate Program in Engineering Research at Berkeley (SUPERB)
June 9 - August 01, 2008: Berkeley
Deadline for applications: January 31, 2008

Women’s Institute in Summer Enrichment (WISE)
June 8th through 13th, 2008: Ithaca, New York
Deadline for applications: March 31, 2008