This week in news found federal organizations and businesses working together to strengthen privacy protection for children with Apple recently revising its app rules. SC Magazine reported on the illegal access of a database for defense contractor Northrop Grumman containing linguists' information and government-issued ID numbers. The NSA makes headlines again after an internal audit shows the agency broke privacy rules thousands of times while monitoring Americans and green-card holders. To better focus on IT security, the Federal CIO Council restructured its organization to streamline operations.

Apple Updates App Rules to Comply with COPPA
In July, the Children's Online Privacy Protection Act (COPPA) was revised to limit the collection of data from users younger than 13. To comply with the updated rules, Apple introduced new guidelines in its App Store, Information Week reported. These require that apps intended for children must come with a privacy policy and must be made for children ages 5 to 11, who have to acquire parental consent before engaging in online purchasing. In order to limit behavioral targeting and marketing to under-aged users, app developers are now only allowed to ask for user ages to confirm that their use follows the new COPPA rules. Developers are also prohibited from sharing personal information such as location data.

Defense Contractor Database Hacked
The database for the linguist program of defense contractor Northrop Grumman was recently hacked, SC Magazine reported. Thousands of the defense contractor's employees are linguists, but the number of users who had their information affected by the data breach was undetermined. An undetermined party gained illegal access to the database from November 2012 until May 2013. Once the breach was discovered, the database was shut down. Information that may have been compromised include blood types and identification numbers given by the government. Identity protection services were given to victims for free and Northrop Grumman is currently performing measures to prevent other data breach occurrences.

Internal Audit Reveals NSA As Frequent Privacy Rule Breaker
An internal audit in May 2012 showed that the National Security Agency frequently violated privacy rules, CNN reported. Former NSA worker Edward Snowden gave the report to the Washington Post, revealing the agency illegally collected, stored and accessed data from protected communications 2,776 times since 2008. The NSA was reported to have broken a court order and accessed data from 3,000 Americans and green-card holders.

"I … will continue to demand honest and forthright answers from the intelligence community," said Sen. Patrick Leahy (D-Vt.), chair of the Senate Judiciary Committee. "I remain concerned that we are still not getting straightforward answers from the NSA."

Federal CIO Council Restructures to Focus on Security
The Federal CIO Council is streamlining its committee structure and plans to focus more on IT security, Gov Info Security reported. The council is shrinking down the number of committees from six to three that concentrate on information security and identity management, portfolio management and innovation. The council aims to provide more accountability while strengthening privacy and accessibility.

"Under the new structure, the CIO Council will become more agile in its approach to supporting key administration priorities and will continue to develop valuable tools, resources and data for federal CIOs and their staffs," a CIO blog said.

Matt Cullina is chief executive officer of IDentity Theft 911.

Leave a Reply