The back-to-school season is exciting – new knowledge, new digital tools, and new discoveries. But it also brings higher cybersecurity risks for both schools and children. Cybersecurity experts are urging children, parents, and school communities to stay extra alert during this period.
“The back-to-school period requires additional efforts to keep children and school communities safe online. A new beginning means new digital tools, online searches, and registrations for learning platforms. All of that increases cyber risks that must be taken seriously,” said Karolis Arbačiauskas, head of product at NordPass, in a media release
A new study by NordPass, in collaboration with NordStellar, reveals a worrying truth: many educational institutions are still using shockingly weak passwords to protect sensitive data. Entries like “123456”, “Edifygroup@1”, and “principal@2021” appeared frequently, showing a widespread reliance on predictable or outdated credentials that are easy for hackers to guess.
This is why the back-to-school season is the perfect moment to talk to children about cyber hygiene – the dos and don’ts in digital environments – and to help them build strong habits for digital security and privacy. “Learning about cybersecurity can be fun. Many families of cybersecurity professionals make it a game – they host a small party with snacks and guide their children through five simple but essential exercises,” said Arbačiauskas.
Cybersecurity experts advise to take these steps to preserve your own cybersecurity and that of your family members (it can also be used as inspiration for your family’s Cyber Party):
Create strong and unique passwords. Make sure every account in your family – whether it’s yours, your parents’, your significant other’s, or your children’s – uses a strong and unique password. The easiest way to do it? Use a trusted password manager to generate, store, and share them securely.
Turn on multi-factor authentication (MFA). Add an extra layer of security wherever you can, especially to access school portals, email accounts, and social apps. MFA helps keep hackers out even if a password gets breached – and they get breached more often than you think. A recent study by NordPass revealed that many educational institutions still use shockingly weak passwords.
Update devices and apps. Keep phones, tablets, and laptops up to date with the latest software. Outdated apps can contain vulnerabilities that hackers take advantage of to get backdoor access into your device. Updates patch these security holes so that cybercriminals can no longer exploit them.
Talk about phishing. Discuss cybersecurity with your family and why it matters. Teach them to never click suspicious links or open unknown attachments – especially in emails or messages claiming to be from the school. When in doubt, verify with the sender by using a website checker.
Adjust privacy settings. Review and tighten privacy settings on social media, online games, and school platforms. Limit what personal info is publicly visible and who can contact your kids online.
Americans have wanted a federal privacy law for years but intensive lobbying by the tech industry and general incompetence by our federal legislators has repeatedly thwarted that desire. Well, in 2024, it’s possible that we may finally get a strong federal privacy law.
The FTC Just Prescribed a Can of Whoop Ass on Health Data
I’ll say it again: It’s possible. It’s also technically possible that frogs could rain from the sky over lower Manhattan, coating New Yorkers in a spring shower of amphibious guts, but is that actually likely to happen?
The American Privacy Rights Act of 2024, recently introduced by Cathy McMorris Rodgers (R-WA) and Maria Cantwell (D-WA), would create basic digital privacy protections for Americans. The law, if enacted, would create a variety of protections and rights for consumers, including the ability to access, control, and delete information collected by companies.
While that may sound like a good thing, there’s one aspect of the legislation that privacy advocates seem concerned about. The proposed law would eliminate potentially stronger, state-level protections that currently exist. While privacy rights groups remain cautiously optimistic about the APRA’s potential, they are also wary of its proposed preemption of state laws. If the currently proposed regulations look strong, the legislative process is just beginning and there’s no telling what the federal law may look like after what is sure to be a long, combative policymaking process.
Here’s a quick look at what the legislation currently promises, and what privacy advocates are saying about it.
The right to access, control, and delete
The American Privacy Rights Act would create broad protections for Americans’ data, giving consumers the ability to access, control, and delete data covered by the legislation. The policy would give all Americans the power to request information from entities that have collected data about them. Businesses that fall under the law would need to comply with consumers’ requests within “specified timeframes,” the bill states. The bill allows certain exemptions from these mandates, including small businesses (which are defined as companies making “$40,000,000 or less in annual revenue” or that collect, process, retain, or transfer “the covered data of 200,000 or fewer individuals”), as well as governments, and “entities working on behalf of governments.”
Data minimization
The bill would also mandate something called “data minimization.” The idea here is to reduce the overall amount of information that companies can collect about web users. Bill backers say that companies covered by the legislative will not be able to “collect, process, retain, or transfer data beyond what is necessary, proportionate, or limited to provide or maintain a product or service requested by an individual, or provide a communication reasonably anticipated in the context of the relationship, or a permitted purpose.” Again, while that sounds good, the devil is in the details here, and it’s not totally clear yet what this sort of data minimization would look like in real life.
What is covered data?
The bill defines the data covered by the legislation as follows:
…information that identifies or is linked or reasonably linkable to an individual or device. It does not include de-identified data, employee data, publicly available information, inferences made from multiple sources of publicly available information that do not meet the definition of sensitive covered data and are not combined with covered data, and information in a library, archive, or museum collection subject to specific limitations.
Empowering the FTC
Enforcement of the law would take place at both the federal and state levels. Most notably, the Federal Trade Commission would be tasked with developing regulations and technical specifications for a “centralized mechanism for individuals to exercise” their opt-out rights, as well as other technical issues surrounding the execution of the legislation, the bill states. At the same time, the bill gives authority to “State attorneys general, chief consumer protection officers, and other officers of a State in Federal district court” to pursue enforcement actions against companies that violate the law.
Taking aim at the data broker industry
The bill also targets data brokers. Under the new legislation, the FTC would be mandated to establish a data broker registry that could be used by consumers to identify which companies are brokers and to opt out of data collection by those firms. All data brokers that collect data on more than 5,000 people would be forced to re-register with the federal registry every year. At the same time, brokers would also be forced to maintain their own websites that identify them as data brokers and include a tool for consumers to opt out.
Private right of action
A longstanding desire for privacy advocates has been a private right of action—which is a mechanism allowing individual consumers to sue companies that have violated their rights. A number of state privacy laws have failed to include this. Under the current version of the APRA, consumers would be given a private right of action, allowing them to file litigation against companies that have demonstrably violated their digital privacy rights.
Privacy advocates remain cautiously optimistic
Given years of inaction on privacy policy by federal regulators, state governments have passed a number of strong privacy laws over the past decade. Some of those laws, like California’s CCPA, have been quite strong. The newly proposed federal law openly acknowledges that it would eliminate “the existing patchwork of state comprehensive data privacy laws” and establish in its place “robust enforcement mechanisms to hold violators accountable.” The fact that the APRA would pre-empt state laws worries some privacy advocates who fear the potential for a watered-down federal law. The fact that the APRA may seem strong now doesn’t mean much, since it could easily be neutered by lobbyists during the legislative process.
Caitriona Fitzgerald, the deputy director at the Electronic Privacy Information Center, said that the federal law’s preemption of state-level regulation is only appropriate if it ends up being a strong law. “From our perspective—in an ideal world—it would not preempt state laws, it would allow states to pass stronger laws,” said Fitzgerald. “We recognize that compromise is necessary and that this is a big sticking point. If it’s going to preempt state laws, it needs to be stronger than existing state laws and regulations. We’re still evaluating the bill to determine whether that’s the case.”
Other privacy advocates, like the Surveillance Technology Oversight Project (STOP), expressed similar concerns. “The ADPPA does offer strong privacy protections, especially data minimization rules,” said STOP Communications Director Will Owen. “But the bill falls short by preempting states from taking even stronger action, should they so choose. Worst of all, the ADPPA preempts states from enforcing protections, leaving it solely up to the U.S. executive branch, which has been fickle in enforcing Americans’ privacy rights.”
Cody Venzke, senior policy counsel at the ACLU, said his organization remained “concerned this bill’s broad preemption of state laws will freeze our ability to respond to evolving challenges posed by technology.”
There’s a lot of sex in Baldur’s Gate 3. Some of it’s pretty tame, with typical relations between two humanoid characters. Some of it gets a little weirder, like the druid bear sex scene. But if you’re playing a cooperative campaign with your friends, you might not want them to see your avatar get down with other party members. Luckily, if you’re not looking to put on a show—unless you are, and if that’s the case, more power to you—Larian Studios has included an option to hide these scenes from your co-op friends.
The Week In Games: What’s Releasing Beyond Baldur’s Gate 3
The setting is enabled by default. In the Gameplay tab in the options menu, you’ll see “Share Private Moments” under “User Options.” The description reads:
By default, certain scenes are private. This means in multiplayer, other players cannot witness your private moments. If you leave this option disabled, you can toggle each dialogue’s privacy setting. Enabling this option means that you will share everything: all scenes are public, and other players can listen in on your private moments and dreams.
So already you can keep some of your more intimate moments, whether that be with a romantic partner or just having a conversation, away from prying eyes. But if you want to just lay it all out there, you can disable this protection, too.
Personally, I’m playing through the game alone the first time before I delve into a co-op campaign. But I also don’t think I’d mind certain scenes, such as just regular conversations with party members, being audible to other players who just happened to be around in a future co-op session.
The sex scenes I’d probably keep the privacy settings on for, but part of what makes a cooperative campaign interesting is the shared world you and your friends are experiencing together. Finding moments for privacy and recognizing when it isn’t an option is just part of being around other people. So I like the idea that this aspect of the game can be toggled and play into a role-playing experience. It’s neat. Plus, it means you can fuck the bear druid without anyone being the wiser.
GENEVA, June 21, 2022 (Newswire.com)
– Gathering on the sidelines of the 50th session of the United Nations Human Rights Council (UNHRC), the Yemen Coalition of Independent Women and its partner organizations, including The Washington Outsider, addressed the nexus between the human rights violations by the Iran-backed Houthi militias (Ansar Allah) in Yemen and the security risks to the region and the international community. At the June 17 symposium on human rights abuses in Yemen, Senior Director for Countering Extremism Dr. Hans Jacob Schindler discussed the Houthi threats to regional and global security by the use of ballistic missiles against Yemen’s residential areas and displacement camps, and attacks on economic infrastructure and vital installations in Saudi Arabia and UAE.
Addressing Iran’s arming, training, funding, and political support for Ansar Allah and the Houthi connections to other Iranian proxies in the region, Dr. Schindler confirmed that the Houthis had received material support and training from Iran and the Lebanese Hezbollah militia, and that Yemen had become a testing ground for Iran and Hezbollah. Dr. Schindler asserted that the Houthis represented a real threat to international navigation in the Red Sea by transforming public ports into operational centers through which international shipping lines, commercial and humanitarian vessels were targeted, booby-trapped, and pirated.
In the June 19th seminar on Houthi violations against media freedom, Irina Tsukerman, who moderated the panel, stated that Houthis use cyberspace to raise funds and to block anti-Houthi websites, and to spy on citizens. She added that the Houthis used communications and information technology and infrastructure they controlled to support military operations. The Houthi punished the Yemeni people and cut off internet service in 2018 from 80% of the area of Yemen. The Houthi control of the main internet provider in the country gave them information monopoly and frustrated resistance. Tsukerman stressed that Houthi control of the internet isolates the Yemeni population from the rest of the world, citing the importance of helping Yemen restore internet access and end militia control as a necessary priority to end the war.
Keith Boyfield, Senior Fellow at the Euro-Gulf Information Centre, addressed the potential environmental disaster resulting from the ticking time bomb of the trapped FSO Safer oil carrier near the Hodeidah port. He also spoke of child soldier recruitment and hate indoctrination, which prolongs the conflict, creating generations of dedicated fighters.
The seminar also discussed the impact of the arbitrary detentions, torture, and assaults on journalists, the bans of media outlets, and the hacking and cell phone searches and seizures, as well as the impact on information flow about security and on digital rights in Yemen.
