New research found that these outdated systems, which may not be encrypted or even documented, were more susceptible to threats.
By analyzing publicly available federal spending and security breach data, the researchers found that a 1% increase in the share of new IT development spending is associated with a 5% decrease in security breaches.
“In other words, federal agencies that spend more in maintenance of legacy systems experience more frequent security incidents, a result that contradicts a widespread notion that legacy systems are more secure,” the paper found. The research paper was written by Min-Seok Pang, an assistant professor of management information systems at Temple University, and Huseyin Tanriverdi, an associate professor in the Information, Risk and Operations Department at the University of Texas at Austin.
“Maybe the conventional wisdom that legacy systems are secure could be right,” said Pang, in an interview. But the integration of these systems “make the whole enterprise architecture too complex, too messy” and less secure, he said.
Federal agencies have seen a rapid increase in security incidents, the paper points out, citing federal data assembled by the Government Accountability Office. From 2006 through 2014, the number of reported security incidents increased by more than 1,100 percent, or from 5,503 to 67,168. An incident can cover a range of activities, such as a denial of service, successfully executed malicious code, and breaches that give intruders access.
One of the largest federal system breaches occurred in 2015, when hackers gained access to some 18 million records at the Office of Personnel Management.
Tony Scott, the former federal CIO under President Barack Obama, told lawmakers at a hearing last year that nearly three quarters of IT budgets are spent maintaining legacy systems.
“These systems often pose significant security risks, such as the inability to utilize current security best practices, including data encryption and multi-factor authentication, which make them particularly vulnerable to malicious cyber activity,” Scott said.
The U.S., overall, has more than 3,400 IT professionals employed to maintain legacy programming languages, a U.S. House committee was told after the OPM breach.
If the federal government doesn’t modernize its systems, Pang said it may see more large breaches similar to the OPM hack.
In the absence of modernization, Pang said that effective IT governance “mitigates security risks of the legacy systems.” It also recommended moving systems to the cloud.
Pang said the government needs to pass the Modernizing Government Technology Act. That legislation, which was approved by the House last year, would have boosted IT spending by about $9 billion from 2017 to 2021 had it reached the president’s desk.
Facebook Inc is forbidding software developers from using the massive social network’s data to create surveillance tools, closing off a process that had been exploited by U.S. police departments to track protesters
Facebook, its Instagram unit and rival Twitter Inc came under fire last year from privacy advocates after the American Civil Liberties Union (ACLU) said in a report that police were using location data and other user information to spy on protesters in places such as Ferguson, Missouri.
In response to the ACLU report, the companies shut off the data access of Geofeedia, a Chicago-based data vendor that said it works with organizations to “leverage social media,” but Facebook policy had not explicitly barred such use of data in the future.
“Our goal is to make our policy explicit,” Rob Sherman, Facebook’s deputy chief privacy officer, said in a post on the social network on Monday. He was not immediately available for an interview.
The change would help build “a community where people can feel safe making their voices heard,” Sherman said.
Racially charged protests broke out in the St. Louis suburb of Ferguson in the aftermath of the August 2014 shooting of black teenager Michael Brown by a white police officer.
In a 2015 email message, a Geofeedia employee touted its “great success” covering the protests, according to the ACLU report based on government records.
Representatives of Geofeedia could not immediately be reached for comment on Monday. The company has worked with more than 500 law enforcement agencies, the ACLU said.
Geofeedia Chief Executive Officer Phil Harris said in October that the company was committed to privacy and would work to build on civil rights protections.
Major social media platforms including Twitter and Alphabet Inc’s YouTube have taken action or implemented policies similar to Facebook’s, said Nicole Ozer, technology and civil liberties policy director at the ACLU of Northern California.
Ozer praised the companies’ action but said they should have stopped such use of data earlier. “It shouldn’t take a public records request from the ACLU for these companies to know what their developers are doing,” she said.
It was also unclear how the companies would enforce their policies, said Malkia Cyril, executive director of the Center for Media Justice, a nonprofit that opposes government use of social media for surveillance.
Inside corporations, “is the will there, without constant activist pressure, to enforce these rules?” Cyril said.
The nonprofit publication has unveiled a set of new testing standards it hopes will push the tech industry to create safer products.
“The goal is to help consumers understand which digital products do the most to protect their privacy and security, and give them the most control over their personal data,” the publication said.
Already, cybersecurity experts are finding new tech products, whether they are cars or smart teddy bears, that are often poorly secured and easy to hack.
Other tech products have been found collecting data on their users, without their knowledge.
Government agencies and private groups have tried to address the problem by designing new guidelines for the industry to follow. However, none of them has received widespread support, Consumer Reports said.
But that doesn’t mean nothing can be done. “Consumer pressure and choices can change the marketplace,” the publication said.
Although Consumer Reports didn’t give a date, it will “eventually” use the new standards to test and rate products. In doing so, the publication can expose which vendors are failing to protect their consumers, and the information can help inform the public about the products they should buy.
“When consumers vote with their wallets and their clicks, we’ve seen that companies pay attention,” the publication said.
To develop the standards, the publication collaborated with three digital consumer protection groups including one led by a well-known cybersecurity expert Peiter “Mudge” Zatko.
Zatko is the director at the Cyber Independent Testing Lab, a nonprofit that has come up with a rating system to test software for security problems.
“You cannot tell people everything’s on fire and then not have anything positive for consumers to do,” Zatko said in a statement.
Consumer Reports has already made its testing standard available on GitHub, and it’s looking for feedback. The publication is also hoping that industry vendors will use the standard when developing new tech products.
“We think these standards address a real gap in the marketplace,” Consumer Reports said.
Although the publication is mainly focused on the U.S. market, it’s also part of Consumers International, a federation of consumer groups that’s working to protect people’s digital privacy across the world.
A pair of $250,000 autonomous buses began driving around an empty San Francisco Bay Area parking lot on Monday, gearing up to move onto a local public road in California’s first pilot program for a self-driving vehicle without steering wheel or human operator.
California and other states are weighing the opportunities of becoming a hub of testing a technology that is seen as the future of transportation and the risks from giving up active control of a large, potentially dangerous vehicle.
In most tests of self-driving cars there is still a person seated at the steering wheel, ready to take over, although Alphabet Inc’s Waymo tested a car with no steering wheel or pedals in Austin, Texas, as early as 2015.
The bus project in San Ramon, at the Bishop Ranch office park complex, involves two 12-passenger shuttle buses from French private company EasyMile.
The project is backed by a combination of private companies and public transit and air quality authorities, with the intention of turning it into a permanent, expanded operation, said Habib Shamskhou, a program manager who strolled in front of a moving bus to show that the vehicle would notice him and react. It stopped.
In a test for reporters, one bus cruised a block-long circuit so consistently that it created a dirt track on the tarmac.
California legislators late last year passed a law to allow slow-speed testing of fully autonomous vehicles without steering wheels or pedals on public roads, with the Bishop Ranch test in mind.
The shuttle buses will test for a few months in the parking lots before operators apply for Department of Motor Vehicles approval under the new law. The vehicles are expected to swing onto the local street late this year or early in 2018.
More U.S. consumers filed complaints about imposter scams than identity theft for the first time in 2016, as fraudsters relied more on the phone and less on email to find victims, according to the Federal Trade Commission.
Impostor scams accounted for 406,578 of the 3,050,374 consumer complaints received in 2016 by the FTC’s Consumer Sentinel Network, just above the 399,225 received for identity theft, the agency said.
Debt collection generated 859,090, or 28 percent, of all complaints, more than any other category. Complaints overall fell 3 percent from the record 3,140,803 set a year earlier.
The FTC attributed the rise in impostor scam complaints to more fraudsters pretending to be trustworthy government officials, like from the Internal Revenue Service demanding payment of taxes.
Impostor scams topped the list of complaints from military personnel, accounting for 32 percent of the 115,984 received.
The 19 percent drop in identity theft complaints, meanwhile, came as authorities try to educate consumers about protecting personal data and reporting suspicious activity quickly.
Of the consumers reporting fraud, 77 percent said scammers contacted them first by phone, up from 54 percent just two years earlier.
Only 8 percent reported being first contacted by email, and just 6 percent through the Internet.
A total of 662,209 consumers reported losing $744.5 million through fraud in 2016, for an average $1,124 each, the FTC said.
Fifty-eight percent of reported fraudulent payments were made by wire transfers, and most of the rest by credit cards, debits from bank accounts, or prepaid cards, the FTC said.
The database includes complaints made directly to the FTC, various state and federal law enforcement agencies, and other groups including the Council of Better Business Bureaus.
“There’s one catalyst at the moment and that is the expectation that the Winklevoss Trust will be approved on the 11th of March. That’s the only game in town,” said Daniel Masters, portfolio manager of Jersey-based Global Advisors Bitcoin Investment Program.
Investors Cameron and Tyler Winklevoss have a pending application with the SEC for a bitcoin ETF, which was filed nearly four years ago. On March 11, the twins are expected to receive a final decision from the U.S. Securities and Exchange Commission on whether they can list their ETF.
If approved by the SEC, this would be the first bitcoin ETF issued by a U.S. entity.
On Friday, bitcoin climbed to a record $1,298 on the BitStamp platform. Bitcoin last traded at $1,263.01, up nearly 5 percent on the day. So far this year, bitcoin has surged more than 30 percent.
Bitcoin is a virtual currency that can be used to move money around the world quickly and anonymously without the need for a central authority.
Darin Stanchfield, founder and chief executive officer of bitcoin wallet KeepKey, said the approval of the Winklevoss ETF would be a big boost to the market. “It should add a fair amount of liquidity to the bitcoin market,” added.
To date, there are two other bitcoin ETF applications with the SEC. Grayscale’s Bitcoin Investment Trust, backed by early bitcoin advocate Barry Silbert and his Digital Currency Group, filed its application with the SEC in March last year.
SolidX Partners Inc, a U.S. technology company that provides blockchain services, also filed its ETF application in July of last year.
Bitcoin relies on so-called “mining” computers that validate blocks of transactions by competing to solve mathematical puzzles every 10 minutes. In return, the first to solve the puzzle and clear the transaction is rewarded with new bitcoins.
Analysts said the groundwork for bitcoin gains was laid in July last year in a process called “halving,” where rewards offered to bitcoin miners shrink. That has constrained the supply of the digital currency.
Dan Morehead, chief executive officer at hedge fund Pantera Capital, said in his recent letter to investors that the bitcoin price moves in line with the currency’s use in transactions and both have risen sharply.
He sees the bitcoin price possibly rising to $2,288 by the end of the year.
FCC Chairman Ajit Pai will ask for either a full commission vote on the stay before parts of the rules take effect next Thursday or he will instruct FCC staff to delay part of the rules pending a commission vote, a spokesman said Friday.
The rules, passed when the FCC had a Democratic majority, require broadband providers to receive opt-in customer permission to share sensitive personal information, including web-browsing history, geolocation, and financial details, with third parties. Without the stay, the opt-in requirements were scheduled to take effect next week.
But critics have complained that the rules only apply to ISPs, and not to giant online companies, like Google and Facebook, that collect huge amounts of personal data. And the FCC rules hold ISPs to a higher privacy standard than the case-by-case privacy enforcement that the Federal Trade Commission uses when investigating other companies, critics say.
Supporters of the strong ISP privacy rules say broadband providers have huge opportunities to collect customers’ personal information. And U.S. law gives the FCC little authority to regulate the privacy practices of companies that aren’t network service providers.
“Chairman Pai believes that the best way to protect the online privacy of American consumers is through a comprehensive and uniform regulatory framework,” an FCC spokesman said by email. “All actors in the online space should be subject to the same rules, and the federal government shouldn’t favor one set of companies over another.”
Republican Pai has promised to roll back many of the regulations passed while Democrat Tom Wheeler served as FCC chairman. This week, the FCC voted to roll back some net neutrality regulations that require broadband providers to inform customers about their network management practices.
Pai’s decision to stay the privacy rules goes against U.S. law requiring the agency to protect customers of telecom networks, said Matt Wood, policy director at digital rights group Free Press.
Pai’s decision, however, earned praise from former Representative Rick Boucher, a Democrat who has criticized FCC regulations in recent years.
The stay is “a smart first step toward rolling back asymmetrical regulation that is at odds with consumers’ privacy expectations, deters innovation and causes marketplace distortion,” said Boucher, now honorary chairman of the Internet Innovation Alliance, a broadband advocacy group.
There was a 95% increase in new solar installations over the previous year, when 7.4GW were installed, according to a new report from GTM Research and the Solar Energy Industries Association (SEIA). The complete report — titled “U.S. Solar Market Insight, 2016 Year in Review” — is due to be released on March 9.
According to the report, for the first time U.S. solar power ranked as the top source of new electricity-generating capacity, accounting for 39% of all new power across all fuel types in 2016.
The U.S. now boasts more than 1.3 million solar installations, with a cumulative capacity of over 40 gigawatts, according to the report.
“In a banner year for U.S. solar, a record 22 states each added more than 100MW,” Cory Honeyman, GTM Research’s associate director of U.S. solar research, said in a statement. “While U.S. solar grew across all segments, what stands out is the double-digit gigawatt boom in utility-scale solar, primarily due to solar’s cost competitiveness with natural gas alternatives.”
The record growth in solar was represented mostly by utility-scale installations, which were spurred on by energy suppliers hoping to take advantage of the federal Investment Tax Credit (ITC), which was set to expire last year. The ITC offers a tax credit equal to 30% of a solar or wind project’s costs. Just two weeks before it was set to expire, however, Congress — in a surprise move — extended the ITC for an additional five years.
ith the ITC extension, U.S. demand for solar is now expected to continue to grow through 2021, with an increasing number of states likely to reach grid parity as companies bring down renewable energy costs and retail electricity pricing continues to rise, according to Vishal Shah, an analyst with Deutsche Bank.
Along with record installations came a record number of jobs created by the solar industry, according to a separate report. In 2016, there were 260,000 employees working in the solar market, representing a 25% increase over the previous year. One out of every 50 new jobs added in the U.S. in 2016 was created by the solar industry, representing 2% percent of all new jobs, according to the The Solar Foundation’s Solar Jobs Census 2016.
Oracle has decided that it is not going to give up trying to convince the world that Google owes it billions for Android software.
For the last seven years, Google and Oracle have been slugging it out over copyright over Java applets, which Oracle insists are the key to making Android run. It has gone through two federal trials and bounced around at appeals courts, including a brief stop at the US Supreme Court. Oracle has sought as much as $9 billion in the case.
Other than one loss, which was successfully appealed, Google has won. Now Oracle briefs have decided it is time for another round and filed an appeal with the US Court of Appeals for the Federal Circuit that seeks to overturn a federal jury’s decision last year.
In the trial last year in San Francisco, the jury ruled Google’s use of 11,000 lines of Java code was allowed under “fair use” provisions in federal copyright law.
In Oracle’s 155-page appeal on Friday, it called Google’s “copying…classic unfair use” and said “Google reaped billions of dollars while leaving Oracle’s Java business in tatters”.
Oracle’s brief also argues that “When a plagiarist takes the most recognizable portions of a novel and adapts them into a film, the plagiarist commits the ‘classic’ unfair use”.
So all Oracle has to do is prove that Applets are the most recognisable part of Java which has been converted into a new product.
That’s because the operation involved the FBI hacking 8,700 computers in 120 countries, based on a single warrant, they said.
“How will other countries react to the FBI hacking in their jurisdictions without prior consent?” wrote Scarlet Kim, a legal officer with U.K.-based Privacy International.
On Friday, that group, along with the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union of Massachusetts, filed briefs in a lawsuit involving the FBI’s hacking operation against Playpen. The child pornography site was accessible through Tor, a browser designed for anonymous web surfing. But in 2014, the FBI managed to take it over.
In a controversial move, the agency then decided to use the site to essentially infect visitors with malware as a way to track them down.
As a result, the FBI is prosecuting hundreds who were found visiting the site, but it also happened to hack into computers from 120 countries.
On Friday, the three privacy groups filed briefs in a case involving Alex Levin, a suspect in the FBI’s Playpen investigation who’s appealing the way the agency used malware to gather evidence against him.
Privacy International claims that the warrant the FBI used to conduct the hacking is invalid. This is because the U.S. was overstepping its bounds by conducting an investigation outside its borders without the consent of affected countries, the group said.
According to Privacy International, the case also raises important questions: What if a foreign country had carried out a similar hacking operation that affected U.S. citizens? Would the U.S. welcome this?
The EFF and ACLU also claim that the FBI’s warrant was invalid, but they cite the U.S. Constitution, which protects citizens from unreasonable searches.
“Here, on the basis of a single warrant, the FBI searched 8,000 computers located all over the world,” EFF attorney Mark Rumold wrote in a blog post. “If the FBI tried to get a single warrant to search 8,000 houses, such a request would unquestionably be denied.”
A key concern is that a warrant to hack into so many computers will set a precedent. “Even serious crimes can’t justify throwing out our basic constitutional principles,” Rumold said.
The so-called broadcast incentive spectrum auction is one of the commission’s most complex and ambitious to date and should be complete by April.
The FCC said last year that 62 bidders made upfront payments to take part, including AT&T Inc, Verizon Communications Inc, Dish Network Corp, T-Mobile US Inc and Comcast Corp.
Of the nearly $20 billion raised, more than $6 billion will go to reduce the U.S. deficit, more than $10 billion will go to broadcasters that chose to relinquish spectrum rights, and up to $1.75 billion for other broadcasters that incur costs in changing channels.
The final price for 84 megahertz of spectrum could rise above $20 billion as buyers may hike final bids for specific frequency blocks before the sale is complete.
In June, the FCC said sellers had initially sought $86.4 billion for 126 megahertz of television airwaves taken from broadcasters to be sold for wireless use.
Many analysts had expected broadcasters to earn substantially more in the auction, with some forecasting in 2016 $30 billion in proceeds.
Twentieth-First Century Fox Inc’s Fox Television unit said this week it would receive about $350 million in proceeds from spectrum sales. Tribune Media Co said it expects $190 million in proceeds from the auction.
Gray Television Inc said it expects to receive $90.8 million and Sinclair Broadcast Group Inc expects to receive $313 million. Others did not participate. E. W. Scripps Co said Friday it had opted not to take part because it thought prices were too low.
FCC Chairman Ajit Pai said the closing of bidding is a “major milestone,” adding the spectrum will boost wireless service.
“These low-band airwaves will improve wireless coverage across the country and will play a particularly important role in deploying mobile broadband services in rural areas,” Pai said.
The spectrum will transition over 39 months. Some stations will transition to a new band and a new channel, while others will move off-air. Those going off the air must give at least 30 days notice.
Many public TV stations also took part in the auction.
FCC Commissioner Michael O’Rielly raised concerns about the auction. He said it was not a “failed auction” but said “significant review is necessary to understand how the FCC rules and auction design impacted the results.”
The FCC published a proposed regulation that would allow TV stations to begin broadcasts using the ATSC3.0 format, a newer version of the digital transmission format used today.
ATSC 3.0 uses an IP data stream, so it’s much more flexible than current broadcast standards. Using the system, broadcasts can simultaneously send several video streams of varying bandwidths and additional streams of data.
Proponents of the technology say this would enable 4K broadcasting and is a way to rapidly disseminate public safety information, but whether such services will be offered is up to individual broadcasters.
The document, a notice of proposed rule making (NPRM), is a statement by the FCC of an intended new regulation. It’s the start of the regulation-forming process and can be shaped by comments and pressure from the public and industry.
As proposed, the regulation will allow the voluntary use of ATSC3.0. To receive the new format, upgrades will be required to televisions and reception equipment, so the FCC proposes allowing TV stations to continue broadcasting in the current version 1 format. Cable TV companies won’t be required to carry ATSC3.0 signals, and broadcasters will still need to abide by public interest obligations.
The proposed regulation doesn’t mandate that TV set makers begin including ATSC3.0 tuners in their products.
The availability of the notice itself is notable. Previously, the FCC published NPRMs internally ahead of monthly meetings, and they only became public after commissioners had voted on them.
“Lobbyists with inside-the-Beltway connections are typically able to find out what’s in them,” he said in a statement. “But the best that average Americans will get is selective disclosures authorized by the Chairman’s Office — disclosures designed to paint items in the most favorable light. More often, the public is kept completely in the dark.”
So, from Thursday, Pai is publishing NPRMs as they are available to FCC commissioners. The ATSC3.0 proposal, and one allowing AM radio stations more freedom in siting FM transmitters, were the first two under what Pai said is a trial.
If successful, he said the new transparency policy will “give the public much more insight into the commission’s activities.”
The most recent Federal Communications Chairman, Ajit Pai, who took office earlier last week, has made a commitment to reduce regulatory barriers to growth and innovation and prioritize building the digital divide, a national social inequality measurement on access to internet services.
Speaking to reporters during his first open meeting as commissioner on Tuesday, Pai still says he remains undecided on net neutrality and was unable to answer some questions regarding the rule. Last month, the chairman commented that he believes “[net neutrality] days are numbered]” and has referred to them a “dangerous assault on the culture of the First Amendment”. He has told the media that he wants to review the rules prior to making any determinations.
“I think the issue is pretty simple. I favor a free and open Internet and I oppose Title II,” he said during the meeting. “That’s pretty much all I can say about that topic.”
The agency reclassified broadband Internet service as a Title II “common carrier” service in February 2015 by a 3-2 vote, establishing an Open Internet Order that prohibits app blocking, paid traffic prioritization and data throttling. The order also prohibits Internet service providers from taking actions that “unreasonably interfere with or disadvantage consumers or the companies whose site and apps they’re trying to access.” Now, it appears that the his administration may go back to favoring business interests and giving more leverage to ISP claims of “reasonable network management” practices.”
Focus on bridging the digital divide
One of Pai’s top priorities as chairman will be the facilitation of bridging the digital divide in socioeconomic areas of poor wireless coverage or slow terrestrial buildout of IP network infrastructure. He announced the formation of a Broadband Deployment Advisory Committee that will develop specific recommendations on how the FCC can encourage broadband deployment across America. These include identifying unreasonable regulatory barriers to broadband deployment, ways to encourage local governments to adopt deployment-friendly policies and any other reforms available under the Commission’s authority.
Wants to eliminate robocalling
For now, Pai has said that consumer protection is an area he remains committed to enforcing during his tenure as chairman. One of the top complaints often brought by consumers is the prevalence of robocalls, or automated telemarketing schemes designed to issue fraudulent subscription services or obtain credit card information. He says that he intends to “find ways to make sure consumers are protected from that scourge.”
“More generally, my philosophy on enforcement is simple,” Pai said. “You follow the law, you make a diligent search for the facts, and in your review of the law and the facts, take the appropriate action that is necessary to protect the public interest.”
Under the Title II reclassification, consumers and competitors can file complaints against ISPs over prices and policies that pose “unjust or unreasonable discrimination.” The common carrier rule also allowed for some privacy rules, such as getting opt-in consent from consumers before sharing Web browsing data, that were previously opposed by Pai and could be overturned.
Wants to eliminate inspection filing rules
One of the bigger agenda items during Pai’s meeting was a 3-0 vote to eliminate two inspection filing rules. The first rule required TV and radio stations to maintain copies of correspondence from viewers and listeners and make them available to the public. This will now be replaced by an online system available to the public. The second rule required cable companies to “maintain and allow public inspection of the location of a cable system’s principal headend, or the master facility for receiving and processing TV signals.” Now, headend information will only be available to the FCC, TV stations and franchisers upon request. The idea here is that eliminating these regulations can free up some money for ISPs to invest in building and upgrading their networks.
FCC drops set-top box market, business data service reforms from agenda
Another item list that might have been considered for the Tuesday meeting were previous chairman Tom Wheeler’s proposals on set-top box market reform, but on Monday night Pai had dropped these interests from the meeting agenda.
The proposal, introduced last January, would allow customers to freely choose from a variety of over-the-top devices from Google, Apple, Amazon, Roku and others to receive cable or satellite-based television content using coaxial inputs and internal “smart access card” equivalents and a simple subscription activation process. However, previous chairman Tom Wheeler quickly fired off a tweet criticizing Pai’s decision to drop the proposal – likely because it was one of his key agenda items during his tenure.
Other proposals that seem to have been dropped from the first meeting include one to reform the market for business data services by easing tax regulations for high-bandwidth organizations. The proposal would have placed a limit on fees for businesses, hospitals and schools regularly using large volumes of data.
These concerns of consumers should also alarm businesses: Consumers are willing to switch to another bank, medical center or retailer if they feel their personal information is threatened, the survey found.
“Consumers can exact punishment for data breaches or mishandled data by changing buyer behavior or shifting loyalty,” said Sean Pike, an analyst at IDC, in a statement. The survey, released last week, polled 2,500 U.S. consumers about their privacy concerns across four verticals: Financial services, healthcare, retail and government.
Younger consumers, aged 18 to 35, were more concerned for their privacy than older consumers, aged 36 to 50, the survey found. The younger age group also had a 56% likelihood of switching business providers based on an impending hacker threat, compared to 53% for the older group. Meanwhile, women were more likely to switch than men, by a difference of 8 percentage points, for an impending hacker threat.
If a breach affected them directly, 78% of all consumers said they would switch to another business from the one where the breach occurred.
IDC said that with retail businesses, many consumers are not aware of the amount or kinds of information that retailers collect. Such information can include the items a shopper has bought and at what time of day, and even how long a customer lingers in a store.
The survey found that shoppers increasingly are willing to evaluate a store’s track record for protecting personal information. “It is in a retailer’s best interest to define what information they are tracking firmly and clearly, and to provide consumers methods to manage those preferences,” IDC’s report said. “Retailers who do not take consumer data protection seriously may find that they permanently lose customers to competitors that offer more transparency and manageability of their Personally Identifiable Information.”
For the healthcare sector, IDC’s survey found that increasing numbers of ransomware attacks will impact consumer confidence for a particular provider. New guidance under HIPAA (the health Insurance Portability and Accountability Act) notes that ransomware attacks like those at Hollywood Presbyterian Medical Center and Kansas Heart Hospital are considered security incidents that could lead to finding a breach of federal Protected Health Information.
Safety standards for lithium-ion batteries should be updated following a massive recall of Samsung Electronics Co Ltd phones after faulty batteries caused fires, a U.S. government agency said on Tuesday.
“Consumers should never have to worry that a battery-powered device might put them, their family or their property at risk,” Consumer Product Safety Commission Chairman Elliot Kaye said in a statement.
The agency reached agreement with Samsung to recall 2.5 million Note 7 phones in early September. While most recalls have a “dangerously low” consumer response rate, 97 percent of Samsung’s Note 7 phones have been returned, Kaye said.
“At a minimum, industry needs to learn from this experience and improve consumer safety by putting more safeguards in place during the design and manufacturing stages to ensure that technologies run by lithium-ion batteries deliver their benefits without the serious safety risks,” Kaye said.