The New Software Jurisprudence and the Faltering First Amendment

Given that courts reviewing restrictions on the development and distribution of software are increasingly invoking the First Amendment, it should follow that software will receive strong protection. Yet, while there have been judicial decisions which lend credence to the view that the Constitution can be invoked to protect software, subsequent developments in this area, which I term the new software jurisprudence cast severe doubt on the ability of the courts to apply the First Amendment so as to shield software effectively. These developments include the faults of previous strains of First Amendment analysis and then add more, with the ironic result that the First Amendment may now be used to justify the suppression of expression rather than to prohibit such suppression. This article analyzes two cases important to the development of this new jurisprudence, DVD CCA v. Bunner and Universal v. Corley,\u27 both of which provide reason to believe that the First Amendment will not be up to the task of providing the protection which computer code deserves

Privacy Violation and Detection Using Pattern Mining Techniques

Privacy, its violations and techniques to bypass privacy violation have grabbed the centre-stage of both academia and industry in recent months. Corporations worldwide have become conscious of the implications of privacy violation and its impact on them and to other stakeholders. Moreover, nations across the world are coming out with privacy protecting legislations to prevent data privacy violations. Such legislations however expose organizations to the issues of intentional or unintentional violation of privacy data. A violation by either malicious external hackers or by internal employees can expose the organizations to costly litigations. In this paper, we propose PRIVDAM; a data mining based intelligent architecture of a Privacy Violation Detection and Monitoring system whose purpose is to detect possible privacy violations and to prevent them in the future. Experimental evaluations show that our approach is scalable and robust and that it can detect privacy violations or chances of violations quite accurately. Please contact the author for full text at [email protected]

Cyber-threats against the Norwegian financial sector

Technological development affects most of the industries in the world, and the Norwegian financial sector is no exception. We use our digital tools every day, and these tools make footsteps of personal information. Norway is one of the most digitalized countries, and digitalization has brought new ways of thinking and made the sector more effective. However, this also brings new challenges with new vulnerabilities and risks. All this has made a need for understanding and managing cyber-risk. This thesis investigates how the Norwegian financial sector handles the risk of losing personal information when drawing on cyber-attacks by performing a content analysis based on relevant documents and articles. Discussion and analysis of the dominant documents and articles contribute to achieving the thesis goal of answering the research question. We do this intending to generate awareness of the cyber-risk in the sector when it comes to handling personal information. Additionally, we aim to create an understanding and knowledge base of the topic to understand the development better and be capable of being resilient to this type of risk. The content analysis of cyber-risk and cyber-threat in this thesis reveals that the risk of losing personal information is in constant flux. The reason is compound, but the analysis shows that our main findings can summarize it; Implementation and enactment of complexity in existing material, Speedy development and an arduous environment, and Endorsement of robustness, relicense, and redundancy. We were especially boggled over the neglection of integrating complexity as a risk in both the current NIST-framework and the ISO27001 standard. Also, the rapid development of technology and different types of actors may force the sector to take measures, but the long value chains increase the complexity

Cyber-threats against the Norwegian financial sector

Technological development affects most of the industries in the world, and the Norwegian financial sector is no exception. We use our digital tools every day, and these tools make footsteps of personal information. Norway is one of the most digitalized countries, and digitalization has brought new ways of thinking and made the sector more effective. However, this also brings new challenges with new vulnerabilities and risks. All this has made a need for understanding and managing cyber-risk. This thesis investigates how the Norwegian financial sector handles the risk of losing personal information when drawing on cyber-attacks by performing a content analysis based on relevant documents and articles. Discussion and analysis of the dominant documents and articles contribute to achieving the thesis goal of answering the research question. We do this intending to generate awareness of the cyber-risk in the sector when it comes to handling personal information. Additionally, we aim to create an understanding and knowledge base of the topic to understand the development better and be capable of being resilient to this type of risk. The content analysis of cyber-risk and cyber-threat in this thesis reveals that the risk of losing personal information is in constant flux. The reason is compound, but the analysis shows that our main findings can summarize it; Implementation and enactment of complexity in existing material, Speedy development and an arduous environment, and Endorsement of robustness, relicense, and redundancy. We were especially boggled over the neglection of integrating complexity as a risk in both the current NIST-framework and the ISO27001 standard. Also, the rapid development of technology and different types of actors may force the sector to take measures, but the long value chains increase the complexity

Exploring the need for a CERT for the Norwegian Construction Sector

This paper presents an empirical study on the need for sector-specific CERT capacity in the Norwegian construction sector. Findings from the interviews demonstrate a need for developing competence in ICT security in this sector. The actors express a desire for a forum for sharing information and learning from other actors within the industry. In our estimation, there is insufficient support in the industry to create a “full-blown” CERT/CSIRT. However, it seems that all the interviewees are positive about the idea of creating an ISAC-like forum.acceptedVersio