IT IT
IT Audit - The Institute Of Internal Auditors  

IN THIS ISSUE

Reference Library: Privacy

Information and organizations related to privacy issues, as well as products and services for safeguarding privacy.

BBBOnline
BBBOnline, a subsidiary of the Council of Better Business Bureaus, offers a privacy tool subscription service that allows businesses to display compliance with online privacy principles to consumers.
Canadian Internet Law Resource Page
Coverage of Internet law in Canada, including case law, legislation, government reports, conferences, mailing lists, and other resources.
Center for Democracy and Technology
The Center for Democracy and Technology (CDT) works to promote democratic values and constitutional liberties in the digital age and to enhance free expression and privacy in global communications technologies.
Cipher
Cipher is the Institute of Electrical and Electronics Engineers' electronic newsletter on security and privacy.
Electronic Privacy Information Center (EPIC)
EPIC is a public interest research center that focuses public attention on emerging issues dealing with civil liberties and helps protect privacy and constitutional values.
Employee Privacy: Computer-use Monitoring Practices and Policies of Selected Companies
A 2002 U.S. Government Accountability Office report provides information about computer-use monitoring practices at 14 Fortune 1000 companies. [PDF]
Encryption Privacy and Security Resource Page
This site educates the public, press, and policy-makers about the importance of encryption and the need for meaningful reform of U.S. encryption policy in a way that protects privacy and security.
EPIC Cryptography Page
This page provides a listing of articles and reports on the legal status of cryptography.
Global Internet Project (GIP)
GIP is an international group of senior executives committed to fostering continued growth of the Internet. GIP publications and educational events address commerce, content, privacy, security, governance, and infrastructure.
How Electronic Encryption Works
This survey covers topics such as cryptography in businesses, e-mail security risks, electronic encryption, e-mail encryption systems, attacks on PGP, encryption laws, and PGP legal points in Australia.
ICSA Labs
ICSA Labs publishes surveys, industry studies, and buyers' guides; sponsors security consortiums; and shares information with manufacturers, developers, academia, and others.
Identity Theft — U.S. GAO Report to Congress March 2002
Identity Theft — Prevalence and Cost Seem to be Growing, provides statistics on the incidence and societal costs of identity theft. [PDF]
Information and Privacy Commissioner of Ontario (Canada)
This agency provides an independent review of Ontario's government decisions and practices concerning access and privacy, investigates complaints, researches access and privacy issues, and educates the public.
InfoSysSec
This portal for information systems security students and professionals includes categorized links, security and hacking guides, tutorials, news, alerts, search engines, mailing lists, and downloads.
Liberty Alliance
The Liberty Alliance delivers and supports a federated-network identity solution for the Internet that enables single sign-on for consumers and business users.
Network Payment Mechanisms and Digital Cash
The Network lists Web sites concerning payment mechanisms designed for the Internet, implementation tools, discussions, mailing lists, and press releases.
Online Privacy Alliance (OPA)
OPA is a diverse group of corporations and associations that promote the protection of privacy online. The site provides resources for businesses and consumers on each of their roles in online privacy.
Privacy Commissioner of Canada
The Privacy Commissioner of Canada advocates the privacy rights of Canadians with the power to investigate complaints and conduct audits under two federal laws.
Revolutionizing HIPAA Secure Remote Access to Extend Beyond Privacy
This report by technology consultant John Vacca discusses methods and technologies for securing and authenticating online access to U.S. Health Insurance Portability and Accountability Act (HIPAA) data. [PDF]
TRUSTe
TRUSTe is an independent nonprofit privacy initiative dedicated to building users' trust on the Internet; its third-party seal program is designed to alleviate users' concerns and meet business needs of licensed Web sites.
Tumbleweed Communications
Tumbleweed Communications provides software solutions to manage secure Internet communication and collaboration, empower organizations to safely share or protect critical information, and increase customer privacy.
U.S. Federal Trade Commission (FTC) Privacy Page
This FTC Web page educates consumers about the importance of personal information privacy.
U.S. NIST Computer Security Resource Center (CSRC)
The National Institute for Standards and Technology's (NIST's) CSRC collects and disseminates computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems.
VeriSign Security Guides
Free guides cover topics including Web site security, online payment processing, building e-commerce sites, server security, Apache servers, public key infrastructure, vulnerability assessment, and wireless communications.
Who Goes There?: Authentication Through the Lens of Privacy
This report from the U.S. National Research Council addresses the privacy impact of authentication technologies such as biometrics and passwords.