The escalation of security breaches involving personally identifiable information (PII) has contributed to the loss of millions of records over the past few years. Breaches involving PII are hazardous to both individuals and org. Individual harms may include identity theft, embarrassment, or blackmail. Organ. harms may include a loss of public trust, legal liability, or remediation costs. To protect the confidentiality of PII, org. should use a risk-based approach. This report provides guidelines for a risk-based approach to protecting the confidentiality of PII. The recommend. here are intended primarily for U.S. Fed. gov¿t. agencies and those who conduct business on behalf of the agencies, but other org. may find portions of the publication useful.

Face recognition technologies (FRTs) have many practical security-related purposes, but advocacy groups and individuals have expressed apprehensions about their use. This report highlights the high-level privacy and bias implications of FRT systems. The authors propose a heuristic with two dimensions -- consent status and comparison type -- to help determine a proposed FRT's level of privacy and accuracy. They also identify privacy and bias concerns.

Privacy is one of the most urgent issues associated with information technology and digital media. This book claims that what people really care about when they complain and protest that privacy has been violated is not the act of sharing information itself—most people understand that this is crucial to social life —but the inappropriate, improper sharing of information. Arguing that privacy concerns should not be limited solely to concern about control over personal information, Helen Nissenbaum counters that information ought to be distributed and protected according to norms governing distinct social contexts—whether it be workplace, health care, schools, or among family and friends. She warns that basic distinctions between public and private, informing many current privacy policies, in fact obscure more than they clarify. In truth, contemporary information systems should alarm us only when they function without regard for social norms and values, and thereby weaken the fabric of social life.

"The United States Code is the official codification of the general and permanent laws of the United States of America. The Code was first published in 1926, and a new edition of the code has been published every six years since 1934. The 2012 edition of the Code incorporates laws enacted through the One Hundred Twelfth Congress, Second Session, the last of which was signed by the President on January 15, 2013. It does not include laws of the One Hundred Thirteenth Congress, First Session, enacted between January 2, 2013, the date it convened, and January 15, 2013. By statutory authority this edition may be cited "U.S.C. 2012 ed." As adopted in 1926, the Code established prima facie the general and permanent laws of the United States. The underlying statutes reprinted in the Code remained in effect and controlled over the Code in case of any discrepancy. In 1947, Congress began enacting individual titles of the Code into positive law. When a title is enacted into positive law, the underlying statutes are repealed and the title then becomes legal evidence of the law. Currently, 26 of the 51 titles in the Code have been so enacted. These are identified in the table of titles near the beginning of each volume. The Law Revision Counsel of the House of Representatives continues to prepare legislation pursuant to 2 U.S.C. 285b to enact the remainder of the Code, on a title-by-title basis, into positive law. The 2012 edition of the Code was prepared and published under the supervision of Ralph V. Seep, Law Revision Counsel. Grateful acknowledgment is made of the contributions by all who helped in this work, particularly the staffs of the Office of the Law Revision Counsel and the Government Printing Office"--Preface.