Monthly Archives April 2018

Should we have the right to disconnect from our work?

According to an article in The Ottawa Citizen, North Americans are raising concerns about the lack of a right-to-disconnect law that would free workers from being available on their phones, email, and increasing use of business messaging apps, even after work hours have ended.

This issue is gaining more attention following a New York Councilman saying last week that he was proposing a law to make it illegal to force employees to access “work-related electronic communications” from home, save for emergency situations and other important exceptions. Under this proposed law, “companies would have to draft written policies spelling out the hours of work and time off, and employers would not be allowed to threaten penalties against anyone who refused to check their email or work-related social networks off-hours.”

New York isn’t the only region with this idea. The federal government in France enacted legislation to deal with this issue, and Quebec MPP Gabriel Nadeau-Dubois also tabled a private member’s bill last week to “ensure that employee rest periods are respected by requiring employers to adopt an after-hours disconnection policy.” In the Quebec bill, proposed fines for companies that violate the rule would range from $1,000 to $30,000.

In announcing his bill, Nadeau-Dubois explained that, “For my parents’ generation, when you were leaving the office, you were actually leaving the office. It’s not true for my generation anymore. When you leave work, you still have to work because you have emails from your boss or colleague. The separation between professional life and private life is disappearing.”

This issue is especially pressing in a time when messaging communications are more present than ever across various industries. For example, Slack now has nine million weekly active users across 100 countries. That’s nine million people who might feel pressured to work after hours. Business leaders disagree about the benefits of disconnecting – but its clear that this is a theme that will concern business culture for some time.

Source: ottawacitizen.com – Right-to-disconnect talk picks up as popularity of workplace messaging apps rises
Published: March 27, 2018

Millions of Panera Bread customers info exposed in security flaw

According to Ars Technica, 37 million Panera Bread customer records have been exposed due to a security flaw that the company failed to fix until recently, despite having been made aware of the flaw eight months ago.

The restaurant chain claimed that under 10,000 customers privacy had been breached when they fixed the flaw early this week. But security researcher Brian Krebs argues that millions of records were “available online and that they remained available at publicly accessible URLs after Panera said the flaw was fixed.”

The information that was leaked online included customers’ loyalty card numbers, which Krebs wrote on his security website could “potentially be abused by scammers to spend prepaid accounts or to otherwise siphon value from Panera [customers].” The information also included full names of customers, email addresses, phone numbers, birthdays, the last four numbers of credit cards, addresses, saved food preferences, and dietary restrictions.

According to security researcher Dylan Houlihan, who talked to Ars Technica, the flaw “let anyone search by a variety of customer attributes, including phone number, email address, physical address, or loyalty account number.”

Ars Technica reports that the “URLs appear to have finally been scrubbed of the customer information, as they now produce error messages instead of customer data.”

Panera was made aware of the data leak on August 2nd of last year in an email by Houlihan, who offered to call Panera to help inform the company of what was happening. As Ars Technica describes, “In response, Panera Information Security Director Mike Gustavison accused Houlihan of trying to scam the company.” In other words, Panera allowed the flaw to go unchecked for months, exposing user data, despite prior knowledge.

Although the flaw is now fixed, and user data is no longer up for grabs by anyone with a Wi-Fi connection, many feel Panera’s response to the entire situation was somewhat disappointing, especially in regards to downplaying the number of customers impacted.

Source: arstechnica.com – Panera accused security researched of “scam” when he reported a major flaw
Published: April 3, 2018

Arizona’s autonomous vehicle fatality is making Floridians question their own state laws

Not everywhere has laws regulating autonomous vehicles yet, and in many parts of the world, those laws are still pretty far off. However, for Floridians, driverless cars have been legal on their state’s roads since 2012. Since then, the work of legislators like Senator Jeff Brandes has made it so that vehicles can operate without any human presence inside.

Senator Brandes told Government Technology magazine that Florida is “one of the most forward-thinking states in the country as it relates to the future of mobility and transportation.”

Some are questioning what kinds of risks come hand-in-hand with this forward-thinking, especially after a woman in Tempe, Arizona was killed in mid-March after being struck by an Uber autonomous vehicle that was still in testing phases.

An attorney from Clearwater, Florida, Joshua Chilson, told Government Technology what he thinks about Florida’s perhaps premature laws. “You have this technology that is being unleashed on the world prior to it really being ready. It’s obviously not advanced to the point where it’s capable of responding to real-life scenarios, like the one that happened in Tempe.”

Why is Florida so ahead of the autonomous vehicle curve? Well, Brandes and other lawmakers in his state have worked to make Florida an attractive option for companies looking to manufacture and test driverless cars. And in that regard, they have been successful.

As Government Technology explains, “In February, a Starsky Robotics truck completed a 7-mile drive on a closed portion of Route 833… without a human in the vehicle. [And] Ford started testing self-driving cars in Miami-Dade County. Some are even delivering pizza.” Autonomous taxis are anticipated in the state later this year.

But President of the Florida Justice Association, Dale Swope, told the magazine that Floridians shouldn’t be put at risk for this industry. “Our school zones should not be their beta test laboratory,” Swope said. “That’s what test facilities are for.” The Florida Justice association is lobbying for the state to include accountability language in its legislation.

Florida has the chance to innovate and create jobs, but at the same time is potentially putting people at risk with an uncertain technology. It’s a tricky situation, and one that encompasses the struggle of autonomous driving technology everywhere.

Source: govtech.com – Florida’s AV Law Goes Too Far, Critics Say
Published: April 2, 2018

The IRS wants you to watch out for scams during tax season

Unfortunately, income tax season can be a vulnerable time for thieves using phone or phishing scams. The IRS wants you to be aware of these potential threats, and take extra caution this month.

This time of year, you might receive a phone call saying you owe taxes and can be arrested if you don’t give the caller your credit card or other personal information. Sometimes these are recorded messages that can be convincing. As reported in Top Tech News, the IRS wants to make it clear that this is never how it will contact you.

“The IRS does not initiate contact with taxpayers by phone. And if someone owes money to the government, they’ll first get a bill through the mail. The IRS also does not demand payment until after a taxpayer has had time to question and/or appeal a bill. The agency also says it does not ask for credit or debit card numbers over the phone,” Top Tech News explained.

The IRS also never makes first contact with a taxpayer via email. If you get an unexpected email allegedly from the IRS in your inbox, it’s probably a scam. These emails often demand you Social Security Number, which the IRS would never do in an email.

The IRS wants taxpayers to keep extra attention on their bank accounts this season, and go to www.irs.gov to learn more about potential scams.