Category Archives: oud

Hello Barbie And Security Not The Perfect Couple, Claims Lawsuit

Hello Barbie says, “Privacy breach” to plaintiffs in a lawsuit that’s testing the boundaries of security in the Internet of Things age. Mattel ( MAT ), the maker of the interactive doll, is among those being sued on grounds that the doll picks up and records the voices of the children who play with the doll, voices that it uploads and stores without parental consent. The unusual case was filed in December in Los Angeles County Superior Court. Other defendants include San Francisco-based ToyTalk, which partnered with Mattel to produce the doll; and Los Angeles-based Samet Privacy, which does business as the kidSAFE Seal Program that lists, reviews and certifies interactive and online products as compliant with the federal Children’s Online Privacy Protection Act, or COPPA. “The problem is parents and children don’t really know that ToyTalk is going to use their child’s conversation for data mining and other purposes not fully disclosed,” said Steve Teppler of the Abbott Law Group in Jacksonville, Fla. “They say they’ll protect the child of the purchasing parent’s identity, but what about friends’ children?” Abbott Law Group represents the plaintiffs in the case: Ashley Archer-Hayes of Vista, Calif., who bought the doll, and her minor child; and Charity Johnson of Chula Vista, Calif., and her minor child “on behalf of all others similarly situated,” states the suit. The children of Johnson and Archer-Hayes are friends, and they played with Hello Barbie at a Barbie-themed birthday party late last year, the suit says. The suit is one of many dealing with the untapped online frontier that is the Internet of Things, referring to products used in everyday life that are increasingly connected with the Internet and that store information online. These products range from cars to home security systems. On its website, kidSAFE describes Hello Barbie as “the first fashion doll that can have a two-way conversation with girls. The doll features speech recognition and progressive learning features that enable girls to engage with Barbie like never before. Hello Barbie features more than 8,000 lines of dialogue, inspires imagination and storytelling, plays more than 20 interactive games, and tells jokes.” Although Hello Barbie must be registered to activate, and the registration process includes information relating to privacy, plaintiffs argue that Hello Barbie will pick up voices of a child’s friends, and those voices will be uploaded and stored without parental knowledge, let alone consent. Could Hello Barbie Owners Erase The Data? Interactive toys like Hello Barbie are expected to proliferate. How can parents stay informed about the privacy policies of each toy? “That’s the problem,” Teppler said. “What are your choices? You could make the doll only perform with the registered user, but that’s not the way the toy is designed. To comply with COPPA, you’d have to have a waiver for the user of the child’s voice. We don’t know what ToyTalk’s affiliates do with this information.” Teppler raised the possibility that information stored on ToyTalk computers could become discoverable in litigation, for example, if kids start talking about their parents’ activities. “It’s an interesting evidentiary issue,” said Teppler. “The terms of service say the purchasing parents can access the recordings for two years, but can they get them erased? You could deactivate your account, but they would still have the recordings.” Mattel would not make someone available for an interview, but spokesman Alex Clark said in an email, “While we do not comment on pending litigation, I can tell you Mattel is committed to ensuring every product we make meets or exceeds all applicable laws and regulations. In addition, we are confident in the robust data security technology used in our Hello Barbie product.” For its part, kidSAFE has rated Hello Barbie as “COPPA certified.” Ben Warlick, an attorney with Morris, Manning and Martin in Atlanta, says that plaintiffs have an uphill battle to recovery because Mattel and other defendants don’t control how a child uses the toy. “Plaintiffs pointed out suggestions for what Mattel could have done, including notifying parents that the toy should not be used outside the presence of other nonregistered children,” Warlick said. “But I do not think it’s a realistic argument to tell a child not to play with a toy around other kids; that’s hard to do.” Warlick, who co-chairs his firm’s Internet of Things practice group, says that the Hello Barbie case is likely just one of the first of many that will test the bounds of privacy protection in the Internet of Things age. “We started the new practice group because we’re finding that universal notions of privacy and security don’t necessarily translate to the Internet of Things,” he said. Warlick says that an argument can be made that interactive devices should have higher security and encryption features, “but many little battery-powered devices like weather or pet monitors may not have the processing power to run encryption or robust security measures.” Similar suits have been filed against ADP home security systems and Vizio smart TV sets. “It’s a real issue for product developers in this area,” Warlick said, “about what is the right level of security and encryption for these devices.”

Cisco Targets Cybersecurity For Productivity, Not Just Defense

Cisco Systems ( CSCO ) wants organizational leaders to understand that improving their competitive advantage, not just responding to fear, should inspire their cybersecurity strategy. Fearful tales, however, are hard to ignore. One recent example: Virtually all IT systems of the largest civilian hospital chain in the nation’s capital, including the MedConnect electronic health records system installed by Cerner ( CERN ), were shut down to prevent the spread of a computer virus in late March. Baltimore-based MedStar Health on March 30 called it a “despicable attack.” The disruption affected thousands of employees and many more patients, and restoration of the systems took days. “Within 48 hours of the malware penetration,” the three main clinical systems were “moving to full restoration,” said MedStar. A Cerner spokeswoman told IBD: “We continue to work closely with our client (MedStar) as the broader IT framework is brought back online.” But a week later, MedStar was still working on it: “Our partner Symantec ( SYMC ) … has been on the ground from the start of the situation and has been conducting a thorough forensic analysis,” MedStar said in an update last week, acknowledging it “has worked closely with the FBI throughout this situation.” The company again assured “that we have no evidence of any compromise of patient or associate data.” The Baltimore Sun reported the hospital’s hackers demanded ransom be paid in Bitcoin to unlock the hospital’s maliciously encrypted data. What a pain. What a danger. What a motivation for every organization to get its cybersecurity in order, as if another example were needed. “We’re very familiar with it,” James Mobley, a Cisco security services vice president, told IBD in an interview last week, acknowledging MedStar is a Cisco client. Cisco: Security-Led Firms More Prepared For Cloud, IoT Cisco, the No. 1 maker of computer networking gear and with a growing business in security, plans early next month to release a security survey of business executives. The company says productivity, growth and competitive advantage ought to be motivating cybersecurity decisions, not just fear. Its report, originally set for release early Tuesday, is titled “Nearly One-Third of Businesses View Cybersecurity Primarily as a Growth Enabler.” Silicon Valley-based Cisco, which briefed IBD and other media on the report, found that only a bit more than 30% of 1,014 corporate directors, vice presidents and C-level executives surveyed online “view cybersecurity primarily as an enabler of growth tied to digitization. “Security-led digitizers feel more prepared than others to address cybersecurity challenges in three key digital technology areas: analytics, Internet of Things and cloud computing,” Cisco said. “As a result, these organizations are far more confident about incorporating digital technologies into their business processes and offerings. “In fact, 44% of executives surveyed consider cybersecurity to be a competitive advantage for their organizations.” Cisco said cybersecurity will drive about $7.6 trillion of digital value over the next decade, with $5.8 trillion resulting from “cybersecurity’s enablement of digital use cases that instigate innovation and growth.” Is this marketing pablum or a legitimate call to action? Cisco has been under pressure to grow as fast as some of the smaller networking and software security firms with which it competes or partners. In its fiscal 2015 ended July 25, Cisco’s overall revenue rose only 4% to $49.16 billion, but its security services sales alone grew 12% to $1.75 billion. Medical IT leader Cerner grew 2015 revenue 30% to $4.42 billion, in part by selling P2Sentinnel and P2Sentinel Security as a Service (P2SaaS) products as a “security, auditing and compliance solution for tracking end-user access to confidential patient data in Mellennium, as well as other non-Cerner clinical solutions and infrastructure systems.” Palo Alto Networks ( PANW ), which specializes in security software, grew sales 55% last year. Rival Check Point Software ( CHKP ) saw revenue rise 9%. Symantec, MedStar’s prime cybersecurity contractor, reported pro forma revenue fell 6.3% year over year for its fiscal Q3 ended Jan. 1, adjusting for the sale of its Veritas business. Cisco’s survey data could serve as grist for its hungry marketing-sales machine, but it also provides a heads-up to companies that there’s more to cybersecurity than preventing hacker disruption. When a company is confident it can prevent disruption, this enables minds to focus on everything else. “It’s critically important that we stop thinking about security as a defense-centric approach that is sold by fear, uncertainty and doubt,” Mike Dahn, head of data security for payments firm Square ( SQ ), said in Cisco’s survey results press release. “We need to start thinking about security as an enablement of innovation that actually helps the business go forward.” Cisco stock touched a nearly one-year low of 22.46 in early February, but it has been on an upswing recently. Cisco closed Monday at 27.62, down a fraction. In the meantime, cybersecurity continues to be top of mind. By executive order, the U.S. Commerce Department will host its first Commission on Enhancing National Cybersecurity meeting on Thursday in Washington, D.C.

5 ETFs To Buy If Oil Stays At $40

Finally, oil jolted higher in the April 8 week to near $40/barrel, snapping a drawn-out downtrend. The WTI crude oil fund, the United States Oil ETF (NYSEARCA: USO ), added about 7.5% in the last five trading sessions (as of April 8, 2016), and Brent crude oil fund, the United States Brent Oil ETF (NYSEARCA: BNO ), tacked on about 8.1% gains during the same time frame. The impressive gains were prompted by the impending OPEC-Russia meeting in Doha on April 17 to talk about an output freeze and a decline in U.S. stockpiles. As per the U.S. Energy Department’s weekly inventory release, crude stockpiles reported a surprise reduction from their all-time high levels. The report released last week showed that crude inventories fell by 4.94 million barrels for the week ending April 1, 2016, beating the expectation of a rise in inventory by 2.9 million barrels . While many are not too hopeful about a game-changing outcome at the Doha meeting, the fact is that inventory levels are finally declining . U.S. energy firms used a lesser number of oil rigs for the third successive week to touch ” the lowest level since November 2009″. If this is not enough, the demand scenario should improve in the days ahead on easy money policies in most developed countries. Since the oil patch has been under pressure since mid-2014, the time of rebalancing should approach fast. Added to this, the U.S. dollar is expected to remain benign for a few more days, as the Fed is in no hurry to hike interest rates. This, in turn, should buoy most commodity prices, including oil. Given the newfound optimism in the oil patch, many investors have turned bullish on the energy sector. While playing oil ETFs is always an option, there are other corners as well that are linked to the commodity oil and are likely to bounce back along with the oil price. Below, we highlight five mixed ways which could be profitable if oil price hovers around the $40 level. Leveraged Oil – Direxion Daily Energy Bull 3x Shares ETF (NYSEARCA: ERX ) This fund creates a triple (3x or 300%) leveraged long position in the S&P Energy Select Sector Index while charging 95 bps in fees a year. It is a popular and liquid option in the energy leveraged space with AUM of $507.6 million and average trading volume of 6.2 million shares. The ETF gained 6.8% in the last five trading days (as of April 8, 2016) and added about 6.2% on April 8. Energy E&P – SPDR S&P Oil & Gas Exploration & Production ETF (NYSEARCA: XOP ) This fund holds 60 oil & gas exploration and production stocks in its portfolio. It is well-diversified across its holdings, with none of the companies accounting for more than 2.25% of total assets. The ETF has been able to manage $1.93 billion in its asset base. It charges 35 bps in annual fees and expenses. The product gained 5.2% in the last five trading days and was up 3.7% on April 8. It has a Zacks ETF Rank #5 (Strong Sell) (see all energy ETFs here ). Russia – Market Vectors Russia ETF (NYSEARCA: RSX ) The Russian economy may not be in a great shape, having shrunk 3.7 % in 2015. But an oil price recovery could bring good luck to Russia investing. Oil is seemingly the main commodity of the nation, and thus, drives the economy’s revenue to a great extent. RSX is the most popular and liquid option in the space, with an asset base of $1.90 billion and average trading volume of more than 13 million shares a day. The energy sector accounts for about 40% of RSX, which charges 61 basis points in expense fees. The Zacks ETF #3 (Hold) fund advanced about 0.9% in the last five trading days (as of April 8, 2016) and added about 2.5% on April 8. Norway – Global X MSCI Norway ETF (NYSEARCA: NORW ) Norway is among the top 10 nations among oil exporters, and the commodity forms an integral part of the country’s GDP. The most popular way to play the country is with NORW. The product charges investors 50 basis points a year in fees. Norwegian oil giant Statoil (NYSE: STO ) accounts for about 15% of the portfolio alone, suggesting a heavy concentration. NORW added 2.8% on April 8, 2016. The fund has a Zacks ETF Rank #3. Canada – iShares MSCI Canada ETF (NYSEARCA: EWC ) Canada is also among the world’s top oil producers. The best way to invest in Canada is through EWC, a product that has nearly $2.59 billion in assets. The fund holds just under 95 stocks in its basket. Energy makes up a huge chunk of its assets, accounting for one-fifth of the total. The fund was off about 0.4% in the last five trading sessions, but returned about 2.1% on April 8. It has a Zacks ETF Rank #3. Original Post