News by Professionals 4 Professionals

Vermont

Reference Library – USA – Vermont

Vermont says job databank compromised

MONTPELIER, Vt. (AP) — The Vermont Department of Labor says a job database used by the state has been compromised by malicious software. Officials said Wednesday that the breach of America’s Job Link Alliance, a provider of a nationwide web-based database Joblink, has been fixed and it’s unknown at this time if any personal information was extracted. They say it’s unknown whether the malicious software was deliberately or unintentionally introduced.

The state says analysts are working to determine if any accounts containing names and possibly Social Security numbers were compromised.

The state is advising users of Joblink to review bank, credit card and debit card account statements and report any suspicious activity to their bank or credit card company.

AP-WF-03-22-17 1522GMT

Muslim leader breaks ground at VT Democrats

Muslim Leader Breaks Ground At VT DemocratsBuy Photo

Faisal Gill is the new interim chairman of the Vermont Democratic Party and the first Muslim to lead a major state party. (Photo: RYAN MERCER/FREE PRESS)Buy Photo

When Faisal Gill was running for state office in Virginia, he had a hard time convincing people he was the Republican candidate. Gill, who was born in Pakistan and raised in the United States, said people would make assumptions about his politics based on his appearance and Muslim faith.

They open the door, and they go, Oh sorry, I vote Republican, Gill recalled, adding later, If you re a minority, you re going to feel uncomfortable in the Republican party.”

He lost that 2007 election and, after losing common ground with Republican policies, left the party altogether to become a Democrat. Gill moved to Winooski, where his immigrant background and Muslim faith continue to undergird his political career, with new importance under the anti-Muslim rhetoric and policies of President Donald Trump. Gill was elected this month as the new chairman of the Vermont Democratic Party. He believes he is the first Muslim in the United States to ever lead a state political party.

Nadeem Mazen, the founder of a Massachusetts-based organization working to get Muslims and minorities involved in community organizing and civic life, was unable to confirm that Gill is the first state party leader but said it’s “almost certainly true.” Mazen said Muslims are underrepresented in politics, but he believes that in the wake of Trump’s election, people on the political left are more likely than before to recognize and disregard Islamophobia.

“When Donald Trump sees me all he sees is a terrorist,” Gill said at a February pro-refugee rally in Montpelier, according to an Associated Press report. Well, I say you’re the terrorist, you’re the one preaching terror, you’re the one preaching violence, you’re the one preaching hate, he said of Trump. Tim Jerman, vice-chairman of the party and Gill s personal friend, said some Democrats supported Gill to send a message about diversity and inclusion to Trump and national politicians.

He is a symbol, said Jerman, of Essex Junction. He doesn t mind being in that position. He s pretty vocal about it. Overall, Gill says he has experienced more pushback in Vermont for being a former Republican than for being Muslim.

From Pakistan to Winooski

Gill, 44, is affable, well-spoken and seems never to take offense at people who attack him online by picking apart his past associations and statements.

“What we need to do right now is we need to win the hearts and minds of people as a Muslim community,” Gill said in an interview this week. “You know, laws aren t going to change it. There is a lot of angst in the American community about Muslims. Are they loyal? Are they real Americans? Do they really view this as their country and not, you know, just here for a little bit or still have their allegiances to their previous countries? Those are all fair questions. They re all fair questions. And I think what they need to see, what Americans need to see, is we are. We are absolutely loyal to this country.”

After immigrating from Pakistan with his family at 8 years old, Gill was raised in a lower-income immigrant neighborhood in northern Virginia outside Washington, D.C., where his father worked as a cab driver. Gill says he was “moving with a bad crowd” in high school and at age 17 his girlfriend became pregnant with his oldest child.

“I was a complete statistic,” Gill said. “So had I not gone to college, I would have either been driving a cab or doing something of that sort.”

He attended community college, then American University, then law school, and joined the U.S. Navy as a lawyer in the JAG corps. After the terror attacks of Sept. 11, 2001, Gill became a spokesman for Muslim groups, then joined the Bush administration in the Office of Homeland Security and Department of Homeland Security. Gill came under scrutiny in 2004 when news reports said he filled out a security clearance form without disclosing his prior work as a spokesman for the American Muslim Council, a now-defunct group whose founder, Abdurahman Alamoudi, was later convicted for financial involvement in a plot to kill the Saudi crown prince. Gill says he was cleared of any wrongdoing in the security clearance form because he worked for the American Muslim Council as a contractor, not an employee, and had disclosed the association on a separate ethics form.

“I didn t mislead. I didn t lie,” Gill said.

In 2014, documents released by Edward Snowden showed that the National Security Agency had monitored Gill’s emails from 2006 to 2008, the time period that included his campaign for office in Virginia. Gill believes he was targeted because of his Muslim faith[1].

Muslim Leader Breaks Ground At VT DemocratsBuy Photo

A photo President Barack Obama and Faisal Gill at Gill’s office on Church Street in Burlington. (Photo: RYAN MERCER/FREE PRESS)

The incidents and controversies continue to follow Gill online; when he was elected this month as chairman of the Vermont Democratic Party, a right-wing news website posted an alarming headline: “An FBI-investigated Islamist takes over the Vermont Democrats.”

Jerman, the vice-chairman of the party, said Gill has been forthcoming about his past and has been vetted numerous times, including during his state senate campaign. He and Gill are accustomed to negativity.

Generally, our response is call him up and talk to him about it, Jerman said. Today Gill runs a small corporate law firm from a Church Street office, representing information technology companies and others seeking government contracts in Washington. Gill and business partners also own a trucking company, Gill Transit, and an investment company, Gill Investment Group. He teaches a class at the Community College of Vermont, serves on the state Board of Medical Practice and the board of the advocacy group Justice for All. He supported a lawsuit[2] over the basing of F-35 fighter jets at the Vermont Air National Guard in 2015. He lost a state senate campaign last fall and became the Democratic Party’s Chittenden County chairman.

In about five years in Vermont, Gill has quickly acclimated to state politics. He walked the halls of the Vermont Statehouse on Tuesday afternoon, huddling with Democratic Executive Director Conor Casey and shaking hands with fellow Democrats.

Muslim Leader Breaks Ground At VT DemocratsBuy Photo

Faisal Gill is the new interim chairman of the Vermont Democratic Party and the first Muslim to lead a major state party. (Photo: RYAN MERCER/FREE PRESS)

Looking to 2018

Gill will serve as Democratic chairman until at least November, when he expects to seek another term in leadership. He wants to use his position to focus Democrats on lifting low-income Vermonters into the middle class through policies such as tuition-free public college, single-payer health care and paid family leave.

“People have been sending me emails and stuff about how they re disenchanted with the party,” Gill said. “You hear that on the national level, and you also hear that on the state level.”

Gill will try to draw people back into the Democratic Party, build party organization, cultivate candidates, and speak out on state issues while continuing to speak about national politics in opposition to Trump. Jerman, the vice-chairman, said party fundraising will be a particular challenge. Political parties are no longer able to solicit money from lobbyists during the legislative session, which Jerman says has limited traditional fundraising, and the new small-donations fundraising model popularized by Sen. Bernie Sanders is labor-intensive.

He s coming in at a very difficult time for the Democratic Party, Jerman said. There s no sugar coating. Much of Gill s work will focus on how to position Democrats to retake the governor s seat from Republican Gov. Phil Scott in 2018. The Democratic candidate last year, Sue Minter, was defeated by about 8 percentage points.

We need to have a clearer message, Gill said. We need to let Vermonters know that we are the party that does speak for the working person, does speak for the middle class. Maybe we didn t do a good enough job of getting that out in 2016.

Muslim Leader Breaks Ground At VT DemocratsBuy Photo

Faisal Gill is the new interim chairman of the Vermont Democratic Party and the first Muslim to lead a major state party. (Photo: RYAN MERCER/FREE PRESS)

Contact April McCullum at 802-660-1863 or [email protected] Follow her on Twitter at @April_McCullum[3].
Do you have a breaking news tip? Call us at 802-660-6500 or send us a post on Facebook or Twitter using #BFPTips.

Read or Share this story: http://bfpne.ws/2mQmZgu

References

  1. ^ his Muslim faith (www.cnn.com)
  2. ^ a lawsuit (www.burlingtonfreepress.com)
  3. ^ @April_McCullum (twitter.com)

New Mexico Set to Be 48th State with Breach Notification Law

Breach Notification , Data Breach , Legislation[1][2][3]

Gov. Susana Martinez Expected to Sign Measure Soon Eric Chabrow (GovInfoSecurity) March 21, 2017 [4][5] New Mexico Set To Be 48th State With Breach Notification Law Floor of the New Mexico Senate. (Photo: Arianna Sena/Creative Commons)

New Mexico is on the cusp of becoming the 48th state to enact a data breach notification law, which would leave Alabama and South Dakota as the only states without such a statute.

See Also: Three and a Half Crimeware Trends to Watch in 2017[6]

The New Mexico Senate on March 15 passed the Data Breach Notification Act[7], or HB 15, by a 40-0 vote and sent the bill to Gov. Susana Martinez for her signature. The House approved the bill by a 68-0 margin on Feb. 15. A gubernatorial spokesman says Martinez is reviewing the legislation and has 20 days from passage to decide whether to approve it. The bill’s sponsor, Rep. Bill Rehm, says he believes his fellow Republican will sign the measure. What took New Mexico so long to enact a data breach notification[8] law? Resistance from some businesses was a key factor, says Mark Medley, who runs ID Theft Resolutions, a not-for-profit organization that supports New Mexicans victimized by identity theft[9]. “Lobbyists who didn’t want it [the bill’s passage] are very strong and influential in Santa Fe,” Medley says.

To win passage this year, Rehm says he worked closely with business representatives, seeking compromises on specific provisions. For instance, earlier data breach notification bills that failed to win passage included a provision that breached organization had only 30 days to notify victims. The law passed this year gives organizations 45 days to issue notification.

Protecting PII

New Mexico’s law, if enacted, would require businesses operating in the state to take reasonable security procedures to safeguard personally identifiable information. Unlike Massachusetts’ law, the New Mexico measure is not prescriptive, giving much latitude to businesses to decide how best to protect PII. The measure also would require organizations to notify the state attorney general if more than 1,000 New Mexicans fell victim to a breach. Breached organizations must notify individuals “in the most expedient time possible, but not later than 45 days following discovery of the security breach,” according to an analysis of bill by the law firm Baker Hostetler[10]. Organizations would be exempt from notification if, after an investigation, it’s determined the breach didn’t pose a significant risk of identity theft or fraud.

Like notification laws in many other states, organizations would be exempt from complying with the New Mexico statute if they must comply with the Gramm-Leach-Bliley Act that governs financial institutions handling private information or the Health Insurance Portability and Accountability Act that regulates patient information. The New Mexico measure would require organizations to provide breach victims with advice on how to access personal account statements and credit reports to detect errors resulting from the security breach and also inform them of their rights under the Fair Credit Reporting and Identity Security Act.

Complicated Landscape

Besides 47 states, the District of Columbia and three territories also have data breach notification laws on the books.

“No two state data breach notification laws are alike, and this can create a complicated landscape for privacy teams working to assess privacy incidents and remain compliant across multiple jurisdictions,” says Alan Wall, senior counsel and global privacy officer at Radar, a company that provides online incident response management service. “The nuances of state penalties for noncompliance with data breach laws can have very real impacts on a privacy team already spread thin dealing with a data breach.”

Such concerns have been behind calls for Congress to enact a federal statute to establish a single data breach notification standard that supersedes state laws. But efforts since 2008 to enact such a law have faltered (see Single US Breach Notification Law: Stalled[11]). A national data breach notification law would simplify reporting breaches to law enforcement, citizens and consumers because organizations would only have to follow one set of rules, rather than a patchwork of state requirements.

But a federal data breach notification requirement – at least in the eyes of some consumer advocates – could potentially weaken security safeguards found in some state laws (see Barriers to a Breach Notification Law[12]). For example, Massachusetts’ and California’s data breach notification laws contain prescriptive security processes that likely would not be included in a federal law.

In testimony before Congress in 2015, Massachusetts Assistant Attorney General Sara Cable argued that pre-empting state laws could “represent significant retraction of existing protections for consumers at a time when such protections are imperative.”

No legislation[13] calling for a national data breach notification requirement has been introduced in Congress this year, according to a search of Congress.gov. “Now we play the waiting game for either state No. 49 to throw its hat into the notification ring or the federal government to pass a law that would unify notification obligations across all states,” says Erich Falke, a partner at the law firm Baker Hostetler who specializes in data privacy and data protection. “I’m not holding my breath for the latter.”

References

  1. ^ Breach Notification (www.bankinfosecurity.com)
  2. ^ Data Breach (www.bankinfosecurity.com)
  3. ^ Legislation (www.bankinfosecurity.com)
  4. ^ Eric Chabrow (www.bankinfosecurity.com)
  5. ^ GovInfoSecurity (www.twitter.com)
  6. ^ Three and a Half Crimeware Trends to Watch in 2017 (www.bankinfosecurity.com)
  7. ^ Data Breach Notification Act (www.nmlegis.gov)
  8. ^ data breach notification (www.bankinfosecurity.com)
  9. ^ identity theft (www.bankinfosecurity.com)
  10. ^ Baker Hostetler (www.jdsupra.com)
  11. ^ Single US Breach Notification Law: Stalled (www.bankinfosecurity.com)
  12. ^ Barriers to a Breach Notification Law (www.bankinfosecurity.com)
  13. ^ legislation (www.bankinfosecurity.com)