The verdict against Los Angeles County (for the sharing by first responders of photos of the tragic accident which took the lives of Kobe and Gianna Bryant and companions) raises important data security, privacy and compliance issues.

Josh Bohls, Founder and President of Inkscreen weighed in on the privacy and compliance implications of the situation.

“This is a major but under-examined data security, HIPAA compliance and privacy issue. Law enforcement and first responders to a crime scene should understand that the photos, videos, and evidence they capture and collect are extremely sensitive on multiple levels. In a sensational case such as the tragic loss of Kobe and Gianna Bryant and their companions, the stakes are even higher. We can hope that the judgement to award mother and widow Vanessa Bryant and other families who experienced this tragic loss will ultimately spur some change both in policy and in the technical way that digital evidence is captured, managed, and protected.

The fact is that we’re now 15 years into the smart mobile and social networking era, and the data leakage prevention (DLP) technology and applications to ensure content can be securely captured and managed, and that prevents unauthorized sharing of photos, documents and other sensitive data on responders’ personal devices has existed for at least 10 years. Every Federal, state and local first responder agency should mandate the use of such technology. It’s a safe guess that 99.99% of responders would never dream of violating a victim’s or family’s privacy at their most tragic moments, but how many of that .001% does that leave to do such social harm?

Mrs. Bryant and all who lost loved ones in this accident have suffered immeasurable loss. Whether intended or not, Mrs. Bryan has emerged as a voice for the otherwise voiceless parents and loved ones of victims whose anguish is compounded every time their loved one’s image is shared or re-shared. And once those images are ‘in the wild’ re-sharing by non-responders is all but inevitable. Incredibly sad – but so easily preventable.”

This post appeared first on EnterpriseSecurityTech.com

This month we released CAPTOR (iOS) v4.0.6. This is a packed release! Let’s dive into the details:

Pause & Restart Audio Recording.

CAPTOR users can now pause audio recordings. This comes in handy if you are recording a meeting that is interrupted, or if you have a section of audio you want to omit from the recording.

Simply tap the Pause button that appears once you start the recording. Even though the recording is paused, the app will maintain an active session and prevent the device from going to sleep.

To restart the recording, tap the Play button. You will immediately see the timer and the visual waveform restart.

To finalize and end the recording, tap the red circle and wait for the thumbnail to generate in the lower left corner of the screen.

If you want to trim the beginning or end of the audio recording, tap the thumbnail and then tap the Trim button. When you finish trimming, tap Save and select to either Trim Original or Save as a New Clip.

Pro Tip: From the audio playback screen, tap the Info button to find the transcript of the recording. You can copy and paste this transcript to other managed apps.

This release also includes two new app config options. If you are the IT Administrator of CAPTOR, please consider adding these configurations:

Backup PDF Page Size. CAPTOR now supports setting US or European standard document aspect ratios for documents processed through the backup service. The app has always supported this in the normal sharing process - an app user could select US Letter, for example, when sharing/exporting a document to attach to an email. The resulting document is better formatted for printing and viewing. If the config is set to “US”, the system will apply either US Letter or US Legal aspect ratios based on the general dimensions of the page. If the config is set to “EU”, the system will apply A4 or A5 aspect ratios. For all UEM systems that utilize key/value pairs, the key is “backuppdfpagesize” with value “us” or “eu”. For Blackberry UEM, the new configuration will appear in the Backup tab of the app configuration.

Watermark Time/Date Stamp. CAPTOR now supports adding a time and date stamp to the watermark on photos and document pages. This time stamp indicates when the content was originally captured, and would appear diagonally beneath the existing watermark.

To enable this feature, you must already have the watermark configured. For key/value pair configurations, enter key “watermarktimedate” with value “True”.

For BlackBerry administrators, this config will appear beneath the existing Watermark configuration.

Finally, this release includes the following changes:

SMB Backups: Improvements to SMB backup validation, stability, and error handling.

Microsoft InTune App Protection Policy Adherence: Some combinations of app protection policies created conflicts in how CAPTOR handled content sharing, copy/paste, etc. This is now resolve.

EMM SDK Updates: CAPTOR for BlackBerry now integrates BlackBerry Dynamics SDK v10.2.0.82. CAPTOR for InTune now integrated Microsoft InTune SDK v16.0.3.

New Start-up Experience: New users will now be presented with a welcome screen explaining how CAPTOR is managed by their company’s IT department, with links to help guides and support contacts.

Earlier this year the Swedish Customs service, Tullverket, was issued a SEK 300,000 fine by the Privacy Protection Authority for GDPR violations stemming from employees’ inappropriate use of Google Photos.

As far as we can tell the employees were not doing anything malicious. In fact, they were simply trying to do their jobs and remain productive. They likely found Google Photos to be an easy way to store and share photos, and since the organization did not provide restrictions on the service, or better provide a secure managed alternative service, the employees took matters into their own hands.

This fine equates to around USD $29,000 or EURO €28,000, and more importantly opens the door for further investigations into IT policies and privacy practices of the Customs service.

The CAPTOR solution would have been an ideal way to avoid these sanctions. CAPTOR is deployed as a managed camera app, with detailed controls on what employees can do with the photos they capture at work. An organization can set up their own private photo storage servers and avoid having any of the content drifting unprotected in the cloud or found on US-based servers. Additionally, IT could impose guardrails on how the photos and other captured content can be shared, restricting to certain apps or attachments to only corporate email accounts.

If your organization is subjected to privacy laws such as GDPR, or subjected to other regulatory guidelines on how photos are managed, please request a free trial of CAPTOR and we can work together on a solution.