Tag Archives: fbi

New Idea for Active Shooter Incidents

Active shooter events in the U.S., unfortunately, are becoming more frequent — so much so that the Wall Street Journal reported this week that school districts are stepping up purchases of insurance against such events. The incidents raise many questions, and a persistent one in a legal context is, “Should anyone besides the shooter be held liable?”

According to the Federal Bureau of Investigation, between 2000 and 2017 there were 250 active shooter incidents. They resulted in 799 victim deaths and 1,418 wounded. Often, victims and their families understandably seek to hold someone other than the shooter accountable for failing to prevent these acts of criminality or terrorism. Although this type of litigation is always emotionally charged, the legal concepts of foreseeability, duty and reasonable care are the key factors used to determine liability.

In litigation, the concepts generally mean that allegations of liability must be supported by “expert” testimony. Such opinions are formed by using post-event knowledge to reverse engineer some preventative measure that would have allegedly prevented a particular incident.

Of course, the entity alleged to be liable is being judged for its pre-event actions and “failing to act reasonably” in the context of a threat environment that includes countless potential risks. Unlike a government, private entities must assess these risks without access to the intelligence that only governments possess and without a government’s resources and legal authority to implement an unlimited number of countermeasures. Governments are frequently held to be immune from similar lawsuits, so one can reasonably ask whether it is fair and just for private entities to be subject to a disparate legal standard.

See also: Active Shooter Scenarios

While there may be some cases where liability may properly attach, perhaps it’s time to consider whether concepts of crime victim compensation funds and victim compensation funds similar to that enacted after the 9/11 attacks should be used to provide compensation to victims of mass shootings.

Creating a similar fund for individual victims of active shooting incidents could address multiple challenges. Victims could gain compensation quickly and without the financial and emotional expense of litigation. Defendants who had no involvement in the shooting could be spared the costs of defending lawsuits. By authorizing a fund to accept claims over several years, individuals with latent physical injuries or illnesses that take time to develop also could be compensated.

Risk cannot be eliminated

Thinking about long-term solutions to address the issue of compensation for persons injured or killed by acts of mass violence is important. The real world is not like a post-event lawsuit that focuses only on whether a particular location could have been made “safer.” In the real world, the question is really whether the world itself can be made safer.

FBI data shows that the vast majority of active shootings 2000-2017 happened in locations that are open to public access:

  • Commerce (businesses, shopping malls), 42% of active shooting events
  • Schools (pre-K to 12, institutions of higher education), 21%
  • Open space, 14%
  • Government, 10%
  • Residences, 4.8%
  • Houses of worship, 4%
  • Healthcare facilities, 4%

If active shooter litigation continues to propagate, more and more security measures are bound to be imposed by either governmental or private entities. The risk will never be completely eliminated, but the way we live and interact with each other necessarily will. And the cost for doing so will have additional ripple effects that may have profound effects on all our daily and heretofore routine activities.

See also: The New Face of Preparedness  

There are no perfect solutions for the societal problem of shootings, but we ought to fix what we can. Sparing victims the burden of litigation and providing fund-based compensation seems to be a logical approach to consider.

Why Small Firms Need Cyber Coverage

There’s barely a week that goes by without some sort of cyber security incident — a system hack, a data breach, putting thousands if not millions of people’s personal information at risk. Although big corporations generate the most headlines, the reality is that small and mid-sized businesses are equally, if not more, vulnerable to cyber attacks.

Smaller organizations don’t have the resources to put up firewalls or deploy high-powered system monitoring software that larger firms can afford. Like the house on the block with an open window and no burglar alarm installed, these businesses are easy prey for hackers, and they’re getting hacked more often than you think.

According to IBM, small and mid-sized businesses are hit by 62% of all cyber attacks, at a rate of 4,000 per day. A more sobering statistic? Sixty percent of small businesses go out of business within six months of a breach.

As insurance professionals, we have the opportunity to change that outcome. Although we can’t deter the cyber thieves from striking, we can help our business customers protect themselves by effectively educating them on their risks and providing the cyber liability coverage they need.

See also: Why Buy Cyber and Privacy Liability. . .  

A Quick 411 on Cyber Liability Coverage

The good news is, there are 20 or more cyber liability carriers in the marketplace today, which keeps pricing low for budget-conscious business owners. Typically, every million dollars of protection, for a company that has never been hacked, runs about $2,500 per year. That’s well within most businesses’ budgets.

However, not all policies are created equal.

It’s critical for insurance professionals to spend time educating themselves on the details of what each policy offers before heading off to sell. This ensures that you offer the best solution to each of your customers and can adequately review any coverage they currently have for gaps.

Cyber liability policies should always include coverage for the following:

Notification Costs and Credit Monitoring

Most states require companies to inform anyone affected by the breach of personally identifiable information in a timely manner, and offer credit monitoring for the 12 months following the incident. Typically, businesses have to set up call centers to answer frequently asked questions, as well. A good cyber policy should cover all of these costs.

Cyber Extortion

According to the FBI, the incidence of ransomware attacks is on the rise. This attack typically begins when an employee clicks on a legitimate-looking email attachment. That one click releases malware that locks digital files until the company pays a ransom to release them. Unless the company pays the tens of thousands of dollars that hackers demand, businesses could lose proprietary information, product schematics, customer orders and other sensitive information. The right policy will help cover the cost of payments to extortionists, as that’s typically the only way to get the data back.

Business Interruption

If the company’s systems are compromised, hackers encrypt company software or overload Web servers to block legitimate orders, and business comes to a screeching halt. Think about the financial impact a day or a week down could have on a small e-commerce company, a CPA firm or manufacturing operation if they’re not adequately covered for the loss.

Public Relations

One hack can ruin a local business’s reputation in a heartbeat. If a breach occurs, that company has to hire an experienced public relations team to explain what they’re doing to protect the affected individuals and mitigate reputational risk associated with the breach.

Forensics Costs

Finally, and perhaps most significantly, a cyber liability policy should cover forensics — hiring computer technologists to come in and identify where and how the breach occurred, and how big the impact was. It’s important to note that this is typically the biggest cost associated with a breach, and the most frequently exhausted limit in cyber liability policies. So, it’s important to make sure the policy you recommend provides adequate coverage in this area.

Explaining Cyber Insurance to Your Customers

The most effective way to talk to your customers about cyber liability insurance is to show them their exposures. Typically, small and mid-sized businesses don’t think of themselves as being at risk. For example, a restaurant owner might believe that, by using a third-party payment card processor, her business is protected. The reality is: Her patrons don’t care who processes her transactions. They come to her restaurant, eat her food and hand her servers their credit cards. The place where people do business is going to get the blame — and be the one liable for the costs.

It’s not just retailers and restaurants that are at risk. Any company with personally identifiable information – Social Security numbers, health records or employee data – is exposed. With the average cost-per-compromised record averaging $221, the more records a company has, the more exposure it has. When you explain that one incident could cost a smaller business $50,000 or $100,000 to rectify, the value of paying a few thousand dollars a year for cyber liability insurance becomes very clear.

See also: Cyber Attacks Shift to Small Businesses  

In addition to being affordable, cyber policies are quick and easy to get — if the business hasn’t been hacked before. For most carriers, it’s a one-page application that asks basic questions to find out if the company has a firewall, antivirus software and encryption, as well as its use of mobile devices. Typically, you can get a quote in an hour or less, issue the policy and be on your way. Just as important, your customers will know that you’re looking out for their best interests.

If I can leave you with one thought, it’s this: In this technology-reliant world, every business has a target on its proverbial back. If some form of cyber-attack hasn’t affected your customers yet, there’s a high probability that they’ll get hit in the near future. No business is too small, and no one is immune.

With the right cyber liability coverage, your business customers will be prepared for the inevitable breach — and have the protection they need to survive it.

Hacking the Human: Social Engineering

Virtually every business relies on a network to conduct its daily operations. This often involves the collection, storage, transfer and eventual disposal of sensitive data. Securing that data continues to be a challenge for organizations of all sizes and across multiple business sectors. Social Security numbers, W-2 forms, payment cards and intellectual property have significant value on the black market and provide motivation for hackers to steal.

Many corporate IT departments respond to these threats by devoting vast amounts of resources to technological defenses. Criminal perpetrators, however, seem to remain one step ahead of even the best cybersecurity efforts. They have altered their strategies by perpetrating human-based fraud. One emerging tactic involves what we have come to know as “social engineering.” This type of fraud occurs in a multi-stage process. Criminals first gather information, form relationships with key people and finally execute their plan.

By exploiting our natural tendencies to trust others, criminals have been highly successful in convincing people to hand over some of their most valuable data assets. In fact, according to the FBI, from October 2013 to August 2015, more than 8,000 social engineering victims from across the U.S. were defrauded of almost $800 million (the average loss amounted to $130,000.)

See also: Dark Web and Other Scary Cyber Trends

There are several methods of social engineering that are seen frequently, including the following seven:

  • ­Bogus Invoice: A business that has a long-standing relationship with a supplier is asked to wire funds to pay an invoice to an alternate, fraudulent account via email. The email request appears very similar to one from a legitimate account and would need scrutiny to determine if it was fraudulent.
  • ­Business Executive Fraud/Email Phishing: The email accounts of high-level business executives (CEO, CFO, etc.) may be mimicked or hacked. A request for a wire transfer or other sensitive information from the compromised email account is made to someone responsible for processing transfers. The demand is often made in an urgent or time-sensitive manner.
  • ­Interactive Voice Response/Phone Phishing (aka “vishing”): Using automation to replicate a legitimate-sounding message that appears to come from a bank or other financial institution and directs the recipient to respond to “verify” confidential information.
  • ­Dumpster Diving and Forensic Recovery: Sensitive information is collected from discarded materials — such as old computer equipment, printers, paper files, etc.
  • ­Baiting: Malware-infected removable media, such as USB drives, are left at a location where an employee may find them. When an employee attaches the USB to her computer, criminals can ex-filtrate valuable data.
  • ­Tailgating: Criminals gain unauthorized access to company premises by following closely behind an employee entering a facility or by presenting themselves as someone who has official business with the company.
  • ­Diversion: Misdirecting a courier or transport company and arranging for a package/delivery to be taken to another location.

How to avoid being defrauded in the first place:

Given the rising incidence of social engineering fraud, all companies should implement basic risk avoidance measures, including these eight:

  • Educate your employees so they can learn to be vigilant and recognize fraudulent behavior;
  • Establish a procedure requiring any request for funds or information transfer to be confirmed in person or via phone by the individual supposedly making the request.
  • Consider two-factor authorization for high-level IT and financial security functions and dual signatures on wire transfers greater than a certain threshold.
  • Avoid free web-based email and establish a private company domain, and use it to create valid email accounts in lieu of free, web-based accounts.
  • Be careful of what is posted to social media and company websites, especially job duties/descriptions, hierarchical information and out-of-office details.
  • Do not open spam or unsolicited email from unknown parties, and do not click on links in the email. These often contain malware that will give subjects access to your computer system.
  • Do not use the “reply” option to respond to any financial emails. Instead, use the “forward” option and use the correct email address or select it from the email address book to ensure the intended recipient’s correct email address is used.
  • Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via a personal email address when all previous official correspondence has been on a company email, the request could be fraudulent.

Despite these efforts, organizations can still fall victim to a social engineering scheme. These incidents can be reported to the joint FBI/National White Collar Crime Center – Internet Crime Complaint Center (IC3) at www.ic3.gov.

See also: Best Practices in Cyber Security

The initial concern after such an event often focuses on the amount of stolen funds. However, there could be an even greater threat because these incidents often involve the compromise of personally identifiable information, which can later be used for identity thefts from multiple people. This prospect for more theft will often trigger legal obligations to investigate the matter and to communicate to affected individuals and regulators. The thefts often then lead to litigation and significant financial and reputational harm to businesses. Costs can include fines, legal fees, IT forensics costs, credit monitoring services for affected individuals, mailing and call center fees and public relations costs.

Fortunately, the insurance industry has developed insurance policies that can transfer these risks. Crime insurance policies can cover fraudulent funds transfers, while cyber insurance policies may cover costs related to unauthorized access of personally identifiable information. However, the insurance buyer needs to be wary of various policy terms and coverage limitations. For example, some crime policies can contain exclusionary language for cases involving voluntary transfer of funds, even though they were unknowingly transferred to a criminal. Other insurers might add policy language to crime policies to cover this situation.

Cyber insurance policies can be customized to offer coverage for the following:

  • ­Network Security Liability: Liability to a third party as a result of a failure of your network security to protect against destruction, deletion or corruption of a third party’s electronic data; denial of service attacks against Internet sites or computers; or transmission of viruses to third-party computers and systems.
  • Privacy Liability: Liability to a third party as a result of the disclosure of confidential information collected or handled by you or under your care, custody or control. Includes coverage for your vicarious liability where a vendor loses information that had been entrusted to it in the normal course of business.
  • Electronic Media Content Liability: Coverage for personal injury and trademark and copyright claims arising out of creation and dissemination of electronic content.
  • Regulatory Defense and Penalties: Coverage for costs associated with response to a regulatory proceeding resulting from an alleged violation of privacy law causing a security breach.
  • Breach Event Expenses: Expenses to comply with privacy regulations, such as notification and credit monitoring services for affected customers. This also includes expenses incurred in retaining a crisis management firm, outside counsel and forensic investigator.
  • Cyber Extortion: Payments made to cybercriminals to decrypt data that has been encrypted by ransomware.
  • Network Business Interruption: Reimbursement of your loss of income or extra expense resulting from an interruption or suspension of computer systems because of a failure of network security or system failure. Includes sub-limited coverage for dependent business interruption.
  • Data Asset Protection: Recovery of costs and expenses you incur to restore, recreate or recollect your data and other intangible assets (i.e., software applications) that are corrupted or destroyed by a computer attack.

In summary, businesses need to be vigilant in addressing the ever-evolving risks related to their most valuable assets. The most effective risk management plans aim to prevent social engineering fraud incidents from happening and to mitigate the damages if they do. Turning your employees from your weakest link into your greatest assets in the battle is one way; risk transfer to insurance products is another.

IRS Is Stepping Up Anti-Fraud Measures

The Internal Revenue Service is taking as long as 21 days to review tax returns, according to research from fraud prevention vendor iovation, a clear sign that Uncle Sam has stepped up anti-fraud measures.

Even so, tax return scams that pivot off stolen identity data continue to rise for the third consecutive tax season. The latest twist: Tax scammers are increasingly targeting vulnerable populations—low-income, children, seniors and homeless—as well as prisoners, overseas military personnel and the deceased, according to an FBI alert.

Complimentary webinar: How identity theft protection has become a must-have employee benefit

And criminals have gotten very creative about conducting phishing campaigns to fool individual consumers—and key employees at targeted companies—into handing over personal tax-related information, useful for filing fake returns.

Tax software vulnerable

The FBI also says criminals often use online tax software to commit the fraud. That’s particularly troubling, considering what the Online Trust Alliance found in a recent audit of free e-filing services approved by the IRS. Of the 13 services audited, about half failed somewhat basic security protocols, such as email authentication and SSL configurations.

craig
Craig Spiezle, Online Trust Alliance executive director

Craig Spiezle, executive director of Online Trust Alliance, says some of the vulnerabilities, such as unsecure sites, are obvious to the casual person, let alone criminals.

“These sites are such high targets, you’d expect 100% of these to be like Fort Knox,” he says. “There’s no perfect security, but you would expect not to see (simple) vulnerabilities.”

Some e-filing sites, for example, had simple server misconfigurations or didn’t have current secure protocols; one provider failed to adopt an extended validation (EV) SSL certificate, leaving it open to spoofing.

Although not everyone is eligible for the free e-filing services that OTA audited, Spiezle says many of the paid e-filing services are run by some of the same parent companies, and thus use much of the same lightly protected infrastructure. He says it would be fair to assume that many of the paid e-filing sites would have the same 46% failure rate as the free e-filing services audited by OTA.

Personal information trades on black market

Even if cyber criminals don’t use stolen tax-related data for filing fraudulent returns, that information is highly valuable on the black market. Spiezle points out that it’s the only place where this type of rich information—such as income, employer, number of dependents, Social Security numbers and even bank accounts—is available all in one swoop.

“All that data that’s amassed is a treasure chest,” he says. “If you want to create a persona of someone’s identity, you have all the data in one place.”

The IRS expects that, this year, 80% of the estimated 150 million individual tax returns will be prepared with tax software and e-filed—and that’s music to fraudsters’ ears.

One typical avenue for cyber thieves is to file returns as early as possible, claiming refunds as large as $1,000 to $4,000 on untraceable prepaid debit cards. They can fly under the radar by filing very generic returns, and those multiple refunds turn into a lucrative operation.

“They have immediate access to that cash, as opposed to credit card fraud where the value is not as high and the delivery is through a retailer, so they have to figure out what to do with those goods,” says Scott Olson, vice president of product at iovation, a provider of device authentication and mobile security solutions.

Phishing, malware skyrocket

According to the Government Accountability Office, the IRS prevented $24 billion in fraudulent tax refunds related to identity theft in 2013, while paying out $5.8 billion in fraudulent refunds that it didn’t discover until a year later. And the number of fraud attempts is on the rise: As of March 25, the IRS reported a 400% increase in phishing and malware incidents related to the 2016 tax season.

Email phishing campaigns include links to web pages requesting personal information, useful for filing fake returns.

These fake pages often imitate an official-looking website, such as IRS.gov or an e-filing service, and also may carry malware, which can turn over control of the victim’s computer to the attacker. This January alone, the IRS counted 1,026 email-related fraud incidents, compared with 254 a year earlier.

Phishing scams also are targeting employers—because criminals know that’s where they can find large caches of income-related information. One growing trend is the so-called business email compromise (also known as “CEO fraud”), a variation of spear phishing. The phisher does deep research on a targeted company, then impersonates a senior executive to get a subordinate to do something.

vidur

Vidur Apparao, chief technology officer at Agari, which offers an email security platform, says malicious attachments and URLs compromised the bulk of spear phishing emails in the past. But what his company is seeing now is phishing ruses aimed at specific employees that leverage trust to get the recipient to take a specific action. Such attacks do not carry any viral attachments or bad URLs that can be detected. Yet they have proven to be very effective at duping the recipient into forwarding files containing employees’ W2 forms.

“Criminals are leveraging the cloud at three separate points, in ways they couldn’t before: developing social engineering content, sending out spear phishing attacks and getting back a response,” he says.

Basic security helps

According to the OTA, 92% of the publicly reported breaches in 2015 could have been prevented. Take email authentication. It’s almost a basic security tool that prevents emails from being spoofed. Those OTA-audited e-filing services that didn’t use it are contributing to the breaches.

“The lack of email authentication or the slow adoption in some cases has led to the prevalence of this easy type of attack,” Apparao says.

Spiezle says people need to be aware that emails and other tactics are becoming more sophisticated, and protect themselves accordingly.

“The problem is that we are all moving so fast, and we have all these devices and desktops—we are multitasking,” he says. “And the criminals play off that, and they’re getting more precise.”

This article was written by Third Certainty’s Rodika Tollefsen.

FBI

Apple v. FBI: Inevitable Conflicts on Tech

The battle between the FBI and Apple over the unlocking of a terrorist’s iPhone will likely require Congress to create legislation. That’s because there really aren’t any existing laws that encompass technologies such as these. The battle is between security and privacy, with Silicon Valley fighting for privacy. The debates in Congress will be ugly, uninformed and emotional. Lawmakers won’t know which side to pick and will flip flop between what lobbyists ask and the public’s fear du jour. Because there is no consensus on what is right or wrong, any decision legislators make today will likely be changed tomorrow.

This fight is a prelude of things to come, not only with encryption technologies but everything from artificial intelligence to drones, robotics and synthetic biology. Technology is moving faster than our ability to understand it, and there is no consensus on what is ethical. It isn’t just that the lawmakers are not well-informed, the originators of the technologies themselves don’t understand the full ramifications of what they are creating. They may take strong positions today based on their emotions and financial interests, but, as they learn more, they, too, will change their views.

Imagine if there was a terror attack in Silicon Valley — at the headquarters of Facebook or Apple. Do you think that Tim Cook or Mark Zuckerberg would continue to put privacy ahead of national security?

It takes decades, sometimes centuries, to reach the type of consensus that is needed to enact the far-reaching legislation that Congress will have to consider. Laws are essentially codified ethics, a consensus that is reached by society on what is right and wrong. This happens only after people understand the issues and have seen the pros and cons.

Consider our laws on privacy. These date back to the late 1800s, when newspapers started publishing gossip. They wrote a series of intrusive stories about Boston lawyer Samuel Warren and his family. This led his law partner, future U.S. Supreme Court Justice Louis Brandeis, to write a Harvard Law Review article, “The Right of Privacy,” which argued for the right to be left alone. This essay laid the foundation of American privacy law, which evolved over 200 years. It also took centuries to create today’s copyright laws, intangible property rights and contract law. All of these followed the development of technologies such as the printing press and steam engine.

Today, technology is progressing on an exponential curve; advances that would take decades now happen in years, sometimes months. Consider that the first iPhone was released in June 2007. It was little more than an iPod with an embedded cell phone. This has evolved into a device that captures our deepest personal secrets, keeps track of our lifestyles and habits and is becoming our health coach and mentor. It was inconceivable just five years ago that there could be such debates about unlocking this device.

A greater privacy risk than the lock on the iPhone are the cameras and sensors that are being placed everywhere. There are cameras on our roads, in public areas and malls and in office buildings. One company just announced that it is partnering with AT&T to track people’s travel patterns and behaviors through their mobile phones so that its billboards can display personalized ads. Even billboards will also include cameras to watch the expressions of passersby.

Cameras often record everything that is happening. Soon there will be cameras looking down at us from drones and in privately owned microsatellites. Our TVs, household appliances and self-driving cars will be watching us. The cars will also keep logs of where we have been and make it possible to piece together who we have met and what we have done — just as our smartphones can already do. These technologies have major security risks and are largely unregulated. Each has its nuances and will require different policy considerations.

The next technology that will surprise, shock and scare the public is gene editing.  CRISPR–Cas9 is a system for engineering genomes that was simultaneously developed by teams of scientists at different universities. This technology, which has become inexpensive enough for labs all over the world to use, allows the editing of genomes—the basic building blocks of life. It holds the promise of providing cures for genetic diseases, creating drought-resistant and high-yield plants and producing new sources of fuel. It can also be used to “edit” the genomes of animals and human beings.

China is leading the way in creating commercial applications for CRISPR, having edited goats, sheep, pigs, monkeys and dogs. It has given them larger muscles and more fur and meat and altered their shapes and sizes. Scientists demonstrated that these traits can be passed to future generations, creating a new species. China sees this editing as a way to feed its billion people and provide it a global advantage.

China has also made progress in creating designer babies. In April 2015, scientists in China revealed that they had tried using CRISPR to edit the genomes of human embryos. Although these embryos could not develop to term, viable embryos could one day be engineered to cure disease or provide desirable traits. The risk is that geneticists with good intentions could mistakenly engineer changes in DNA that generate dangerous mutations and cause painful deaths.

In December 2015, an international group of scientists gathered at the National Academy of Sciences to call for a moratorium on making inheritable changes to the human genome until there is a “broad societal consensus about the appropriateness” of any proposed change. But then, this February the British government announced that it has approved experiments by scientists at Francis Crick Institute to treat certain cases of infertility. I have little doubt that these scientists will not cross any ethical lines. But is there anything to stop governments themselves from surreptitiously working to develop a race of superhuman soldiers?

The creators of these technologies usually don’t understand the long-term ramifications of what they are creating, and, when they do, it is often too late, as was the case with CRISPR. One of its inventors, Jennifer Doudna, wrote a touching essay in the December issue of Nature. “I was regularly lying awake at night wondering whether I could justifiably stay out of an ethical storm that was brewing around a technology I had helped to create,” she lamented. She has called for human genome editing to “be on hold pending a broader societal discussion of the scientific and ethical issues surrounding such use.”

A technology that is far from being a threat is artificial intelligence. Yet it is stirring deep fears. AI is, today, nothing more than brute-force computing, with superfast computers crunching massive amounts of data. Yet it is advancing so fast that tech luminaries such as Elon Musk, Bill Gates and Stephen Hawking worry it will evolve beyond human capability and become an existential threat to mankind. Others fear that it will create wholesale unemployment. Scientists are trying to come to a consensus about how AI can be used in a benevolent way, but, as with CRISPR, how can you regulate something that anyone, anywhere, can develop?

And soon, we will have robots that serve us and become our companions. These, too, will watch everything that we do and raise new legal and ethical questions. They will evolve to the point that they seem human. What happens, then, when a robot asks for the right to vote or kills a human in self-defense?

Thomas Jefferson said in 1816, “Laws and institutions must go hand in hand with the progress of the human mind. As that becomes more developed, more enlightened, as new discoveries are made, new truths disclosed, and manners and opinions change with the change of circumstances, institutions must advance also, and keep pace with the times.” But how can our policy makers and institutions keep up with the advances when the originators of the technologies themselves can’t?

There is no answer to this question.