Top Privacy Stories: April 19, 2004
Wiretapping the Net
The FBI would like to apply the Communications Assistance for Law Enforcement Act (CALEA) to the Internet, meaning that all providers of broadband, Internet voice communications, and instant-messaging services would need to build in backdoors for ease of wiretapping.
As written, CALEA applies only to telephone conversations via land line phones and cell phones.
Currently, the FBI can use their Carnivore software to access email communications and browser habits, but this software is more cumbersome when used to try to access voice communications over the Internet.
More information is available at <http://news.com.com/2010-1028-5193750.html>.
Last updated April 19, 2004 - Link to this article
CAPPS Round-Up
CAPPS II (the Computer Assisted Passenger Pre-Screening program) is beginning to look less attractive as more people become aware of the invasiveness of the program, the high probability of false-positives, and the low likelihood of catching terrorists. The US is also having difficulty of convincing the European Union of the benefits of CAPPS II.
For more information see:
Are we any safer now?
From the Chicago Tribune
http://www.chicagotribune.com/technology/chi-0404180446apr18,1,6055531.story?coll=chi-technology-hed
MEPs give Commission ultimatum on data transfer to US
From the EUobserver.com (Belgium)
http://www.euobserver.com/index.phtml?aid=15219
Traveler screening system delayed
From the Washington Times (DC)
http://washingtontimes.com/business/20040413-101138-6721r.htm
Last updated April 19, 2004 - Link to this article
FTC Examines Spyware Problem
The Federal Trade Commission held a workshop today (April 19th) designed to explore the issues surrounding the distribution and effects of software that gathers information from a user's computer without their knowledge, and which may send that information back to another entity. Usually the often surreptitiously installed programs report back on a user's browsing habits for advertising purposes, but experts fear that criminals may use such software to access social security and credit card numbers.
More information is available at <http://www.washingtonpost.com/wp-dyn/articles/A22514-2004Apr18.html>.
Last updated April 19, 2004 - Link to this article
Earthlink and AOL develop anti-spyware tools
Earthlink and AOL have both developed tools to help users detect spyware that may be lurking on their computers.
Spyware can be used to monitor what users do online and send back information to the company. It also often difficult to detect and remove.
More information is available at <http://news.com.com/2100-1032-5141073.html>.
Last updated January 19, 2004 - Link to this article
Surveillance camera walking tours
Next time you're in New York City, consider taking a walking tour of the city with Bill Brown and learn about surveillance cameras.
Surveillance cameras now number around 7,200 in Manhattan. By taking a walking tour you'll learn how to spot surveillance cameras, the different types of cameras used, and the general ubiquitousness of the cameras.
More information is available at <http://www.nytimes.com/2004/01/17/nyregion/17camera.html>.
Last updated January 19, 2004 - Link to this article
Northwest gave passenger information to NASA
The personal information of millions of Northwest Airlines passengers was given to NASA shortly after the attacks on 9/11. The airline had previously said that it would not turn over passenger information to anyone.
NASA wanted the information to determine whether data-mining is a viable tool to thwart terrorism.
More information is available at <http://www.washingtonpost.com/ac2/wp-dyn/A26037-2004Jan17>.
Last updated January 19, 2004 - Link to this article
Spam still flowing
Even though the CAN Spam Act has gone into effect, there has been no discernable difference in the amount of spam flowing into email in boxes.
Internet service providers say that the new law has had very little impact on spammers. What has changed though, according to AOL, is that traffic patterns have shifted. Spammers seem to now be routing their spam though Asia in order to make it more difficult to track the spammers down.
More information is available at <http://www.bizreport.com/article.php?art_id=5913>.
Last updated January 9, 2004 - Link to this article
RFIDs in casino chips?
British science magazine New Scientist is reporting that casino chips can now be made that contain RFID (radio frequency identification tags). This will allow casinos to prevent counterfeit chips from being used, as well as allowing them to monitor patrons' gambling habits while at the casino.
If this technology can be transferred to bank notes, counterfeiting of money may be preventable, and of course, retailers will be able to track the spending habits of store patrons.
More information is available at <http://www.reuters.com/newsArticle.jhtml?type=scienceNews&storyID=4089750>.
Last updated January 9, 2004 - Link to this article
FCC fines Fax.com
The Federal Communications Commission (FCC) fined Fax.com over five million dollars for violations of the Telephone
Consumer Protection Act as well as FCC rules against companies sending unwanted faxes.
The FCC will be watching Fax.com for the next 30 days to make sure that they are complying with the rules. The FCC is also urging consumers to file complaints with the FCC if they are receiving unwanted faxes.
More information is available at <http://www.thesandiegochannel.com/news/2748821/detail.html>.
Last updated January 9, 2004 - Link to this article
Gym patrons wary of camera phones
A growing number of gyms are banning the use of cell phones because of the uneasiness of patrons with camera phones. People fear that photos can be taken surreptitiously with the camera phones and then posted almost instantaneously on the Internet. Because cell phones and cell phones with photo-taking capabilities are difficult to distinguish, gyms are moving to ban the use of all phones.
More information is available at <http://news.com.com/2100-1037-5112823.html>.
Last updated December 4, 2003 - Link to this article
Privacy worries limit online shopping
A poll by TRUSTe shows that 49% of shoppers will limit their online shopping habits this holiday season for fear of ID theft, credit card misuse, and spam.
Almost half of those surveyed said that they would not buy from an online shop unless they provided a privacy seal or a privacy policy.
More information is available at <http://www.vnunet.com/News/1151066>.
Last updated December 4, 2003 - Link to this article
Credit cards under your skin?
Applied Digital Solutions has developed a chip that can be injected underneath the skin that will take the place of credit cards. People who are "chipped" can then scan themselves when making purchases.
While the use of sub-dermal chips is likely several years off, Applied Digital believes that the chips and its "VeriPay" system would be more difficult to tamper with. Others are not convinced. Richard Smith, a security consultant, suggests that "VeriPay will offer some conveniences over RFID credit cards, but I think most people will be creeped out with the idea of putting little radio transmitters in their bodies."
More information is available at <http://www.wired.com/news/technology/0,1282,61357,00.html>.
Last updated December 4, 2003 - Link to this article
RFID Round-Up
Both the Department of Defense (DoD) and Wal-Mart have set 2005 deadlines for suppliers to use RFIDs on pallets, and in the case of the DoD, cases, and parts.
IBM is building a testing facility so that companies can test the accuracy of equipment that uses RFIDs before they are shipped out.
A call for a moratorium on deployment of RFIDs has been endorsed by 30 civil liberties, consumer, and privacy organizations. The moratorium should be in effect until a technology assessment has been done.
More information is available at <http://www.adtmag.com/article.asp?id=8542; http://news.com.com/2100-1006-5109472.html; http://www.techweb.com/wire/story/TWB20031118S0004>.
Last updated November 22, 2003 - Link to this article
FCC continues ban on telemarketing to cell phones
Telemarketers may not use automatic dialers or prerecorded messages if calling a cell phone number.
Fines for calling the numbers using these devices are steep, and after Monday, when individuals are able to transfer their home land line number to a cell number, many telemarketers fear accidentally calling a cell phone. The FCC has not provided any type of safe harbor for telemarketers, telling them to update their lists daily if they need to.
Individuals may also continue to sign up for the Do-Not-Call lists to avoid unwanted telemarketing calls.
More information is available at <http://www.newsday.com/business/ny-bzcell193549738nov19,0,7630798.story?coll=ny-top-headlines>.
Last updated November 22, 2003 - Link to this article
Showing your ID to buy stamps?
Debate has begun about "intelligent mail", that is, mail that can easily be tracked and recorded. Right now, "intelligent mail" is used by many businesses to track time-sensitive mail. In the future however, the identities of all senders (and therefore all receivers) of mail could be required before the mail would be sent out.
This would mean showing your ID before you can buy stamps, and probably having particular stamps tied to your identity. Whether it would be illegal to share stamps with a friend is anybody's guess.
More information is available at <http://www.wired.com/news/privacy/0,1848,61140,00.html>.
Last updated November 17, 2003 - Link to this article
Opting out is hard to do
Private Citizen, a company that, for a fee, has been helping people "opt-out" of data sharing schemes for more than a decade by sending in opt-out notices to other companies that collect and share data. Recently, Acxiom has made it much more difficult to opt out of their databases.
Instead of allowing Private Citizen to send in opt-out notices (signed by the individual) in bulk, Acxiom is now requiring that individuals send in their own opt-out notices.
Acxiom is a data aggregator that has collected personal information on almost 200 million people, mostly from public records, product warranty cards, and other sources. Most people are unaware that Acxiom is collecting personal information about them.
More information is available at <http://www.wired.com/news/privacy/0,1848,61240,00.html?tw=wn_tophead_1>.
Last updated November 17, 2003 - Link to this article
Report highlights threats to job applicant's privacy
Some online job sites may not be safeguarding personal data of job applicant's as they should. Some sites also do not disclose who data is shared with, nor do they disclose which types of data they may share with others.
For example, some self-service job application computers frequently used by chain stores often collect social security numbers in order to do background checks, but do not disclose if and with whom the social security numbers are shared.
More information is available at <http://seattlepi.nwsource.com/business/147865_jobseekers12.html>.
Last updated November 17, 2003 - Link to this article
Senators Want Probe in JetBlue Debacle
Senators are pushing the Pentagon to turn over more information about whether or not the Pentagon followed the Privacy Act of 1974 when "system of records" was created using the records of JetBlue passengers.
It is likely that the Priavcy Act of 1974 was violated, as well as JetBlue's own privacy policy.
While this is a step in the right direction, many in the privacy community believe that stornger measures are needed. Edward Hasbrouck believes the full story about how passenger data was used (to test CAPPS II) will only be revealed if Congress launches a wide-ranging investigation into the matter.
More information is available at <http://www.wired.com/news/privacy/0,1848,60885,00.html>.
Last updated October 20, 2003 - Link to this article
Privacy and Camera Cell Phones
Camera phones allow you to easily take photos and share them quickly with friends and family. Unfortunately these phones can also be abused. Camera phones have been banned in locker rooms and gyms, and some places are considering banning them from the bathrooms of public buildings.
Because we don't have a "reasonable expection of privacy" in public places, use of these phones in public will test the boundaries of privacy in public and quasi-public places.
More information is available at < http://www.usatoday.com/news/nation/2003-10-19-cell-phones_x.htm>.
Last updated October 20, 2003 - Link to this article
Reining in the Patriot Act
The Security and Freedom Ensured Act (S. 1709), legislation being introduced into the Senate, is designed to rein in some of the broad law enforcement powers that were granted via the Patriot Act.
Senators from both the Republican and Democratic parties are concerned that government snooping is undermining civil liberties unneccessarily.
Among the provisions: tighter controls on when law enforcement may secretly enter your home when looking for evidence; tighter controls on roving wiretaps; and more protections for library book records.
More information is available at <http://www.pcworld.com/news/article/0,aid,112981,00.asp>.
Last updated October 20, 2003 - Link to this article
Do Not Call List a "Go" - For now
The 10th Circuit Court of Appeals said the Federal Trade Commission (FTC) can put the national "Do Not Call" list into effect while the Court hears the appeal from telemarketers. The appeal is based on First Amendment grounds. Telemarketers claim that their speech is being curtailed in favor of privacy rights for consumers.
More information is available at <http://www.washingtonpost.com/wp-dyn/articles/A58119-2003Oct7.html>.
Last updated October 9, 2003 - Link to this article
Cable company fights RIAA's demand for names
Charter Communications filed a "motion to quash" the RIAA's requests for the names of 150 Charter customers who the RIAA claims violated copyright law when they allegedly used peer-to-peer systems to swap music files.
"We feel it's our responsibility to exercise our legal rights to protect the legitimate interests of our customers," said Anita LaMont, Charter spokeswoman. "And it's consistent with Charter's privacy policy."
The RIAA will continue its efforts to get the names of the Charter customers.
More information is available at < http://news.com.com/2100-1027-5087304.html>.
Last updated October 9, 2003 - Link to this article
Tracking Bar and Club Patrons
If you go to a bar or club in Vancouver, Canada, be prepared to pose for a picture and have your driver's license "swiped". Your information will then be available to a broad coalition of club and bar owners to make it easier to identify trouble makers. Your information may also be available to the police if they feel they need it.
No mention of what happens if you're blacklisted erroneously.
More information is available at <http://www.canada.com/vancouver/story.asp?id=936FC638-D1F5-4BA0-8E4B-1F4FEADEA16D>.
Last updated October 9, 2003 - Link to this article
Comcast to Redraft Privacy Policy
Cable provider Comcast will redraft its privacy policy because a number of cable regulators, including some from the Portland Oregon area, believe that some provisions of the policy are too vague when it comes to handling the personal information its customers. While there are no claims that any personal information has been misused, there are currently loopholes in the policy that could allow for misuse.
More information is available at <http://www.oregonlive.com/business/oregonian/index.ssf?/base/business/106431852742490.xml>.
Last updated October 2, 2003 - Link to this article
Ridding Your Computer of Spyware
The proliferation of spyware (programs that track your movements online, create pop-up ads for you to see, and more) has prompted individuals like Patrick M. Kolla to creat anti-spyware software. His program, "Spybot Search & Destroy" helps individuals to rid themselves of unwanted spyware, and is proving very popular -- about three million downloads a month.
More information is available at < http://online.wsj.com/article/0,,SB106443250463464700,00.html>.
Last updated October 2, 2003 - Link to this article
ACLU Defends Anonymity on the Net
The ACLU has agreed to help a student quash a subpoena from the RIAA seeking her identity, arguing that the RIAA should first make some kind of showing that the person has violated the law.
The RIAA should be able to go after people who trade files, but they should do it in a way that is fair, says attorney, Christopher Hansen, of the ACLU. "There are lots of reasons why people need anonymity on-line and why it should not be so easy to lose," Hansen explained. "If the recording industry can uncover your identity simply by claiming that a copyright violation has occurred, then the Chinese government can use the same tool to find out the name of a dissident, and a batterer can use it to find out the address of a domestic violence shelter."
More information is available at <http://www.out-law.com/php/page.php?page_id=riaafacesnewbattl1065005296&area=news>.
Last updated October 2, 2003 - Link to this article
JetBlue Violates Passenger Privacy
JetBlue Airways has admitted that it secretly gave passenger records including names, addresses, phone numbers and flight information to a Defense Department contractor. Torch Concepts then matched those records with data from data aggregator Acxiom. By matching the JetBlue passenger list with the Acxiom information, Torch was able to extract demographic information including income information, social security number, occupations, and years at residence for approximately 40% of those passengers.
Lawsuits and investigations have been initiated.
More information is available at < http://news.com.com/2010-1029-5080339.html>.
Last updated September 25, 2003 - Link to this article
Identity Theft Costs More to Clean Up
The Identity Theft Resource Center reports that even though identity theft victims are discovering the crime faster than they were three years ago, they are spending more time and money to clean up the damage. Individuals now spend approximately $1,495 and approximately 175 hours.
The average cost to business is now approximately $92,900 compared to about $18,000 in 2000.
More information is available at <http://business.bostonherald.com/businessNews/business.bg?articleid=330>.
Last updated September 25, 2003 - Link to this article
California Enacts Tough Anti-Spam Law
California's recently-signed bill prohibits all unsolicited commercial email, and takes effect January 1. Penalties may include up to $1 million per incident. The bill will allow the state attorney general to go after spammers in the state as well as those offshore.
More information is available at <http://www.washingtonpost.com/wp-dyn/articles/A56503-2003Sep24.html>.
Last updated September 25, 2003 - Link to this article
RIAA tactics questioned by Congress
The general counsel for Verizon testified at a congressional hearing that subpoenas issued by the RIAA with no judge to oversee the process, will result in the inevitable abuse of the system.
Orin Hatch (R-Utah) called for bimonthy updates from the RIAA, Verizon, and other interested parties on the question of whether the subpoena process is being abused and whether there are alternatives.
More information is available at <http://www.pcworld.com/news/article/0,aid,112398,00.asp>.
Last updated September 10, 2003 - Link to this article
New cell phones to record conversations
Some cell phone manufacturers are poised to add a feature that would allow phone conversations to be recorded automatically -- raising legal and privacy concerns. Friends, relatives, and others would be able to record all conversations to their cell phone, which could come as an unwelcome surprise to the person on the other end of the line. At the very least, people would need to be notified at the beginning of each phone call that they are being recorded.
More information is available at < http://news.com.com/2100-1039-5070618.html>.
Last updated September 10, 2003 - Link to this article
Congress may nullify strong state privacy laws
The House will vote this week on HR 2622, a bill that would nullify most of the stronger privacy laws that states have enacted over the last several years. This includes laws that give needed help to identity theft victims, such as the ability to freeze credit reports.
Banks and insurers have been lobbying for HR 2622 since they want the continued ability to share personal and financial information.
More information is available at <http://moneycentral.msn.com/content/Banking/P60562.asp>.
Last updated September 10, 2003 - Link to this article
Hearings set in Senate on RIAA tactics
A senate panel is set to review the tactics currently planned by the Recording Industry Association of America (RIAA) to target those who download music from the Internet. Sen. Norm Coleman, R-Minn is concerned that in their zeal to stamp out music piracy, the RIAA will ensnare innocent people who use the same computer. The RIAA has already issued 900 subpoenas.
More information is available at <http://www.siliconvalley.com/mld/siliconvalley/6534355.htm>.
Last updated August 26, 2003 - Link to this article
Face Recognition cameras a flop in Virginia Beach
After a year of operation the use of face recognition cameras has not not resulted in a single arrest. Even so, police still plan to keep the system up and running. Police say that the cameras act as a deterrent to criminals. However, they also decline to state where the video cameras are located and which are equipped with face recognition software.
More information is available at <http://www.timesdispatch.com/frontpage/MGB5XFFS7JD.html>.
Last updated August 26, 2003 - Link to this article
CASPIAN Calls for Worldwide Boycott of Gillette/RFIDs
CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) is calling for a worldwide boycott of Gillette because Gillette has not backed down over an alleged plan by Gillette to track its products using RFID tags. If a Gillette product is removed from a shelf in a store, the RFID tag can tell that the product has been moved. In reponse to the movement, the shopper is photographed. The idea is to limit shoplifting.
Katherine Albrecht of CASPIAN says "We have corroborated evidence that a Gillette 'smart shelf' fitted with radio frequency identification (RFID) devices can sense when packages are removed from a store shelf and, in response, take pictures of consumers handling them. Tracking and photographing consumers without their knowledge and consent is unacceptable."
More information is available at <http://www.sierratimes.com/03/08/12/ar_Privacy_Group_Launches_Worldwide_Boycott_Against_Shaving_Ravor_Corp.htm>.
Last updated August 26, 2003 - Link to this article
RFID Tags Rolling Out
Radio Frequency identification (RFID) tags were at the center of attention at a conference last week. While retailers such as Wal-Mart jump on the RFID bandwagon, there is still much to work out in order to protect consumer privacy. If the tags are not turned off at the check out counter, it is possible that an individual could be "scanned" to see what brands he or see is wearing, and how much they cost.
More information is available at <http://news.com.com/2100-1020_3-1015058.html>.
Last updated June 16, 2003 - Link to this article
Cell Phones and Spam
A recent survey conducted by Silicon.com found that 69% of those who responded to the survey had received spam on their cell phones. While spam on cell phones is not expected to be as big a problem as spam in email, it is still perceived to be a greater invasion of privacy. This is because people view their cell phones as more private than their email.
More information is available at <http://news.com.com/2100-1041_3-1015595.html>.
Last updated June 16, 2003 - Link to this article
CAPPS II Put on Hold
Testing of the controversial Computer Assisted Passenger Pre-Screening (CAPPS) program has been put on hold while the impact on individuals' privacy is assessed.
The Transportation Security Administration (TSA) has not been forthcoming in discussions with the public or the civil liberties community. Currently, hundreds of people have been stopped at airports and put through sometimes humiliating security measures, while others have simply been turned away.
The TSA still plans on implementing CAPPS II.
More information is available at <http://www.washingtonpost.com/wp-dyn/articles/A56565-2003Jun13.html>.
Last updated June 16, 2003 - Link to this article
Virginia passes tough new spam law
Many states have enacted anti-spam laws, but Virginia has just enacted the toughest anti-spam law in the nation. The law would send spammers to prison for up to five years. The felony provisions apply when the sender 1) intends to change header or other routing information so that recipients can't tell who actually sent them the message, and 2) when the sender sends more than 10,000 email messages in a 24 hour period, or 100,000 messages in a 30 day period, or when the revenue generated is $1,000 for a specific transmission, or $50,000 for total transmissions.
More information is available at <http://www.governor.state.va.us/Press_Policy/Releases/2003/Apr03/0429b.htm>.
Last updated May 5, 2003 - Link to this article
National IDs for commercial livestock?
Tom Ridge, secretary of the Department of Homeland Security has voiced his support of a plan that would put in place a national identification system for all commercial livestock. The plan is two to five years away, and would be expensive to implement. The impetus for such a system is to help identify vulnerabilities in the food chain.
The question not asked is that once the infrastructure is in place, how much of a leap is it to use such a system for tagging people?
More information is available at <http://www.sacbee.com/content/business/story/6536696p-7487331c.html>.
Last updated May 5, 2003 - Link to this article
CA bill would protect anonymity online
If signed into law in California, Assembly Bill 1143 would help protect the anonymity on Internet users.
Currently, Internet Service Providers (ISPs) are not required by law to inform users that a civil subpoena has been served on the ISP demanding the user's personal information. Because of this, users have no ability to protect their privacy.
This bill would "protect consumer privacy rights by requiring that a consumer whose personally identifying information is sought in a civil suit is notified of the request and given time and the necessary information to object to the disclosure."
More information is available at <http://www.leginfo.ca.gov/pub/bill/asm/ab_1101-1150/ab_1143_cfa_20030430_094429_asm_comm.html>.
Last updated May 5, 2003 - Link to this article
ACLU Files Lawsuit Over
The ACLU says in its lawsuit that it has documented 339 instances where people have been detained and questioned at the San Francisco International airport. The travelers were stopped because they were believed to be on a government "no fly" list.
The ACLU wants to know how people end up on "no fly" lists, how they can get off the "no fly" list if they are there in error, and how officials ensure the accuracy of information collected about passengers.
More information is available at <http://www.nytimes.com/2003/04/23/international/worldspecial/23TERR.html>.
Last updated April 28, 2003 - Link to this article
State "Super-DMCAs" threaten privacy
Several states have passed "super-DMCA" laws based on the Federal Digital Millennium Copyright Act (DMCA). The "super-DMCAs would prohibit concealing "the existence or place of origin or destination of any telecommunications service."
These laws are have been written so broadly that they could put companies that provide encryption or anonymous web browsing services out of business. Some say the laws could ban firewalls as well, not to mention services like caller ID.
More information is available at <http://www.securityfocus.com/news/3912>.
Last updated April 22, 2003 - Link to this article
Will new health rules harm privacy?
The HIPAA (Health Insurance Portability and Accountability Act) rules are now in effect. Originally HIPAA was supposed to make health care portable from one job to another, as well as making it affordable.
The current rule however, allows ease of disclosure of personal health information to a variety of entities. “The Bush administration modified the rule so that healthcare insurers, providers, institutions, and others could transfer medical information electronically to pay claims, treat patients, and do other tasks - without patients' consent.” Sharing health information for “healthcare operations” is also allowed, but “healthcare operations” is a term that is so broad, many believe it includes marketing purposes.
More information is available at <http://www.csmonitor.com/2003/0415/p09s01-coop.html>.
Last updated April 15, 2003 - Link to this article
Privacy International announces “Stupid Security Awards”
The purpose of the awards is to highlight “the pointless, annoying, intrusive, illusory and just plain stupid measures to "protect" our security”.
Categories include “Most Inexplicable Security Measures”, “Most Intrusive Security Measures”, “Most Counter Productive Security”, “Most Annoying Security Measures”, and “Most Egregious Security” Measures”. For example, runner-up “Heathrow Airport for quarantining a quantity of green tea”. Others include Universal Studios, the University of Texas at Austin, San Francisco General Hospital, and many others. For a complete listing:
More information is available at <http://www.privacyinternational.org/activities/stupidsecurity/>.
Last updated April 15, 2003 - Link to this article
LA Police Officer Uses Database to Snoop on the Stars
A LAPD officer used department computer files to look up confidential information on celebrities (including Sean Penn, Larry King, Cindy Crawford, and O.J.Simpson). The city recently settled a suit brought by the officer's ex-girlfriend for $400,000, alleging the officer planned to sell information to tabloids; the city is assessing whether there is additional potential liability. The officer claims he was simply working on a project of devising a "VIP home locator map", under the supervision of his superiors, who deny such a project existed.
Source: LA Times (registration required)
More information is available at <http://www.latimes.com/news/local/la-me-celebs8apr08,1,1932749.story?coll=la%2Dheadlines%2Dcalifornia>.
Last updated April 15, 2003 - Link to this article
A video surveillance tour of Manhattan
Bill Brown has led weekly video-surveillance tours of New York since 2000, pointing out the locations of police and private cameras. Brown conducts the tours for the New-York based Surveillance Camera Players.
Source: Reuters, via Washington Post
[The Surveillance Camera Players web site is at <http://www.notbored.org/the-scp.html>.]
More information is available at <http://www.washingtonpost.com/wp-dyn/articles/A55263-2003Apr8.html>.
Last updated April 11, 2003 - Link to this article
Hatch proposes making Patriot Act provisions permanent
Senator Orrin Hatch (R-UT) has written a proposal that would repeal the "sunset" provisions of the Patriot Act and make it permanent. Certain aspects of the Patriot Act expire in 2005 unless Congress votes to reauthorize them. Congressional Republicans are considering attaching Hatch's proposal to an upcoming anti-terrorism bill that would make it easier for the government to get secret warrants against individuals who have no known affiliations with terrorist groups.
Source: New York Times (registration required)
More information is available at <http://www.nytimes.com/2003/04/09/international/worldspecial/09TERR.html>.
Last updated April 11, 2003 - Link to this article
Improving safety while protecting privacy: positive passenger bag matching
Bag-matching -- ensuring that no checked bag be transported on a plane if it's owner isn't on board -- is standard policy in Europe and Asia, but not the U.S. The approach protects privacy while improving safety. Critics charge that the TSA has overlooked this obvious solution because the airlines have opposed bag-matching for years, citing cost and potential delay issues.
Source: Business Week Online
More information is available at <http://www.businessweek.com/technology/content/apr2003/tc20030410_0829_tc073.htm>.
Last updated April 11, 2003 - Link to this article
Benetton won't be using RFID tags any time soon
Contradicting an earlier announcement by Philips, Italian clothing retailer Benetton announced that it has not yet undertaken any feasibility studies on embedding radio-frequency identification (RFID) tags in its clothes. Philips had earlier said that it would ship 15 million RFID tags for Benetton's Sisley line. Benetton further said that its future plans for RFID tags would consider privacy implications.
Source: CNETAsia via ZDNet
More information is available at <http://zdnet.com.com/2100-1105-995722.html>.
Last updated April 7, 2003 - Link to this article
Eavesdropping in European Union offices
Bugs have been discovered in the Brussels European Union (EU) offices of Britain, France, Germany, Spain, Italy, and Austria. The devices were discovered in a routine sweep in late February, but may have been installed as long ago as 1995. No word is available on who may have installed the bugs, described as a "very sophisticated" system beyond the capability of most intelligence services.
Source: Sydney (Australia) Morning Herald
More information is available at <http://www.smh.com.au/articles/2003/03/20/1047749880381.html>.
Last updated March 25, 2003 - Link to this article
Conferences discuss 'privacy vs. security'
Attendees at two Washington, D.C., discussions on Thursday aired various views on whether high-tech "security" programs such as TIA and CAPPS can be reconciled with civil liberties -- and, for that matter, whether they will actually work. Former Virginia governor James Gilmore (head of the National Advisory Committee on Terrorism) questioned the effect on society of some of these technology solutions, noting that even if we gave up individuality, privacy, and anonymity, total security could not be guaranteed. James Woolsey, former directory of the CIA, suggested that U.S. citizens may have to make compromises between civil liberties and security, but also cautioned that lawmakers need to keep an eye on privacy and other rights. Jim Dempsey, executive directory of the Center for Democracy and Technology, questioned whether data-mining approaches will even work.
Source: IDG News Services via Infoworld
More information is available at <http://www.infoworld.com/article/03/03/20/HNprivacy_1.html>.
Last updated March 25, 2003 - Link to this article
San Francisco Homeless Fingerprinting Plan Limited to 2,500 People
In response to criticism by homeless advocates and a city Supervisor of an earlier plan to require fingerprints of everybody seeking a bed in an emergency shelter, San Francisco city officials have decided to limit the requirement to only the roughly 2,500 homeless people affected by the the new "Care Not Cash" initiative. The biggest fear about the requirement was that it would scare away undocumented immigrants -- while the city did not plan to open the database to the Immigration and Naturalization Service (INS), as a city employee admitted, people were unlikely to trust that this would not occur at some point in the future. The director of the Mission Resource Center remains concerned that everybody will still have to place a finger on the imaging system to determine whether they are part of the database.
Source: San Francisco Chronicle
More information is available at <http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/03/20/MN251870.DTL>.
Last updated March 24, 2003 - Link to this article
Privacy debate likely to heat up over next few months
The "anti-preemption" portion of the federal Fair Credit Reporting Act, restricting states' abilities to pass privacy laws, expires next year. While some businesses are gearing up to fight to extend it -- fearing the cost and difficulty of complying with a patchwork of state laws -- consumers appear to have become weary of having their information shared. A recent poll in California found that 91 percent of consumers supported a proposed "opt-in" ballot initiative.
[The article also has many interesting links.]
Source: Wired News
More information is available at <http://www.wired.com/news/privacy/0,1848,58064,00.html>.
Last updated March 24, 2003 - Link to this article
University of Texas Student Charged with Stealing 55,000 Social Security Numbers
A 20-year-old University of Texas undergraduate has been charged with stealing personal information on over 55,000 current and former students and staff from a database. The student turned himself in. Other recent information thefts -- 8,000,000 credit card numbers from a data processing center in Nebraska; records about 1,400 international students from the University of Kansas -- remain open.
Source: CNET
More information is available at <http://news.com.com/2100-1002-992732.html>.
Last updated March 20, 2003 - Link to this article
Surveillance technology firm Verint posts record sales
High-tech surveillance firm Verint Systems posted record sales of $42 million in the fourth quarter of 2002. Products include those targeted to the business segment such as the "IntelliFind" system (which picks out conversations in which specific keywords are spoken) and those targeted at law enforcement purposes such as STAR-GATE (marketed to ISPs and telephone companies), which provides wiretapping and internet surveillance. Other companies such as VeriSign and Network Associates are also getting into the government surveillance business, perceived as a growth area.
Source: Security Focus
More information is available at <http://www.securityfocus.com/news/3115>.
Last updated March 20, 2003 - Link to this article
Santa Cruz Libraries Post Patriot Act Warnings
Labraries in Santa Cruz, California, have posted signs warning patrons that the FBI may access the records of what books they've borrow -- and that library personnel are prohibited from telling anybody if this happens. A section of the Patriot Act allows the FBI to obtain warrants for library and bookstore records. Congressman Bernie Sanders (Ind-VT) introduced a bill last week to repeal this clause.
Source: San Francisco Chronicle
More information is available at <http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2003/03/10/MN14634.DTL>.
Last updated March 18, 2003 - Link to this article
Disk drives with personal info stolen from B.C. welfare office
Two hard disk drives with information on 568 income-assistance clients and staff were stolen from the British Columbia Human Resources Ministry, along with a server computer. Information includes social insurance numbers, birth dates, and home addresses. The government started alerting people last week -- about a month after the theft occurred.
Source: Vancouver Province
More information is available at <http://www.canada.com/vancouver/news/story.asp?id=6A293BE2-E77B-4CFE-A777-62B84C35F54A>.
Last updated March 18, 2003 - Link to this article
A (not-so) Friendly Note from Your Baggage Screener
After discovering a handwritten note apparently slipped in by a baggage screener, an airline passenger has complained to authorities. The note ("Don't appreciate your anti-US attitude!") was probably in response to a "No Iraq War" sign in his baggage. The Transportation Services Agency (TSA) is looking into the incident, and notes that they do not condone employees making political or personal comments to travelers; however, a TSA spokesperson comments that "It's a leap to say it was a TSA screener."
Source: Seattle Times
More information is available at <http://archives.seattletimes.nwsource.com/cgi-bin/texis.cgi/web/vortex/display?slug=tsasign15m&date=20030315>.
Last updated March 17, 2003 - Link to this article
Benetton clothing to include RFID tags
Clothes sold by Italian clothing company Benetton will soon include radio frequency ID (RFID) tags, tiny microchips that will allow the retailer to track the clothes through its supply chain. The transmission range is about three feet. Wayne Madsden of EPIC points out that there are privacy implications: while the intent is for internal use, no legislation prohibst information from being shared with third parties and law enforcement.
More information is available at <http://www.sfgate.com/cgi-bin/article.cgi?file=/news/archive/2003/03/11/financial1508EST0170.DTL>.
Last updated March 17, 2003 - Link to this article
Kapor Resigns from Groove Networks Board
Software executive and civil libertarian Mitch Kapor resigned from the board of Groove Networks after it sold software to the US government apperently for use in the Total Information Awareness project (TIA). Kapor, who earlier founded Lotus Development Corporation (makers of Lotus 1-2-3) and Electronic Frontier Foundation), expressed concerns about TIA, but did not directly relate his departure to the sale.
Source: Reuters
More information is available at <http://reuters.com/newsArticle.jhtml?type=topNews&storyID=2372090>.
Last updated March 17, 2003 - Link to this article
59,000 Social Security Numbers Stolen from University of Texas
March 6: Over 59,000 SSNs belonging to current and former students, faculty, and staff were seized by attackers who hacked into a University of Texas at Austin computer system. Presumably, the goal was identity theft.
University officials admitted that their security was weak, and vowed to accelerate a plan to phase out use of SSNs. The theft has been reported to the FBI, Austin Police Department, Travis County District Attorney, and other authorities.
Source: Austin American-Statesman
More information is available at <http://www.austin360.com/aas/metro/030603/0306uthack.html>.
Last updated March 10, 2003 - Link to this article
Post Office Eavesdropping in Washington State Discontinued
Postmasters in Everett and Marysville, Washington, set up baby monitors to listen into the transactions between clerks and customers. Apparently the postmasters were worried that the clerks were forgetting to ask whether packages contained hazardous materials; however, they never bothered to let the customers know that they were being monitored.
The eavesdropping has now been discontinued.
Source: KOMO
More information is available at <http://www.komotv.com/stories/23341.htm>.
Last updated March 6, 2003 - Link to this article
Barr criticizes TSA's defense of CAPPS II
Former Representative Bob Barr, Georgia Republican, had harsh words for claims by the Transportation Security Administration (TSA) that the actual CAPPS II program will be much narrower in scope than implied by the proposal.
Calling the defence "nonsense", Barr noted that "Federal agencies propose widespread regulations because they want widespread regulations".
Source: Washington Times
More information is available at <http://www.washtimes.com/national/20030226-73777264.htm>.
Last updated March 6, 2003 - Link to this article
Washington Senate Closes Loophole in Voyeurism Law
The Washington State Senate unanimously passed SB 5018, closing a loophole in the state's voyeurism law that allowed "up-skirt" photographs and videos in areas such as malls where there was no reasonable expectation of privacy.
The state Supreme Court had ruled last year that the existing law did not ban this practice.
Source: The Oregonian
More information is available at <http://www.oregonlive.com/metronorth/oregonian/index.ssf?/base/metro_north_news/1046351093262400.xml>.
Last updated March 3, 2003 - Link to this article
Fake Job Listings Assist ID Theft
Monster.com, the Internet job board, warned users that false job listings are sometimes used to illegally collect personal information.
Privacy Foundation research fellow Pam Dixon notes that similar problems occur on all the major job search sites, and that in some cases the information that has been collected includes credit card numbers and social security numbers.
Source: Associated Press via Washington Post
More information is available at <http://www.washingtonpost.com/wp-dyn/articles/A14379-2003Feb28.html>.
Last updated March 3, 2003 - Link to this article
eBay's Privacy Policy: No Need for a Court Order
eBay's willingness to cooperate with law enforcement apparently extends as far as providing information in response to an informal request -- without requiring a subpoena or court order except in "exceptional cases".
Joseph Sullivan, Director of Law Enforcement and Compliance at eBay, apparently spoke a little too candidly to the audience at the recent "CyberCrime 2003" conference. Haaretz obtained a recording of the talk, which essentially gave an open invitation to law enforcement personnel to ask for whatever information they wanted. "Tell us what you want to ask the bad guys. We'll send them a form, signed by us, and ask them your questions. We will send their answers directly to your e-mail."
eBay's privacy policy apparently leaves this decision completely to the company's discretion. This policy applies to PayPal (acquired by eBay in 2002) as well.
Nimrod Koslovski (of the Yale Law School's Information Society Project) notes that this approach essentially means that users give up their constitutional protections by acceding to eBay's Terms of Service.
More information is available at <http://www.haaretz.com/hasen/pages/ShArt.jhtml?itemNo=264863&contrassID=2&subContrassID=5&sbSubContrassID=0&listSrc=Y&itemNo=264863>.
Last updated March 3, 2003 - Link to this article
PATRIOT Act II?
The Center for Public Integrity posted a draft of the Domestic Security and Enhancement Act (aka PATRIOT Act II). The bill has not yet been introduced into Congress, but gives a good indication of the direction that the drafters of the document would like to move.
Provisions of the document allow government to eliminate more checks and balances on law enforcement, while at the same time diminishing civil liberties.
Source: News Max
See the full story at <http://privacyactivism.org/Item/62>.
Last updated March 3, 2003 - Link to this article
GPS Used to Stalk Victims
Global Positioning Devices are beginning to be used by stalkers to track their victims. According to this Wired News story, the alleged stalker placed the GPS device inside the hood of his victim’s car to track her movements.
GPS devices have a number of beneficial uses including use by hikers and drivers, who use them so that they don’t get lost.
Experts who train victims' advocates, law enforcement and prosecutors recommend that you check underneath the hood of your car and look for suspicious-looking parts.
Source: Associated Press via Wired News, February 6, 2003
Last updated March 3, 2003 - Link to this article
Student Gets Personal Information on Professors and Staff
A Boston College student was arrested after he placed keystroke logging software on more than 100 public computers at Boston College.
Keystroke loggers log every keystroke you make on a computer –making even encrypted and password protected files vulnerable.
By using the keystroke logger, the student was able to monitor the actions of everyone who used the computers. He was able to see emails, downloaded files and banking details of those who were banking online.
Source: Reuters, February 6, 2003
Last updated March 3, 2003 - Link to this article
Florida Set to Abandon Privacy-Invasive Adoption Law
An adoption law passed in 2001 in Florida requires any woman who wants to give up her baby for adoption, but doesn't know the identity of the father, to first post a notice in the newspaper detailing her sexual history for the year prior to the baby's birth before. Several women have since filed suit, declaring that the law unconstitutionally violates their privacy.
At a hearing, the state did not defend the law.
Source: South Florida Sun Sentinel
More information is available at <http://www.sun-sentinel.com/news/local/palmbeach/sfl-220sarletletterlaw.story>.
Last updated February 23, 2003 - Link to this article
Do Not Call List vs. Do Call List
The Montana Legislature has introduced a bill to create a Do Not Call List for Montanans. They have also introduced a bill to create a Do Call List - just in case you want more telemarketing calls.
Source: The Great Falls Tribune
More information is available at <http://www.greatfallstribune.com/news/stories/20030218/localnews/1007908.html>.
Last updated February 23, 2003 - Link to this article
VISA and MasterCard Hacked
A security breach left 5.6 million credit card numbers accessible to hackers. There has been no evidence yet of any fraudulent activity associated with those cards.
Source: CNN
More information is available at <http://www.cnn.com/2003/TECH/02/17/creditcard.hack/>.
Last updated February 23, 2003 - Link to this article
Personal Information Stolen From 500,000
About 500,000 military personel and their families could become victims of identify theft due to the theft of computer hard drives from a managed care company that provides their health care coverage.
The personal information that was on the hard drives included Social Security numbers, addresses, and possibly some credit card numbers. The company, TriWest, has set up a hot line for those who may have had their personal information compromised.
Media Resources: Associated Press 12/26/02
Last updated December 29, 2002 - Link to this article
|
Front Page