Data privacy: What your zip code reveals about you - Apr. 18, 2013 All that is needed to match the information data brokers compile with what you buy is your full name — obtained when you swipe a credit card — and a zip code, according to data privacy experts. NEW YORK (CNNMoney) That five-digit zip code is one of the key items data brokers use to link a wealth of public records to what you buy. They can figure out whether you're getting married (or divorced), selling your home, smoke cigarettes, sending a kid off to college or about to have one. Such information is the cornerstone of a multi-billion dollar industry that enables retailers to target consumers with advertising and coupons. Acxiom, one of the biggest data brokers in the business, claims to have a database that holds information -- including one's age, marital status, education level, political leanings, hobbies and income level -- on 190 million individuals. Related: Your phone company is selling your personal data Buying a bunch of maternity clothes? Related: What type of consumer are you?
United, Delta Said to be Warned by California on Privacy United Continental Holdings Inc. (UAL:US), Delta Air Lines Inc. (DAL:US) and OpenTable Inc. (OPEN:US) are among companies in violation of a California protocol governing mobile applications for failing to conspicuously post their privacy policies, a person familiar with the matter said. Companies using as many as 100 mobile apps were told in letters sent Oct. 29 by California Attorney General Kamala Harris that they have 30 days to make their privacy policies readily accessible to consumers of their online services, said the person, who declined to be identified because the matter isn’t public. “Protecting the privacy of online consumers is a serious law enforcement matter,” Harris said in an e-mailed statement. Harris said in February when she announced a privacy protocol that she’s trying to bring the industry in line with a California law requiring mobile apps that collect personal information to have a privacy policy. ‘Ensure Compliance’ Smartphone Users
PRISM Lessons On Privacy, Cloud and US IT Compa... How Privacy is Lost April 28th, 2013 at 17:45 UTC by Ross Anderson On Friday I went to a fascinating lobbying meeting on the new EU data protection regulation. Europe is by default the world’s privacy regulator, as America doesn’t care and no-one else is big enough to matter; so this is really important. Some 3000 amendments have been proposed and the regulation is in the final stages of the committee process; the rapporteurs of the various parties are negotiating compromise amendments which should be ready for a vote within weeks. So the pressure is really on. Friday was extraordinary because all the lobbyists came together in one room to argue their cases. I am posting my notes of the meeting here, as it’s a good case history of how lobbying works, as well as of how our privacy is being lost. Sarah Ludford DPR meeting, 3–6 PM, 26/4/13, Europa House, Smith Square. Sarah says the shadows’ meeting has not so far gone through the articles in order but cherry-picked; started with articles 2, 3, 81, 83. 1. ..
Big Data in Law: Cloud Challenge, Analytics Opportunity The legal profession may have begun on Mount Sinai, where Moses delivered The Ten Commandments. But today, it’s heading into the cloud, where the privacy and security of big data are dramatically changing the legal landscape—especially internationally. A good illustration came recently, when European Union regulators ordered Google to bolster its privacy policy. The EU put the search giant on notice, saying it must alter the way it discloses and uses personal information collected over the Internet. It also voiced concern that Google may be gathering more data than it really needs. These days, such stories are as numerous as iPhones on the subway. In fact, it may already be too late: We live in an age of big data analytics. When it comes to data privacy and security, corporations have similar challenges. Corporations now routinely seek legal counsel on how to handle big data. Yet it cuts both ways: Consumers also can take advantage of the democratizing effects of big data.
US and UK spy agencies defeat privacy and security on the internet | World news US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden. The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments. The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – "the use of ubiquitous encryption across the internet". But security experts accused them of attacking the internet itself and the privacy of all users.
Text of H.R. 6416, American Traveller Dignity Act of 2010 A BILL To ensure that certain Federal employees cannot hide behind immunity.Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,SECTION 1. SHORT TITLE. This Act may be cited as the ‘‘American Traveller Dignity Act of 2010’’.SEC. 2. NO IMMUNITY FOR CERTAIN AIRPORT SCREENING METHODS. No law of the United States shall be construed to confer any immunity for a Federal employee or agency or any individual or entity that receives Federal funds, who subjects an individual to any physical contact (including contact with any clothing the individual is wearing), x-rays, or millimeter waves, or aids in the creation of or views a representation of any part of a individual’s body covered by clothing as a condition for such individual to be in an airport or to fly in an aircraft. The preceding sentence shall apply even if the individual or the individual’s parent, guardian, or any other individual gives consent.
Trusted computing and clouds My last post on encryption and key management in the cloud generated some interesting comments. I am still polishing a follow up to address the questions around encryption gateways and application level encryption in the cloud. In the meantime I have been working on some trusted computing projects and decided to pen those thoughts down. I hope to tie all the discussions together in a later post. Looking at the evolution of computer architecture, computer security has essentially been an afterthought. To accomplish the goal of measuring a systems code with an incorruptible third party and establishing a trusted computing base, the firmware and systems management code in a platform that run prior to booting a hypervisor or operating system must also be measured and placed in a secure, trusted state. One of the key tools used in trusted computing is the TPM. Why is this interesting in the cloud? How do you attest the state of a virtual machine?
Why we should still be worried about what Google said regarding Gmail privacy Last week a furore erupted over a statement Google made about privacy - it was widely, and incorrectly, interpreted as having said that Gmail users could have no legitimate expectation of privacy. Google was then widely re-interpreted, correctly, as not having said that. So what happened, what did it say, and now that the mistake has been corrected is everything rosy in the garden? On 12 August, Consumer Watchdog issued a press release warning Gmail users who care about privacy to ditch the service. It issued its advice in response to a recently issued legal brief from Google that, in Consumer Watchdog's eyes, showed the search giant admitting that it doesn't care about people's privacy. At the root of their concern was some text taken from a motion to dismiss issued by Google in June in response to a class action lawsuit. The text taken from the motion to dismiss reads as follows (my emphasis): The words of Consumer Watchdog’s Privacy Project director, John M. Well no, I don't think it is.
Life under digit continues | IPrivacy4IT - Clarinette's blog Update 24/02/2013: Surveillance keeps expanding. Drones are proliferating thanks to there cheap fabrications and the tentatives of regulation are regularly brought up. I have been curating articles on the subjects of surveillance, tracking, spying, and drones on my Pearltrees for anyone interested to make its own opinion. I am reading today a very well analysed essay by Ian Brown, Professor of Information Security and Privacy at the Oxford Internet Institute, on Drones surveillance and identity, titled ‘Privacy, surveillance and technologies impact on identity.’ Something to watch absolutely if you needed to understand what Drones are capable of producing: ‘Like a Swarm of Lethal Bugs: The Most Terrifying Drone Video Yet’ To read: ‘Why American Say No To Drones‘. ‘Are Drones Watching Your Town?’ Update 01/03/2011: CCTVs in schools even in the changing rooms I hear !! Update 08/11/2011 ‘Met Police request for Oyster data scrutiny ‘rises” ‘TSA Opt-Out Day, Now with a Superfantastic New Twist!
Rosetta Stone Agrees to Drop Google Trademark Suit Rosetta Stone Inc. (RST:US), a maker of language-learning software, agreed to drop a lawsuit it brought against Google Inc. (GOOG:US) for selling its trademarks to other companies for search-engine advertising. The companies agreed that all claims in the infringement case will be dismissed, according to a filing today in federal court in Alexandria, Virginia. U.S. “Google and Rosetta Stone have agreed to dismiss the three-year-old trademark infringement lawsuit between them and to meaningfully collaborate to combat online ads for counterfeit goods and prevent the misuse and abuse of trademarks on the Internet,” the companies said in a joint e-mailed statement. Google, which runs the world’s largest search engine, sells advertisers the rights to use certain words or phrases as keywords for paid ads on its site. Advertisers bid what they’ll pay Google for each click on an ad triggered by the keyword. Google rose $3.24 to $678.39 at 1:04 p.m. The case is Rosetta Stone v.
NSA analysts knowingly broke surveillance rules The National Security Agency acknowledged Friday that some of its analysts knowingly violated the agency’s rules, after the incidents were included in an inspector general report. "Over the past decade, very rare instances of willful violations of NSA’s authorities have been found, but none under FISA or the Patriot Act,” the NSA said in a statement. “NSA takes very seriously allegations of misconduct, and cooperates fully with any investigations – responding as appropriate. “NSA has zero tolerance for willful violations of the agency’s authorities,” the statement said. Bloomberg News reported earlier that a new report by the agency’s inspector general found several cases over the past decade where people deliberately violated internal rules when it came to conducting surveillance. It’s the latest in a stream of black eyes for the agency. Medine said that the NSA, which oversees most surveillance programs, has not updated its guidelines since 1993.