Privacy

New Privacy Threat: Automated Vehicle Occupancy Detection 113

Posted by Soulskill
from the shades-of-minority-report dept.
An anonymous reader writes: The Electronic Frontier Foundation is warning against a new potential privacy threat: cameras that look inside cars and try to identify how many people are inside. This technology is a natural combination of simpler ones that have existed for years: basic object recognition software and road-side cameras (red light cameras, speeding cameras, license plate readers — you name it). Of course, we can extrapolate just a bit further, and point out that as soon as the cameras have high enough resolution, they can start running face recognition algorithms on the images, and determine the identities of a vehicle's occupants.

"The San Diego Association of Governments (SANDAG), a government umbrella group that develops transportation and public safety initiatives across the San Diego County region, estimates that 15% of drivers in High Occupancy Vehicle (HOV) lanes aren't supposed to be there. After coming up short with earlier experimental projects, the agency is now testing a brand new technology to crack down on carpool-lane scofflaws on the I-15 freeway. ... In short: the technology is looking at your image, the image of the people you're with, your location, and your license plate. (SANDAG told CBS the systems will not be storing license plate data during the trial phase and the system will, at least for now, automatically redact images of drivers and passengers. Xerox's software, however, allows police the option of using a weaker form of redaction that can be reversed on request.)"
The Courts

Texas Admonishes Judge For Posting Facebook Updates About Her Trials 84

Posted by samzenpus
from the was-that-wrong? dept.
An anonymous reader writes: Michelle Slaughter, a Galveston County judge, says she will appeal a public admonition from state officials that criticized her Facebook posts about cases brought before her court. From the article: "The State Commission on Judicial Conduct ordered Michelle Slaughter, a Galveston County judge, to enroll in a four-hour class on the 'proper and ethical use of social media by judges.' The panel concluded that the judge's posts cast 'reasonable doubt' on her impartiality. At the beginning of a high-profile trial last year in which a father was accused of keeping his nine-year-old son in a six-foot by eight-foot wooden box, the judge instructed jurors not to discuss the case against defendant David Wieseckel with anyone. 'Again, this is by any means of communication. So no texting, e-mailing, talking person to person or on the phone or on Facebook. Any of that is absolutely forbidden,' the judge told jurors. But Slaughter didn't take her own advice, leading to her removal from the case and a mistrial. The defendant eventually was acquitted of unlawful-restraint-of-a-child charges."
Privacy

The Sun Newspaper Launches Anonymous Tor-Based WikiLeaks-Style SecureDrop 62

Posted by samzenpus
from the keeping-your-name-out-of-it dept.
Mark Wilson writes: The likes of Julian Assange's WikiLeaks have set the standard for blowing the lid on huge stories based on tips from anonymous sources. Whistle-blowers such as Edward Snowden have brought to public attention stories which would otherwise have been kept hidden from the public, and it has been with the help of newspapers such as the Guardian that this information has been disseminated around the world.

Other newspapers are keen to ride on the coattails of those blazing a trail in the world of investigative journalism, and the latest to join the party is The Sun. Today, Murdoch-owned News Corp's newspaper and website launches SecureDrop — a way for whistle-blowers to anonymously leave tip-offs that can be further investigated.

The cloud service provides a means of getting in touch with journalists at The Sun without giving up anonymity — something which is particularly important when making revelations about companies and governments. The site provides a basic guide to getting started with the SecureDrop service, starting off with pointing would-be users in the direction of the Tor Browser Bundle.
Government

Indian Telecom Authority Releases a Million Email IDs, Taken Down By Hackers 21

Posted by samzenpus
from the naming-names dept.
knwny writes: In a bizarre move that threatens the privacy of over a million internet users in India, the Telecom Regulatory Authority of India (TRAI) has released the list of email IDs from which it received responses regarding net neutrality. Most of these responses were sent by the general public following a massively popular online campaign to protect Internet neutrality in India. The regulatory body says that it has received large number of comments from the stakeholders on its Consultation paper on "Regulatory Framework for OTT services". So to aid the reading of comments, it has divided them into three blocks — "comments from the service providers," "comments from the service providers' association" and "comments from other stakeholders'"(this includes individuals, organizations, consulting firms etc). In the meantime, the TRAI website remains inaccessible after a DDoS attack by Anonymous India, the hacker collective, apparently in retaliation for the data release.
Google

Google Executive Dan Fredinburg Among Victims of Everest Avalanche 164

Posted by samzenpus
from the rest-in-peace dept.
alphadogg writes: Dan Fredinburg, privacy director for the company's Google X team, and an engineer who worked on many of Google's most exciting projects during his 8 years with the company, died over the weekend in an avalanche on Mount Everest. The 33-year-old worked on projects such as Google Loon, the company's balloon-based Internet access effort and self-driving car. He also was involved in Google Street View Everest, leading expeditions to gather imagery of the Khumbu region around Mt. Everest. Fredinburg's career began in a much less glamorous fashion as a "dock rat" and as a farm hand in Arkansas.
United States

Declassified Report From 2009 Questions Effectiveness of NSA Spying 54

Posted by Soulskill
from the moving-at-the-speed-of-government dept.
schwit1 writes: With debate gearing up over the coming expiration of the Patriot Act surveillance law, the Obama administration on Saturday unveiled a 6-year-old report examining the once-secret program code-named Stellarwind, which collected information on Americans' calls and emails. The report was from the inspectors general of various intelligence and law enforcement agencies.

They found that while many senior intelligence officials believe the program filled a gap by increasing access to international communications, others including FBI agents, CIA analysts and managers "had difficulty evaluating the precise contribution of the [the surveillance system] to counterterrorism efforts because it was most often viewed as one source among many available analytic and intelligence-gathering tools in these efforts."

"The report said that the secrecy surrounding the program made it less useful. Very few working-level C.I.A. analysts were told about it. ... Another part of the newly disclosed report provides an explanation for a change in F.B.I. rules during the Bush administration. Previously, F.B.I. agents had only two types of cases: "preliminary" and "full" investigations. But the Bush administration created a third, lower-level type called an "assessment." This development, it turns out, was a result of Stellarwind.
Businesses

Good: Companies Care About Data Privacy Bad: No Idea How To Protect It 77

Posted by samzenpus
from the we've-tried-everything-that-doesn't-cost-us-money dept.
Esther Schindler writes: Research performed by Dimensional Research demonstrated something most of us know: Just about every business cares about data privacy, and intends to do something to protect sensitive information. But when you cross-tabulate the results to look more closely at what organizations are actually doing to ensure that private data stays private, the results are sadly predictable: While smaller companies care about data privacy just as much as big ones do, they're ill-equipped to respond. What's different is not the perceived urgency of data privacy and other privacy/security matters. It's what companies are prepared (and funded) to do about it. For instance: "When it comes to training employees on data privacy, 82% of the largest organizations do tell the people who work for them the right way to handle personally identifiable data and other sensitive information. Similarly, 71% of the businesses with 1,000-5,000 employees offer such training. However, even though smaller companies are equally concerned about the subject, that concern does not trickle down to the employees quite so effectively. Half of the midsize businesses offer no such training; just 39% of organizations with under 100 employees regularly train employees on data privacy."
Communications

New Privacy Concerns About US Program That Can Track Snail Mail 65

Posted by timothy
from the ask-not-what-your-country-can-do-to-you dept.
Lashdots writes: A lawyers' group has called for greater oversight of a government program that gives state and federal law enforcement officials access to metadata from private communications for criminal investigations and national security purposes. But it's not digital: this warrantless surveillance is conducted on regular mail. "The mail cover has been in use, in some form, since the 1800s," Chief Postal Inspector Guy J. Cottrell told Congress in November. The program targets a range of criminal activity including fraud, pornography, and terrorism, but, he said, "today, the most common use of this tool is related to investigations to rid the mail of illegal drugs and illegal drug proceeds." Recent revelations that the U.S. Postal Service photographs the front and back of all mail sent through the U.S., ostensibly for sorting purposes, has, Fast Company reports, brought new scrutiny—and new legal responses—to this obscure program.
United States

Except For Millennials, Most Americans Dislike Snowden 680

Posted by samzenpus
from the no-sir-I-don't-like-him dept.
HughPickens.com writes: Newsmax reports that according to KRC Research, about 64 percent of Americans familiar with Snowden hold a negative opinion of him. However 56 percent of Americans between the ages of 18 and 34 have a positive opinion of Snowden which contrasts sharply with older age cohorts. Among those aged 35-44, some 34 percent have positive attitudes toward him. For the 45-54 age cohort, the figure is 28 percent, and it drops to 26 percent among Americans over age 55, U.S. News reported. Americans overall say by plurality that Snowden has done "more to hurt" U.S. national security (43 percent) than help it (20 percent). A similar breakdown was seen with views on whether Snowden helped or hurt efforts to combat terrorism, though the numbers flip on whether his actions will lead to greater privacy protections. "The broad support for Edward Snowden among Millennials around the world should be a message to democratic countries that change is coming," says Anthony D. Romero, executive director of the American Civil Liberties Union. "They are a generation of digital natives who don't want government agencies tracking them online or collecting data about their phone calls." Opinions of millennials are particularly significant in light of January 2015 findings by the U.S. Census Bureau that they are projected to surpass the baby-boom generation as the United States' largest living generation this year.
United States

McConnell Introduces Bill To Extend NSA Surveillance 203

Posted by samzenpus
from the lets-see-what-you're-doing dept.
jriding sends word that the majority leader of the U.S. Senate has introduced a bill that would extend the surveillance provisions of the Patriot Act until 2020: Senate Majority Leader Mitch McConnell introduced a bill Tuesday night to extend through 2020 a controversial surveillance authority under the Patriot Act. The move comes as a bipartisan group of lawmakers in both chambers is preparing legislation to scale back the government's spying powers under Section 215 of the Patriot Act. It puts McConnell (R-Ky.) and Senate Intelligence Committee Chairman Richard Burr (R-N.C.), the bill’s co-sponsor, squarely on the side of advocates of the National Security Agency’s continued ability to collect millions of Americans’ phone records each day in the hunt for clues of terrorist activity.
Advertising

German Court Rules Adblock Plus Is Legal 279

Posted by Soulskill
from the non-crazy-software-judgments dept.
An anonymous reader writes: Following a four-month trial, a German court in Hamburg has ruled that the practice of blocking advertising is perfectly legitimate. Germany-based Eyeo, the company that owns Adblock Plus, has won a case against German publishers Zeit Online and Handelsblatt. These companies operate Zeit.de, Handelsblatt.com, and Wiwo.de. Their lawsuit, filed on December 3, charged that Adblock Plus should not be allowed to block ads on their websites. While the decision is undoubtedly a big win for users today, it could also set a precedent for future lawsuits against Adblock Plus and any other tool that offers similar functions. The German court has essentially declared that users are legally allowed to control what happens on their screens and on their computers while they browse the Web.
Privacy

UK Police Chief: Some Tech Companies Are 'Friendly To Terrorists' 230

Posted by Soulskill
from the arguments-that-are-getting-old dept.
An anonymous reader points out comments from Mark Rowley, the UK's national police lead for counter-terrorism, who thinks tech companies aren't doing enough to prevent terrorists from using their services. He said, "[The acceleration of technology] can be set up in a way which is friendly to terrorists and helps them ... and creates challenges for law enforcement and intelligence agencies. Or it can be set up in a way which doesn't do that." Rowley wouldn't name which companies in particular he's talking about, but he added, "Snowden has created an environment where some technology companies are less comfortable working with law reinforcement and intelligence agencies and the bad guys are better informed. We all love the benefit of the internet and all the rest of it, but we need their support in making sure that they're doing everything possible to stop their technology being exploited by terrorists. I'm saying that needs to be front and center of their thinking and for some it is and some it isn't."
Privacy

Baltimore Police Used Stingrays For Phone Tracking Over 25,000 Times 81

Posted by Soulskill
from the i-don't-remember-that-episode-of-The-Wire dept.
An anonymous reader writes The Baltimore Police Department is starting to come clean about its use of cell-phone signal interceptors — commonly known as Stingrays — and the numbers are alarming. According to recent court testimony reported by The Baltimore Sun, the city's police have used Stingray devices with a court order more than 25,000 times. It's a massive number, representing an average of nearly nine uses a day for eight years (the BPD acquired the technology in 2007), and it doesn't include any emergency uses of the device, which would have proceeded without a court order.
Privacy

The Upsides of a Surveillance Society 254

Posted by timothy
from the you-mean-it's-not-all-upside? dept.
theodp writes Citing the comeuppance of ESPN reporter Britt McHenry, who was suspended from her job after her filmed ad-hominem attack on a person McHenry deemed to be beneath her in terms of appearance, education, wealth, class, status went viral, The Atlantic's Megan Garber writes that one silver lining of the omnipresence of cameras it that the possibility of exposure can also encourage us to be a little kinder to each other. "Terrible behavior," Garber writes, "whether cruel or violent or something in between, has a greater possibility than it ever has before of being exposed. Just as Uber tracks ratings for both its drivers and its users, and just as Yelp can be a source of shaming for businesses and customers alike, technology at large has afforded a reciprocity between people who, in a previous era, would have occupied different places on the spectrum of power. Which can, again, be a bad thing — but which can also, in McHenry's case, be an extremely beneficial one. It's good that her behavior has been exposed. It's good that her story going viral might discourage similar behavior from other people. It's good that she has publicly promised 'to learn from this mistake.'"
Businesses

Twitter Moves Non-US Accounts To Ireland, and Away From the NSA 153

Posted by timothy
from the be-right-over-here-guys dept.
Mark Wilson writes Twitter has updated its privacy policy, creating a two-lane service that treats U.S. and non-U.S. users differently. If you live in the U.S., your account is controlled by San Francisco-based Twitter Inc, but if you're elsewhere in the world (anywhere else) it's handled by Twitter International Company in Dublin, Ireland. The changes also affect Periscope. What's the significance of this? Twitter Inc is governed by U.S. law; it is obliged to comply with NSA-driven court requests for data. Data stored in Ireland is not subject to the same obligation. Twitter is not alone in using Dublin as a base for non-U.S. operations; Facebook is another company that has adopted the same tactic. The move could also have implications for how advertising is handled in the future.
Sony

Wikileaks Publishes Hacked Sony Emails, Documents 143

Posted by samzenpus
from the take-a-look dept.
itwbennett writes Wikileaks has published a searchable database of thousands of emails and documents from Sony Pictures Entertainment that were leaked in late 2014 after the studio was attacked by hackers. Some of the 173,132 emails and 30,287 documents contain highly personal information about Sony employees including home addresses, personal phone numbers and social security numbers, a fact which is likely to raise new concerns about the use of stolen information online.
Security

Why "Designed For Security" Is a Dubious Designation 58

Posted by samzenpus
from the protect-ya-neck dept.
itwbennett writes The list of products designed to be security enhanced that turned out to be anything but seems to get longer by the day. In just the latest instance, reported by Wired last week, the crowd-funded privacy-enhancing home router Anonabox had to be recalled after an independent researcher discovered serious security flaws in the product. But security experts caution that the real problem may be bigger than vulnerabilities hidden in application code: "Designed for security products don't just have to be good. They have to be beyond reproach," explains John Dickson, a Principal at the Denim Group. "All it takes is one guy with a grudge to undo you."
Television

In New Zealand, a Legal Battle Looms Over Streaming TV 106

Posted by timothy
from the why-consider-this-pen-your-honor dept.
SpacemanukBEJY.53u writes After a threat from a law firm, two New Zealand ISPs have withdrawn services that let their customers navigate to content sites outside the country that world normally be geo-blocked. Using VPNs or other services to access content restricted by region isn't specifically outlawed in either New Zealand or in neighboring Australia, but it appears the entertainment industry is prepared to go to court to try and argue that such services can violate copyright law. Intellectual property experts said the situation in New Zealand, if it goes to court, could result in the first test case over the legality of skirting regional restrictions.
Businesses

Kludgey Electronic Health Records Are Becoming Fodder For Malpractice Suits 184

Posted by timothy
from the so-it-says-here-you-were-born-in-1709 dept.
Lucas123 writes The inherent issues that come with highly complex and kludgey electronic medical records — and for the healthcare professionals required to use them — hasn't been lost on lawyers, who see the potential for millions of dollars in judgments for plaintiffs suing for medical negligence or malpractice. Work flows that require a dozen or more mouse clicks to input even basic patient information has prompted healthcare workers to seek short cuts, such as cutting and pasting from previous visits, a practice that can also include the duplication of old vital sign data, or other critical information, such as a patient's age. While the malpractice suits have to date focused on care providers, they'll soon target EMR vendors, according to Keith Klein, a medical doctor and professor of medicine at UCLA. Klein has been called as an expert witness for more than 350 state or federal medical malpractice cases and he's seen a marked rise in plaintiff attorney's using EMRs as evidence that healthcare workers fell short of their responsibility for proper care. In one such case, a judge awarded more than $7.5 million when a patient suffered permanent kidney damage, and even though physicians hadn't neglected the patient, the complexity of the EMR was responsible for them missing uric kidney stone. The EMR was ore than 3,000 pages in length and included massive amounts of duplicated information, something that's not uncommon.
Government

Bolivia Demands Assange Apologize For Deliberately False Leaks To the US 161

Posted by timothy
from the well-it's-not-swatting-if-it's-the-usaf dept.
Rei writes In 2013, during Edward Snowden's brief and chaotic search for asylum that ultimately landed him in Russia, the US faced criticism for handing information to various European nations that Bolivian president Evo Morales was smuggling him out of Russia, leading to the grounding of his flight. In a new twist, in the documentary Terminal F about this time period, Wikileaks founder Julian Assange admitted that he was the one who deliberately leaked the fake information to the US government. Bolivia has been none too pleased with this news and is now demanding that Assange apologize for putting their president's life at risk.