nonprofiteer writes: This is a crazy story. An FBI agent put spyware on his kid's school-issued laptop in order to monitor his Internet use. Before returning the laptop to the school, he tried to wipe the program (SpectorSoft's eBlaster) by having FBI agents scrub the computer and by taking it to a computer repair shop to be re-imaged. It somehow survived and began sending him reports a week later about child porn searches. He winds up busting the school principal for child porn despite never getting a warrant, subpoena, etc. Gift-wrapped present thanks to spyware. A judge says the principal has no 4th Amendment protection because 1. FBI dad originally installed spyware as a private citizen not an officer and 2. he had no reasonable expectation of privacy on a computer he didn't own/obtained by fraud.
nonprofiteer writes: Last month, Nestlé-owned Kit Kat launched the “We’ll Find You” marketing campaign in the UK and Ireland. Over the next year, six lucky chocolate lovers will find a GPS-enabled device instead of a candy bar when they open their Kit Kat wrapper. A Nestle team will then hunt them down within 24 hours and hand over a check for £10,000 (12,000 Euros, $15,500 USD).
The bar's instructions say those under 18 need to get an adult to activate the device. They also warn: "Make sure that you’re ready to be found!"
nonprofiteer writes: SceneTap uses facial recognition technology to help bar-hoppers decide which night spot to go to based on how crowded a bar is and what the age and gender ratio is. San Francisco, one of the cities where the technology launched, freaked out over the idea of being “spied on” in bars — despite the fact that what the app does now is fairly innocuous. But what the app could do in the future, as described in a patent application filed in June, is pretty creepy.
The patent application describes much more detailed data collection, including bar goers' race, height, weight, attractiveness, hair color, clothing type, and the presence of facial hair or glasses, and includes other possibilities usually left to the realm of dystopic fiction, including putting microphones in the cameras that could detect what customers are saying, and using facial recognition technology to identify customers and then get information about them from social networking websites and databases to determine “relationship status, intelligence, education and income for the entire venue.”
nonprofiteer writes: Spokeo was one of the first public-facing person-profiling companies to attract the ire of those profiled. Taglined "not your grandmother's phonebook" it offers up profiles pulled from public records, social networking sites, etc, including your address, worth of your home, who's in your family, your estimated wealth, your hobbies and interests, etc. People freaked out when they first discovered it. Apparently, the company was selling reports to employers, but not following principles set forth by the Fair Credit Reporting Act. The Federal Trade Commission is fining them $800,000. FTC also chastises them for writing fake positive reviews 'round the Web (http://www.ftc.gov/opa/2012/06/spokeo.shtm).
nonprofiteer writes: A University of Texas-Dallas developmental psychology professor has used a $3.4 million NIH grant to purchase Blackberries for 175 Texas teens, capturing every text message, email, photo, and IM they've sent over the past 4 years.Half a million new messages pour into the database every month. The researchers don't "directly ask" the teens about privacy issues because they don't want to remind them they're being monitored.
So many legal and ethical issues here. I can't believe this is IRB-approved. Teens sending nude photos alone could make that database legally toxic.
And then there's the ethical issue of monitoring those who have not consented to be part of the study, but are friends with those who have. When a friend texted one participant about selling drugs, he responded, “Hey, be careful, the BlackBerry people are watching, but don’t worry, they won’t tell anyone.”
nonprofiteer writes: With a program called Screenwise, Google is offering a total of $25 in Amazon gift cards to anyone willing to install a Chrome browser extension that will let the search giant track every website the user visits and what they do there over a year-long period. Google says it will study this in order to improve its products and services. Forbes points out that $25 in Amazon credits isn't quite enough to buy a six pack of Marshmallow Fluff ($26.75).
nonprofiteer writes: CNet has been doing some digging to figure out how the DOJ got its hands on incriminating Skype chats between Megaupload employees. They are years-old (and Skype only hangs on to data for 30 days) plus Skype sources deny involvement. The DOJ said it had a search warrant for them (which rules out an informant). There are hints that the FBI managed to place government-issued spyware on the defendants' computers.
CNet suggests that they may have planted CIPAV on the Megaupload computers. From CNet: "The FBI cites alleged conversations between DotCom and his top lieutenants, including e-mail and Skype instant-messaging logs. Some of the records go back nearly five years, to MegaUpload's earliest days as a cyberlocker service--even though Skype says "IM history messages will be stored for a maximum of 30 days" and the criminal investigation didn't begin until a few months ago.... Skype saves chat records with contacts in a directory on the local hard drive, which could be accessed by FBI-planted spyware."
nonprofiteer writes: The New York Times claims that the hot new trend among teenagers in love is to share passwords to their email and Facebook accounts, as the ultimate form of trust. According to Pew, 33% of teens surveyed say they do this. One expert says the pressure to share passwords is akin to the pressure to have sex. Forbes says don't do it!. "There is something pure and romantic about the idea of sharing everything, and having no secrets from one another. But it’s romantic the same way that Romeo and Juliet is romantic, in a tragic, horrible, everyone-is-miserable-and-dies-at-the-end kind of way." Sam Biddle at Gizmodo writes about which passwords are okay to share (like Netflix), but says to stay away from handing over email or Facebook passwords. "We all need whatever scraps of privacy we have left, and your email is just that.”
nonprofiteer writes: The Supreme Court is currently deciding whether or not law enforcement need a warrant before they put a GPS tracker on a person's car — http://www.scotusblog.com/case-files/cases/united-states-v-jones/. A judge in St. Louis doesn't seem to care about that, tho. He ruled last week that the FBI didn't need a warrant to track the car of a state employee they suspected was collecting a paycheck without actually going to work. (Their suspicions were confirmed.) While in favor of corrupt government employees being caught, it's a bit disturbing that a federal judge would decide a warrant wasn't needed while the Supreme Court has said the issue is unclear.
nonprofiteer writes: A Minnesota man violated a restraining order obtained by his ex-girlfriend by blogging about her mental health and sexual issues, and sending links to posts on the blog to her family, friends, and co-workers.The judge then extended the restraining order by 50 years, ordered the guy never to write about his ex on the Internet and ordered him to delete the blog he created. Even though there was no evidence that what he had written was false, the judge said the ex-gf's "right to be free from harassment" outweighed the guy's "right to free speech."
“I believe it’s rare, if not unprecedented, for a court to order an entire blog deleted,” says technology law professor Eric Goldman.
nonprofiteer writes: The Department of Homeland Security wants to create its own internal fusion center so that its many agencies can aggregate the data they have and make it searchable from a central location. The DHS is calling it a “Federated Information Sharing System” and asked its privacy advisory committee to weigh in on the repercussions at a public meeting in D.C. last month.
The committee, consisting of an unpaid group of people from the world of corporate privacy as well as the civil liberty community, were asked last December to review the plan and provide feedback on which privacy protections need to be put in place when info from DHS components (which include the TSA, the Secret Service, and Immigration Services, to name a few) are consolidated. The committee raised concerns about who would get access to the data given the potentially comprehensive profile this would provide of American citizens."
DHS’s Immigration and Customs Enforcement division has already awarded a contract to Raytheon for a “new system [that] will enhance how agencies manage, investigate, and report on law enforcement and intelligence activities by improving data sharing between multiple law-enforcement agencies,” reported Information Week (http://www.informationweek.com/news/government/info-management/231903005).
nonprofiteer writes: The Supreme Court heard arguments today in a case involving a DC nightclub owner who was busted for running a massive cocaine ring thanks to police putting a tracking device on his car for 4 weeks (without a warrant). The government argues that it didn't need a warrant because it was only tracking the guy's Jeep on public streets where he has no right to privacy. The Supreme Court Justices were skeptical, to say the least. From article:
“If you win this case, there is nothing to prevent you from monitoring 24 hours a day every citizen in the United States,” said Supreme Court Justice Breyer. “If you win, you suddenly produce what sounds like 1984.”
Dreeben argued that the government isn’t doing this universally (and doesn’t plan to ). In response to a question from Justice Elena Kagan, he said the federal government use of GPS trackers annually numbers in the low thousands (but said he didn’t know how often the devices are used by state law enforcement).
Justice Sonia Sotomayor was the most adamant in asking about the larger repercussions of how the government is interpreting what constitutes a “reasonable search” using tracking devices. “By your theory, you could track everyone using their cell phones. Your theory is that as long as you’re monitoring someone in public, it’s reasonable for you to use their possessions to track them,” she said.
nonprofiteer writes: A Connecticut judge issued an order telling divorce attorneys for Stephen and Courtney Gallion to swap passwords for their clients' Facebook and dating site accounts. The husband's lawyer asked for access to the wife's account to try to find evidence that she didn't want responsibility for caring for their two children so that he could get full custody. This is quite an overreach when it comes to discovery — usually discovery is limited to making you turn over "responsive" material, not letting opposing counsel shuffle through anything they want to determine what's relevant. It's a huge violation of privacy, but apparently judges are increasingly forcing litigants to turn over their social networking passwords, especially in personal injury cases.
nonprofiteer writes: Google plans to encrypt search for signed-in users, so that websites will no longer get to see the search terms that led a user to their site, though they will get aggregated reports on the top 1000 search terms that led traffic to their sites.
nonprofiteer writes: In December, a federal judge ruled that the 4th amendment applies to email and that the feds cannot go after it without a warrant. (We have Smilin' Bob to thank for that — https://www.eff.org/deeplinks/2010/12/breaking-news-eff-victory-appeals-court-holds). Though the federal judge's decision only applies to the four states in his jurisdiction, it looks like federal agencies are applying it nationally. An internal email written by the IRS general counsel cites the law and says that its collectors can no longer get the contents of suspected tax cheats' email by sending letters to their ISPs, though it can get non-content information, like who they email and how they pay for their accounts.