EU – European Biometrics Portal Launched

Launched on 29 September, the new European Biometrics Portal (EBP) will support governments in evaluating biometric technologies and implementing interoperable solutions. At a time where biometrics is becoming a key technology in identity management all over the world, the new portal launched by the European Commission aims to encourage the development of consistent government policies regarding the use of biometrics and the consideration of interoperability and privacy. The portal is set to become a common focal point for information exchange, coordination and community-building activities between users and producers in Europe. Its content principle is to be open to scientific and policy contributions from governments, industry and civil society authors, working according to a ‘Wikidedian’ (open knowledge sharing) spirit. EBP access and membership are free of charge. [Source] [Portal]

CA – EU Will Share Passenger Info with Canada

Under the terms of a new agreement between the EU and Canada, airlines will be required to provide information to Canadian border officials for all passengers headed to Canada. The data includes contact information and credit card numbers. [Source] [Coverage]

CA – Website Offering False Gun Registrations Remained On-line Despite Warnings

A website that generated fake Canadian gun registrations continued to operate for more than a year after federal officials tried to shut it down. A file from the website, registered in the United States, allowed visitors to fill in and print reproductions of Canadian firearms registration certificates. Documents obtained through the Access to Information Act show that the government agency responsible for gun control knew about the website early last year. Though real certificates are printed on a special watermark paper, the web versions “have the look of official documents,” David Pimm of the Canadian Firearms Centre said in an internal e-mail. The centre learned of the website in April of last year, and immediately faxed a letter to the California-based company that hosts the web page. A lawyer for the centre warned that by hosting the site, Homestead Technologies Inc. was “counselling as well as aiding and abetting a criminal offence.” “Given the severity of the conduct, we would appreciate the site being taken down immediately,” the letter said. [Source]

CA – Statscan to Fortify Online Census Tool

Mel Turner, director general, informatics branch at Statistics Canada, told an audience at GTEC this week that 13 million households will receive a form in the mail with a unique access code they can use to complete the May 2006 survey online. The department, which is offering the Internet option for the first time on a country-wide basis, is using 1,024-bit PKI encryption, rather than the 128-bit SSL that banks and other commercial organizations use for e-commerce. “We’ve always been very concerned with security and the privacy of information; that’s a significant requirement StatCan has, so we wanted Internet systems that have some level of maturity for the protection of data and that means having a mature infrastructure,” said Turner. Turner said StatsCan prepared for the May 2006 census by performing a test run last year on 300,000 households in three different parts of the country. [Source]

AB – Pilot Project to Electronically Monitor Low-Risk Offenders

A pilot project to monitor low-risk offenders through electronic bracelets will be launched shortly by Alberta Solicitor General and Public Security. Up to 40 offenders in Edmonton serving weekend sentences have been selected for the house arrest program. These offenders spend their weekend daytime hours doing community service or attending programs such as addictions counseling. At night, the offenders must remain in their homes. The pilot project will start at the end of September 2005 and run for one year. [Press Release]

CA – Panel: Electronic Viewing of Public Information Should Be Curbed

A key judicial advisory committee has recommended that individual Canadians should not be able to use their home computers to read most court documents, even though Internet technology is making this increasingly feasible. The new guidelines say that judges’ decisions and some case information should be available to everyone by remote access, but detailed filings such as affidavits, motion records and pleadings should not get this kind of exposure, even though they are public documents. The guidelines also say personal information should be deleted from court documents made available to the public to ensure the safety and security of those whose lives are exposed in legal proceedings. The “model policy” for access to court records, written by a committee of the Canadian Judicial Council -- the organization of Canada’s top judges -- is not mandatory, although it is a blueprint for individual courts across the country. [Source]

CA – Elections Chief Would Share Data on Voters

Canada’s Chief Electoral Officer wants the authority to share information from his voter database with other public agencies -- including the spy service -- when doing so would serve the interests of health, safety or national security. The Canada Elections Act prohibits the release of that information, but Jean-Pierre Kingsley said yesterday he might break that law if he were convinced it could prevent calamity. “If anybody comes to see me and asks for information where I could save lives, potentially, I couldn’t give it,” Mr. Kingsley told a news conference yesterday. “It might even be possible that I would break the law if those were the circumstances, if it could save lives.” The proposal to allow some access to the Register of Electors was among many recommendations for improving the electoral system contained in Mr. Kingsley’s first report to Parliament after the federal election of June, 2004. [Source]

US – Court Strikes Down Portion of California Financial Privacy Law

A U.S. District Court judge on Tuesday struck down a portion of a California law that restricts banks from selling consumers’ private information to their affiliates, ruling that the state law is pre-empted by federal rules. [Source]

FR – French Voters Received Spam Signed by Minister

Nicolas Sarkozy, French minister of the interior (in charge of the country’s police forces), may have fallen foul of two French laws in a political spamming incident. Sarkozy is also president of the UMP, the political party holding the majority in the French Parliament. To boost party recruitment, he chose to run the country’s first major political recruitment campaign over the Internet, sending tens of thousands of e-mail messages. The messages, signed in his name, invited the recipients to help define the party’s policies for the 2007 legislative and presidential elections. The list of addresses used were supposedly opt-in lists, bought from commercial database vendors, but as it turned out, some of the addressees hadn’t opted in to such mailings. That makes sending messages to them against the law in France. There’s another twist: A law voted by Sarkozy’s party legalizes mass mailing -- but only authorizes this for commercial messages. Sending bulk political messages is not covered by this law, so such messages must only be sent to people having expressly requested to receive them in order to be legal -- which was apparently not the case with this mailing. [Source]

WW – Report on Global E-Government, 2005

This report presents the fifth annual update on global e-government prepared by Darrel West of Brown University’s Center for Public Policy. Using a detailed analysis of 1,797 government websites in 198 different nations it charts the variations that exist across regions and countries, and discusses the pace at which e-government is unfolding around the world. From 2001 to 2005, progress has been made, albeit at an incremental pace. Among the significant findings of the research are:

§ 19% of government websites offer services that are fully executable online;

§ 89% of websites this year provide access to publications and 53% have links to databases;

§ 18% (up from 14% in 2004) show privacy policies, while 10% have security policies (up from eight% in 2004); and

§ 19% of government websites have some form of disability access, meaning access for persons with disabilities, up from 14% in 2004. [Full Report]

US – FTC Brings Charges Against Spyware Company

The Federal Trade Commission announced this week that it had brought charges against Odysseus Marketing, publisher of a software product called ClientMan. The Center for Democracy & Technology had first identified ClientMan as one of several troubling programs in a spyware complaint it filed with the FTC in February 2004. The FTC has now filed cases against three of the companies mentioned in the CDT complaint, plus a fourth the FTC found through its own investigation. [FTC Complaint] [Original CDT Complaint]

WW – Portable Hard Drives That Protect Your Data

PC World examines four portable USB flash drives designed to prevent data loss. USB flash drives are ideal for transporting large quantities of data, but they have a knack for getting lost. Luckily, several new models are designed to protect data. USB drives spotlighted include: The CryptoStick by CryptoBuddy; the Micro Drive AES and Bio Drive by Kanguru; and SanDisk’s Cruzer Profile Biometric

EU – EU Executive Proposes Safeguards on Exchange, Use of Data

The European Commission has tabled a new framework proposal on data-retention in the fight against terror and organised crime, in an attempt to soothe fears over the lack of safeguards on data exchange between member states. Justice commissioner Franco Frattini said on Tuesday (4 October) that the EU needs new data privacy rights as international law enforcement authorities accelerate anti-terrorist measures. The proposal includes the idea that data will be put into the Schengen Information System (SIS), the supercomputer in Strasbourg that stores information on, among other things, criminals and illegal immigrants. The framework also includes a plan to more effectively exchange of information between national law enforcement agencies. [Source] [Source] [Source]

EU – Study: 33% of Retailers Are Not Complying With EU Privacy Directive

The EU Directive on Privacy and Electronic Communications, which took effect in December 2003, requires companies to only send unsolicited email messages to non-customers if they actively opt-in to receive them. The CDMS study researched compliance among the top 200 companies in 13 main consumer business sectors. [Source]

NL – 50,000 ID Fines in 9 Months

Since the introduction of compulsory identification in the Netherlands on January 1st 2005, the police have fined 50.000 people that could or would not present a valid ID. Almost 4.000 of those who were fined were children aged 14 and 15. The statistics are provided by the Central Judicial Collection office. [Source]

WW – Credit Card Customers Opt for Single-Use Numbers

The Washington Post ran a story about “virtual credit cards”. Offered to holders of Citi, Discover, and MBNA cards, these single-use card numbers are designed to give some peace of mind to consumers concerned about credit card fraud. Credit card industry officials say it’s not widely popular. [Source]

CA – Access to Information: Analyzing the State of the Law

Following are some papers and remarks from speakers who addressed the Access to Information Act: Analyzing the State of the Law. The Seminar was held on September 8, 2005, at the Westin Hotel in Ottawa. The event was produced and organized by Riley Information Services Inc. and cosponsored by the Canadian Newspaper Association. [Source]

WW – Yahoo to Launch Library Digitization Project

Yahoo is launching a library-digitization project to rival Google’s controversial program. Yahoo is working with the Internet Archive, the University of California and others on a project to digitize books in archives around the world and make them searchable through any Web search engine and downloadable for free. Unlike Google, Yahoo will scan and digitize only texts in the public domain, except where them copyright holder has expressly given permission. [Source] [Source]

EU – EU Launches Consultation on Digital Libraries

The European Commission has unveiled its strategy to make Europe’s written and audiovisual heritage available on the Internet. The Commission proposes a concerted drive by EU Member States to digitize, preserve, and make this heritage available to all. It presents a first set of actions at European level and invites comments on a series of issues in an online consultation. [Source]

US – National Coalition Developing U.S. Standards for Post-Disaster Patient Tracking

ComCare Alliance, a national coalition of public safety, medical and other executives, is working with Virginia hospitals to develop goals for a patient-tracking system. The group also is looking at privacy and legal issues. A working group member agrees that privacy and security of patient information are part of the national patient-tracking system, but predicts the Healthcare Insurance Portability and Accountability Act should not prevent the exchange of patient information. [Source]

US – Stolen Hard Drives Contain Personal Information for 15,000 Active-Duty Soldiers

Four computer hard drives containing Social Security numbers of soldiers as well as other personal data were stolen from Fort Carson in Colorado. This month, 15,000 soldiers and civilians who worked at the Army base received notice of the theft. Military authorities are investigating. [Source]

IT – Want to Check Your E-Mail in Italy? Bring Your Passport.

An antiterror law makes Internet cafe managers check their clients’ IDs and track the websites they visit... After Italy passed a new antiterrorism package in July, authorities ordered managers offering public communications services, like Mr. Savoni, to make passport photocopies of every customer seeking to use the Internet, phone, or fax. [Source]

WW – Business Coalition to Lobby Worldwide Against Piracy

Business leaders representing industries ranging from pharmaceuticals to software agreed at a meeting to form a potentially powerful coalition to lobby governments around the world to step up the fight against international piracy and counterfeiting. Executives including Microsoft Chief Executive Officer Steven Ballmer, EMI Music Chairman Eric Nicoli and NBC Universal Chief Executive Officer Bob Wright said many governments had not done enough to legislate against -- or enforce existing legislation against -- the theft of intellectual property. [Source]

US – US Insists on Retaining Control of Internet Governance

A senior US official rejected calls yesterday in Geneva for a UN body to take over control of the main computers that direct traffic on the Internet, reiterating US intentions to keep its historical role as the medium’s principal overseer. Some negotiators from other countries said there was a growing sense that a compromise had to be reached and that no single country ought to be the ultimate authority over such a vital part of the global economy. [Source]

US – D.C. Red-Light Cameras Fail to Reduce Accidents

The Washington Post has examined accident data in the District. It found accidents jumped 207% at intersections where red light cameras were installed. [Source] These findings are consistent with previous studies.

WW – Sex Crimes Investigators Urged to Increase Technical Knowledge

Sex crimes investigators around the world will need to step up their technological know-how as child pornography becomes more mobile and difficult to detect, a veteran of Toronto police’s sex crimes unit told an international conference. Handheld devices including cell phones, PDAs and portable MP3 players will increasingly be used to take and transfer images of child pornography, said Det. Sgt. Paul Gillespie. [Source]

US – Draft Framework for Assessing Privacy of Homeland Security Programs Proposed

At this week’s meeting of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee, Joanne McNabb, Chief of the California Office of Privacy Protection, and Jim Harper of Privacilla circulated and presented a draft Framework for assessing homeland security programs in terms of their consequences for privacy and related values. Members of the Committee will be reviewing it and test-driving it in their respective work and studies of DHS programs and technologies. [Draft Framework]

US – US Interior Department Computer System Deemed Insecure

An investigation of the computer systems in several US Interior Department offices found numerous security flaws that threaten the department’s overall computer security and must be fixed, according to an internal report. Tests by the Interior Department’s Office of the Inspector General found several bureaus and offices still suffer from serious weaknesses in their security posture. [Source]

WW – Book Review: Spychips Sees an RFID Conspiracy

A new book by privacy advocates Katherine Albrecht and Liz McIntyre makes the case that corporations and government agencies are in collusion to put tiny radio transmitters on nearly everything we buy. Companies say it's about providing thought leadership, not the Mark of the Beast. The new book is entitled “Spychips: How Major Corporations and Government Plan to Track Your Every Move with RFID”. [Wired Book Review]

US – State to Open ‘IRIS’ for ID Theft Victims

The Utah Attorney General's Office plans to introduce a Web site called IRIS - Identity Theft Reporting Information System - to help victims of identity theft get critical information to officials quickly. The Web site, www.idtheft.utah.gov, won't be available until Nov. 1, when the attorney general plans to officially unveil it. Law enforcement officials at the Attorney General's 12^th annual White Collar Crime Conference got a sneak peek at how the Web site works and why IRIS will be available. [Source]

KR – Privacy Concerns Mount Over Traffic Control Plan

A plan by Seoul City to install electronic devices in passenger cars to pinpoint their locations has touched off a heated debate over the protection of individual privacy. [Source]

US – “Black Box” Information Driving Convictions

In what is becoming a familiar scene in courtrooms nationwide, information collected from a car’s “black box” was used to convict a motorist of criminal charges. [Source]

US – Consumers Choosing Secrecy for Insurance Complaints

Given the option, most consumers are choosing secrecy when filing complaints with the Missouri Department of Insurance. The department touted figures Monday showing that of 377 consumer complaints in September, 334 people chose to keep their complaints confidential. A law that took effect Aug. 28 closed records about consumer insurance complaints. But Gov. Matt Blunt softened the law with an executive order requiring the department to give people the option of authorizing the public release of their complaints. “This important legislation allows consumers to feel comfortable in submitting complaints to the department, knowing that their personal information will not be released,” department director Dale Finke said in a written statement announcing the consumer preference for privacy. [Source] [Source]

US – Data-Security Bill May Move Forward in US Senate this Week

Sens. Arlen Specter (R-Penn.) and Patrick Leahy (D- Vt.) have introduced an amended version of the Personal Data Security and Privacy Act. Changes from an earlier version filed in June include a more narrow definition of “data broker.” The measure contains criminal punishment of up to five years in prison for concealing security breaches that reveal sensitive personal data and result in financial damage. It also would require minimum security and privacy standards for companies that deal with electronic records that contain “sensitive personally identifiable information.” The bill would require notification of affected consumers “without unreasonable delay.” [Source] [Source]

US – California Passes Law to Punish “Phishing” Scans

California Gov. Arnold Schwarzenegger has signed a bill making Internet “phishing” identity theft scams punishable by law. The bill is the first of its kind in the US and makes “phishing” a civil violation. Victims may seek to recover actual damages or $500,000 for each violation, depending upon which is greater. [Source] [Source]

AU – Victorian Law Reform Commission Releases Report on Workplace Privacy

Report calls for ban on worker surveillance: the final report of the Law Reform Commission has called for a new regulator to oversee the covert and overt monitoring of employees in the workplace. The report, released this week, called for new laws which would require employers to seek the permission from the regulator to test workers for drugs and alcohol and to install intrusive surveillance devices. [Source] [Full Report]

--------------------------------------------