US – Terrorist Screening Chief: Biometrics Crucial To Accuracy

Despite improvements to the national consolidated Terrorist Watch List, as long as the database uses names rather than biometrics to chronicle suspected terrorists, it remains vulnerable to fraudulent identification. “We have to rely on our sources of information,” said Leonard Boyle, Terrorist Screening Center director, at a Nov. 8 hearing before the House Homeland Security Committee. “Biometrics are the surest way to verify travelers’ identity, and TSC is working with partner agencies to develop ways to use the technology to “to better capture the true identity of the person.” But there are significant legal and technological challenges in addition to privacy concerns associated with the expanded use of biometric technology that Boyle and lawmakers say they must work through before implementing the technology. [Source]

JP – Facial Recognition Vending Machine Debuts

This week in Japan, a facial recognition vending machine went on sale that can tell the age of the buyer based on a range of features including number of wrinkles, bone structure and how the skin sits on the face. It was developed as a way to stop minors from buying cigarettes from vending machines. People wishing to buy cigarettes have to look at a facial recognition camera in the upper section of the machine and press a button. In about three seconds, the machine determines whether the person is 20 years old--the legal age to buy cigarettes--or above. The purchase will be allowed if the machine is satisfied. When it is difficult to determine whether people around the age of 20 are adults, they must insert a driver's license into a reader to make a purchase. They will not be able to buy cigarettes based purely on facial recognition. The machine was about 90% accurate in distinguishing adults from minors in a trial involving 500 people aged 10 to 69. [Source]

CA – Alberta Legislature Completes Review of Personal Information Protection Act

Full inclusion of not-for-profit organizations, heightened notification of privacy breaches and strengthened requirements for notification of information transferred outside of Canada-these are just a few of the recommendations put before Alberta’s Legislative Assembly by the Select Special Personal Information Protection Act Review Committee during the tabling of its final report. With a mandate “to determine whether the act and its supporting regulation and policy provide an appropriate balance between the right of an individual to have his or her personal information protected and an organization’s need to collect, use and disclose personal information for purposes that are reasonable,” the 11-member committee has put forward 48 recommendations.[News Release] [Full Report]

CA – Federal Privacy Commissioner Weighs in on Social Networking and Privacy

The federal Privacy Commissioner, on her Blog, has posted a presentation on social networking entitled “What Would You Want a Friend of a Friend of a Friend to Know about You?” The OPC has also added it to their website to raise public awareness about the privacy implications of social networking. [Flash Presentation] [Fact Sheet] [Source] [Videos]

CA – Auditor General Finds Feds Failing Security Safeguards

Government agencies are failing to meet security standards on contracting procedures, leaving sensitive government information vulnerable. This was one of the findings outlined by Auditor General Sheila Fraser, in her Annual Report, tabled recently in the House of Commons. “We found serious problems in the system that is supposed to ensure the security of government information and assets entrusted to industry,” Fraser said in her report. Of particular concern, she said, was government’s failure to identify security requirements for major defence contracts. The audit looked at how the federal government is implementing safeguards to protect sensitive government information when engaging in contractual agreements with industry. [Source] [Annual Report]

WW – Ten Tips for Safe and Private Holiday Shopping

Privacy Rights Clearinghouse have published guidance for safe shopping by consumers:

1. Clean out your wallet, purse, or pocketbook.

2. Make sure that the credit card receipts do not contain your full account number.

3. Some states have laws that dictate what kind of information merchants cannot ask for or write down when a consumer pays with a check or credit card.

4. Be aware of a stores return policy.

5. If you decide to purchase a gift card, be aware of expiration dates, fees, and what will happen if the card is lost.

6. Don’t use a debit or check card to pay for your purchases.

7. Don’t forget to take simple precautions to protect your personal safety.

8. When shopping online, make sure that the Web site uses encryption Technology.

9. The safest way to shop on the Internet is with a credit card.

10. Check out a Web site’s privacy policy before providing any personal information online.

WW – How E-Government is Changing Society and Strengthening Democracy

How E-Government is Changing Society and Strengthening Democracy, released by the General Services Administration (GSA) this week, contains more than 40 pages of examples, from government transparency to electronic voting in Brazil to presidential candidates using YouTube and other social meda. [Source] [Full Report]

US – Judge Orders White House to Preserve E-mails

A federal district court judge issued a temporary restraining order today requiring the Bush administration to safeguard backup media files that may contain copies of millions of White House e-mail messages - the subject of ongoing litigation. Citizens for Responsibility and Ethics in Washington (CREW), a watchdog group, requested the order last month. It and George Washington University’s National Security Archive are suing the Bush administration for allegedly failing to “recover, restore and preserve certain electronic communications created and/or received within the White House.” [Source]

US – Report: Privacy Issues Threaten Viability of Health Information Exchanges

The American Health Information Management Association and the Office of the National Coordinator (ONC) for health Information Technology released a report that concludes that state public-private health information exchanges are making strides, but privacy continues to hinder their success. Dr. Robert Kolodner, Chief of the ONC for Health Information Technology, said that lack of trust among stakeholders is one issue affecting the growth of health information exchanges. Kolodner said that doubts persist in small practices about the quality of e-medical records, interoperability and whether there is an adequately trained national workforce. By next summer, the ONC is aiming for the development of 30 standards to coincide with the certification of 90 e-health record products. [Source] [Report]

US – DOT Traffic Database Transmissions Not Encrypted

A report from the Department of Transportation inspector general (DOT IG) says that the department does not have adequate safeguards in place to protect information in the National Driver Register database. The data include names and dates of birth of drivers across the United States, who have been convicted of driving-related offenses. While the database records themselves are encrypted, transmissions of the data over external networks are not encrypted. “DOT officials are reviewing a draft ‘interconnection security agreement’ requiring the organization that owns the network to encrypt data.” [Source] [Source] [Report Abstract] [Full Report: Audit of Security and Controls Over the National Driver Register]

UK – UK Passengers Forced to Answer 53 Questions BEFORE they Travel

Travellers face price hikes and confusion after the UK Government unveiled plans to take up to 53 pieces of information from anyone entering or leaving Britain. For every journey, security officials will want credit card details, holiday contact numbers, travel plans, email addresses, car numbers and even any previous missed flights. The information, taken when a ticket is bought, will be shared among police, customs, immigration and the security services for at least 24 hours before a journey is due to take place. Anybody about whom the authorities are dubious can be turned away when they arrive at the airport or station with their baggage. Those with outstanding court fines, such as a speeding penalty, could also be barred from leaving the country, even if they pose no security risk. The information required under the "e-borders" system was revealed as Gordon Brown announced plans to tighten security at shopping centres, airports and ports. [Source]:

EU – Europe’s Privacy Regulator Opposes Data-Sharing Plan

The European Commission’s plan to require EU members to collect more personal data on airline travelers is expected to face opposition from Europe’s privacy regulator because of a related data sharing agreement. The EC’s plan calls for airlines to pass on Passenger Name Records (PNR) to a single state agency in every country for every passenger entering or leaving the EU, according to this article. The transfer of data outside the EU would be subject to a commission framework for data protection related to law enforcement matters -- a plan European Data Protection Supervisor Peter Hustinx opposes. An opinion on the plan is not expected until December from Hustinx’s office. [Source] See also: [UK - Data sharing “could sap public confidence”]

EU – EU Ministers Agree on First-of-its-Kind Personal Data Framework

EU justice ministers have reached agreement on a minimum set of rules to protect the cross-border exchange of personal information among law enforcement agencies in 27 member states, according to this MonstersandCritics.com article. The agreement comes amid increased concerns about potential civil liberties abuses with EU efforts to fight terrorism. Franco Frattini, the EU commissioner in charge of freedom, security and justice, said the agreement “strikes the right balance between the fundamental right to security and the other fundamental right, the protection of personal data.” [Source] See also: [EU Think Tank Participants Agree on Need for Overhaul of European Privacy Laws] [Video]

UK – ICO Research Finds Increased Public Concerns about Information Protection

Information Commissioner Richard Thomas has released the results of a nationwide survey that identified an escalation in the public's concern over the security of their personal data. The research also found that 90% of the subjects said that they are aware of their right to see personal information that organizations hold about them. Three years ago, 74% of respondents indicated that they were aware of that right, according to coverage of the research in Computing. Thomas said the research "highlights the need for all organizations, large and small, to process customers' information securely." [Source] [Press Release] [Coverage]

WW – Data Audit Market Benefits from Compliance Demands

The value of the database auditing and real-time protection market is estimated to be about $450 million -- a figure expected to double by 2010, according to a recent Forrester report, “The Forrester Wave: Enterprise Database Auditing and Real-Time Protection, Q4 2007.” Auditors “are increasingly concerned with real visibility into the audit trail … [and] … want to see the actual effect of activities against critical data.” However, experts say that technology can serve more than compliance functions: data auditing can be viewed as a new layer of “security for catching suspicious behavior of authorized users or data thieves masquerading as authorized users.” [Source] [Source]

US – Porn Filters' Costs Tallied

Filtering pornographic Web sites out of San Jose's public library computers would cost the city more than $200,000 a year and would face legal and technical hurdles at the heavily used main downtown branch. Those were the conclusions of the city attorney and library director after reviewing Councilman Pete Constant's proposal to reconsider Internet filtering at the libraries. [Source]

US – Clinical Scientists: Privacy Law Impedes Research

A study published in the Journal of the American Medical Association revealed that 70% of clinical scientists surveyed said HIPAA has made research more difficult. Furthermore, almost 40% “said HIPAA has added to the cost of research and half said it has slowed the pace of research.” According to the survey’s author, HIPAA has had the unintended effect of becoming “a stumbling block to scientific research, forcing researchers to spend too much time with paperwork that does little to protect patients.” [Source] [News Release]

US – HIPAA Experts Differ on Law's Impact on Patient Privacy

More than 10 years after HIPAA's passage, experts continue to discuss and debate the law's impact and effectiveness. This Journal Times story seems prompted in part by an editor's experience at the dentist, when she was scolded for attempting to look at her records during a visit. The article points out that states with stronger patient privacy laws can opt to use HIPAA instead, which allows for more disclosure. Before HIPAA's passage, Wisconsin's patient privacy law was interpreted in many cases to require patients to give signed consent before they could access their own records. HIPAA allows more access, for example, to a consulting doctor. Peter Swire, a law professor at Ohio State University, told the Journal Times that the law was needed at the time it was passed because it was becoming more commonplace for medical records to be disseminated electronically. However, not everyone agrees. Attorney Jim Pyles tells the newspaper that he believes HIPAA has weakened patient rights and weakened the requirement for patient consent. [Source]

US – Web Experts Weigh Value of “Trustmarks” for Health Sites

A seal of approval on a health information Web site should not automatically instil consumer confidence, according to experts who discussed the role of such “trustmarks” at a Health Improvement Institute workshop. The Good Housekeeping seal of approval does not apply to information on the Internet, despite such claims as “certified by the American Heart Association” or “dermatologist recommended,” many of the participants agreed. The dialogue regarding site ratings – part of a daylong workshop on the quality of health information on the Internet – was intended to stimulate ideas for policy-making. Participants included representatives from Consumer Reports WebWatch, Indiana University, the New Jersey Institute of Technology and WebMD. In theory, consumers should be able to click on a trustmark symbol and be taken to a page that lists the requirements for earning that certification, but sometimes the links are dead, the ratings are outdated or the information is not helpful. [Source]

CA – Capital Health Failed to Protect Patient Info: Alberta Privacy Commissioner

Capital Health breached the Alberta Health Information Act when it failed to adequately protect health information stored on laptop computers that were later stolen, Alberta Information and Privacy Commissioner Frank Work said this week. Work has issued the final report of his investigation into the theft of four laptop computers from a Capital Health office in May. One of the laptops contained patient information. Work said in a news release he is disturbed by the amount of mobile computing devices stolen or lost without reasonable security measures being taken. Work said all organizations that store health information on mobile devices must show a business need to do so. The devices are to be password protected, health information must be protected by encryption, and reasonable steps must be taken to physically secure the devices. [Source] See also: [UK Information Commissioner: Doctors may be prosecuted if their laptops are stolen]

WW – Salesforce.com Customers at Risk of Phishing Attacks

Salesforce.com customers are at risk of receiving phishing and other ill-intentioned email after a salesforce.com employee was tricked by a phishing scam into revealing a company password that allowed the attacker access to the customer database. Customers have reported receiving phony Salesforce.com invoices. Salesforce.com counts several banks among its customers. [Source] [Source] [Source]

UK – UK Government Broke Data Protection Laws

A security breach that affected thousands of online applications for British visas was the result of the government’s failure to adhere to data protection laws, a privacy watchdog has ruled. The Information Commissioner’s Office said the government had broken the terms of the Data Protection Act by failing to properly protect visa applications made over the Internet using its UK visas website. [Source]

US – U.S. Confirms High-Tech Driver’s Licences Will Be Allowed at Border

U.S. Homeland Security Secretary Michael Chertoff confirmed this week that Canadians can use enhanced driver’s licences when entering the U.S. by land crossings. Canadian officials had been pressing for an alternative to passports, saying they are expensive. While Washington’s decision on the Western Hemisphere Travel Initiative is due soon, Chertoff indicated the new high-tech licences would be approved. "Next year, we’ll be implementing a rule in stages that will require … either a passport, a passcard, Nexus card or enhanced driver’s licence to cross the land border," he said during a speech to a Washington trade symposium hosted by the U.S. Customs and Border Protection agency. Such licences, which aren’t yet available, would contain proof of citizenship. Several provinces, including Ontario, Quebec and Alberta, are keen to develop the required licences. [Source][Ontario Ready to Start Producing Licences as Passport Alternative]

US – New York Abandons Plan to Issue Driver’s Licenses to Illegal Immigrants

New York Gov. Eliot Spitzer has abandoned a plan to issue driver’s licenses to illegal immigrants. The governor was meeting with the state’s congressional delegation, many of whom openly oppose the program. The governor introduced the plan with the goal of increased security, safer roads and an opportunity to bring immigrants “out of the shadows.” Opponents charged Spitzer would make it easier for would-be terrorists to get identification, and make the country less safe. Last month, Spitzer sought to salvage the license effort by striking a deal with the Department of Homeland Security to create three distinct types of state driver’s licenses: one “enhanced” that will be as secure as a passport; a second-tier license good for boarding airplanes; and a third marked not valid for federal purposes that would be available to illegal immigrants and others. About 70% of New Yorkers oppose the license plan, according to a poll released earlier this week. [Source] See also: [NY Three-Tier License Plan Heavily Criticized] and [San Francisco Approves ID Card Without Citizenship Requirements]

US – ID Cards for Residents Pass a Vote in California

The San Francisco Board of Supervisors has given preliminary approval to an ordinance allowing municipal identification cards to be issued to anyone living in the city, regardless of their legal status. The proposal passed the first of two required votes last week, putting San Francisco, with a population of 725,000, on track to become the largest city in the nation to issue identification cards to anyone who requests one and proves residence. In June, New Haven, Conn., passed a similar measure, believed to be the first in the nation. Since then, several other cities, including New York, have floated the idea. In San Francisco, supporters said that the ordinance was intended to make life easier for the large number of illegal immigrants working in the city, many of whom cannot get access to services because they have no formal identification. The city already has a “sanctuary” policy forbidding local law enforcement or other officials to assist with immigration enforcement. [Source]

UK – UK Can’t Pin Down ID Card Costs

The U.K. government says there is a “significant probablity” that costs of its controversial ID card plan will change in the future. The new cost estimates reflect “a number of key assumptions around the number of applications for passports and/or identity cards, the operation of the enrollment processes, and achievable levels of staff productivity, all of which may well change in the light of more detailed work and practical experience”, the new report adds. The Liberal Democrats hit out at the uncertainty over the costs of the plan, saying it was “time to scrap” the scheme. IPS chief executive James Hall also announced that the agency was working on plans to capture fingerprints for ID cards and biometric passports at Post Office branches and travel agents, in addition to 70 new ID card offices. [Source]

UK – Social and Wireless Networks Users Provide “Rich Pickings” for Criminals

Latest research from GetSafeOnline.org suggests that while people have become more vigilant when it comes to installing internet security software on their personal computers (PCs), what they actually do online is putting them at increased risk of internet-based crime. According to the research, 88% of internet users now have some form of internet security software, such as a firewall, or up-to-date anti-spyware or anti-virus protection, on their PC or laptop. However, as new trends and technologies become more popular, many internet users are unwittingly exposing themselves to new areas of risk. [Source] [www.getsafeonline.org]

EU – Germany Implements Sweeping Data Retention Policies

Starting next year, all communication providers in Germany will have to store all connection data for six months. This includes not only phone calls but also IP addresses and e-mail headers. The content of the communications is not stored. The bill had been heavily criticized. Privacy advocates had organized demonstrations against the bill in all major German cities at the beginning of this week. In October there had already been a large demonstration with thousands of participants in Germany’s capital Berlin. All opposition parties voted against the bill. Several members of the opposition and several hundred private protesters announced a constitutional complaint. [Source]

US – FBI May Have Datamined Grocery Stores With Help From Credit Companies

Recent media reports indicate that in 2005-06, the FBI went trawling through grocery store records in order to track down Iranian terror cells. They hoped to locate “Middle-Eastern terrorists” through the purchase of specific food items. Many of these items, though, are not sold through big-box supermarket chains, and the majority of mom and pop ethnic markets do not have the detailed computer purchase histories that Safeway or Whole Foods have. What the FBI seems to have done is instead put together a list of everyone who shopped at a Middle Eastern food market. All signs point to the credit card companies providing this data, and not the individual stores. [Source] White House Requests US $154 Million for Cyber Security Spending

US – Judge Blocks Disclosure of Anonymous Critics Online

A former school board member’s request for disclosure of the names of anonymous Internet critics has been rebuffed by a state judge, who ruled that the comments were protected speech. Manhattan Supreme Court Justice Marcy S. Friedman found that Google, the Internet service provider hosting the blog “Orthomom,” did not have to disclose the identities of blogger Orthomom or of the anonymous users who posted allegedly defamatory comments on the site about Pamela Greenbaum. [Source]

US – Groups Ask FTC to Investigate Online Advertising Plans

The Center for Digital Democracy and the U.S. Public Interest Research Group are challenging new advertising schemes announced by MySpace and Facebook, saying the plans fail to take into account consumer privacy. Jeffrey Chester, Founder and Executive Director of the Center for Digital Democracy, told Computerworld that the Web sites' targeted advertising plans run afoul of consumer privacy rights by using the information they collect from users to compile a "one-stop data shop for marketers." He called for the sites to offer consumers an opt-out as well as disclosure about how they intend to use their personal data. MySpace said that it is "firmly committed to protecting user privacy and adher(ing) to a strict policy." Facebook did not immediately respond to a request for comment. [Source]

WW – Yahoo!’s Targeting Tool Raises Privacy Concerns

Privacy experts have expressed concerns at a new tool that allows the country’s second-largest internet portal, Yahoo!, to serve up ads based on people’s internet behaviour. Yahoo! is monitoring the pages people read, the ads they click, their search terms and the registration data they fill in to identify groups of people with shared interests and beliefs. A trial to deliver relevant ads to those clusters while they are in the “mood to buy” has just begun. After initially saying it did not have any immediate plans to use an internet user’s sex, religion or politics to “behaviourally target” them with ads, Yahoo! has not ruled out doing so in the future. [Source] See also: [New Facebook Ads may violate privacy laws] and [New AOL Initiative May Help Shield Consumers from Targeted Advertising]

WW – Report: Sharing, Privacy and Trust in Our Networked World

The OCLC, a global nonprofit, membership, computer library service and research organization dedicated to the public purposes of furthering access to the world’s information and reducing information costs, has elaborated a report that is based on a survey of the general public from six countries—Canada, France, Germany, Japan, the United Kingdom and the United States—and of library directors from the U.S. The research provides insights into the values and social-networking habits of library users. This OCLC membership report explores this web of social participation and cooperation on the Internet and how it may impact the library’s role, including:

- The use of social networking, social media, commercial and library services on the Web

- How and what users and librarians share on the Web and their attitudes toward related privacy issues

- Opinions on privacy online

- Libraries’ current and future roles in social networking [Source and Report] See also: [ENISA Position paper #1: Security Issues and Recommendations for Online Social Networks]

US – Time to Redefine “Privacy,” U.S. Intelligence Official Says

Top intelligence official says it is time people in the U.S. changed their definition of privacy. Privacy no longer can mean anonymity, said Donald Kerr, the principal deputy director of national intelligence. Instead, he said, it should mean that government and businesses properly safeguard people’s private communications and financial information. Mr. Kerr’s comments came as Congress is taking a second look at the Foreign Intelligence Surveillance Act. Lawmakers hastily changed the 1978 law last summer to allow the government to eavesdrop inside the United States without court permission, as long as one end of the conversation was reasonably believed to be located outside the U.S. The original law required a court order for any surveillance conducted on U.S. soil so as to protect Americans’ privacy. The White House argued that the law was obstructing intelligence gathering. The most contentious issue in the new legislation is whether to shield telecommunications companies from civil lawsuits for allegedly giving the government access to people’s private e-mails and phone calls without a court order between 2001 and 2007. [Source] See also: reaction by Jim Harper / Technology Liberation Front and [Senate Panel Delays Debate on Immunity for Telecoms] and see also: [New UK intelligence chief reveals all on website]

EU – METRO Group Rolls Out Largest RFID Project in the European Retail Sector

METRO Group in late October completed a major step in the nation-wide operational deployment of the RFID technology in Germany. At 180 locations operated by the sales brands Metro Cash & Carry and Real as well as the central warehouses of MGL METRO Group Logistics, deliveries can now be recorded automatically. The remaining locations are scheduled for conversion next year. This is the largest operational rollout of this technology in the European retail sector. [Source]

US – Wal-Mart and Best Buy Try Tagged DVDs

Wal-Mart, Best Buy and other EPCglobal members are conducting an item-level pilot to help ensure that DVDs are in stock and on the floor. Trial participants are affixing RFID labels to 12,000 DVDs of 15 movie titles. Disc replicators use fixed interrogators to capture the unique ID of each DVD’s RFID inlay. Product data is stored in a back-end database and shared with other participants, and the product is then shipped out. On the retail end, Wal-Mart is reading the DVDs’ RFID inlays when the discs arrive at the stores, as they are placed on shelves, and in displays and at store exits, with signage informing customers of the RFID use. Employees also use handhelds to locate specific titles in the stores. [Scope]

US – NIST Announces the Release of Three Security (Encryption) Publications:

SP 800-111, Guide to Storage Encryption Technologies for End User Devices, is published as final. It is intended to assist organizations in understanding storage encryption technologies for end user devices, such as laptops, PDAs, smart phones, and removable media, and in planning, implementing, and maintaining storage encryption solutions. The publication provides practical, real-world recommendations for three classes of storage encryption techniques: full disk encryption, volume and virtual disk encryption, and file/folder encryption. SP 800-111 also discusses important security elements of a storage encryption deployment, including cryptographic key management and authentication. SP 800-114, User’s Guide to Securing External Devices for Telework and Remote Access, is published as final. It is intended to help teleworkers secure the external devices they use for telework, such as personally owned desktop and laptop computers and consumer devices (e.g., cell phones, PDA). The publication focuses on security for telework involving remote access to an organization’s nonpublic computing resources. It provides practical, real-world advice on securing telework computers'' operating systems and applications and teleworkers'' home networks, and it also gives basic recommendations for securing consumer devices. SP 800-114 also provides tips on considering the security of a device owned by a third party before deciding whether it should be used for telework. Draft SP 800-115, Technical Guide to Information Security Testing, is available for public comment. It seeks to assist organizations in planning and conducting technical information security testing, analyzing findings, and developing mitigation strategies. The publication provides practical recommendations for designing, implementing, and maintaining technical information security testing processes and procedures. SP 800-115 provides an overview of key elements of security testing, with an emphasis on technical testing techniques, the benefits and limitations of each technique, and recommendations for their use. [Source] [Source]

US – Little Progress on Government-Wide Smart Card Initiative

The NYT reports that, more than three years after a presidential directive requiring federal government agencies to issue new smart card identity credentials to all employees and contractors, progress on the mandate continues to be tediously slow. Most agencies appear to have missed by a wide margin an Oct. 27 deadline by which they were supposed to have completed background checks and issued smart ID credentials to all employees and contractors with 15 years or less of service. [Source]

US – New Jersey School Cameras Fed Live to Cops

Surveillance cameras rolling inside New Jersey schools is nothing new, but what’s taking place inside some public schools is truly cutting edge: a live feed from more than two dozen cameras with a direct connection to the police. Patrolling officers have access to the video feed from headquarters and several laptops. To address privacy concerns, all of the cameras are installed in public areas and are not equipped to pick up audio. The video capabilities are extremely impressive. Each of the laptops can pick up 16 different angles at one time, turning a single operator into a mobile surveillance team. Schools Superintendent Larry Hughes says if nothing else, the ability to digitally timestamp and archive the video should discourage bad, even criminal behavior. [Source]

CA – Father Denied Copy of Son’s Suicide Note [to protect privacy]

The father of a suspected serial killer has been denied a chance to see his son’s suicide note. In a recent ruling, the Office of the Information and Privacy Commissioner for B.C. upheld a chief coroner’s decision to deny the father’s request on the grounds that releasing it would unreasonably invade the dead son’s privacy. The suicide note sheds light on the son’s state of mind before he died, and thus contains personal information about his medical or psychological condition, a senior adjudicator wrote in an order posted last week on the privacy commissioner’s website. “While I sympathize with the applicant’s wish to understand why his son died and to put this sad event behind him … his motives, while undoubtedly sincere, do not in my view overcome” the requirement to protect the son’s right to privacy – even in death. [Source]

US – Devices Enforce Silence of Cellphones, Illegally

A small but growing band of rebels is turning to a blunt countermeasure against growing use of cellphones in public: the cellphone jammer, a gadget that renders nearby mobile devices impotent. The technology is not new, but overseas exporters of jammers say demand is rising and they are sending hundreds of them a month into the U.S. — prompting scrutiny from federal regulators and new concern last week from the cellphone industry. The buyers include owners of cafes and hair salons, hoteliers, public speakers, theater operators, bus drivers and, increasingly, commuters on public transportation. The jamming technology works by sending out a radio signal so powerful that phones are overwhelmed and cannot communicate with cell towers. Larger models can be left on to create a no-call zone. Using the jammers is illegal in the U.S.. The radio frequencies used by cellphone carriers are protected. [Source]

US – CDT Joins Push to Thwart Funding for Real ID Act

CDT has signed on to a letter with 75 other advocacy, privacy and civil liberties organizations urging Congress to kill implementation of the Real ID Act of 2005 by starving it to death; they want all funding for the program cut from the upcoming FY08 appropriations bill for the Department of Homeland Security. The Real ID Act came into existence as a rider on a must-pass war and hurricane relief bill. DHS has failed to issue final regulations for it, meanwhile, ten states are asking Congress to repeal it completely. Right now there’s $50 million on the table earmarked for Real ID; CDT and the other signatories are asking Congress to heed the red warning flags that surround this program and reallocate the money to other national priorities. [Real ID Conference Cmte. Funding Letter]

UK – Public Sector Raps 1,700 Staff Over Computer Misuse

Government bodies have sacked 130 people and disciplined 1,700 over IT abuses in the past three years, according to figures uncovered by The Observer newspaper. Misuse of computers ranged from excessive use of social networking sites such as Facebook to the viewing of material deemed inappropriate for work and the sending of offensive emails. The figures reveal how big a problem employers face when trying to balance the need to limit a company’s exposure for employee actions or losses through time-wasting with the expectation of employees that they will be permitted to use work computers for some personal use.

[Source]

US – Employers Play Hard Ball With At-Risk Workers

Recent attempts by many companies to control healthcare costs have led to policies that are raising eyebrows among privacy advocates and employees. Beginning in January, the Tribune Co. will force employees to pay $100 a month more in insurance premiums if they, or any family members covered by the insurance, smoke cigarettes. Hewitt released a survey earlier this year that found that two-thirds of 450 major employers were opting for more stringent wellness and disease management programs for workers. However, some employees are fighting back in lawsuits. [Source]

--------