UK – Biometrics Won’t Fix UK Data Loss Problems

Six leading academics have written to a UK Parliamentary committee to express their dismay at the way biometrics has been used as a magic wand which would have supposedly stopped the massive govt data breach. Both the PM and the Chancellor claimed, after the loss of CDs containing 25m recipients of child benefit, that the data would somehow be protected by biometric information if we had national ID cards. The six said of claims: “These assertions are based on a fairy-tale view of the capabilities of the technology and in addition, only deal with one aspect of the problems that this type of data breach causes.” The letter points out that this is based on three suppositions - that the entire UK population can be enrolled on the database; that no one can forge biometric information; and finally that every ID check would include checks against biometric information on the national database, all of which are highly unlikely. The six academics also note that including biometric information on a national ID register would make such records even more valuable to fraudsters, and once compromised make “fixing” the problem even more difficult. The academics behind the letter include Professor Ross Anderson and Dr Richard Clayton of the University of Cambridge Computer Laboratory, and Dr Ian Brown of the Oxford Internet Institute. [Source] [Open letter to Andrew Dismore, Chair of the Joint Committee on Human Rights]

US – DHS to Begin Collecting All 10 Fingerprints For Visitors

The Homeland Security Department intends to begin scanning all 10 fingerprints for foreign visitors starting Nov. 29 at Dulles International Airport in Virginia, department officials said this week. Foreigners visiting the U.S. on visas must have a digital photograph taken and a scan of their two index fingers under the U.S. Visitor and Immigrant Status Indicator Technology program. DHS has built a database of 90 million fingerprints in the four years the program has been in operation. Expansion to 10-finger scans, which has been in the planning stages for several years, is now beginning. The 10-finger U.S. Visit scans are being rolled out at U.S. airports and at all land and sea border crossings, with a goal of being fully operational by the end of 2008, according to press reports of the briefing. Officials in the Bush administration have said the purpose of scanning more fingers is to increase accuracy and reduce false matches. But there are concerns about the greater length of time needed to scan 10 fingers. [Source]

US – TSA Biometric Security Fails 1 in 50 Transport Workers’ Credentials

A senior Lockheed Martin official said that fingerprint biometric security systems currently used in the Transportation Security Administration’s Transport Worker Identification Credential (TWIC) program fail to properly authorize enrollees’ credentials one time in 50 (2%). The TWIC program issues tamper-resistant smart cards to personnel who work in maritime facilities and on maritime vessels (“mariners”), enabling them unescorted access to those areas with auditable, secure authentication. Identifying data on the smart card is matched against fingerprint data assessed at the time the card is read. TWIC program director responded by saying her group is willing to consider alternative biometric systems, but the Dept. of Homeland Security – the TSA’s parent agency – would have to meet first with the National Institute of Science and Technology, to determine what new systems they could deploy that could utilize data that is backwards-compatible with the database TWIC currently uses. [Source]

CA – UNBC Students Give Thumbs Down to Fingerprint Scanners

New fingerprint scanners are now controlling access to the sports centre at the University of Northern B.C., and some students are calling that an invasion of privacy. The university recently installed the RecTrac biometric scanning system made by an American company, but already more than 300 students have signed an online petition opposing it. B.C.’s privacy and information commissioner David Loukadelis is now talking with university officials to ensure students’ privacy is being protected. [Source]

CA – Alberta Privacy Commissioner Probing Barlink ID Scanning System

Bar owners are defending a controversial program that scans patrons’ identification into a computer, arguing it’s helping keep Edmonton watering holes safe. The Barlink system is now the subject of an on-going inquiry by the Information and Privacy Commissioner’s office. The report by the privacy commissioner is due to be released in late January. The inquiry was launched following a complaint out of Calgary about the Barlink program. [Source] See also: [Reckless data handling could violate new Canadian ID theft law]

US – California Plan to Outsource E-Mail Service Raises Privacy Questions

California is weighing a plan to hand off the hosting of e-mails--to, from, and between state workers--to either Google or Microsoft. The California state government has formed a working group to study hosted e-mail offerings from Google and Microsoft. The task force, comprised of technology officials from various state agencies, is evaluating the cost and feasibility of moving e-mail services for as many as 250,000 state workers off of internally maintained systems and onto Web-based platforms operated by one of the two tech giants. But there are other issues to consider--like privacy and security. [Source] [Source]

US – Poll: Americans Embrace Promise of Digital Medical Records

The Wall Street Journal and Harris Interactive report that a poll they conducted indicates that a majority of respondents believe that digital medical records could substantially reduce the chance of medical errors and the likelihood that tests and treatments would be repeated needlessly. The poll indicates that privacy concerns are waning. More people said that benefits of electronic health records outweigh the risks. Slightly more than half indicated that electronic medical records make it more difficult to protect patients’ privacy – but that response represents a 10% drop from 2006. [Source] [Wall Street Journal]

EU – Internet Telephone Encryption Stumps German Police

German police are unable to decipher the encryption used in the Internet telephone software Skype to monitor calls by suspected criminals and terrorists, Germany’s top police officer said this week. Skype allows users to make telephone calls over the Internet from their computer to other Skype users free of charge. “The encryption with Skype telephone software ... creates grave difficulties for us,” Joerg Ziercke, president of Germany’s Federal Police Office (BKA) told reporters at an annual gathering of security and law enforcement officials. “We can’t decipher it. That’s why we’re talking about source telecommunication surveillance – that is, getting to the source before encryption or after it’s been decrypted.” [Source]

EU – Data Breach Debacle Leads to Review of Other Databases

Britain’s schools secretary, Ed Balls, has ordered an independent assessment of security for the ContactPoint database that is set to hold the details of every child from birth. Balls announced the review in the wake of the HMRC data loss debacle that has seen details of 25 million people, held on two CDs, lost in transit between HMRC and the National Audit Office. The HMRC data security breach -- Britain’s biggest -- emerged on the same day that a report by the government’s own children’s rights director, Roger Morgan, revealed that a survey of children had found most were worried about the safety of information on the ContactPoint database. The announcement of who would carry out the independent security assessment would be made “as soon as possible,” she added. Ed Balls had also asked DCSF permanent secretary David Bell to conduct an immediate assessment of how personal data was stored and protected across the department. Bell had reported back within 24 hours “to confirm the department was confident that we have very robust procedures in place,” the spokesperson said. [Source] See also: [Everybody suffers data leakage, study finds]

US – EPIC Publishes ‘Litigation Under the Federal Open Government Laws’

“Litigation Under the Federal Open Government Laws,” published by EPIC in cooperation with Access Reports and the James Madison Project, is the standard reference work covering all aspects of the Freedom of Information Act, the Privacy Act, the Government in the Sunshine Act, and the Federal Advisory Committee Act. The book draws upon the expertise of practicing attorneys who are recognized experts in the field. Appendices include the text of the relevant acts and sample pleadings for litigators. This is a comprehensive guide to FOIA and open government, essential for anyone interested in open access laws. The twenty-third edition includes a new chapter on searching for records, international open government resources, a glossary of key terms, and is updated with new significant cases. [Litigation Under the Federal Open Government Laws] [Access Reports] [James Madison Project]

US – Court Affirms Law That All Federal Felons Provide DNA for U.S. Database

A divided federal appeals court has upheld a law requiring all convicted federal felons to provide DNA samples for a database available to any police agency in the nation. The law, passed by Congress in 2004, expanded a previous statute in 2000 that covered only prisoners and parolees who had been convicted of violent crimes in federal court. In a 2-1 ruling, the Ninth U.S. Circuit Court of Appeals in San Francisco said requiring DNA from all felons would aid law enforcement agencies without intruding seriously into the privacy of drug offenders and other nonviolent criminals. “While DNA evidence is often central to the investigation of violent crimes such as murder or sexual assault ... it can be useful in solving nonviolent crimes as well,” said Judge McKeown for the majority opinion. Although nonviolent criminals are less likely than violent offenders to commit new crimes after their release, they still have significant rates of recidivism, McKeown said. She also said the privacy rights of a convict who is on supervised release - the post-imprisonment system for former federal inmates, similar to parole supervision in state laws - are less than those of noncriminals. The law protects privacy by making it a crime to knowingly disclose information on the database to anyone outside law enforcement, McKeown said. [Source]

CA – Province Mistakenly Places Personal Health Info on the Web

The Newfoundland and Labrador government said this week it’s trying to contact dozens of people whose confidential medical information, including test results for HIV and hepatitis, was accidentally put on the Internet. Provincial Justice Minister Jerome Kennedy said government officials are going over the files to determine what information was published. [Source]

CA – Nova Scotia Gov’t Pushing Mandatory Gunshot/Stab Reporting

Nova Scotia’s government may make it mandatory for health care workers to report cases of gunshot and stab wounds to police, but critics say the proposed law would trample patient confidentiality. Justice Minister Cecil Clarke said the legislation is in response to escalating gang violence in the province. Ontario and Saskatchewan already have similar measures in place. In Nova Scotia, it’s currently at the discretion of health care workers whether they should report gunshot or stab wounds. Halifax Regional Police Chief Frank Beazley said the proposed law would help investigators get a quick start on more cases of gun violence. Opposition critics said the government’s proposal could actually endanger health care workers, who could be threatened by patients who don’t want to involve the police. The Nova Scotia Nurses Union expressed concern over privacy issues [Source] [Source] [N.S. ER Doctor pans mandatory reporting plan]

US – State-Run Prescription Program Leaks Seniors’ Personal Information

Details are sketchy about the exact nature of a security breach that exposed personal data for an undetermined number of Massachusetts senior citizens, according to this Standard-Times article. The state, which detected the breach in August, is notifying 150,000 senior citizens about the incident, which resulted in charges against a perpetrator. A spokeswoman for the Executive Office of Health and Human Services said the state run program for Massachusetts residents over 65 is “taking this very seriously.” The spokeswoman told the newspaper she did not know how the breach occurred or was detected. She also refused to comment on what sort of information may have been exposed. Prescription Advantage members have been urged to monitor their credit reports, and credit-card and bank statements, for any illegal activity. [Source]

UK – More Details Emerge in HMRC Data Loss Case

New information about the HM Revenue & Customs (HMRC) data loss indicates that data were routinely stored in password-protected zip-files. In addition, although the National Audit Office (NAO) wanted only the names, National Insurance numbers and Child Benefit numbers, HMRC left the rest of the data in because of cost concerns. It is also apparent that numerous people were aware of the unfiltered data transfer, eliminating the scenario of one junior staff member making an independent yet ill-advised decision. [Source] [Source] [Source] See also: [ICO Official: Government Breach Most Serious in His 20-Year Experience] and [58% not Surprised U.K. Government Lost Data of 25 Million People] [ICO Poised To Probe Any Complaint About Apology Letters For Government Breach] and also: [Government Breach Apology Letters Contain Sensitive Personal Data] [Privacy International Comments on UK Tax Agency Data Breach] [Privacy International to pursue data breach legal action against UK government]

US – Database Admin to Plead Guilty in Theft of 8.5M Consumer Records

A senior database administrator at a subsidiary of Fidelity National Information Services (FIS) who was accused of stealing about 8.5 million customer records and selling them to data brokers is expected to plead guilty this week to felony fraud charges in a U.S. District Court. Between February 2002 and August 2007, William Sullivan allegedly accessed Certegy’s databases and systematically downloaded what were later found to be records belonging to about 8.5 million customers. Sullivan then allegedly sold the records to an as-yet-unindicted third party, who in turn sold the data to other brokers. FIS claimed that the stolen information appeared to have been sold and used purely for direct marketing purposes and not for identity theft or other fraudulent purposes. That was not enough, however, to stop class-action lawsuits from being filed against the company for failing to implement adequate information security practices. [Source] See also: [Ethics, data protection build public trust, says Ponemon]

US – Computer Security Experts Dispute FTC Report Stats about Drop In ID Theft

The FTC this week released its first ID theft report in more than three years, which immediately drew criticism for its conclusion that ID theft was down since the last report in 2003. The report indicates that 8.3 million adults were victims of ID theft in 2005 compared to 10 million in 2003, according to USA TODAY. Avivah Litan, an analyst at market researcher Gartner, told the newspaper that the FTC’s “methodology is flawed” and the “numbers are unreliable.” Betsy Broder, the FTC’s Assistant Director in the Division of Privacy and Identity Protection, said the percentage of adults victimized in 2005 is statistically close to those in 2003. She added that a new methodology was used in the latest report. [Source] [FTC News Release] [FTC 2006 Identity Theft Survey Report]

CA – B.C. Among Provinces to Issue New Ultra-Secure Birth Certificates

New B.C. certificates, which the province will begin issuing Jan. 2, have more than 20 security features, from watermarks to barcodes to transparent windows with floating maple leaves. They are also made of a polymer material that is virtually rip-free. “Our new birth certificate is among the most secure documents of its type in the world,” Health Minister George Abbott told a technical briefing at the B.C. legislature. It’s being implemented to stem increasing instances of identity theft and fraud. Abbott pointed out that a birth certificates is a “foundation” document, and the basis for all other identification, such as passports, driver’s licences and social insurance numbers. Within the next few months, Alberta, Manitoba, New Brunswick, Newfoundland and Labrador, Nova Scotia, Prince Edward Island, and Saskatchewan will all introduce similar certificates. Another feature aimed at giving the certificates longer life and making them less accessible to identity thieves is a new size. The new provincial birth certificate is designed specifically not to fit in a wallet or comfortably in a pocket. “They also get destroyed because they go through the wash.” There will also be two types of birth certificate, one displaying only individual information and the other including parental information. They will replace the current large and small certificates. Abbott said there would be no additional cost for the new document and older birth certificates will still be valid for the foreseeable future. [Source] See also: [Governments Look Closely On Upcoming B.C. Virtual ID Card Pilot]

US – Feds Abandon Effort to Obtain Records of Online Book Purchases

A U.S. Magistrate has ruled that customers have a First Amendment right to keep their reading habits to themselves. The ruling led federal prosecutors to withdraw a subpoena that sought to obtain the identities of consumers who bought used books through Amazon.com, according to this USA TODAY article. The judge said that he believed the federal prosecutors were seeking the information for legitimate purposes, but said that “it is an unsettling and un-American scenario to envision federal agents nosing through the reading lists of law-abiding citizens while hunting for evidence against somebody else.” Amazon said in court documents that it hopes the judge’s ruling will limit prosecutors’ efforts to obtain records involving book purchases. [Source]

WW – Internet Users Give Up Privacy in Exchange for Trust

New research funded by the Economic and Social Research Council suggests that Internet users are likely to provide more personal information online if they consider the Web site to be trustworthy. However, Internet users who have some concerns about a Web site will become more guarded alter their behavior. The way in which questions are worded and response options are designed, such as giving Internet users the opportunity to choose “I prefer not to say” or select their salary from a broad scale, often results in users providing as little information about themselves as possible. The level of trustworthiness may ultimately determine the degree of helpful information that online services obtain from people who visit their Web sites. [ACM Technews] [ScienceDaily]

WW – New EFF Software Detects Web Interference

Increasingly worried over Internet providers’ behaviour, the EFF has released software that helps determine whether online glitches are innocent hiccups or evidence of deliberate traffic tampering. The San Francisco-based digital rights group hopes the program, released yesterday, will help uncover “data discrimination” in addition to the cases reported separately by EFF, The Associated Press, and other sources. [Source]

WW – Google to Offer Service to Store User Data

Google wants to offer consumers a new way to store their files on its hard drives, in a strategy that could accelerate a shift to Web-based computing and intensify the Internet company’s competition with Microsoft Corp. Google is preparing a service that would let users store on its computers essentially all of the files they might keep on their personal-computer hard drives -- such as word-processing documents, digital music, video clips and images. [Source]

US – System Lets Law Enforcement Agencies Share Data

In what they called a breakthrough, law enforcement officials have unveiled a computer system that will allow more than 60 state and local police agencies in the D.C. area to share mug shots and crime reports. The system, Law Enforcement Information Exchange (LInX), functions like Google for police, except that the database contains law enforcement information. [Source]

CA – Police Need Power to Monitor Wireless Messages, Says Toronto Chief

Terrorists and other criminals are tapping out schemes on their BlackBerries knowing there is little chance the police will get their hands on the incriminating messages, Toronto Police Chief Bill Blair said this week. Speaking as part of a police panel, Chief Blair urged the federal government to pass legislation forcing cellphone and Internet companies to co-operate with police. [Source]

WW – Facebook Retreats on Online Tracking Ad Program

Faced with its second mass protest by members in its short life span, Facebook is reining in some aspects of a controversial new advertising program. Within the last 10 days, more than 50,000 Facebook members have signed a petition objecting to the new program, which sends messages to users’ friends about what they are buying on Web sites like Travelocity.com, TheKnot.com and Fandango. The members want to be able to opt out of the program completely with one click, but Facebook won’t let them. Late yesterday the company made an important change, saying that it would not send messages about users’ Internet activities without getting explicit approval each time [NOTE: each time]. [Source] [Privacy concerns prompt U-turn at Facebook] [Facebook Beacon] [MoveOn Petition] [EPIC’s page on Social Networking Privacy]

UK – ICO Warning To Youths: A “Blog Is For Life”

The Information Commissioner’s Office (ICO) is warning youths that online posts can leave electronic details that will persist and perhaps lead to identity theft in the future. The ICO released a report that found that at least 4.5 million Web users in Britain between the ages of 14 and 21 could be victims of ID theft as the result of careless postings of personal information online. The ICO advised young users that if “you don’t think you’ll want it to exist somewhere in 10 years’ time, don’t post it,” according to AHN coverage of the study. The privacy watchdog warned that posting personal information, including birth dates and home addresses, could expose them to fraud. [Source]

US – Senators Urge Privacy Review of Proposed Google-DoubleClick Deal

In a November 19 letter to the FTC, Senators Herb Kohl and Orrin Hatch, Chairman and Ranking Member of the Senate Judiciary Committee’s Subcommittee on Antitrust, Competition Policy and Consumer Rights, urged the FTC to critically analyze the privacy and competition effects of Google’s $3.1 billion proposed merger with Internet advertising company DoubleClick. “[T]his deal raises fundamental consumer privacy concerns worthy of serious scrutiny,” the senators wrote. The proposed merger is under review by the U.S. FTC following complaints filed by EPIC, the Center for Digital Democracy and US PIRG that detail the reasons why the FTC needs to establish substantial privacy safeguards as a condition of the merger. [Source] See also: [Senate Judiciary Committee, “An Examination of the Google-DoubleClick Merger and the Online Advertising Industry: What Are the Risks for Competition and Privacy?”] [Twelve Republican Members of Congress, Letter Requesting a Hearing on the Privacy Aspects of the Proposed Google/DoubleClick Merger (November 6, 2007) ] [Rep Ed Towns, Member of the U.S. House Committee on Energy and Commerce, Letter to FTC Chairman Deborah Platt Majoras urging a critical review of the proposed Google-DoubleClick merger, October 26, 2007] [EPIC’s Letter to the House Subcommittee on Financial Services and General Government (October 26, 2007) ] [European Commission Directorate on Competition, Press Release, Mergers: Commission opens in-depth investigation into Google’s proposed take over of DoubleClick (November 13, 2007)][EPIC’s page on Privacy? Proposed Google/DoubleClick Deal]

US – FBI’s Gun Ban Listing Swells: Thousands Added to File Marked ‘Mental Defective’

Since the Virginia Tech shootings last spring, the FBI has more than doubled the number of people nationwide who are prohibited from buying guns because of mental health problems, the Justice Department said this week. Justice officials said the FBI’s “Mental Defective File” has ballooned from 175,000 names in June to nearly 400,000, primarily because of additions from California. The names are listed in a subset of a database that gun dealers are supposed to check before completing sales. The surge in names underscores the size of the gap in FBI records that allowed Seung Hui Cho to purchase the handguns he used in April to kill 32 people and himself at the Virginia Tech campus. [Source]

UK – First Pilot of NFC to Test Consumer Demand and Behaviour in the UK

A key NFC trial was officially launched today in the UK, where 500 consumers will be able to use their cell phones as public transportation payment devices in London. The city has been using contactless “Oyster” cards for a few years, but this trial is the first step toward integrating Oyster card functionality into phones. The list of heavy-hitters that are involved is impressive – including Visa Europe, Nokia, Barclaycard, the TranSys consortium, and O2 – but it also reveals the complexity of the ecosystem behind NFC payments, a complexity that analysts have cited as a leading challenge to widespread adoption. [Source] See also: [Samsung brings mobile RFID chip to market; Big Brother is pleased]

WW – Report Says World Faces ‘Cyber Cold War’ Threat

According to a McAfee report published yesterday, a “cyber cold war” waged over the world’s computers threatens to become one of the biggest threats to security in the next decade. About 120 countries are developing ways to use the Internet as a weapon to target financial markets, government computer systems, and utilities. [Source]

WW – Data Breach Costs Soar: Ponemon Study

Responding to a data breach is much more expensive today than it was a couple years ago, according to the latest survey conducted by the Ponemon Institute. Its latest 2007 Cost of a Data Breach report shows a 43% rise in costs compared to 2005 as affected companies scrambled to notify customers, bring in investigators, invest in new security technology and respond to lawsuits. The study found that the total average cost of a data breach grew to $197 per compromised record, an increase of 8% since 2006 and 43% compared to 2005. The average total cost per reporting company was more than $6.3 million per breach and ranged from $225,000 to almost $35 million. After suffering a data breach, study participants said their companies expanded the use of encryption, invested in new data loss prevention and identity and access management products; and deployed new technology for endpoint security and perimeter control, and event management. Other findings indicate that the cost of lost business continued to increase at more than 30%, averaging $4.1 million or $128 per compromised record. Lost business now accounts for 65% of data breach costs compared to 54% in the 2006 study. Larry Ponemon, founder and chairman of the Ponemon Institute, said each security breach is different but that it all amounts to the loss of confidence and trust, which in turn means a loss of money. [Source] [Source] [Study] See also: [“60 Minutes” Investigates TJX Data Breach, Interviews Privacy Commissioner]

US – FBI Improperly Using Patriot Act Surveillance Powers, ACLU Charges

As a result of newly released Department of Defense (DoD) documents revealing the potential abuse of the government’s surveillance powers, the ACLU has filed a Freedom of Information Act (FOIA) request to force the FBI to turn over documents concerning its use of National Security Letters (NSLs) that demand private data about individuals within the U.S. without court approval. In the request, the ACLU seeks records pertaining to the FBI’s issuing of NSLs at the behest of other agencies that are not authorized to access this sensitive information on their own. In addition, the ACLU is requesting all documents indicating how the FBI has interpreted and used its power to silence NSL recipients since the Patriot Act’s gag provision was amended in 2006. “The FBI appears to be secretly and illegally rubber stamping the surveillance requests of the Department of Defense when the law clearly forbids it,” said ACLU Executive Director Anthony D. Romero. The public has a right to know if the FBI has conspired to sidestep the legal limits of the government’s surveillance program.” Senator Russ Feingold and Representative Jerrold Nadler have introduced legislation to rein in this unchecked NSL authority. The ACLU urges immediate consideration of these bills. [Source] [All of the Defense Department’s NSL-related documents obtained by the ACLU]

US – MPAA Asks Universities to Install Monitoring Software

The Motion Picture Association of America (MPAA) has sent letters to 25 US universities it has identified as having the greatest number of downloads of pirated movies over their networks asking them to install an MPAA-supplied custom toolkit to help “illustrate the level of filesharing on [their schools’] networks.” The reports generated would be “strictly internal and ... confidential.” A closer look at the toolkit raises serious privacy and security flags. The toolkit is set up to call back to MPAA servers immediately upon being deployed to check for updates, so the MPAA would have the IP address of the computer running the toolkit. The toolkit also sets up an Apache web server on the machine, which is likely to be visible to the Internet. Administrators could set up usernames and passwords for access to the server, but they are never prompted to. [Source]

CA – Ottawa Police Chief Calls for More Surveillance Cameras

More surveillance cameras should be keeping an eye on citizens in Ottawa’s downtown core, says the city’s chief of police. “I’m not suggesting that the police have a police-owned state where we maintain security and surveillance over our citizens,” Chief Vern White told a public meeting Tuesday sponsored by Crime Prevention Ottawa. “I’m telling you that I believe it would assist the police in criminal investigations and may assist citizens who make complaints against police, possibly.” Criminal lawyer Mark Ertel argued that such closed-circuit TV cameras don’t deliver any real reductions in crime. Britain, he argued, has one of the world’s highest rates of common assault and other petty crimes, and those crimes have continued to grow despite an increase in CCTV cameras that now number four-million. The cameras reduce people’s privacy and civil liberties, Ertel told the meeting. [Source] See also: [Cameras considered to control crime in Alberta boom cities]

US – Cellphone Tracking Powers on Request

Federal officials are routinely asking courts to order cellphone companies to furnish real-time tracking data so they can pinpoint the whereabouts of drug traffickers, fugitives and other criminal suspects, according to judges and industry lawyers. In some cases, judges have granted the requests without requiring the government to demonstrate that there is probable cause to believe that a crime is taking place or that the inquiry will yield evidence of a crime. Privacy advocates fear such a practice may expose average Americans to a new level of government scrutiny of their daily lives. [Source] See also: [New Jersey College mandates GPS tracking for students]

WW – Google Maps Adds Locator Feature for Cellphones

Google has announced a new feature of its mapping application for mobile phones that lets users find their location without the aid of satellite technology. The technology, called “My Location,” is part of the internet search company’s version 2.0 of Google Maps, released in a beta edition this week. Instead of tracking users through Global Positioning System technology — which tracks a person’s position using satellites — the new Google service uses cellphone tower information to provide an approximate location. The new service will allow mobile phone users to find their location even if they don’t have GPS on their phone, and it will be useful in conjunction with GPS, the company said. Earlier this month, Google announced it was developing a free and open-source operating system for mobile phones called Android that anyone could create features for. Google said it does not gather any personally identifiable information as part of the feature. The company also said it can be disabled by anyone who prefers not to use it. The company said the service is available on most smartphones, including all colour Blackberry devices. [Source] see also: [Pittsburgh eying GPS tracking for police vehicles]

US – TSA Plan to Gather More Data Protested

A U.S. government proposal to start collecting birth dates and genders of people reserving airline flights is drawing protests from major airlines and travel agencies that say it would be invasive, confusing and “useless.” The TSA wants passengers to give the additional personal information — as well as their full names — so it can do more precise background checks that it says will result in fewer travelers being mistaken for terrorists. Travelers currently must provide only a last name and a first initial. Airlines say passengers will resist providing more details and that the process will be time-consuming. Asking a passenger’s birth date and gender “would create a new level of complication for completing air reservations,” United Airlines recently wrote to the TSA. “Seeking useless data carries an unacceptably high price tag.” [Source]

US – DHS Revises REAL ID Standards

The U.S. Department of Homeland Security has revised its minimum federal standards that states must satisfy when issuing driver’s licenses and identification cards under the REAL ID Act of 2005, according to this FCW.com article. The revisions, which were recently submitted to the Office of Management and Budget, come after members of the public submitted 21,000 comments on the original standards that DHS proposed in March. Darrell Williams, Director of DHS’ Real ID Program Office, said in response to critics who contend the program raises privacy concerns about data sharing that REAL ID will improve privacy. Williams, who was speaking during a recent event, said that DHS has no plans to compile a national database and that states would retain control of their motor vehicle data. [Source]

--------