The European Commission (EC) has rejected Bush Administration criticism of its contract clauses designed to protect transmission of personal information. In a strongly worded statement, an EC official said that Bush administration did not understand that the contract clauses were drafted to ensure the protection of personal data.
A class action lawsuit brought by plaintiffs who claimed that DoubleClick violated Internet users� privacy by employing cookies has been dismissed. The judge held that DoubleClick had not engaged in a secret collection of private information from Internet users.
The House Commerce committee unanimously approved an amended version of H.R. 718, the Unsolicited Commercial Electronic Mail Act of 2001. The bill allows individuals to opt-out from unsolicited commercial e-mail. As amended, the bill no longer gives state attorney generals the right to sue for fees incurred from enforcement of the statute. The bill now will be considered by the House Judiciary Committee.
Junkbusters Corporation has urged the co-chairs of the Congressional Privacy Caucus to investigate the practices and prevalence of online profiling companies. Junkbusters said that such an investigation is justified in light of security problems at DoubleClick and the release of Internet Explorer 6, which enables cookies from profiling companies such as DoubleClick.
Representatives Dingell (D-MI) and Markey (D-MA) have asked the Securities and Exchange Commission to investigate the use of spam by the financial services industry.
Representative Greenwood (R-PA) has introduced H.R. 1215, a bill affecting the confidentiality of medical records and health care related information. The bill will be considered by the House Commerce and Judiciary Committees.
Mobile phone users have been unpleasantly surprised by the newest spam technique: The sending of unsolicited commercial text messages directly to users� phones.
A recent study released by the Annenberg Public Policy Center has found that web sites for children have not incorporated basic privacy protections. About half of the sites surveyed had privacy policies that were difficult to locate or difficult to understand.
Secretary of Health Tommy Thompson intends to change medical privacy regulations proposed by the Clinton administration in light of claims that the privacy protections will burden business.
Senators Burns (R-MT) and Wyden (D-OR) introduced the S. 630, the Can Spam Act. The bill seeks to reduce the transmission of unsolicited commercial e-mail by establishing an opt-out standard and requiring that spam messages include a valid return e-mail address.
Bush administration officials have objected to European standard contract clauses that incorporate greater privacy protection than recognized in US law. Administration officials say that such protections impose unduly burdensome requirements that will harm business.
The Privacy Foundation has discovered that the TiVo personal video recorder collects information about users� TV viewing habits, and communicates the information back to the company�s headquarters.
The Central Intelligence Agency�s data mining capabilities include the automatic translation and transcription of audio signals and web pages from foreign languages into English.
Private Detectives increasingly are employed by companies who wish to investigate computer crime, the release of trade secrets, and employee Internet use.
Legislators in Indiana are attempting to pass a bill that would protect the e-mail and Internet records of all public officials. The bill would treat e-mail and Internet access information as non-public records that would not be available under the state open records law.
The Council of Europe Convention on Cybercrime carries controversial provisions that have not been brought to public attention. Among other things, the Convention will prohibit "virtual child pornography," it will require standard procedures for the capture and retrieval of online information in real time, and it requires nations to share electronic evidence. The Convention is intended to ease law enforcement access to evidence and prosecution of suspects.
Microsoft is developing a new computer called "Secure PC" that prevents the unlicensed copying of digital music. The new computer would act as a digital record player: Users could purchase and listen to content that would only play on a secure version of Windows Media Player. Users, however, could not copy or alter the content.
The music industry has employed a tracking system to determine which Internet users are trading MP3s online. It is reported that the technology can track users who transmit files via IRC in addition to Napster.
George Mason University law professor Timothy Muris has been appointed by President Bush to chair the Federal Trade Commission. Muris� appointment establishes a republican majority on the five-member commission. It is reported that Muris will relax antitrust and online privacy enforcement.
H.R. 718, the Unsolicited Commercial Electronic Mail Act of 2001 allows individuals to opt-out of spam, requires the sender to include a working return address, and grants new rights to Internet Service Providers who wish to prevent the transmission of spam from their servers. Last year, the same bill passed the House but failed in a Senate committee.
A flaw has been discovered and confirmed in the popular Pretty Good Privacy (PGP) encryption format. It allows for forgery of digital signatures. However, the flaw does not affect files that have been encrypted with PGP.
In a 6 to 3 decision, the Supreme Court has held that public hospitals may not test pregnant women for drug use and release the results to law enforcement without the patient�s consent or a warrant. The case arose from a South Carolina Public Hospital�s policy of drug testing pregnant women who exhibited certain symptoms linked to substance abuse.
Microsoft is integrating the Platform for Privacy Preferences (P3P) in the upcoming release of Internet Explorer. P3P is supported by a number of high-profile businesses, but has been criticized by privacy advocates as an ineffective system to protect individuals� privacy rights.
The American Civil Liberties Union (ACLU) and EPIC have filed a First Amendment and Due Process challenge to the Children�s Internet Protection Act (CIPA or CHIPA). CIPA mandates public schools and libraries receiving E-rate funds to implement Internet filters. The American Library Association (ALA) will file suit separately to challenge the provisions as well.
Microsoft�s new HailStorm software allows users to store their account, financial, and scheduling information on the Internet. Microsoft spokespersons claim that the new software allows users to control how their personal information is used. However, questions remain regarding Microsoft�s control of personal information in light of recent security breaches and other privacy risks.
Copyright.net�s "Copyright Agent" quietly scans hard drives for unauthorized copies of media. Upon finding copyrighted media, the program notifies the user�s Internet Service Provider.
EPIC and ACLU will file a lawsuit in a federal district court tomorrow to challenge the Children�s Internet Protection Act (CIPA). CIPA requires public schools and libraries that receive e-rate funding to implement Internet filtering technology. EPIC and ACLU allege that the law violates the First Amendment and Due Process.
Consumers report an unwillingness to purchase items online as a result of security and privacy violations. Online profiling and the use of cookies and web bugs are discouraging consumers from entering the Internet marketplace.
The Judicial Conference of the United States held a hearing on the privacy issues involved in providing public access to electronic case files. The federal courts are developing a comprehensive system that will allow users to search all court documents at a central site. Privacy advocates noted the challenges presented by such a system, such as an increase in identity theft and unwarranted invasions into personal privacy.
The Supreme Court of Virginia has refused to grant the request of an unidentified company seeking information on an AOL subscriber. The court held that company must identify itself before obtaining the information, and that anonymous plaintiffs could only be granted subpoena power where exceptional harm would result from a release of their identity.
A General Accounting Office report shows that government investigators were able to access IRS files and gain access to Social Security numbers and tax information.
The National Association of Attorney Generals (NAAG) have passed a resolution urging Congress to enact federal privacy legislation that can be enforced by state attorney generals. NAAG fell short of supporting preemption, a doctrine that allows individual states to supplement federal protections with stronger laws.
The Senate Bankruptcy Bill would provide greater protections to individuals who reveal personal information to a company that later files for bankruptcy. Under the bill, a company that had promised never to transfer individuals� information could not later use the information as a transferable asset in bankruptcy without judicial approval. The House version of the Bankruptcy bill does not contain this language.
Voter.com, a failed politics web site, has announced plans to sell its list of user information. The user information includes party affiliation, areas of political interest, e-mail addresses, sex, and zip codes.
Representative Goodlatte (R-VA) has introduced legislation that would prohibit the transmission of unsolicited commercial e-mail with falsified headers. The legislation includes criminal penalties.
Senator Richard Shelby (R-AL) reintroduced a bill that would restrict the sharing of marketing and behavioral profiling information. The bill, the Freedom From Behavioral Profiling Act, would amend the Financial Services Modernization Act of 2001 (Gramm-Leach-Bliley).
Two men accused of sending unsolicited commercial e-mail are facing felony charges in California. The two allegedly sent thousands of e-mails to advertise home refinancing services. In sending the messages, the pair allegedly accessed a remote computer without authorization and crashed the mail server.
Courts increasingly are adopting electronic case file management, a system that places all the filings from a court proceeding online. Electronic case files may contain Social Security numbers, account numbers, medical information, and other sensitive information. Online access to this information may result in identity theft and unwarranted invasions into privacy.
New products may be employed to help protect privacy. A new company called Telespree will begin selling $30 disposable cellular phones later in 2001. Also, American Express offers an anonymous shopping card that can be purchased at convenience stores.
Consumer advocate Ralph Nader has called on officials to establish an Internet Bill of Rights. The rights would provide individuals greater protections from online fraud and privacy violations.
WebMD, an online medical information web site, has been temporarily ordered by a federal judge to resume sending user data to Quintiles. WebMD had withheld the data over concerns that patients could be personally identified. Quintiles uses the data for marketing to drug companies.
The Online Privacy Alliance, an industry group with membership including Microsoft, AOL Time Warner, and IBM, has launched an attack on privacy legislation. The group released four industry-funded reports yesterday claiming that privacy legislation would impede business by imposing billions in costs to consumers.
A new report released by Privacilla claims that government agencies routinely share personal information on citizens. The report recommends that Congress make a comprehensive review of government information practices
Copy protection systems present challenges to privacy rights, as authentication of ownership usually requires that the user reveal his or her identity. A new copy-protection system called "InTether" illustrates this problem. InTether has the ability to determine the identity of potential recipients of a copy-protected file. If a user attempts to circumvent InTether, the program destroys the copy-protected documents.
New wireless surveillance cameras in Britain will enable police to monitor individuals with portable computers. Since the technology does not require cable, it will allow police to increase monitoring of rural and suburban areas. Currently, individuals in Britain are likely to be monitored by up to 300 cameras a day.
The ACLU, EPIC, and several library associations will file suit to challenge the Children�s Internet Protection Act (CIPA). CIPA requires schools and libraries that receive federal funds to implement Internet content filters for their web-connected computers. The groups will challenge CIPA on First Amendment and Due Process grounds.
Exploiting a well-known hole in the Microsoft operating system, a group of cyber vandals has stolen over one million credit card numbers from commercial web sites.
A study commissioned by the National Science Foundation urged election officials not to adopt remote Internet voting systems. Such systems allow a voter to cast a ballot from any location with Internet access. According to the report, these systems present significant security, reliability, and social effect issues. However, Internet voting systems deployed at polling sites could provide benefits and be implemented soon.
Online privacy faces new challenges as the recording industry may start targeting individual users to stem the trade of pirated music. Experts predict that the Napster decision will result in increased pressure on ISPs to monitor networks and address individual users accused of trading copyright protected files.
Hotmail, a free e-mail service, has posted users� e-mail addresses, cities, and states to Infospace, a Internet white pages directory. The combination of Hotmail user information with the Infospace directory creates privacy risks, as the Infospace already directory contains individuals� addresses and phone numbers. Users of the Hotmail service must "opt-out" of this information sharing.
Privacy International unveiled the Big Brother and Brandeis Awards at the 2001 Computers, Freedom, and Privacy Conference in Cambridge, Massachusetts last week. The "winners" of the Big Brother Award included the FBI, Choicepoint, and the National Security Agency. Evan Hendricks and Julie Brill were honored with Brandeis Awards for their efforts to protect privacy.
Several companies have developed new programs to detect web bugs. Web bugs are imperceptible images placed on web sites used to track Internet browsing habits. According to a recent report by Security Space, DoubleClick, Excite, and Linkexchange are the most frequent users of web bugs.
AOL Time Warner filed a brief in support of protecting the anonymity of Internet users who post messages to web bulletin boards. In the brief, the company argued that lawsuits against anonymous posters threaten free speech rights.
Senator Bill Nelson (D-FL) has introduced two privacy bills. S. 450, the Financial Institution Privacy Protection Act of 2001, would amend the Gramm-Leach-Bliley Act (FSMA of 2000) to protect health information and provide an opt-in standard for data sharing among financial institutions. S. 451, the Social Security Number Protection Act of 2001, establishes penalties for the sale or purchase of a Social Security number.
Wireless devices will soon have the ability to pinpoint users� location with a high degree of accuracy. The collection and use of this data presents privacy challenges, as tracking technology may be implemented to monitor employees, to send advertisements over wireless devices, and to profile consumers based on their travels.
Although the implementation of the new HIPAA medical privacy regulations has been delayed, controversy still follows certain provisions that allow marketers to contact patients based on their medical records. Under the rules, patients must opt-out of this marketing.
Corporate executives who collect data from consumers oppose being profiled themselves. Junkbusters recently asked executives involved in consumer profiling whether they would mind being profiled for an upcoming FTC workshop on consumer data gathering. The corporate executives either didn�t reply to the request, or refused Junkbusters' request.
The New York Times has published an article reviewing the work of Professor Pamela Samuelson. Samuelson is a pioneer in public-interest advocacy, and she recently made a donation with Robert Glushko to EPIC to enable the development of the Internet Public Interest Opportunities Program at EPIC.
WebMD is seeking to end its agreement to provide medical information to Quintiles. Since May 2000, WebMD has amassed data from its health care information site and sold it to Quintiles. Quintiles uses the data for marketing to drug companies. WebMD claims that the data could identify individuals if combined with other available databases.
The House Subcommittee on Commerce, Trade and Consumer Protection held a hearing yesterday to examine privacy in the commercial world. EPIC Executive Director Marc Rotenberg testified that privacy legislation has historically been a component of American law, and that Congress has consistently passed laws to protect privacy as new technologies emerge.
Radiate, a company that creates advertising programs for shareware, has settled a class action spyware suit. Radiate created programs that were including in popular software such as CuteFTP. The programs, according to the plaintiff attorneys, monitored the users without their knowledge or permission.
Patients and doctors are increasingly aware of the privacy problems created by the collection and dissemination of medical information by health providers and marketers. Patients� medical information may be used to deny insurance coverage or employment. Doctors report that a loss of privacy will result in patients providing inaccurate or incomplete information.
The Justice Department has attempted to gain Supreme Court review of a lower court�s decision that held the Child Online Protection Act (COPA) unconstitutional. COPA was designed to protect minors from "harmful material" posted on commercial web sites as measured by "contemporary community standards." In 2000, a federal appellate court found that COPA impermissibly burdened free speech, and enjoined its enforcement.
