Microsoft has begun a pilot program to track companies that purchase computers without the Windows operating system. Microsoft awards points to system builders who forward orders for computers without Windows to Microsoft. The points are redeemable for prizes.
A federal judge has approved a settlement regarding Amazon.com�s Alexa service, which includes a program that can track users� online movements to provide links to services and products. The plaintiffs in the suit alleged that Alexa illegally collected personal data in violation of federal statutes.
A panel of experts assembled at Columbia University argued that encryption technologies cannot protect privacy on the Internet with privacy protections.
The fiscal year 2002 Department of Justice budget will include increased appropriations for fighting cybercrime. DOJ will receive $33 million more in funding, with the majority dedicated to anti-encryption efforts and digital evidence preservation.
Cyber Crime, Tech Law Journal Daily Report, April 27, 2001.
Last week, the Federal Trade Commission brought cases against three companies that obtained individuals� financial information illegally through pretexting. The FTC is now pursuing the purchasers of the information gained illegally. Purchasers of the information included Bank One, State Farm Insurance, and various law firms.
Increasingly, retail sales stores have collected customers� e-mail addresses to conduct marketing. Data marketers are attempting to link off-line purchases with online personalities to build more comprehensive profiles of consumers.
A parliamentary assembly has approved the Council of Europe Cybercrime treaty. The treaty will now return to committee for final drafting. As written, the treaty expands police powers and requires Internet Service Providers to retain records to aid law enforcement investigations. The final draft may also include language prohibiting the transmission of hate speech on the Internet.
An American Management Association annual survey reports that 78% of major companies engage in workplace monitoring, an increase of 4% over last year. A related report by the Privacy Foundation details trends in workplace surveillance.
The National Association of Attorneys General (NAAG) meeting in Cambridge has focused on Internet privacy issues. Republican Senator Richard Shelby (AL) spoke at the conference, advocating strong federal privacy legislation that allows states to pass even tougher laws.
The Secure Digital Music Initiative (SDMI) is threatening a suit against a Princeton University Professor for publishing a paper exposing weaknesses in watermark technology. Digital rights management (DRM) systems, such as SDMI and copyright protection for removable media (CPRM) often invade privacy by requiring a purchasers of electronic content to identify themselves and their rights to access the file.
Professor David Sorkin has published a law review article on spam. The article discusses the difficulty in defining spam, failed self-regulatory attempts to curb spam, and possible legal and technical solutions to address the spam problem.
The Internet Law Journal has published its April 2001 issue online. Topics include E-SIGN (Electronic Signatures), Pretty Good Privacy, the opt-in and opt-out debate, and content protection for removable media (CPRM).
A federal court in Washington has denied the request of an Internet company to learn the names of persons who anonymously criticized it in a chat room discussion. The court held that the company had not provided sufficient evidence to overcome the posters� First Amendment rights.
Privacy advocates met with Attorney General John Ashcroft yesterday to discuss law enforcement surveillance. The chief topic of discussion was Carnivore, the police Internet surveillance tool which has been employed at least 25 times to monitor people. Attorney General Ashcroft reportedly has not taken a stand on Carnivore.
The Federal Trade Commission has settled three cases against web sites that violated children�s privacy, and ran afoul of the Children�s Online Privacy Protection Act. The three sites were illegally collecting personally identifying information from children. The three site operators have agreed to pay $100,000 in civil penalties for the violations and erase all personally identifying information collected since the COPPA rule was put into effect.
The Center for Media Education has released a report showing that the Children�s Online Privacy Protection Act of 1998 has limited manipulative business practices. However, protecting children�s privacy online could be improved by promoting clear and prominent privacy policies, limiting the amount of information collected, allowing anonymous registration, and by increasing compliance with parental consent requirements.
A recent commission proposal advocates the creation of digital safe deposit boxes for Dutch citizens. Citizens, government, and law enforcement would have access to the register of information. Citizens would also be encouraged to store their medical and financial information in the register.
The Federal Trade Commission has filed three lawsuits to stop information brokers from illegally obtaining privacy financial information through "pretexting." Pretexting is the use of false pretenses, fraudulent statements, or impersonation to obtain financial information of another person.
This story details the activities of David Ritz, a crusader against unsolicited commercial e-mail. Ritz is one of a number of activists that attempt to free the net from spam, especially as the unwelcome e-mail clogs Usenet groups.
Preliminary results from a congressional report shows that government web sites are still employing cookies, contrary to a Clinton administration rule banning the practice. The report examines 16 agencies, and shows that 64 federal web sites plant cookies on users� hard drives. The report is being conducted by the Inspector General Office.
An appeals court has upheld an FTC order compelling Trans Union to stop using consumer report data for marketing. Trans Union, one of the major credit reporting agencies, was selling targeted marketing lists of persons who recently received automobile loans, mortgages, and credit cards. The company claimed a First Amendment right in using this information for marketing purposes.
Microsoft�s .Net system calls for consumers to store their data in a central database on the company�s computers. While Microsoft has urged consumers to trust their data with the company, Microsoft has lobbied against privacy legislation that would extend consumers rights in law.
The FBI, IRS, and numerous other agencies are purchasing personal information from private-sector brokers such as Choicepoint and Lexis-Nexis. The information includes personal assets, aliases, birthdate, social security number, addresses, driving records, phone numbers, and other information. Government agencies purchase this information from outside sources in order to evade internal policies and the Privacy Act of 1974.
The Department of Health and Human Services (HHS) has announced that federal health privacy regulations will take effect on April 14, 2001, as previously scheduled. Previous reports indicated that HHS Secretary Thompson would delay or weaken the protections. Instead, changes in the regulation will be made after its implementation.
Amtrak is providing the DEA with ticketing information about passengers in an effort to stem the flow of illegal drugs. DEA agents have direct access to an Amtrak computer that contains information on passenger names, origination points, destinations, and payment information. In exchange for access to the database, Amtrak receives 10% of whatever seizures the DEA makes using the information.
Truste, an industry privacy group, announced that companies undergoing a merger, acquisition, or bankruptcy should hire an auditor to prevent violations of privacy policies.
To date, over forty bills have been introduced in the US Congress that implicate privacy issues. The bills cover computer security, online privacy, medical privacy, use of social security numbers, student privacy, telemarketing, fair credit practices, and spyware. Privacy legislation, thus far, has been a bi-partisan effort, as both parties have introduced over twenty bills.
Majority leader Armey sent a letter to Congress yesterday urging legislators to "go slow" on privacy, and to focus on governmental invasions of privacy before exploring private-sector abuses. EPIC has responded to Representative Armey's letter, and challenged him to continue a strong American tradition of protecting individuals from both governmental and private sector invasions of privacy. The EPIC letter sets out specific areas in which citizens� privacy could be further protected from governmental actions.
A new ACLU campaign has emphasized government surveillance of personal communications. In advertisements printed in major publications, ACLU warns that the government is increasingly engaging in unwarranted surveillance in violation of the Fourth Amendment.
A study conducted by Mark Hochhauser, a readability consultant, found that most opt-out notices contained in financial statements are written at a college reading level. The notices analyzed are required by the Financial Services Modernization Act (GLBA), a law that allows individuals to opt-out from certain information sharing
Republican leader Dick Armey (R-TX) has urged fellow legislators to retard progress on privacy legislation. Armey wrote that the new economy could be endangered by privacy protections.
The Bush Administration has decided to revise medical privacy regulations issued in the last weeks of the Clinton Administration. The regulations would have given patients a number of rights, including notice, consent, access, redress, and enforcement.
This article in the New York Times details police efforts to obtain book sales records at the Tattered Cover bookstore in Denver, Colorado. Increasingly, police have attempted to gain access to book lists in order to tie criminal suspects with crimes. Such practices can have a chilling effect on freedom to read and research.
A study conducted by the First Amendment Center and the American Society of Newspaper Editors found that Americans are in favor of robust access to public files. However, a majority of the respondents support increasing privacy protections, even if the protections burden journalists from accessing public information.
Federal officials testifying at a House subcommittee hearing said that cyber vandals increasingly are successful in gaining access to government computers. Thirty-two agencies reported that cyber vandals took control over 155 computers in the last year.
The House Commerce Subcommittee on Commerce, Trade, and Consumer Protection held a hearing on federal statutes addressing information privacy. The committee heard testimony on Customer Proprietary Network Information, the GLBA, the FCRA, and TiVo. The Tech Law Journal has links to the broadcast of the hearing, and the written testimony of the speakers.
Privacy Hearing, Tech Law Journal Daily Report, April 4, 2001.
A city in Washington State has sued a web site operator for posting the home addresses, phone numbers, salaries, and social security numbers of police officers. The city is considering legislation to increase privacy protection for city employees.
A suit alleging that DoubleClick improperly collected information from Internet users is still pending in California, despite the recent dismissal of a similar federal case. The attorney in the California case, Ira Rothken, alleges that DoubleClick combined data from its online tracking with an offline marketing database.
Representatives Dingell (D-MI), Towns (D-NY), and Markey (D-MA), have urged the FTC to investigate TiVo for unfair or deceptive trade practices. TiVo manufactures personal video recorders which collect information on customers� viewing habits.
A standards setting body rejected plans to include Content Protection for Recordable Media (CPRM) directly into computer hardware. Such technology invades individuals� privacy, as users are typically required the authenticate ownership or gain permission before accessing files protected by CPRM.
Plaintiffs who have brought suit against CVS for selling customers� prescription and medical data have been granted class status by a New York court. The case is Anonymous v. CVS Corp, 604804/99.
EBay, the online auction site, has altered its privacy policy to allow the transfer customer data if the company is bought or merges with another company.
The terms of use agreement for Passport services gives Microsoft and its business partners rights in users� data. These rights include the ability to use, modify, copy, distribute, and sell information transmitted on Hotmail and MSN Messenger accounts.
