Lawyers for an alleged organized crime boss are challenging the FBI�s use of a keystroke sniffer to capture passwords and other information entered into a computer. Keystroke sniffers record every key pressed on a keyboard. The lawyers challenging the use of the sniffer argue that since the device captures every key typed, its use does not comply with requirements to narrow searches to capture only criminal communications. Further, the lawyers argue that the FBI followed inadequate procedures in obtaining the authority to install the keylogging system.
CNET has published an article that tracks the sources of spam. The article concludes that certain behaviors, such as posting to message boards, using America Online chatrooms, and participation in online lotteries such as iWin and GroupLotto, tend to be the biggest causes of spam.
EPIC has sent a letter to the Senate Judiciary Committee requesting members to consider privacy when questioning FBI Director Nominee Robert Mueller next week. EPIC specifically requested that the committee consider the Mueller�s stance on new surveillance technologies such as Carnivore, the federal government�s purchase of personal information from brokers such as ChoicePoint, and the agency�s compliance with the Freedom of Information Act.
A US Federal District Court has allowed a challenge to the Children�s Internet Protection Act (CIPA) to go to trial in February 2002. CIPA mandates the installation and use of Internet content filters on computers at federally-funded libraries and public schools. Earlier this year, EPIC, ACLU, and ALA brought suit to challenge CIPA.
AOL is implementing "Magic Carpet," an online identification and authentication scheme similar to Microsoft�s Passport. Magic Carpet would be an online storage system for individuals� personal information.
The International Biometric Group has formulated privacy standards for the use of biometric technologies. Also, Visionics, a provider of facial recognition technology, has advocated the adoption of federal legislation to enhance individuals� privacy protection.
EPIC will file a FTC complaint against Microsoft for linking the XP operating system with the Passport identification and authentication system. EPIC will argue that the bundling of the OS and system constitutes unfair and deceptive trade practices. Also, the Senate Judiciary Committee plans to hold hearings on Microsoft to examine the company�s involvement in Internet-related antitrust issues.
The House of Representatives has passed a Department of Justice spending bill that will require the agency to submit reporting on the Carnivore system. The reporting requirements include information on how many times Carnivore has been used, the approval process and criteria for employing the system, and what unauthorized information has been captured by the system.
The Chilren�s Internet Protection Act of 2000 (CIPA) will be challenged in a full trial to be held in February 2002. CIPA requires public libraries and schools that receive E-rate funding to install Internet content filters. Challengers to the statute, including ACLU, ALA, and EPIC, argue that CIPA will restrain access to protected expression.
The 3rd U.S. Circuit Court of Appeals has held that prisoners have a constitutional right to medial privacy. In the case, prison officials allowed inmates to overhear conversations between a prisoner with HIV and health care providers.
A review of polices at banks, mutual fund companies, and credit card companies shows that many financial institutions release confidential account information with inadequate security measures. Many financial institutions are using commonly available authenticators, such as the Social Security Number and mother�s maiden name as passwords. This article also describes the identity theft case of James Rinaldo Jackson. Jackson purchased $750,000 in jewelry using money acquired from affluent persons� bank accounts. Jackson gained access to the accounts by purchasing Social Security Numbers from information brokers and using the identifiers to access credit card and bank accounts.
A class-action suit against Hooters, a restaurant chain, for sending "junk faxes" has resulted in a $12 million judgment. Hooters, in violation of the Telephone Consumer Protection Act, sent unsolicited fax messages to over 1,300 individuals in Augusta, Georgia.
The Washington Post has published an opinion-editorial examining biometric identifications such as facial recognition, fingerprinting, and DNA databases.
Attorney General John Ashcroft has announced a plan to create the Computer Hacking and Intellectual Property (CHIP) units. CHIP will be a system of ten offices concentrating on the prosecution of computer crime. Attorneys in the units will be trained to prosecute computer intrusion, copyright violations, and fraud on the Internet.
Seth Finkelstein, a founder of the Censorware Project, is featured in the New York Times for his activism in revealing the flaws in Internet content filters.
LifeMinders, an e-mail marketing company with 20 million subscribers, is being purchased by Cross Media, a direct marketing company. Cross Media will use the data to send advertisements by postal mail, e-mail, and voicemail to subscribers.
Hewlett Packard (HP) is developing "pervasive computing," a system where all objects, including humans, will have a web presence. The project, called HP Cooltown, sends custom services to individuals based on consumer profiling. School Administrators in Vancouver, Washington are incorporating the system into classrooms in order to provide personalized learning experiences. In addition, Cooltown will automatically serve students personalized information when they enter the library or log on to the Internet.
A study conducted by the Carnegie Endowment for International Peace concludes that authoritarian governments can and have controlled political speech on the Internet. Authoritarian governments have controlled this speech through limiting Internet access, filtering content, and monitoring Internet use.
A recently published article in the Internet Law Journal describes the Platform for Privacy Preferences (P3P) protocol and weaknesses inherent in the system.
Members of the Privacy Coalition, a nonpartisan group of consumer, civil liberties, educational, family, library, labor, and technology organizations, met with Federal Trade Commission Chairman Timothy Muris. The Coalition urged Muris to create a dedicated complaint handling system for privacy violations with detailed annual reporting, to store privacy complaints in the Consumer Sentinel database, and to revise the agency�s view of "unfair and deceptive practices" as they apply to privacy cases.
Net activists plan to attempt to "Jam" the Echelon surveillance system on October 21, 2001. Echelon is a global communications surveillance system operated by the United States, United Kingdom, Canada, Australia and New Zealand. Its capabilities are classified, however, it is suspected that Echelon can monitor phone, Internet, e-mail, and satellite communications worldwide.
Police in Huntington Beach, California have contracted with biometric companies to purchase imaging-based law enforcement technology that includes facial recognition and regional data-sharing capabilities. The system will enable police to receive wireless transmissions of mug shots and arrest records.
The Supreme Judicial Court of Massachusetts has held that secretly recording an encounter with a police officer violates the state�s electronic surveillance law. In the case, a driver secretly recorded a conversation with a police officer and presented it to police headquarters alleging harassment. The driver was charged with violation of state wiretapping laws and ultimately sentenced to six months of probation.
Stewart Alsop argues in Fortune that Microsoft is using its monopoly power to collect data on users. Users of Microsoft Reader, for instance, must first register with Microsoft�s Passport service before accessing e-books. Microsoft also requires registration with Passport when purchasing new software such as Microsoft Office.
A New Jersey Superior Court has held that a corporation can not use court process to identify an anonymous Internet board poster without first demonstrating harm. In future cases, companies wishing to identify anonymous Internet posters will have to comply with specific guidelines to protect speech. Public Citizen and the ACLU participated in the case as amici.
A House Judiciary Subcommittee is holding hearings on the privacy implications of the Whois database. The Whois database contains the personal contact information of persons who have registered a domain name. Marketers who use the contact information for spam and direct mail advertisements frequently mine the database. In addition, VeriSign, a leading domain name registrar, sells Whois information to marketers.
At a hearing on Internet Privacy in the Senate Commerce Committee, several key Senators expressed support for strong privacy protections in law. At the hearing, Chairman Hollings (D-SC), former Chair McCain (R-AZ), and Senator Kerry (D-MA) announced their intention to introduce Internet privacy legislation. In addition, Senator Edwards (D-NC) announced the introduction of a new bill that would require notice and opt-in consent for the commercial use of location information harvested from wireless devices. EPIC Executive Director Marc Rotenberg testified at the hearing in support of privacy legislation that incorporates Fair Information Practices.
Representative Tom Davis (R-VA) reintroduced a bill that would create a new exemption to the Freedom of Information Act (FOIA) regarding "cybersecurity incidents." The new exemption would allow the government to deny FOIA requests for information relating to cybersecurity lapses in the private sector.
Patients in Pulaski, Virginia will be fingerprinted before receiving OxyContin from local pharmacies. Police in Pulaski are implementing the fingerprint requirement to stem the illegal sale of the drug.
Kenneth Prewitt, the former director of the Census Bureau, has urged the Office of Management and Budget to withhold data that links responses to small geographic areas. The Census Bureau is required by law not to release data that can be "re-identified" by others. Recent developments in profiling and statistical programs, however, can link individual citizens to their Census data.
Robert S. Mueller, a U.S. Attorney from San Francisco, has been nominated by the Bush Administration to head the Federal Bureau of Investigation. Mueller is reported to have expertise in prosecution of technology crimes.
The Department of Health and Human Services (HHS) issued guidelines to clarify privacy regulations that were developed pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The agency likely will change the privacy rule to allow parents more access to their children�s medical records.
A former employee of Lockheed Martin IMS testified in a San Diego court that red-light cameras developed by the company were designed to increase profit revenue rather than safety. The employee testified on behalf of 290 drivers who challenged citations issued by red-light cameras in San Diego. The company receives $70 each time a $271 citation is paid by a citizen.
The ACLU sent a letter to the Federal Trade Commission asking the agency to investigate Eli Lilly for privacy violations. Eli Lilly, a major drug manufacturer, accidentally disclosed the e-mail addresses of hundreds of patients using Prozac, an antidepressant.
Microsoft Windows XP will require users to authenticate their ownership of the operating system online. The authentication protocol will store a profile of the user�s system configuration in order to bind each copy of XP to a specific computer.
Gambling casinos have developed extensive profiling techniques to amass data on their customers. One casino maintains a six-terabyte database of consumer information.
The Connecticut Department of Consumer Protection has ruled that Acme Rent-A-Car cannot use GPS devices installed in rental cars to fine users for speeding. However, the company will be able to continue tracking rental car users with GPS devices.
District of Columbia police plan to add six photo-radar devices to catch speeding drivers. The city has chosen 40 to 60 sites for enforcement. Locations of the cameras will be posted on the DC Police Web Site.
Police in Ybor City, Florida are installing remote-control cameras equipped with facial recognition software in public areas. When the software detects a facial resemblance to a person in a "mug shot" database, the police are summoned to accost the suspect.
