Technologies that scan faces and fingerprints will become a standard part of travel for foreign visitors to the United States next year, and eventually for all travelers in the country. The change is mandated by border security legislation passed by Congress last May. The government has started issuing border-crossing cards for Mexican citizens and green cards for permanent residency that display fingerprints and photographs. By next October, the 27 countries whose citizens can travel to the United States without visas must begin issuing passports with computer chips containing facial recognition data or lose their special status. Given the complexity of the technology, many countries are struggling to meet the deadline, and some people in the industry say the deadline may have to be extended.
In a case that pits privacy against free speech, a Seattle federal judge has permanently blocked state regulators from enforcing rules intended to safeguard call-detail information for more than 700,000 Verizon customers in Washington. The case, brought by Verizon, challenged the privacy rules implemented by the state of Washington that required the company to get permission from customers before it used call-detail information for marketing purposes.In the decision, U.S. District Judge Barbara Rothstein ruled the regulations could be more narrowly tailored and thus run afoul of Verizon's First Amendment rights to communicate with its customers.
A contentious debate is forming around the issues of spyware - software that can track which websites a computer user visits. Marketers implant the software on computers to better tailor their online advertising, and they argue that the practice helps consumers by targeting their interests. But many individuals find spyware invasive. And many companies that rely on Web sites to reach many of their customers, have filed suits against spyware makers, arguing that they are violating copyright and trademark laws by popping up ads when people visit the plaintiffs' sites.
Dan McTeague, a Canadian Member of Parliament, has announced
plans to introduce an anti-spam private members bill in the fall. The proposed bill would ban repeat bulk advertisements without consent. Canada's Industry Canada has launched a consultation into the prospect of anti-spam legislation. Law would can spam Calgary Sun, August 26, 2003
Japan's national computerized ID system became fully operational today. The online database, which contains every citizen's name, address, birthdate and sex, is the centerpiece of a government initiative to speed administrative procedures such as filing change-of-address forms and applying for passports. The data stored in the system was initially used internally by the government, but now local governments are issuing Juki Net ID cards, which allow citizen access. The nation's Parliament passed a long-debated law in May to protect personal information from abuse by bureaucrats, however, three local governments continue to boycott the system, and a citizens' group reportedly plans to seek a court injunction to block operations.
A lawsuit is challenging a Louisiana law that that allows authorities to collect DNA from people accused of sexual or violent crimes before they have been convicted. In a civil lawsuit filed last month, noted DNA attorney Barry Scheck, along with several local attorneys, are seeking to determine whether people have a right to privacy for their DNA records. The suit also questions the parameters under which law enforcement can obtain such evidence from innocent people. The suit is related to the Lousiana investigation of a serial killer, in which over 1,200 cheek swabs were collected by investigators and stored in a government database.
UK grocer Tesco has dropped its trial of RFID tags in Gillette products in a Cambridge store. The store was hit with protesters and a boycott Gillette movement was launched following announcement of the trial. In a recent statement, Gillette denied that it ever intended to use the technology to track consumers.
Prosecuters in Jackson County, Missouri recently instituted a policy requiring DNA samples from anyone wishing to plead guilty to a felony. Prosecuters believe the samples can be a useful tool in solving violent crimes. The county Public Defender's office, however, is opposed to the practice and is recommending that its clients not comply. Other states, including Virginia, require DNA even from people who were only arrested and questioned.
The California state legislature passed a financial privacy bill that will give its residents the strongest financial privacy protection in the nation. The bill, sponsored by state Senator Jackie Speier (D), requires financial institutions to get permission before sharing personal customer data with other companies. Customers will also be able to request that their data not be shared between affiliated companies. California governor Gray Davis promised to sign the bill into law. The bill could lay the groundwork for national financial privacy policy.
Certain types of data mining activity from check images is permissible, according to W. John Funk, Esq., a shareholder and director at New Hampshire-based law firm Gallagher, Callahan & Gartrell. Many banks create and maintain check image archives on behalf of their customers, thus wielding control over a potentially valuable source of marketing information. Funk says that exemptions in both the Gramm-Leach-Bliley Act and the FCRA could allow banks to use this information for profit. However, banks would have to state their practices within their privacy notices to consumers, and provide opt-out provisions if any information were to be shared outside of the bank.
A defense lawyer in a New York terrorism prosecution has accused the government of mishandling the computerized surveillance records of thousands of phone calls, faxes and computer data gathered under court orders from the Foreign Intelligence Surveillance Court, the nation's secret intelligence court. The allegations were made in a court filing by Michael Tigar, the lawyer who represents Lynne F. Stewart, the prominent attorney who faced charges of supporting terrorism before a federal judge dismissed them against her and two co-defendants last month.
Timothy J. Muris, the head of the Federal Trade Commission, weighed in on recent legislative efforts to curb email spam in a speech at an annual technology-policy forum in Colorado. Muris criticized several proposed bills, including one that would create a national do-not-spam registry, as ineffectual. His remarks could put a damper on the prospect for congressional action this year.
The Department of Housing and Urban Development has proposed guidelines for Homeless Management Information Systems (HMIS) that are extremely privacy invasive. The system would require communities to collect unique identifiers and health information from everyone who seeks care. This information would be stored for at least seven years, and law enforcement access to the database is broad. Any member of the public can comment on HMIS until September 22, 2003.
Korea has introduced a new, tougher anti-spam bill. The bill increases the fine that can be levied against marketers that send emails to recipients that have said they do not want them. The bill also supports anti-spam software developers.
China is set to replace its current citizen identification card system with a new electronic version, which will store all the personal information of its 960 million eligible citizens on chips that can be accessed by authorities at any time. China's top legislative body, the Standing Committee of the National People's Congress, passed the National Citizen ID Law, approving the cards, this past June. The cards are to be tested early next year, first in Shanghai, Shenzhen and Huzhou, a city in Zhejiang Province.The government hopes the new system will help streamline operations and eliminate fraud associated with the current system, but it will also put a vast amount of personal data at the fingertips of government.
An Internet scam to obtain personal information from consumers has been operating under the guise of Citigroup Inc. corporation. Thieves have been sending out emails designed to look like official Citibank communication, replete with corporate logo, and direct customers to a site where they are asked to update their personal data, including social security number. Citigroup said it is working with law enforcement officials to investigate the fraudulent e-mails, adding that it doesn't ask customers to provide sensitive information in this way.
The Minneapolis Public Library settled a lawsuit brought against it by a dozen librarians, who claimed that easy access to Internet pornography created a sexually hostile work environment. As part of the settlement, the library agreed to consider using Internet filters to restrict patron's access to porn, and to pay $435,000 in damages to the plaintiffs.
New privacy rules instated under the Health Insurance Portability and Accountability Act (HIPAA) are causing confusion for many medical practitioners across the country. The overwhelming majority of problems appear to be the result of misunderstanding the law's requirements or erring on the side of withholding information to avoid inadvertently violating the new restrictions. Thus, while the regulations ensure the security of medical records, they are causing headaches for insurers, physicians and patients seeking information.
Banks and insurance companies have dropped their opposition to a California privacy bill that will provide state residents with the highest level of financial privacy protection in the U.S. The agreement comes with the condition that the bills be passed by both houses of the Legislature by Tuesday.
Gillette became one of the first companies to test out radio frequency identification (RFID) tags on its products, attaching the devices to its Mach 3 razor blade packages. The tags consist of chips that emit radio signals that allow the products to be tracked. The tagged razors have been sold in U.K. supermarket chain Tesco's Cambridge, England store. U.S.-based group Consumers Against Supermarket Privacy Invasion and Numbering (Caspian) is urging a worldwide boycott against Gillette over the tagging concerns.
Los Angeles-based startup firm TouchCredit Financial Services Inc. claims it has developed a system to ensure fraud-free transactions on the Internet. The company developed a technology that can verify consumers' identities expertly through the sound of their voice, the way they type on a keyboard or by their fingerprint. It claims this system will protect consumers and merchants from fraud and speed up e-commerce. TouchCredit downplays privacy concerns, saying the company doesn't store the personal information itself and that the system is impossible to hack.
Two organizations, the American Civil Liberties Union and the Center for Constitutional Rights, have filed seperate suits challenging sections of the USA Patriot Act. In their suit filed in federal court in Detroit, the ACLU is representing groups that believe they, their clients or members have been, or are, targets of investigations conducted under Section 215 of the act, which amended the Foreign Intelligence Surveillance Act of 1978. The Center for Constitutional Rights filed a suit in Los Angeles on behalf of the Humanitarian Law Project that challenges a Patriot Act amendment to the 1996 Antiterrorism and Effective Death Penalty Act making it a crime to provide "expert advice and assistance" to groups designated as "terrorist" by the secretary of state. Both challenges are expected to face major obstacles, but are bringing attention to controversial aspects of the Patriot Act.
Jose Luis Alvarez is a 39-year-old suburban businessman and father of four who gets harassed by federal agents every time he returns from an international business trip because he shares the same name as a fugitive. Despite carrying documents from U.S. Customes officials verifying his identity, Alvarez has been subjected to invasive detentions approximately 50 times.
The South Carolina High Court issued a ruling addressing the question of whether victims of identity theft have a valid claim of negligence against a credit card company that issues a card to an imposter. The court ruled that credit card companies could not be held responsible for enablement of imposter fraud, as the relationship between credit card issuers and victims of identity theft is too attenuated to rise to the level of a duty between them. Case name is Huggins v. Citibank.
In an attempt to stem identity theft, federal banking regulators proposed guidelines for notifying bank customers of any security breaches in their computer networks that could jeapardize individual data. The propopsal directed financial institutions to alert customers directly regarding any unauthorized access to personal information, as well as flag at-risk accounts and monitor them for suspicious activity.
The school district in Biloxi, Mississippi became the first in the nation to implement a system of Internet-wired video cameras, nearly 500 total, to monitor its classrooms and hallways 24 hours a day. The district, which is comprised of some 6,300 students, cites security concerns as the basis for its camera use. Only designated school officials and security personnel are allowed to view the footage, which can be displayed on a computer linked to the Internet. Other school district in the U.S. and England are beginning to experiment with classroom webcams, as well.
The President's Commission on the Postal Service recommended collaborating with the Department of Homeland Security to study the development of sender-identification requirements for all mail. A proposed system, called "Intelligent Mail," would use tracking codes to verify who sends and receives mail through the U.S. Postal Service. The commission cited the system as a way to improve the security of the postal network, as well as assist businesses and consumers in tracking their mail. Critics, however, warn that eliminating the ability to send anonymous mail could infringe on individual privacy rights.
A new ballot measure, Proposition 54 or the Racial Privacy Initiative, will be voted on in California along with the gubernatorial recall on October 7. The initiative proposes to ban California government from gathering information from people regarding their race, ethnicity, color or national origin, with exceptions for medical research or to meet court decrees and federal requirements. Advocates of the initiative, which is backed by businessman and University of California regent Ward Connerly, assert that eliminating racial statistics will promote a colorblind society. However, opponents argue that such tactics will hamper efforts at monitoring and promoting minority issues and advances. Other states are watching California's efforts closely, and the debate is likely to have national implications.
Bills considered in Congress this session to renew provisions of the Fair Credit Reporting Act may weaken state privacy protections. The bills, which contain provisions that preempt state laws that regulate affiliate sharing and prescreening, may stop state legislatures from passing privacy-friendly laws.
Affiliate sharing is the transfer of confidential consumer information amongst companies with common ownership. Affiliate sharing presents problems because some larger financial institutions, such as Bank of America and Citibank, have well over 1,000 affiliates. Prescreening occurs where credit reporting agencies sell lists of individuals' names to credit card companies for unsolicited offers of credit. This presents significant privacy risks, as organized crime has been known to target these offers in order to engage in credit card fraud.
Many states provide privacy protections that far exceed federal law. For instance, in the context of credit reporting, six states (Massachusetts, New Jersey, Maryland, Vermont, Georgia and Colorado) have laws allow individuals to get free credit reports. Residents of other states have to pay up to $9 a copy.
The horrors and headaches of identity theft are all too real for too many Americans in this day and age. Take for example the experience of Michael Berry, a 33-year old Arlington resident whose personal information was stolen and used by a convicted killer to run up thousands of dollars in credit card bills. And Berry is one of what varying estimates peg as from 750,000 to 12 million victims of identity theft each year.
Identity theft is a crime that has spread with the growth of electronic records and data and the increasing availability of our personal information to government, businesses, and credit agencies. While there�s no consensus on what�s the best approach to squelching identity theft, it�s clear tighter security and government regulation are needed.
The Department of Education is awarding grants to educational institutions that administer drug testing programs on students. The agency is set to award $2 million in grants in fiscal year 2003.
