Daily updates on privacy stories in the news.

May 2007 Archives

« April 2007 | Main | June 2007 »

FTC Investigates Google/DoubleClick Merger

The Federal Trade Commission has opened a preliminary antitrust investigation into Google's planned $3.1 billion purchase of the online advertising company DoubleClick, an industry executive briefed on the agency's plans said Monday. The inquiry began at the end of last week. In the days after the planned merger was announced, EPIC and two other advocacy groups, the Center for Digital Democracy and the United States Public Interest Research Group, filed a request (pdf) for the FTC to investigate the privacy implications.

Google deal said to bring U.S. scrutiny, New York Times, May 29, 2007.

EU Data Privacy Panel Investigates Google Data Retention Practices

An independent EU panel has launched an investigation into whether U.S.-based Google Inc.'s Internet search engine abides by European Union privacy rules, officials said Friday. EU spokesman Pietro Petrucci said the 28-member panel, which advises the European Commission and EU governments on data protection issues, wants Google to answer concerns about the company's practice of storing and retaining personal information taken from users for up to two years.

EU data privacy officers launch investigation into Google's Internet search engine, Associated Press, May 25, 2007.

Government Audit Finds FBI Network Filled With Security Holes

A critical FBI communications network containing sensitive law enforcement and investigative data is rife with security flaws and is vulnerable to attacks from outsiders and insiders alike, according to an audit released Thursday by the Government Accountability Office. The unnamed network is part of the long delayed and scandal plagued Trilogy system that the FBI wants to replace its network of computers and networks, which for years was so bad that agents reportedly couldn't email one another.

Critical FBI Network Full of Security Holes, Government Auditors Report, Wired News, May 24, 2007.

Doctors Resist Datamining by Drug Companies

Many doctors object to drugmakers' common practice of contracting with data-mining companies to track exactly which medicines physicians prescribe and in what quantities -- information marketers and salespeople use to fine-tune their efforts. The industry defends the practice as a way of better educating physicians about new drugs. Now the issue is bubbling up in the political arena. Last year, New Hampshire became the first state to try to curtail the practice, but a federal district judge three weeks ago ruled the law unconstitutional.

Doctors, Legislators Resist Drugmakers' Prying Eyes, Washington Post, May 22, 2007.

MySpace Turns Over Datamined Info on Users

MySpace will provide attorneys general offices in all U.S. states with information it has gathered on convicted sex offenders who have used its social networking site, the most popular of its kind. Using a program called Sentinel SAFE, MySpace mines data in its service and detects registered sex offenders among its members' ranks, it said. The program was implemented this month "after an extensive period of development and testing," MySpace said.

MySpace to Turn Over Sex Offender Data to AGs, PC World, May 21, 2007.

Immigration Proposal Requires Nationwide Employment Verification

The bipartisan immigration reform plan that was announced in the U.S. Senate this week would mandate the development of a national electronic employment verification system affecting every worker in the U.S. If the Senate proposal becomes law, the federal government would have 18 months to ready a system that could handle as many as 60 million employment verification checks annually. The intent is to root out people working here illegally. But no system is perfect, and errors on verification checks could have big consequences: Employees who weren't cleared might lose their jobs, a potential Kafkaesque nightmare for native citizens as well as foreign-born workers.

Senate immigration bill would mandate national employment verification system, Computerworld, May 18, 2007.

Connecticut City Considers Undocumented Immigrant ID Card

City officials describe the immigrants as "walking ATMS," easy robbery targets because they typically cannot open bank accounts without identification and are often reluctant to report crimes. New Haven hopes to become the first city in the nation to issue identification cards to undocumented immigrants. The $10 cards would make it easier for immigrants to open bank accounts and encourage them to cooperate with police, proponents say.

New Haven proposes first ID card for undocumented immigrants, Associated Press, May 18, 2007.

Microsoft to Buy Online Ad Company aQuantive

Microsoft said today that it would buy the online advertising company aQuantive for $66.50 a share, or approximately $6 billion. It is Microsoft�s largest acquisition ever, and the latest in a flurry of deals for online advertising firms by big Internet and media companies. The deal comes on the heels of Google�s recent agreement to buy of DoubleClick for $3.1 billion, as well as the acquisitions of RightMedia by Yahoo and of 24/7 RealMedia by the advertising giant WPP Group. Microsoft, which had tried unsuccessfully to buy DoubleClick, faced competition for aQuantive, but was determined not to be outbid this time, executives said in a conference call.

Microsoft to Buy Online Ad Company, New York Times, May 18, 2007.

New IRS Rule Implicates Medical Privacy

Initial reactions to a decision last week by the Internal Revenue Service were overwhelmingly positive. But in the passing of a few days and with sober reflection, not everyone sees the new IRS policy as an unalloyed good thing. Deborah Peel, founder of Austin, Texas-based, Patient Privacy Rights Foundation, in an e-mail, said the group "deplores" the memorandum, decrying what she called "a dirty little secret"�that many hospitals sell patient data as a revenue source. "By 'giving' physicians electronic records that they can data-mine, hospitals have just massively enhanced the value of the data they sell to third parties. Physicians who accept EHRs that will be data-mined by hospitals are accepting a 'gift' that violates medical ethics and the laws of every state."

Some cautious of additions to IRS health IT ruling, Modern Healthcare Online, May 17, 2007.

GAO: Customs Agency's Data Collection Violates Privacy Laws

The Department of Homeland Security is breaking privacy laws by failing to tell the public all the ways it uses personal information to target passengers boarding flights entering or leaving the United States, according to a draft government report. The Government Accountability Office, in a report to be released tomorrow, says DHS's Customs and Border Protection agency has never publicly disclosed all the sources of data such as name, credit card number and travel history that it uses to detect passengers who may pose a security risk. "CBP's current disclosures do not fully inform the public about all of its systems for prescreening aviation passenger information, nor do they explain how CBP combines data in the prescreening process, as required by law," the report says. "As a result, passengers are not assured that their privacy is protected during the international prescreening process."

Customs Breaks Privacy Laws in Data Collection, GAO Says, Washington Post, May 16, 2007.

NSA Spy Program Continued Without Justice Dept. Authorization

On the night of March 10, 2004, as Attorney General John D. Ashcroft lay ill in an intensive-care unit, his deputy, James B. Comey, received an urgent call. White House Counsel Alberto R. Gonzales and President Bush's chief of staff, Andrew H. Card Jr., were on their way to the hospital to persuade Ashcroft to reauthorize Bush's domestic surveillance program, which the Justice Department had just determined was illegal. In vivid testimony to the Senate Judiciary Committee yesterday, Comey said he alerted FBI Director Robert S. Mueller III and raced, sirens blaring, to join Ashcroft in his hospital room, arriving minutes before Gonzales and Card. Ashcroft, summoning the strength to lift his head and speak, refused to sign the papers they had brought. Gonzales and Card, who had never acknowledged Comey's presence in the room, turned and left.

Gonzales Hospital Episode Detailed, Washington Post, May 16, 2007.

Houston Seeks to Expand Camera Surveillance Throughout the City

They're watching, and they want you to behave. The Houston Police Department said Monday it now uses cameras to snare red-light violators at 50 intersections. But catching traffic scofflaws on camera is just the beginning. The department also is pushing ahead with plans to install more than a dozen closed-circuit video cameras downtown and across Houston, hoping the devices can deter crime and illegal dumping.

HPD wants cameras to monitor crime, Houston Chronicle, May 15, 2007.

Board Member Resigns Over White House Changes to Privacy Board's Report

The Bush administration made more than 200 revisions to the first report of a civilian board that oversees government protection of personal privacy, including the deletion of a passage on anti-terrorism programs that intelligence officials deemed "potentially problematic" intrusions on civil liberties, according to a draft of the report obtained by The Washington Post. One of the panel's five members, Democrat Lanny J. Davis, resigned in protest Monday over deletions ordered by White House lawyers and aides.

White House Edits to Privacy Board's Report Spur Resignation, Washington Post, May 15, 2007.

Homeland Security Chief Pushes New Deal with EU on Passenger Data

U.S. Homeland Security Secretary Michael Chertoff will try to convince European Union parliamentarians on Monday that data gathered about airline passengers arriving in the United States can be crucial to prevent terror attacks. Chertoff is pushing a new deal with the European Union that would give American law enforcement agencies continued access to pieces of information gathered about European passengers on U.S.-bound flights. The current interim deal expires in July, and the European Parliament wants a new agreement with better data protection standards.

Chertoff Seeks Accord on EU Data, Associated Press, May 14, 2007.

New York Governor Proposes Vast Expanision of State DNA Database

Gov. Eliot Spitzer is proposing a major expansion of New York�s database of DNA samples to include people convicted of most crimes, while making it easier for prisoners to use DNA to try to establish their innocence. Currently, New York State collects DNA from those convicted of about half of all crimes, typically the most serious. In expanding its database to include all felonies and misdemeanors, New York would be nearly alone, although a handful of states collect DNA from some defendants upon arrest, even before conviction.

New York Plan for DNA Data in Most Crimes, New York Times, May 14, 2007.

Government Tests Face-Recognition Surveillance Systems

Homeland Security leaders are exploring futuristic and possibly privacy-invading technology aimed at finding terrorists and criminals by using digital surveillance photos that analyze facial characteristics. The government is paying for some of the most advanced research into controversial face-recognition technology, which converts photos into numerical sequences that can be instantly compared with millions of photos in a database.

Face recognition next in terror fight, USA Today, May 10, 2007.

Judiciary Committee Chair Leahy, Others Criticize REAL ID

Senate Judiciary Committee Chairman Patrick J. Leahy (D-Vt.), citing concerns about Americans' privacy, signaled yesterday that he will push to repeal a provision of a 2005 law aimed at creating new government standards for driver's licenses. Leahy, who has co-sponsored bipartisan legislation to repeal the provision, spoke out as the debate intensified over the Real ID Act, which requires states to create new tamper-proof driver's licenses in line with rules recently issued by the Department of Homeland Security. States must begin to comply by May 2008 but can request more time. After 2013, people whose IDs do not meet those standards will not be allowed to board planes or enter federal buildings.

Leahy, Others Speak Out Against New ID Standards, Washington Post, May 9, 2007.

Journalists Sue Hewlett-Packard Over Pretexting Scandal

In an unusual step for the news media, three journalists whose private phone records were scrutinized by investigators working for Hewlett-Packard intend to sue the company for invasion of privacy. The dispute stems from an investigation of Hewlett-Packard�s directors initiated under the company�s former chairwoman, Patricia C. Dunn. To try to uncover leaks from board members, private investigators examined the phone records of nine journalists who covered the company, as well as the records of some of their relatives.

Journalists Intend to Sue Hewlett-Packard Over Surveillance, New York Times, May 7, 2007.

REAL ID comments due tomorrow!

Stop REAL ID We're coming down to the wire on a campaign to encourage public comment on the Real ID proposal! Real ID will create a massive national ID system without adequate security or privacy safeguards. It will become more difficult for people to get licenses, and it will become easier for identity thieves to access the personal data of 245 million license and cardholders nationwide. More than 50 organizations and 130 bloggers have joined this effort. But we only have until May 8 and we need your help. To learn more and take action, visit the Privacy Coalition Stop Real ID page, send in comments, blog the page, watch a video, tell your  friends.

Bush Seeks to Immunize Phone Companies Against Privacy Suits

The Bush administration is urging Congress to pass a law that would halt dozens of lawsuits charging phone companies with invading ordinary citizens' privacy through a post-Sept. 11 warrantless surveillance program. The measure is part of a legislative package drafted by the Justice Department to relax provisions in the 1978 Foreign Intelligence Surveillance Act (FISA) that restrict the administration's ability to intercept electronic communications in the United States. If passed, the proposed changes would forestall efforts to compel disclosure of the program's details through Congress or the court system.

Bush Wants Phone Firms Immune to Privacy Suits, Washington Post, May 4, 2007.

EU Announces New Project on Privacy Enhancing Technologies

The European Commission has set out plans to examine the use of Privacy Enhancing Technologies (PETs) to counteract identity theft, discriminatory profiling and surveillance. The commission will promote the research and development of PETs, run large-scale pilots in industry and public sectors, and create an European Union-wide privacy seal system.


EU looks to technology to protect privacy, ITPRO UK, May 3, 2007.

UPDATE: More Than 50 Groups Join Anti-National ID Campaign

A number of groups, including the Coalition Against Prosecutorial Abuse and Asian American Legal Defense and Education Fund, have joined a campaign against REAL ID. Fifty-four groups are urging the public to submit comments against the illegal national identification system created by the Department of Homeland Security under the REAL ID program. DHS seeks to create a massive system filled with sensitive personal data on 240 million license and ID cardholders nationwide, yet has failed to include adequate privacy and security safeguards. To take action and submit comments against this fundamentally flawed national identification scheme, visit the Stop REAL ID Campaign and EPIC's National ID Cards and REAL ID Act page.

Stop REAL ID, May 3, 2007.

Administration Pulls Back on Agreement, Seeks to Expand Spy Program

Senior Bush administration officials told Congress on Tuesday that they could not pledge that the administration would continue to seek warrants from a secret court for a domestic wiretapping program, as it agreed to do in January. Rather, they argued that the president had the constitutional authority to decide for himself whether to conduct surveillance without warrants. As a result of the January agreement, the administration said that the National Security Agency�s domestic spying program has been brought under the legal structure laid out in the Foreign Intelligence Surveillance Act, which requires court-approved warrants for the wiretapping of American citizens and others inside the United States.

Administration Pulls Back on Surveillance Agreement, New York Times, May 2, 2007.

43 Groups Join Campaign to Stop REAL ID

Today, 43 organizations begin a campaign against the illegal national identification system created by the Department of Homeland Security under the REAL ID program. The national campaign solicits public comments to stop a national ID scheme without adequate privacy and security safeguards; which will make it more difficult for people to get driver's licenses; and which will make it too easy for identity thieves, stalkers, and corrupt government officials to get access to the personal data of 245 million individuals. The draft regulations to implement the REAL ID Act are open for comment until 5 p.m. EST on May 8, 2007. To take action and submit comments against the fundamentally flawed national identification scheme, visit Stop REAL ID Campaign and EPIC's National ID Cards and REAL ID Act page.

Stop REAL ID, May 1, 2007.