Once called "a person of interest" by the US Attorney General, Dr. Steven Hatfill will now receive millions in damages for the harms caused to him and his family. The DOJ settled the case, which arose from repeated leaks in the media of Dr. Hatfill's name and details of the federal investigation into anthrax related deaths. Following 9-11 a number of illnesses and deaths were attributed to weaponized anthrax laced letters sent through the mail. The anthrax was traced back to a US bio-weapons laboratory. It was the first case of bioterrorism in the United States, and impacted the Congressional debate on what actions the US should take post-September 11, 2001.
The airport plans to deploy body imaging devices that use millimeter wave length technology in an effort to virtually disrobe air travelers. The technology allows very detailed scans of persons entering the device and may disclose personal medical devices, surgeries, and medical conditions that are not otherwise apparent. Earlier versions of the technology were known as Backscatter X-ray systems.
A former employee of Structured Settlement Investments filed a lawsuit against the company claiming that the company had been reading his personal yahoo e-mail messages. The company prohibited the former employee from engaging in a similar line of work for 3 years post employment. The case, filed in a Connecticut federal court, alleges that the company gained access to the personal e-mail on a private account, while the company claims to have knowledge about the employee because it was on his computer screen where others could see.
Today marks the 50th anniversary of the Supreme Court's decision in NAACP v. Alabama, one of the most important privacy cases of the last century. Professor Anita L. Allen, a leading privacy scholar, author of many books and articles, and a member of the EPIC Board of Directors, wrote an essay to celebrate the golden anniversary of the decision.
The District of Columbia has announced an ambitious plan to link multi-use documents to a centralized tracking system that would span a wide range of city services including summer jobs programs, public schools, attendance at public meetings, metro fare cards, and city health service offices. The citywide ID plan is proposed in a climate where a national ID debate is advanced under the scheme called REAL ID.
TSA agents' search of air travelers' laptops is under scrutiny by the US Senate. The search of air travelers' luggage is routine, while the search of electronic devices is not. The practice by government agents at airports of accessing and copying the content of computers and other digital devices have raised 4th Amendment questions. The Senate Judiciary Subcommittee hearing Laptop Searches and Other Violations of Privacy Faced by Americans Returning from Overseas Travel explored the issue.
Charter Communication is placing a hold on its plan to allow advertisers a peak at the Internet searches of its users. Public reaction and Congressional pressure in response to the proposal prompted the action of the company to delay its new ad placement plan. Congressman Ed Markey, chair of the House Subcommittee on Telecommunications and the Internet, voiced support for delaying the program until user privacy can be addressed. The privacy issues around deep packet inspection has not been addressed by federal legislation.
In the State of Minnesota residents have privacy protection from the local and state government's collection of information. It was the first state in the US to adopt "fair information practices" into law on August 1974 through the Data Practices Act.
The Boston Medical Center's health insurance plan will pay the state of Massachusetts $562,000 to settle a case about the improper use of patient information. The hospital sent 2,600 patients with health insurance letters promoting the hospital's medical insurance. This was a fundamental violation of privacy rules that limit use of personal information only to the purpose for which it was collected. In this case insurance information was for the purpose of paying medical bills.
Sweden adopted legislation that will give the government access to all e-mail and telephone traffic within its borders. The law was first proposed in 2005 and follows efforts at pervasive surveillance found in China, Saudi Arabia, and the programs disclosed in the United States. An international survey of privacy finds an increase dependence by governments on digital surveillance technologies.
Digital technology brings lots of conveniences, but also can enable snoopers. The development of new technologies if not properly engineered can open avenues for satisfying the curiosity of others.
The 9th Circuit Court upheld the workplace privacy rights of employees in its decision in Quon v. Arch Wireless. Sgt. Jeff Quon and 3 other officers sued Arch Wireless for sharing wireless communication records with their employer, the Ontario Police Department. The City contracted for text messaging service for employees, and later obtained records to investigate whether all communications were work related. The court's decision reversed a lower court ruling, and found that the carrier was in violation of the 4th Amendment and California constitutional guarantees.
A new rule by the Bush Administration requires that all federal contractors and subcontractors use E-Verify, a voluntary employment verification system, to screen employees. The system checks personal information against Social Security Administration and Homeland Security Databases. Other screening programs initiated by the Department of Homeland Security have faced problems with accuracy and transparency.
The Dallas Fort Worth International Airport is testing two millimeter wave whole body imaging machines on travelers. The technology allows a very detailed view of what is under clothing. Unlike an x-ray which penetrates skin, this technology does not. The technology also known as Backscatter X-Ray has been called a virtual strip-search.
Businesses and federal officials are being warned that attendance at the 2008 Olympics will likely put data on laptops and e-mail devices at risk. Chinese intelligence services may actively work to breach data devices in search of secrets, install surveillance technology, and access secure networks.
Private health-care providers, insurance companies, and large technology companies like Microsoft and Google are launching projects to promote online access to personal health records. These medical information services are not protected by federal law because the information is voluntarily given by patients. Medical information may be of interest to insurers, employers, financial services institutions and medical identity thieves.
Facebook provides users with options on the level of access others have to users' personal information. However, many users install mini-programs, called widgets or applications, to personalize their pages. The company allows developers to see members' information when they add applications, to personal pages. The company says that 95% of its users have installed at least one mini-program.
Stolen confidential adoption records resulted in a plea of no contest to five of 21 counts. The thief can receive up to a year in jail on each count. The records were sold to adopted children seeking information on birth parents.
Information fusion centers are the latest government effort to link databases of local, state, and federal law enforcement as well as commercial data holders for data mining purposes. The federal government has provided hundreds of millions of dollars to fund over 50 fusion centers in the United States. Fusion centers are local and state based operations, with all but a few states having at least one. Intelligence analysts make up most of the staff of local and state fusion centers.
The University of Florida lost the names, addresses, and Social Security numbers of 11,300 current and former students. According to reports the information was available online and actively used from 2003 through 2005. The University was not able to notify about 570 individuals about the data breach. Means of contacting the university is found in the news item linked below.
Scientists claim that MRI scanning equipment typically applied in medical diagnostic circumstances can be used to detect truthfulness, or racism, and determine identity. Changes in brain activity of those undergoing the process is interpreted and assigned meaning. The study of brain patterns is also believed to reveal if a person is familiar with a location.
Law enforcement rarely have trouble gaining access to cellphone information from service providers. If the request for information comes within the cellphone service providers retention period then it is often shared with police.
A study that used data on 100,000 cellphone users' locations was published in "Nature." The study found that 75% of those tracked remained within a 20-mile radius of their home. Participation in the study was nonconsensual. The research involved information provided by cellphone service providers on its users. Similar tracking of US cellphone customers is technically possible be illegal without the user's permission.
Annual fees are charged to telephone landline customers who request that their phone numbers not be published. California State Senate Bill 1423 would have allowed landline phone customers to have this service at no cost. The bill did not receive the number of votes needed in the California State Senate. Currently, cellphone users can have unlisted cellphone numbers at no cost.
Annual fees are charged to telephone landline customers who request that their phone numbers not be published. California State Senate Bill 1423 would have allowed landline phone customers to have unpublished numbers at no cost. The bill did not receive the number of votes needed in the California State Senate. Currently, cellphone users can have unlisted cellphone numbers at no cost.
A coalition of a dozen organizations, many based in California, have urged Google to include a link from its homepage to its privacy policy. In a letter to Google CEO Eric Schmidt, the groups say that the Internet giant is required by California privacy law to post the link. They also point out that posting it is the"widespread practice of commmercial web sites."
Representatives Edward Markey (D-Mass) and Joe Barton (R-Texas) sent a letter to Charter Communications asking the company to temporarily hold off using subscribers' Web surfing and search data for targeting ads to users. The Congressmen, are co-founders of the Congressional Privacy Caucus, are seeking to investigate further what the company is proposing.
Medical identity theft adds a new twist to identity theft by potentially creating not only financial problems, but health risks. The theft of health insurance benefits to obtain health care can add erroneous information to the health records of victims. These changes to health records may go unnoticed, if ever detected, for years before they are caught.
Canada's Privacy Commissioner launched an investigation into whether Facebook is breaking the nation's Personal Information Protection and Electronic Documents Act (PIPEDA). The sensitivity of the information posted on the social networking site by users is the reason why the agency is reviewing the service's compliance with Canadian privacy law.
On May 21, 2008 President Bush signed into law the Genetic Information Nondiscrimination Act of 2008. The Act prohibits discrimination on the basis of genetic information with respect to health insurance and employment. However, the Act does not address the privacy risks associated with the collection and storage of electronic health records.
The District of Columbia announced efforts to link 5,600 security camera to create a UK like surveillance environment. There are documented cases of police abuse of CCTV surveillance. A key component of privacy protection is oversight and accountability of those who collect personal information. The plans to extent the power of government to surveil has not been matched by efforts to create transparency and accountability.
There is a challenge of the University of California of San Francisco' Medical Center's practice of sharing patient contact information with a vendor seeking contributions on behalf of the hospital. Health Care providers' common use of patient information for fundraising efforts without the patient's consent is permitted by current rules adopted by the Department of Health and Human Services.
A Ohio State University student lost her cellphone, which was found by another student. The student who found the cellphone mailed nude photos found on the phone to the owner's contact list and posted them to Facebook. Campus police traced the computer IP address back to the student suspected of posting the photos online.
License plate identification is making tracking of automobiles much easier as the adoption of CCTV expands. The license plate number is associated with an individual, which makes it personally identifiable information. The privacy of drivers license numbers, which are associated with individuals, is protected by the federal Drivers License Privacy Protection Act.
Data collection on the part of retailers is raising concerns about privacy. The collection and use of personal information in the commercial realm is not new. However, the addition of fingerprint data can further erode the ability of consumers to protect themselves from identity theft. The compromise of a digital fingerprint by corruption or misuse of the data can make it much harder for the rightful owner to assert his or her rights.
A Harris Interactive survey indicates that consumers are unaware of the privacy implications of providing information to sweepstakes, wedding and new baby registries, and warranty card programs. These activities collect personal information that would be of interest to identity thieves. The survey found that 73 percent of respondents entered sweepstakes in the last 6 months, but only 48 percent knew that their participation in these activities could put their personal information at risk.
The Canadian Internet Policy and Public Interest Clinic (CIPPIC) raised questions about the privacy impact of widespread use of deep packet inspection (DPI). This technique involves the inspection of the contents of packets as they are transmitted across computer networks. DPI is sometimes referred to as "complete packet inspection." DPI can be used to determine the contents of all unencrypted data transferred over a network.
Google is said to be in violation of California Privacy law, which requires that the home page of a web site must provide a link to its privacy policy. The web search service does not include a link to its privacy policy from its main page, but it is available through a search for "privacy policy."
