March 31, 2005

Unique Sigantures Detection

The Defense Advanced Research Projects Agency (DARPA)is the central research and development organization for the Department of Defense (DoD). It manages and directs selected basic and applied research and development projects for DoD, and pursues research and technology where risk and payoff are both very high and where success may provide dramatic advances for traditional military roles and missions.


DARPA (Defense Advanced Research Projects Agency)is working in Unique Signatures Detection Project.

The objective of the Unique Signature Detection Project is to determine whether there are unique signatures in emanations that can be used to identify and distinguish specific high-level-of-interest individuals within groups of enemy troops or combatants, and if so, to develop enabling technology for detecting and identifying those specific individuals. The program leverages research that demonstrated the same set of genes that code for internal immune system self/non-self recognition in mice, the Major Histocompatibility Complex (MHC), also code for unique emanated signatures. Although experimental data for humans is far less quantitative, behavioral studies have yielded compelling results to suggest that such phenomenology can also be expected in humans. Recent experimental results with mice suggest that MHC-determined urinary signatures are expressed in a mixture of volatile carboxylic acids occurring in relative concentrations that are characteristic of the emanation. This suggests the possibility of a corresponding unique and exploitable chemosignal. Accordingly, the program will design detectors that exploit this phenomenon by reliably detecting and identifying specific signatures of interest.

March 30, 2005

German group studies ubiquitous computing, data privacy

Germany's Ministry of Education and Research has commissioned a group to study the impact of ubiquitous computing on data privacy.

The Data Privacy Protection Center of Schleswig-Holstein and the Computer Science Institute of Humboldt University in Berlin on a project TAUCIUS (Technologiefolgen-Abschätzung Ubiquitäres Computing und Informationelle Selbstbestimmung).

The Taucis web is in german, but you can download information on english.

This project will examine implications between techonology and privacy, such as wirelss technologies, sensors and RFID.

March 29, 2005

Amazon seeks to know you better than you know yourself

Article from Global technology


Amazon.com Inc.has one potentially big advantage over its rival on-line retailers: It knows things about you that you may not know yourself.While plenty of companies have detailed systems for tracking customer habits, critics and boosters alike say Amazon is the trailblazer, having collected information longer and used it more actively. It even received a patent recently on technology aimed at tracking information about the people for whom its customers buy gifts.

Amazon sees such data gathering as the best way to keep customers happy and loyal, a relationship-building technique that analysts consider potentially crucial to beating other on-line competitors.

"In general, we collect as much information as possible such that we can provide [customers] with the best feedback," said Werner Vogels, Amazon's chief technology officer.

But some privacy advocates believe Amazon is getting dangerously close to becoming Big Brother with your credit card number.


Read the full article.........

March 28, 2005

HP Labs

HP Labs' function is to deliver breakthrough technologies and to create business opportunities that go beyond HP's current strategies.

Trust, Privacy and Security are part of these functions.

Most of the work in the Trust, Security and Privacy area takes place in the Trusted Systems Laboratory, based in Bristol, UK. To see more details on our current research, please follow the links below.

Legal and Regulatory
Manageability
Trusted Platforms
Identity Management and Privacy
Pairing based Cryptography
Boundary Management
Threat Management
Trust Management
Digital Proofing

ome of the above work is being done within PRIME, a 4-year, 20 organization research project, funded by the European Commission's 6th Framework Programme and the Swiss Federal Office for Education and Science, to research and develop approaches and solutions for privacy-enhancing identity management that can empower European citizens to exercise their privacy rights, and thus enable them to gain trust and confident in the Information Society.

March 23, 2005

Privacy in Canada

PIPEDA, Canada's private-sector privacy law, went into full force on Jan. 1, 2004.

The Privacy Commissioner of Canada, Jennifer Stoddart, is an Officer of Parliament who reports directly to the House of Commons and the Senate. In addition to the Privacy Commissioner.

There is a PIPEDA E-kit for businesses and for Individuals.

About PIPEDA and Privacy there is a book "The Privacy Payoff" by A.Cavoukian and T. Hamilton.

"Privacy Payoff points readers to a very powerful instrument for determining how well their companies are complying with fair information practices and to what extent these businesses promote the protection of customer privacy." Strategy+Business magazine, Spring 2004


Privatech Constulting company dedicated to providing privacy solutions to implement in workplace. PrivaTech's experienced consultants help to make corporate privacy compliance plans achievable, in a cost-effective and timely manner.

NYMTIY is another source for privacy knowledge and resources in Canada. The differents privacy acts in Canada :Alberta, Quebec, Brithish Columbia and Training workshops on privavy issues.

March 22, 2005

PORTIA

The Portia Project (Privacy, Obligations, and Rights in Technologies of Information Assessment)is a project focuses on both the technical challenges of handling sensitive data and the policy and legal issues facing data subjects, data owners, and data users.

Portia is a project of The Applied Crypto Group that is a part of the Security Lab at Stanford University.

It is a five-year, multi-institutional, multi-disciplinary, multi-modal project that looks comprehensively at sensitive data in a networked world. There will be two main academic centers of activity (Yale and Stanford), three smaller-scale academic participants (Stevens Institute of Technology, NYU, and the University of New Mexico), and substantial participation by non-academic partners, including technology companies, (IBM, HP, and Microsoft) representatives of user communities (Citigroup, NIH, Yale Center for Medical Informatics, the Census Bureau, and the Secret Service), and DC-based policy organizations (CDT and EPIC).

They have made 3 workshops on cryptography, sensitive data and privacy-datamining.

There are available software to proctect privacy publications and talks.

March 18, 2005

The Digital Person

Daniel Solove is an associate professor of law at the George Washington University Law School. He received his A.B. in English Literature from Washington University, where he was an early selection for Phi Beta Kappa, and his J.D. from Yale Law School.

He has just published "The Digital Person: Technology and Privacy in the information age"

This book examines the threat to privacy caused by the gathering of personal information in gigantic computer databases. Massive quantities of data about individuals are being used to make important decisions in their lives, and the government is increasingly tapping into companies' databases to monitor and profile people. The Digital Person examines why these developments are problematic and why the law has thus far failed to respond adequately. The book proposes a framework for effective regulation of data collection and use.

March 17, 2005

Memorandum of understanding between AEPD (Spain) and FTC (USA)

The U.S. Federal Trade Commission (“FTC”) and the Agencia Española de
Protección de Datos
(“AEPD”)has signed a memorandum opf understaning on mutual enforcement assistance in commercial mail matter between FTC and AEPD to promote enhanced cooperation and information-sharing on spam enforcement activities. Officials from both agencies will cooperate to address the problem of illegal spam. FTC Chairman Deborah Platt Majoras and AEPD Director Jose Luis Piñar Mañas signed the MOU at a ceremony in Washington, DC.

The Memorandum is a “best efforts” agreement intended to enhance cooperation between the two agencies – it is not legally binding and does not alter either country’s existing protection laws. The AEPD is Spain’s data protection authority. Since Spain’s anti-spam law took effect last year, the AEPD also has authority to conduct spam investigations.

Memorandum in English
Memorandum in Spanish Acuerdo de entendimiento

Acaba de aparecer un documento del Colegio Oficial de Ingenieros de Telecomunicación sobre el Correo Electrónico y el Spam

March 16, 2005

Xelios: Solutions Biométriques

XELIOS est une société de conception et d'édition de logiciels pour PC. Spécialisée dans la protection et la sécurité, XELIOS conçoit des solutions de très haut niveau pour les entreprises ainsi que pour les particuliers. Sa gamme de logiciels est en constante évolution. Toujours bien perçus par les professionnels, les logiciels XELIOS reçoivent à chaque nouvelle version les honneurs de la presse.

Vous pouvez regarde les produits de Xelios.

PC Login Biometric Pro 5
Authentification forte / Single sign-on / Chiffrement / Gestion des certificats

XELIOS Virtual Network Access
Solution d'accès distant au réseau de l'entreprise

XELIOS Secure Bio Drive
Clé de stockage USB protegée par empreinte digitale

March 15, 2005

EDEKA offers a fingerprint-pay-system option

When it comes to modes of payment the leading German food retail chain EDEKA will in future also be relying on a fingerprint pay system. In the town of Rülzheim in the Palatinate the group in cooperation with the independent businessman Roland Fitterer and the Internet and biometrics services provider it-werke has opened a supermarket the check-outs of which are equipped with capacitative fingerprint scanners that provide customers with the additional option, besides cash or card, of paying by having their fingerprints checked.

Published in Heise Online.

March 14, 2005

Convignton & Burling

Convignton & Burling is one of the world's law firmss. Founded in 1919. I've found these reports about Privacy and Data Security.

EU Data Privay Notice, December 2004

EU Data Protection Developments, October 2004

And about Safe Harbour,

the U.S. Department of Commerce in consultation with the European Commission developed a "Safe Harbor" framework. The Safe Harbor — approved by the EU in July of 2000 — is an important way for U.S. companies to avoid experiencing interruptions in their business dealings with the EU or facing prosecution by European authorities under European privacy laws. Certifying to the Safe Harbor will assure that EU organizations know that your company provides “adequate” privacy protection, as defined by the Directive.


EU Commission Safe Harbour Report, November 2004.

March 10, 2005

EU council approves controversial software patent bill

EU council approves controversial software patent bill Paper published in Newratings

A controversial software patent bill was endorsed on Monday by a European Union Council despite stiff opposition from software developers and member countries, such as Poland, Denmark and Portugal.

The bill, cleared by the 25-member body, is expected to benefit large software companies with substantial patent software portfolios. The bill on software patents is now to be presented to the Parliament for a final vote. Under the EU’s co-decision-making process, the Parliament and the Council must try to reach an agreement on the proposed legislation. The Parliament can, however, choose to reject a deal put forward by the Council. The agreement was originally reached in May 2004, but its formal adoption has been postponed three times due to stiff opposition from several countries, which argue the proposal must be changed to ensure that it does not allow the patenting of computer programmes. Several IT vendors and open source developers have argued that the acceptance of the bill would open the door to a US-style patent regime, with small software developers being forced to leave the market.

Further information at EU Press Releases.

Adoption of Council's common position on a directive on the patentability of computer-implemented inventions


EICTA (European Industry Association Information Systems Communications Technologies) press release.

EU council approves controversial software patent bill

EU council approves controversial software patent bill Paper published in Newratings

A controversial software patent bill was endorsed on Monday by a European Union Council despite stiff opposition from software developers and member countries, such as Poland, Denmark and Portugal.

The bill, cleared by the 25-member body, is expected to benefit large software companies with substantial patent software portfolios. The bill on software patents is now to be presented to the Parliament for a final vote. Under the EU’s co-decision-making process, the Parliament and the Council must try to reach an agreement on the proposed legislation. The Parliament can, however, choose to reject a deal put forward by the Council. The agreement was originally reached in May 2004, but its formal adoption has been postponed three times due to stiff opposition from several countries, which argue the proposal must be changed to ensure that it does not allow the patenting of computer programmes. Several IT vendors and open source developers have argued that the acceptance of the bill would open the door to a US-style patent regime, with small software developers being forced to leave the market.

Further information at EU Press Releases.

Adoption of Council's common position on a directive on the patentability of computer-implemented inventions


EICTA (European Industry Association Information Systems Communications Technologies) press release.

March 09, 2005

Vormetric

Vormetric is a company who provides products and services to protect enterprise information from unauthorized access or theft. The company’s CoreGuard system is a single, scalable and manageable system for data privacy and protection that enables businesses and government agencies to control who, what, when, where and how people can access sensitive information. CoreGuard protects intellectual property and enables enterprises to comply with increasingly strict data privacy and system integrity regulations.

Examples of CoreGuard Applications

* Enforce data privacy protection: customer personal data, health records, payroll documents, employee files
* Prevent theft of intellectual property, financial reports and other confidential information
* Control system administrator and super user privileges for data access and viewing
* Lock down "gold image" servers, preventing all unauthorized processes from running
* Prevent installation of unauthorized patches and applications
* Protect FTP and mail servers

March 08, 2005

Europe Protects Against RFID Abuses

InformationWeek has published this paper Privacy Laws: Europe Protects Against RFID Abuses by Laurie Sullivan.


Under European law (European Data Protection Directive 95/46/EC), any company that uses RFID must notify the consumer the tag is on the product and provide details on how to discard the tag and access the information held on it.

More than half of 2,000 European consumers who participated in a recent online survey say they're concerned about privacy with regards to RFID. But the survey, conducted by Capgemini and ORC International, a global research unit of Opinion Research Corp., also found that respondents are more likely to buy RFID-tagged products if there are laws protecting their privacy. The ability to disable RFID tags at the store after purchase, a customer opt-in/opt-out choice regarding information collected, and clear labels that state the tag is RFID enabled follow in importance.

March 07, 2005

Th EU Data Protection: new guidelines on payment card fraud prevention databases

The EU Committee of Data Protection Authorities (“Article 29 Working Party”) has endorsed guidelines on the collection and processing of data on merchants whose contracts to accept payment cards have been terminated. The guidelines will help banks prevent fraud and ensure that merchants’ privacy is better protected. Databases on "terminated" merchants are very important for the banking industry. In the UK, one of the EU countries where the operation of these databases does not pose any legal problems, substantial fraud savings have been made. Their use across Europe could potentially generate savings of € 200 million.

The guidelines will be implemented by Visa and MasterCard in 2005 and that implementation will be reviewed by the Article 29 Working Party in early 2006

March 04, 2005

How manages Property Rights?

Last december, Harvard Business Review published a paper by B. Anand, professor of strategy at Harvard Business School and A. Galetovic, professeor at Center of Applied Economics, University of Chile, about "How market smarts can protect property rights" And they talk about 6 market strategies.

Prevent misappropriation
Lower the competitive intensity
Entangle key assets
Combine secure with insecure products
Redefine the firm’s boundaries
Relinquish your core assets


And another interesting link about IP law it is IPR Helpdesk web, .The main objective of the IPR-Helpdesk is to assist potential and current contractors taking part in Community funded research and technological development projects on intellectual property rights (IPR) issues.

The IPR-Helpdesk advises also on Community diffusion and protection rules and other issues relating to IPR in international research projects. Another more global objective of the action is to raise awareness of the European research community on IPR issues, emphasising their European dimension.

The Consortium running the project is made up of the following partners:

Universidad de Alicante


Intellectual Property law Institute of the Jagiellonian University in Cracow

European Research and Project Office GmbH

March 03, 2005

Ross Anderson

Ross Anderson is professor of Security Engineering at Computer Laboratory at the Universtiy of Cambridge, UK.

Mr. Anderson works on:

Economics of information security
Robustness of cryptographic protocols
Information hiding
Reliability of security systems
Security of clinical information systems
Privacy and freedom issues

He has just upload a paper about System Security for Cyborgs which he will give in April at a workshop on wearable and implantable body.

By the way he has an incredible music page with mp3 of traditional music that's now out of copyright.

VIVA PUBLIC DOMAIN¡¡¡¡

March 02, 2005

e-Privacy

Few weeks ago we talk about Berkeley University and Center for Law and Technology.

And privacy is a interdisciplinary issue, and we have to see the technique point of view. Another Berkeley's faculty is SIMS School of Information Management & Systems.

Jens Grossklags is a PhD student in the SIMS and he has a e-privacy web where we can find a lot of links and papers about e-privacy, and another project Ubiquitous Commerce and Privacy.

March 01, 2005

European Biometrics Forum

The European Biometrics Forum, founded and launched on 21 July 2003 by the European Commission and the Irish Government.

They have reports about Biovision Project originated as a response to the final call of the Fifth Framework IST programme, as one of a number of roadmap projects aiming to define the research agenda for the subsequent Sixth Framework programme.

The project commenced on 1 June 2002 and completed on 31 July 2003.

Biometric technologies should be viewed as mechanisms that address one aspect of
an application. Whether the use of biometrics enhances or reduces personal privacy,
improves or worsens security, makes authentication more or less convenient, will
depend on other features of the application. This is no different from many other
technologies. It follows, therefore, that discussion of biometric performance, legality or usability should be in the context of a specific application. Moreover, the value of biometric methods - in improving security, convenience, etc - should be judged from the perspective of operators of services using these methods, and from the experience of the end users of such services.

Privacy saved my life

Labels

Contact Me

Creative Commons License
Esta obra está bajo una licencia de Creative Commons.