Facial-ID tech and humans seen as key to better photo search

Facial-ID tech and humans seen as key to better photo search, but privacy concerns raised

By Associated Press

A Swedish startup is combining software and humans to help make photos and other images more easily searchable online, raising privacy concerns as the technology eases the tracking of people across Web sites.

Traditionally, search engines analyze text surrounding an image on a Web site. So a search for ''Bill Gates'' might produce a photograph captioned with the name of the Microsoft Corp. chairman. But a search for a reporter's name might produce that same photograph if it had accompanied an article he had written.

Polar Rose AB is bringing facial-recognition technology to the mix. Its software scans everyday images for about 90 different attributes. If the software finds a match with images in a database, it concludes the two photos are of the same person.

Read the full article

The Death of Privacy

The Death of Privacy
With Cameras Everywhere, Is Privacy a Thing of the Past?
By JOHN STOSSEL, AUDREY BAKER, and GENA BINKLEY
ABC NEWS



Dec. 28, 2006 — For Sen. George Allen, some Los Angeles police officers, and Britney Spears, being caught on tape this year was bad news.

But they're celebrities or public officials. What about you? What about your privacy?

I was shocked to get my issue of Reason magazine showing a picture of my office on the cover. Reason did this for every subscriber to show how easy it is, with readily available satellite technology on the Internet, to invade our privacy. Cameras on Earth are even more intrusive. They're everywhere now.

Read the full article at ABC NEWS

Social network users have ruined their privacy, forever

Social network users have ruined their privacy, forever
By Steve Kerrison at Hexus.net

Students at the University of Bristol have recently been warned of the dangers of posting to social networking websites. They aren't the first to hear these warnings, and they won't be the last.

Prof. Nigel Smart of the Computer Science Department at the University of Bristol has expressed his concern at the worrying trend of people giving up their privacy on the internet via social networking websites. He told HEXUS: "I am concerned that from some of the posts I have seen, by colleagues, students and others, that there is a deep societal problem emerging of people giving up their privacy without realising it".

There's little point in worrying about ID cards, RFID tags and spyware when more and more people are throwing away their privacy anyway. And the potential consequences are dire.

Read the full article at Hexus.net

Merry Christmas

Privacy Watch: Phishers reach cell phones

Privacy Watch: Phishers reach cell phones

Article published by Andrew Brandt at Techworld.nl

Have you ever been SMiShed? That's not as personal a question as it may sound to the uninitiated, but it does relate to protecting your personal data.

SMiShing, a term coined by researchers for the McAfee security software firm, describes a form of phishing in which the bad guys send an SMS (short message service) message to a person's mobile phone. The first such messages purported to come from dating-service Web sites. Victims would receive a message announcing that the site intended to charge them US$2 a day unless they visited the URL listed in the message and followed the steps outlined there to unsubscribe from the service. Upon browsing to the URL (via computer), victims would get hit with drive-by downloads that installed Trojan horse software that subsequently would steal passwords and do other nasty things to the victims' PC.

Read the full article at Techworld.nl


More

McAfee warns of 'SMiShing' attacks InfoWorld News 2006-08-28 ...

Security in Computing

Security in Computing by Shari Lawrence Pfleeger

Text EPIC Alert 13.25

"A sweeping revision of the classic computer security text. This bookprovides end-to-end, detailed coverage of the state of the art in allaspects of computer security. Starting with a clear, in-depth review ofcryptography, it also covers specific options for securing software anddata against malicious code and intruders; the special challenges ofsecuring networks and distributed systems; firewalls; ways to administersecurity on personal computers and UNIX systems; analyzing securityrisks and benefits; and the legal and ethical issues surroundingcomputer security."

DHS privacy office

DHS privacy office steps up scrutiny of technology projects

By Daniel Pulliam at www.govexec.com

The Homeland Security Department's Privacy Office has started scrutinizing information technology projects and research initiatives more intensely, according to the office's recently released report to Congress.

In an effort to establish privacy protections during initial planning and development of IT systems, Privacy Office officials have strengthened their working relationship with the department's chief information officer and officials in the Science and Technology Directorate, the report stated.

Read the full article

e-Prodat: European Best Practices Observatory

The project named “e-PRODAT” (www.eprodat.org) aims to promote the exchange of knowledge and experiences between Agencies and other public bodies concerning the protection of personal data used by Governments and Public Administrations for the provision of public services, and specially those related to e-Government or based on the Internet, helping in particular to create best practices recommendations in this area.

The Project has three main goals:

The exchange of knowledge and experiences related to personal data protection in public bodies belonging to different European countries.

To create an Internet based “European e-Government data protection observatory”, for the permanent assessment on the accomplishment with European data protection laws and principles and the awareness of data protection issues among European citizens.

Identifying best data protection practices already in place for e-Government or other public bodies’ services, and building recommendations for increasing data protection standards in the public sector.

e-PRODAT Partnership

Data Protection Agency of the Community of Madrid (Spain, leading partner)
City of Bologna (Italy)
University King Juan Carlos (Spain)
Association of Local Authorities of the Municipality of Kavala (Greece)
City of Santa Cruz of Tenerife (Spain)
Abruzzo Region (Italy)
University of Patras (Greece)
Region of Western Greece (Greece)
Estonian Data Protection Inspectorate (Estonia)

Nano-Berkeley & DNA Detector

Portable, Magnetic DNA Detector

Researchers use magnetic materials found in computer hard drives to build chips for detecting genes, cancer, and toxins.

By Kate Greene at Technology Review Tuesday, December 12, 2006

Stanford researchers have integrated an array of tiny magnetic sensors into a silicon chip containing circuitry that reads the sensor data. The magnetic biochip could offer an alternative to existing bioanalysis tools, which are costly and bulky.

"The magnetic chip and its reader can be made portable, into a system the size of a shoebox," says Shan Wang, professor of materials science and electrical engineering at Stanford University, in Palo Alto, CA. Its small size, he says, could make it useful at airports for detecting toxins, such as anthrax, and at crime scenes for DNA analysis.

The Stanford biochip is one of a number of approaches being explored to replace the current bioanalysis technology.
Read the full article at Technology Review

Links:

The Open Society Paradox: DNA Privacy

Genomic Privacy Project


- - - - -- - - -- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Berkeley expected to be first city to regulate nanotechnology by amending hazmat laws

Published at theage.com.au

The use of subatomic materials as microscopic building blocks for thousands of consumer products has turned into a big business so quickly that few are monitoring the so-called nanotechnology's effects on health and the environment.

So Berkeley intends to be the first city to step into the breach and attempt to regulate the nascent but fast-growing industry.

The City Council is expected Tuesday to amend its hazardous materials law to compel researchers and manufacturers to report what nanotechnology materials they are working with and how they are handling the tiny particles.

The aim of nanotechnology, in the commercial world, is to develop new products and materials by changing or creating materials at the atomic and molecular level. But much of the impacts from those developments remains unknown, particularly with regard to possible environmental and health problems.

"The ordinance is quite important, and I think it will be given worldwide attention," said David Rejeski, director of the Project on Emerging Nanotechnologies, which is funded by the Woodrow Wilson International centre for Scholars and the Pew Charitable Trusts. "This is a new industry, and there is a lack of federal and state regulations."

Read the full article at The Age


Links:

Nanotechnology surveillance & privacy: an interview

EPIC Privacy Implications of Nanotechnology Page

Ethics in Nanotechnology: Privacy (EthicsWeb.ca)

CapGemini reports

I have found two reports (by CapGemini) to realized how privacy, data protection, transparency and more and more important to build trust with your customers.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Cars Online 06/07: Understanding the Dynamics of Consumer Buying Behavior and Customer Loyalty

Vehicle ownership is a long-term, complex relationship among the consumer, the manufacturer and the dealer that is often dependent as much on emotional as rational factors. This was among the key findings of the eighth annual Cars Online study from Capgemini. The study - which surveyed consumers in China, France, Germany, the United Kingdom and the United States - examines trends in consumer buying behavior, Internet usage and customer loyalty.
 
Abstract

The need for accurate consumer knowledge—how they shop, why they buy, what keeps them coming back—will continue to grow. Customers’ search for information during the vehicle buying process has become increasingly diverse and complex, making it more difficult for automotive companies to predict their behaviour.

Page 3

. . . .

Transparency and Trust Are Critical

The research found that automotive companies must move away from the traditional asymmetrical customer/dealer relationship so often characterised by negative preconceptions and stereotypes on the part of both parties. The key is to move toward a more balanced relationship where there is transparency of information and mutual trust, thereby improving sales and beginning to build customer loyalty.

Improved customer intelligence was found to be a critical success factor in responding to the changing dynamics of the customer/dealer relationship. Since customer intelligence, and in fact customer behaviour, evolves, it’s critical that automotive companies always keep their finger on the pulse. Best practices include sales training seminars that incorporate intelligence about customer research tactics, as well as careful and constant observation of consumer behaviour through the entire vehicle buying process.

Page 14

. . . .

The Personal Touch Works

It’s clear from our Cars Online findings that the move toward greater personalisation and customisation is an increasingly important element in the entire vehicle buying process and is a key to maintaining the customer relationship.

However, personalisation can be a double-edged sword given today’s privacy concerns. Whilst close to twothirds said they would welcome personalised communications, about 15% of respondents indicated that they would be less likely to buy their next vehicle from the same dealer or manufacturer if they received these types of personalised communication.

Page 20

- - - - - - - - - - - - - - - - - - - - - -


2016: The Future Value Chain

The speed of change and a sense of urgency will drive the evolution of the value chain over the next decade. Is the consumer products and retail industry ready? This new study, from the Global Commerce Initiative, Capgemini and Intel, defines a unique vision of the total value chain for consumer goods from manufacture to consumption.
[read the full article]

Abstract


New Technologies Will Benefit Businesses and Consumers


By 2016, quantum computers will be reality and chips will have a capacity of one terabyte (1 million megabytes). Software agents will manage auctions, work and personal diaries and take care of many other daily jobs. Information will be available everywhere and through one personal device. Virtual reality will exist for a variety of products and services, not just video games. Security of data and privacy will be critical and biometry will be a key to ensuring secure access and authorisation.


Pag 12


2016 Information Flow

Consumers’ willingness to share their personal information with companies will increase over time with greater Internet use and presuming their experiences in sharing data are largely positive.

This will be dependent on the consumer having confidence in the privacy and security measures in place covering this type of activity. Most importantly, however, they will expect to get something of value in return, such as tailor-made promotions or added convenience. Companies will also develop clearer market segmentation based not on who the consumers are (age, gender, etc.) but on how they act (their buying behaviour separate from traditional demographic cohorts).

Pag 20

Tech Giants Push for New Data-Privacy Law

Tech Giants Push for New Data-Privacy Law
at NewsFactor.com
By Christopher S. Rugaber

Microsoft, HP and eBay earlier this year formed the Consumer Privacy Legislative Forum to lobby for privacy legislation. Google, Intel, Oracle, and other companies later joined. The forum supports legislation that would set standards for what notice must be given to consumers about personal information collected on them and how it will be used.

Microsoft Corp., Hewlett-Packard Co. and other high-tech companies are preparing to push for data-privacy legislation next year to replace what they consider an outdated patchwork of state and federal laws that are inconsistent and burdensome.

Read full article at NewsFactor


Consumer Privacy Legislative Forum Statement

Consumer Privacy Legislative Forum (26 Jun 2006 post)

Location privacy in pervasive computing

Location privacy in pervasive computing

Beresford, A.R. (received a PhD for Location Privacy in Ubiquitous Computing)
Stajano, F.
Lab. for Commun. Eng., Cambridge Univ., UK;
(department publications)

This paper appears in: Pervasive Computing, IEEE

Publication Date: Jan-Mar 2003Volume: 2, Issue: 1On page(s): 46- 55ISSN: 1536-1268

Abstract As location-aware applications begin to track our movements in the name of convenience, how can we protect our privacy? This article introduces the mix zone-a new construction inspired by anonymous communication techniques-together with metrics for assessing user anonymity. It is based on frequently changing pseudonyms.


More:

Ford-Long Wong, Frank Stajano, Location Privacy in Bluetooth. Proceedings of 2nd European Workshop on Security and Privacy in Ad hoc and Sensor Networks, Series LNCS, Number 3813, Pages 176-188, Springer-Verlag, July 2005.

A Value Sensitive Design Investigation of Privacy for Location-Enhanced Computing. Freier, Consolvo, Kahn, Smith and Friedman

US Congress approves data privacy bill

Photo by Binitu

Source: The New York Times

Senate Passes Bill to Criminalize Pretexting

By BRAD STONE and MATT RICHTEL

The Senate passed legislation last night that would make it a federal crime to obtain a person’s telephone records without permission, an act known as pretexting.

The measure, which was approved by unanimous consent last night and is similar to a bill passed earlier in the House, imposes a fine of up to $250,000 and imprisonment of up to 10 years for duping telephone companies into divulging the calling records of private individuals.
The penalties can go up under special circumstances, like cases involving domestic abuse.

The support for the legislation comes in the aftermath of the spying scandal at Hewlett-Packard, the computer giant. The company, eager to ferret out purported leaks to journalists from within its board, used private detective firms to retrieve phone records of directors, managers and journalists.

Full article at The New York Times

Most Americans Want Electronic Health Data, But Fear For Privacy

Most Americans Want Electronic Health Data, But Fear For Privacy

By Marianne Kolbasuk McGee InformationWeek

Nearly two-thirds -- 65% -- of U.S. consumers want personal electronic health records, but 80% of them have concerns about the misuse and security of their information.

While a majority of American consumers say they want electronic access to their medical information and believe digitized records could improve health care and cut costs, they fear for the security and the privacy of that personal data.

Nearly two-thirds -- 65% -- of U.S. consumers want personal electronic health records, but 80% of them have concerns about the misuse and security of their information, according to new survey of 1,003 Americans, commissioned by the Markle Foundation and conducted by polling firms Lake Research Partners and American ViewPoint.

Read full article at Information Week


Links:

Markle Foundation Press Release

Connecting for Health Releases new common framework document on personal health records(PHRs) Full Report (PDF 6.58 Mb)

Guidelines and Requirements in Support of the Information Sharing Environment

Source: U.S. Newswire

WASHINGTON, Dec. 4 /U.S. Newswire/ -- The Program Manager for the Information Sharing Environment (ISE), Ambassador Thomas E. McNamara, today released guidelines to ensure that information privacy and other legal rights of Americans are protected in the development and use of the ISE. These guidelines have been approved by the President and are being issued to the heads of all executive departments and agencies.

On Dec. 16, 2005, the President issued a memorandum to the heads of executive departments and agencies titled, "Guidelines and Requirements in Support of the Information Sharing Environment." Guideline 5 of that memorandum directed the Attorney General and the Director of National Intelligence, in coordination with the heads of executive departments and agencies that possess or use intelligence or terrorism information, to develop guidelines to ensure that the information privacy and other legal rights of Americans are protected in the development and use of the ISE. These guidelines fulfill the requirements of section 1016(d) of the Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA).

Read full article at U.S. Newswire

To view the privacy guidlines, visit: http://www.dni.gov/press_releases/PrivacyGuideline.pdf

The Privacy and Civil Liberties Oversight Board’s 17th meeting

Recommended by the July 22, 2004, report of the National Commission on Terrorist Attacks Upon the United States (the 9/11 Commission), the Privacy and Civil Liberties Oversight Board was established by the Intelligence Reform and Terrorism Prevention Act of 2004. It consists of five members appointed by and serving at the pleasure of the President. The Chairman and Vice Chairman are confirmed by the Senate. Board members are selected from among trustworthy and distinguished citizens outside the Federal Government who are qualified on the basis of achievement, experience, and independence. The Board is part of the White House Office within the Executive Office of the President and supported by an Executive Director and staff.


The Privacy and Civil Liberties Oversight Board’s seventeenth meeting will be hosted by Georgetown University in Gaston Hall at Healy Hall on December 5, 2006, from 2:00 to 5:00 pm. This will be the first public meeting of the Board, and it is designed as an expert’s forum in which the Board will solicit comments from non-governmental individuals and organizations with an interest and expertise in privacy and civil liberties issues arising in the context of the government’s actions to protect the nation from terrorism. The Board has also invited privacy and civil liberties officers from a number of federal departments and agencies, including the Departments of Justice and Homeland Security, the Office of the Director of National Intelligence and the Terrorist Screening Center, to attend.


Members of the public interested in attending this meeting as audience members register at http://www12.georgetown.edu/sfs/rsvp/campus.

Shoes & X-ray screening

TSA's revealing X-ray screening raises privacy concerns
Usa Today By Thomas Frank

The federal government plans this month to launch the nation's first airport screening system that takes potentially revealing X-ray photos of travelers in an effort to find bombs and other weapons.

Transportation Security Administration screeners at Phoenix Sky Harbor International Airport will test a "backscatter" machine that could vastly improve weapons detection but has been labeled a "virtual strip search" by the American Civil Liberties Union. Backscatter can show clear images of nude bodies.

Full article at Usa Today


Nike+iPod Sport Kit raises privacy concerns
Phsysorg.com

"It is easy for someone to use the Nike+iPod as a tracking device," says Scott Saponas, a doctoral student in computer science and lead author of a technical report posted online at www.cs.washington.edu/research/systems/privacy.html on Nov. 30. "It's an example of how new gadgetry can erode our personal privacy." The researchers suggest that people who own a Nike+iPod Sport Kit turn it off when they're not exercising so that it stops emitting signals.

19 Annual FIRST Conference

19th Annual FIRST Conference

“Private Lives and Corporate Risk”

Digital Privacy - Hazards and Responsibilities

in Seville, Spain, June 17-22, 2007

Sponsored by FIRST

• How privacy breaches most commonly occur – and security measures you can take to lessen the risks

• What to do if a privacy breach does occur: guidelines for Incident Response Teams

• How to communicate to stakeholders and the public to minimise damage to reputation and credibility after a privacy breach

• Orwell’s “1984” – Past history or present tension? The challenges to individual liberties that are now unfolding as we grapple with big brothers around the globe.

Privacy International and EPIC launch Privacy and Human Rights global study

Source Text Privacy International

Each year since 1997, the Electronic Privacy Information Center and Privacy International have undertaken what has now become the most comprehensive survey of global privacy ever published. The Privacy & Human Rights Report surveys developments in 70 countries, assessing the state of technology, surveillance and privacy protection.

The most recent report published in 2006 is probably the most comprehensive single volume report published in the human rights field. The report runs to almost 1,200 pages and includes about 6,000 footnotes. More than 200 experts from around the world have provided materials and commentary. The participants range from law students studying privacy to high-level officials charged with safeguarding constitutional freedoms in their countries. Academics, human rights advocates, journalists and researchers provided reports, insight, documents and advice.

This year Privacy International took the decision to use the report as the basis for a ranking assessment of the state of privacy in all EU countries together with eleven benchmark countries. This project was first considered in 1998 but was postponed pending availability of adequate data. We now have the full spectrum of information at our disposal and we hope to publish the rankings on an annual basis.

Key Links

Privacy and Human Rights 2005.

Ratings Table of EU and Leading Surveillance Societies (JPG) .

Briefing paper on the ratings table (PDF).

Towards FP7: Privacy issues

The Framework Programmes (FPs) have been the main financial tools through which the European Union supports research and development activities covering almost all scientific disciplines

FPs have been implemented since 1984 and cover a period of five years with the last year of one FP and the first year of the following FP overlapping. The current FP is FP6, which will be running up to the end of 2006. It has been proposed for FP7, however, to run for seven years.

Two of the specific programmes are:

ICT - Information and Communication Technologies

The draft Work Programme for ICT research in FP7 in 2007 and 2008 is now available online

Security

Source text: DRAFT WORK PROGRAMME 2007-08 EUROPEAN COMMISSION (7th Framework)


d) Identity management and privacy enhancing tools with configurable, contextdependent and user-controlled attributes in static and dynamically changing environments; trust policies for managing and assessing the risks associated to identity and private data.

e) Longer term visions and research roadmaps; metrics and benchmarks for comparative evaluation and open technology competitions, in support of certification and standardisation; international cooperation and co-ordination with developed countries; coordination with related national or regional programmes or initiatives and; coordination of FP7 projects addressing security, dependability, privacy and related ethical issues across different challenges and objectives of this work programme.
. . . . .

• ICT users empowered to handle their digital identity and personal data and to protect their privacy, turning the European view on privacy into an economic advantage; strengthened trust in the use of networks, software and services for governments, businesses and consumers.

. . . . . . .

b) Cooperating objects and Wireless Sensor Networks: spontaneous cooperation of objects in spatial proximity in order to jointly execute a given task. This will require

(1)
new methods and algorithms to support different cooperation concepts and modes;
(2)
hardware/software platforms including operating systems or kernels and communication protocols to enable distributed optimal execution; and
(3)
programming abstractions and support tools to facilitate third party programming of self-organising systems composed of heterogeneous objects. Research challenges also include dynamic resource discovery and management, semantics that allow object/service definition and querying for data and resources, advanced control that makes the systems reactive to the physical world, as well as security and privacy-enabling features. While the developed technology should be generic, it should be driven by an entire class of ambitious future applications in which scalability and deployment should be addressed. International cooperation on foundational research with the USA and other countries is encouraged.

. . . . . . . .

Architectures and technologies for personalised distribution, presentation and consumption of self-aware, adaptive content. Detecting and exploiting emergent ambient intelligence they will use features embedded in content objects and rendering equipment to enable dynamic device adaptation, immersive multimodal experiences and contextual support of user goals and linguistic preferences. Privacy preserving learning algorithms will analyse user interactions with devices and other users so as to update and effectively serve those goals and preferences..

. . . . . . . . .



LINKS:

i2010 - A European Information Society for growth and employment

Trust in the Internet as an experience technology

Oxford Internet Institute

Webcast

iCS Webcast Series: Trust in the Internet as an experience technology

Speakers:

Bill Dutton (Director of the OII)

Brian Loader (Editor of iCS)

South Korean city of the future raises hopes, concerns

South Korea is one of the most exciting places to work in IT issues, so just look at Ministry of Information and Communication website, or IT 839 Strategy (8 services/3 infras/ 9 engines).

Today Taipei Times, publishes this article about the New Songdo City, which its developers say may be the world's largest ever private development project, is the crown jewel of an ambitious plan by the Seoul government to turn a muddy plot of 607 hectares of reclaimed land on the Yellow Sea into a gateway to northeast Asia.

Read full article:

South Korean city of the future raises hopes, concerns
PERSONAL INFORMATION: Want to live and work in a place that is totally networked? Try New Songdo City, but be warned -- Big Brother might intrude on your privacy

Report: Data agency broke privacy laws

Report: Data agency broke privacy laws

published at Business Week, November 23, 2006

By CONSTANT BRAND

BRUSSELS, Belgium

A report by an EU panel released Thursday said the bank data transfer agency SWIFT broke European privacy laws by handing over personal data to U.S. authorities for use in anti-terror investigations.

The Belgian-based company, the Society for Worldwide Interbank Financial Telecommunication, "committed violations of data protection laws" by secretly transferring data to the United States, without properly informing Belgian authorities, the EU's data protection panel said.

The panel's report calls on SWIFT, financial institutions and EU authorities to "take the necessary measures" to end the transfer, which it said contradicts Belgian and EU data protection rules. SWIFT is still transferring data under U.S. subpoenas.

Read full article at Businees Week

U.S., EU Seek to Ease Banking-Privacy Concerns

The Wall Street Journal online publishs today this article U.S., EU Seek to EaseBanking-Privacy Concerns by Glenn R. Simpson about the European privacy watchdogs step up their criticism of a U.S. counterterrorism program that monitors global bank-transfer data, U.S. and European Union officials are quietly exploring ways to preserve the program while allaying privacy concerns.


Read full article at Wall Street Journal

Genomic Data Privacy

A vision for the future of genomics research, Nature, Nature 422, 835-847 (24 April 2003


Genomic Research and Data-Mining Technology: Implications for Personal Privacy and Informed Consent , Springer Netherlands, Ethics and Information Technology, Volume 6, Number 1 / March, 2004


An Evaluation of the Current State of Genomic Data Privacy Protection Technology and a Roadmap for the Future , Am Med Inform Assoc.

Spying On My Wife

Simson Garfinkel writes an article Spying On My Wife on Technology Review about CarChip "35-by-48-by-25-millimeter data recorder that plugs into a connector found under the dashboard of most cars and light trucks sold in the United States and Canada since 1996".

"The CarChip's reports contain an incredible amount of data. The report for each trip notes when the engine was started, when it stopped, and how fast the car was going every five seconds in between--all in the form of a pretty graph"

Read the full article at: Technology Review

Snap... privacy and 33.5m camera phones

Christina Michalos is a barrister at 5RB, London. She has written The Law of Photography & Digital Images (Sweet & Maxwell, 2004)

She writes this article Snap... privacy and 33.5m camera phones at Times online.

THERE are now more than 33.5 million camera phones in Britain, according to a recent survey by the Mobile Data Association. This is more than just an interesting statistic — it means that there are 33.5 million people equipped to take a photograph or video of you in a public place and upload it on to the internet for the world to see.

Many magazines and photo agencies pay for mobile phone pictures of celebrities taken by the public. Image-sharing sites such as YouTube and Flikr, which have a user base far in excess of any tabloid newspaper, are full of videos and photographs authored by citizen paparazzi. So what can Joe Public do to stop his 15 minutes of fame becoming 15 minutes of internet shame via an unfortunate camera phone image?

Read full article at Times Online

Ernest & Young: Global Information Security Survey

The 2006 Global Information Security Survey by Ernest & Young is unique in providing a genuine, standards-driven benchmarking approach with the ISO 17799 based-benchmark. Organizations wanting to participate in the ISO 17799-based benchmark can do so at no cost and obtain their own individual report.

Paul van Kessel, Global Leader of Ernst & Young’s Technology and Security Risk Services, comments, “We have identified five major information security priorities in which companies are showing significant progress, but also where continuous improvements are necessary to keep pace with the growing requirements of effective risk management.

“Among the most notable priorities is privacy and personal data protection, which is the one information security issue most-consumer driven. It has become a high-stakes business issue, catapulted up the board agenda by consumer concerns caused by well publicized lapses of security and the growing response of government and legislative activism. Understandably it is the area where companies are being most active, with privacy and data protection practices becoming increasingly more formalized.”

vnunet.com comment: Clive Longbottom on the end of privacy

Clive Longbottom, service director of Quocirca, writes this article at vnunet.com: vnunet.com comment: Clive Longbottom on the end of privacy

The latest problem to be thrown at us, on top of war, global warming, disease etc, is that we are 'sleepwalking into a surveillance society'.

The worry is that, owing to all the data being collected these days, we no longer have any real privacy.

We are covered by cameras, the 'powers that be' have oodles of information on everyone of us, and the private sector has got in on the act with the likes of loyalty cards.

Read full article at vnunet.com

RFID & IBM

By Erika Morphywww.CRMBuyer.com

Part of the ECT News Network 11/09/06 3:04 PM PT

A year after IBM scientist Paul Moskowitz distributed handmade prototypes of his invention at an industry event, IBM has announced it will license his Clipped Tag technology -- which features an RFID tag small and flexible enough to allow consumers to tear off most of its antenna -- to Marnlen RFiD. The firm said it will begin production of Clipped Tag products immediately.

Read more at: technewsworld.com

Intel drafts privacy license for mobile device software

November 09, 2006 (IDG News Service) -- Intel Corp. has attached a privacy license to its new location-aware software product, intended to protect cell phone users’ personal information as mobile devices increasingly rely on tracking technology to provide targeted services.

Installed on a smart phone or ultramobile PC, location-aware software can use GPS (Global Positioning System) technology to produce tailored information like driving directions, nearby restaurants and movie schedules. The downside of that feature is that handsets can double as tracking devices if location data is not kept private. The abuse of such access could range from civil liberties violations to physical threats in the cases of vulnerable people like battered spouses, Intel fears.

So, Intel has added a privacy addendum to the Eclipse Public License it uses for the software application called Privacy Observant Location System (POLS), according to a posting on Intel's Web site by John Miller, the privacy and security policy manager of Intel's corporate technology group.

28th International Data Protection and Privacy Commissioners' Conference

The last week held in London, the annual Conference of Data Protection and Information Commissioners.

A communiqué was agreed by the Commissioners at the 28th International Conference of Data Protection and Privacy Commissioners. The Commissioners have also adopted several important resolutions.

As technological advances increase the amount of surveillance the Commissioners have recognised the challenges facing data protection. They have identified the key areas where they will work together to overcome these issues and reinforce the fundamental importance of data protection and privacy. These include:


• Assessing the effectiveness of their traditional approaches, and adapting where necessary, to ensure they remain relevant in a fast changing world.

• Engaging with policy makers and citizens more effectively about privacy issues.

• Developing communications to raise awareness of individuals’ data protection rights.


Documents

Surveillance society report
Report
Appendices

Summary report
English
French
German
Spanish

Public discussion document
English
French
German
Spanish

Privacy chiefs vow to fight surveillance together

Privacy chiefs vow to fight surveillance together, is an article published at Out-Law.com


A group of international data and privacy protection commissioners has decided to act together to challenge the surveillance society which they claim is developing. Commissioners from the UK, France, Germany and New Zealand will adopt common policies.

At the annual Conference of Data Protection and Information Commissioners, held last week in London, a joint set of objectives was adopted by the international commissioners aimed at tackling what they see as a growing international issue of constant citizen surveillance.

Read full article at: OUT-LAW

Tracking traffic with cell phones

Credits: Photo by unapersona

Cell phones to track traffic, but at what cost to privacy? article published at CHRON
Associated Press


In some places, costly cameras and radar systems are mounted high above highways to watch traffic at strategic points. Transportation agencies also dig up roads to install sensors that monitor the flow. And helicopters roam the skies of the busiest cities, relaying information to media outlets.

A schematic of how the IntelliOne system works (monotoring.co.za web site)

Atlanta's horrendous traffic has inspired two companies that are looking to monitor more roads and highways at a much lower cost. Their approach: Track the signals of cell phones inside cars.

Read full article at CHRON

Links:

IntelliOne

AirSage

Driving Impulse Shopping with a Smart Cart

Photo: unpersona

Text source: Technology Review
By Duncan Graham-Rowe


Radio frequency identification (RFID) technology may not only be useful for streamlining inventory and supply chains: it could also make shoppers swarm. A new study suggests that supermarkets could increase their revenues by using information gleaned from RFID tags to make shoppers behave like an impulse-buying collective.

Impulse buying currently accounts for about 40 percent of all supermarket purchases, says Ronaldo Menezes, an expert in swarm intelligence at the Florida Institute of Technology, in Melbourne, FL. But his research suggests that impulse buying could be significantly increased if information was fed back to shoppers about what others are buying.

Full article at Technology Review

Microsoft Announces New Identity Management System

Source text epic website


Microsoft recently announced a new identity management system "CardSpace Identity Selector" that will be included as a Windows component embedded in the Vista operating system. Microsoft executives described CardSpace as an "identity metasystem" that allows a user to create multiple virtual ID cards. Kim Cameron, chief identity architect at Microsoft, said each virtual card created by the user would only contain the minimum amount of information that individuals will need to divulge to carry out a transaction applicable to the card. If the system works as advertised, it will be a welcome change from Microsoft's original proposal for an Internet-based identity system, dubbed "Passport."


More info at epic website

Kim Cameron's Identity Weblog

dontdatehimgirl.com ¡ ¡ ¡

Don't Quote Me: Online Anonymity Fosters Prejudice

by Kim Ficera, October 5, 2006


“Anna's biggest concern was that these kids, in a couple years, will be adults, and they will have been taught that they can humiliate someone like this and get away with it.”
— Murphy Klasing, lawyer for Anna Draker, a high school administrator who has filed suit against two students that created a MySpace.com profile in her name and posted false information indicating she was a lesbian.

“I don't understand how people can be so cruel … I don't believe the website offers useful information to anyone — male or female — on dating. And I don't believe anyone should be able to post something anonymously.”
— Todd Hollis, a Pittsburgh lawyer who is suing the operator of DontDateHimGirl.com for posting what he says is erroneous and defamatory information about his health and sexuality.


This morning I did something I've never done before and I hope to never do again. I spent nearly five hours randomly browsing pages on MySpace.com, videos on YouTube.com and posts on DontDateHimGirl.com. I discovered a few things, one of which is that if President Bush is looking for a new form of torture, he need look no further than these websites... (full article a afterellen.com)

Feds Leapfrog RFID Privacy Study

(RFID tag photp) source wikipedia

Extract of Wired article Feds Leapfrog RFID Privacy Study By Ryan Singel

The story seems simple enough. An outside privacy and security advisory committee to the Department of Homeland Security penned a tough report concluding the government should not use chips that can be read remotely in identification documents. But the report remains stuck in draft mode, even as new identification cards with the chips are being announced.

Jim Harper, a Cato Institute fellow who serves on the committee and who recently published a book on identification called Identity Crisis, thinks he knows why the Department of Homeland Security Data Privacy and Integrity Advisory Committee report on the use of Radio Frequency Identification devices for human identification (.pdf) never made it out of the draft stage.

Read full article at Wired

Privacy Lost by David H. Holtzman

Privacy Lost: How Technology Is Endangering Your Privacy
David H. Holtzman
ISBN: 0-7879-8511-2
Hardcover352 pages
October 2006

Holtzman vividly reveals actual invasions and the dangers associated with the loss of privacy, and he takes a realistic look at the trade offs between privacy and such vital issues as security, rights, and economic development.

Praise for Privacy Lost

"Whether we know it or not, we have all become citizens of the Digital Age. As such we need to take responsibility for our conduct, our safety, and our privacy. David Holtzman is deeply knowledgeable about the industry and passionate about the issues. Regardless of your political views, you will come away from this book better equipped to meet the challenges before us all."

Geoffrey A. Moore, author, Dealing with Darwin: How Great Companies Innovate at Every Phase of Their Evolution

"Holtzman has drafted a blueprint all citizens of this great land ought to read if they desire to understand what privacy truly means, why it is important to both their everyday life as well as to their understanding of what it really means to be free, and what they can do to salvage what little privacy is left them. Privacy Lost needs to be readily available on the desks of all concerned citizens—heavily dog-eared and underlined."

Bob Barr, practicing attorney and former Member of theUnited States House of Representatives

Data Protection Practical Compliance - 1st Annual Conference

The 1st Annual Data Protection Practical Compliance Conference will be held in Dublin, Ireland on 10th November 2006

This annual Conference brings together the leading authorities in the field of data protection, as well as the related areas of records management, privacy and computer technology.

Billy Hawkes, the Data Protection Commissioner, is the keynote speaker. Other expert speakers are from law firms, leading corporations and government.

This one-day Conference is specifically designed to give you the key resources and information for your organisation to manoeuvre within Ireland's rapidly expanding fields of data protection, privacy, and records management.

The Australian Privacy Foundation urges patients to opt out of database

Text source ABC Newsonline

The Australian Privacy Foundation (APF) says patients should ask their doctor not to put their records on a new electronic database, because the system is a breach of privacy.

The New South Wales Government says it will roll out the system, which will allow a patient's health records to be accessed from anywhere within the public health system at any time.

The chairwoman of the APF, Anna Johnston, says patients' records will be put on the database unless they opt out.

Ms Johnston says a trial of the system has failed to get the support of doctors.

Links:

Privacy issues and risks with electronic health records (APF website)

RFID Technology Bad News for Privacy and Security, Says Smart Card Alliance

Text Source: Smarting Card Alliance Press Release

Using the long read range radio frequency identification (RFID) technology the Department of Homeland Security (DHS) and State Department are proposing for passport cards will do little to increase the security of the nation's borders, and opens up possibilities that U.S. citizens could be tracked, the Smart Card Alliance said today. The Alliance contends that a more privacy sensitive and secure passport card solution using the same contactless smart card technology found in the new electronic passports (ePassports) can improve border security without causing delays at crossings.

“Using long range RFID technology is a major step backwards for government-issued identity credentials,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “These RFID tags simply don’t have the security features necessary to protect the border and also maintain citizen privacy.

Homeland Security ID Card Filled with Security, Privacy Risks

Text Source EPIC website

The State Department recently published a proposed rule in the Federal Register for the creation of the People Access Security Service (PASS) card, which would be used for "international travel by U.S. citizens through land or sea ports of entry between the United States, Canada, Mexico, the Caribbean, and Bermuda." If adopted as proposed, the PASS Card would include a long-range wireless technology that would create an increased security risk. This is a significant change from the previous system, where U.S. citizens would show a driver's license, birth certificate or nothing at all to cross the border.


State Department's Federal Register PASS Card Proposal:
http://www.epic.org/privacy/surveillance/spotlight/0806/pass_fr.html

EPIC's Spotlight on Surveillance: "Homeland Security PASS Card: Leave Home Without It":
http://www.epic.org/privacy/surveillance/spotlight/0806

Privacy Research in Canada

Text by Michael Geist of the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa.

In recent years several Canadian experts have carried out innovative research to identify some solutions.

Ian Kerr of the University of Ottawa has studied the trust relationship between consumers and their ISPs, interview to Ian Kerr

Steve Penney of the University of New Brunswick has focused on cybercrime,

Kerry Rittich of the University of Toronto has examined workplace concerns in the new economy,

Darin Barney of McGill University has written on the impact of digital networks on privacy rights, and

Teresa Scassa of Dalhousie University has tackled federal privacy legislation. Law & Technology Institute


And others:


Centre de recherche en droit public
http://www.crdp.umontreal.ca/fr/index.html


Chaire L. R. Wilson sur le droit des technologies de l'information et du commerce électronique

(podcast available, Conférences en ligne)

Korean Government to Mandate SSL Certificates

Text Source: Compliance & Privacy

Starting January 1, 2007, any businesses in Korea collecting personal information on-line or conducting e-commerce transactions will be mandated to run SSL certificates in the server side. While the client certificates mainly for personal Internet banking and on-line purchases by individuals have been widely and almost ubiquitously used as already mandated by the government, there have been very little adoptions of server certificates meaning this new legislation will be a major shift in the government policy in Korea to drive major adoptions of server certificates. With this legislation, the Korean Government expects on-line businesses in Korea to have 10K new certificates installed by the end of this year and additional 40K within Year 2007.

Microsoft Customer Privacy Guidelines

Source Text: Microsoft Website

In response to requests from customers, partners, ISVs, educators, advocates, and regulators, we created a public set of privacy guidelines for developing software products and services.

These guidelines are based on our internal guidelines and our experience incorporating privacy into the development process. By documenting our principles, we hope to help anyone building products and services to meet customer expectations and deliver a more trustworthy experience.


Basic Concepts and Definitions

Guidelines:

Scenario 1: Transferring PII to and from the Customer’s System

Scenario 2: Storing PII on the Customer’s System

Scenario 3: Transferring Anonymous Data from the Customer’s System

Scenario 4: Installing Software on a Customer’s System

Scenario 5: Deploying a Website

Scenario 6: Storing and Processing User Data at the Company

Scenario 7: Transferring User Data Outside the Company

Scenario 8: Interacting with Children

Scenario 9: Server Deployment

EU Calls for Stronger RFID Privacy

European Commission Press Releases

Brussels, 16 October 2006

The European Commission today reports on the initial findings from its wide public debate on Radio Frequency Identification. At the ‘RFID – Heading for the Future’ conference in Brussels today, possible future policy options will be discussed with stakeholders from all over Europe and beyond.

Why is the Commission involved in RFID? Why not leave it completely to the private sector?

The private sector is crucial for developing the technological and economic conditions for successfully introducing RFID technologies. But as the private sector cannot clear all the roadblocks, this could slow RFID introduction.

Examples include the need for a common European technical standard to ensure that RFID systems work together and the lack of a radio frequency allocation common to all EU Member States. Suitable standards for RFID are crucial to its successful introduction. The Commission relies on standards proposed by the existing standardisation bodies in Europe, such as CEPT and ETSI for frequency spectrum allocation, and CEN and ISO for interoperability. It counts on self-regulation and industry-wide agreements to remove the remaining obstacles.

RFID also raises a number of public interest issues, including data protection and security. Here, there is a clear need to identify joint European responses to legitimate societal concerns. On privacy, RFID is generating a number of important questions such as: how do we credibly ensure that RFID tags are not abused to invade the privacy of consumers? Do we need to destroy an RFID tag when it could be useful for self-configuring products (built from autonomous components and assemblies), automating warranty checks etc.? The Commission’s role here is to help build a cross-society consensus on technical, legal and ethical issues associated with RFID and to intervene, where required, with regulatory instruments.

In addition to privacy, the interoperability debate and the availability of radio frequency spectrum are also important. We very much need a common approach throughout Europe, so as to ensure that individual EU Member States do not opt for incompatible solutions which ultimately would be detrimental to everyone. For example, because Europe lacks a common frequency range for ultra-high frequency (UHF) tags, electronic invoicing is possible within each country, but e-invoicing systems will not work across borders. Also a sector-specific approach, such as common EU guidelines that set out minimal requirements for RFID applications in different sectors (such as healthcare or government), might be helpful for industry and citizens in Europe.

More information on the public debate on RFID can be found at: www.rfidconsultation.eu

In the news:

EU mulls RFID privacy laws Register, UK

EU Fears Radio Tags Will Invade Privacy All Headline News

EU Calls for Stronger RFID Privacy ENT News

Privacy concerns surrounding RFID must be addressed Computeractive

me & internet

Consumers have few options to control data on Internet services such as search

By Associated Press


If you do not like what your favorite Internet search engine or e-commerce site does with information it collects about you, your options are limited to living with it or logging off.

The Media-Sharing Mirage

Technology Review publishs today this article The Media-Sharing Mirage by Wade Roush about how new collected information tools fuse all the information into online journals, diaries.


Many tools now exist for capturing and sharing data collected on mobile devices. Will they turn us into globe-trotting personal publishers--or glorified file clerks?

Wireless laptops, home broadband connections, and camera phones are nearly ubiquitous, at least in urban parts of the industrialized world. And several Web-based media-sharing services--including eSnips, Nokia's Lifeblog, Motorola's Avvenu, and Six Apart's Vox--can fuse all the information those devices collect into online journals.

The vision is clear: multimedia diaries should document all our experiences and gather our favorite files so we can share them as widely as we wish.

The implementation, however, is flawed.

Read complete article at Technology Review

Video Searching by Sight and Script

Video Searching by Sight and Script an article published at Technology Review by Brendan Borrel

Researchers have designed an automated system to identify characters in television shows, paving the way for better video search.

Now researchers have developed a system that uses a combination of face recognition, close-captioning information, and original television scripts to automatically name the faces on that appear on screen, making episodes of the TV show Buffy the Vampire Slayer searchable.

"We basically see this work as one of the first steps in getting automated descriptions of what's happening in a video," says Mark Everingham, a computer scientist now at the University of Leeds (formerly of the University of Oxford), who presented his research at the British Machine Vision Conference in September.

Full article at Technology Review


LINKS:

Computer Vision Group at University of California, Berkeley

Visual Geometry Group at Oxford University

ICANN & Privacy

Internet privacy 'sacrificed' by Icann, article published at BBCNEWS

Internet law professor Michael Geist argues that the internet oversight body has sacrificed the issue of privacy for a shot at independence.

For the past five years, privacy has lingered as one of the Internet Corporation for Assigned Names and Numbers' (Icann) most contentious policy issues.

Information on tens of millions of domain name registrants is contained in the "WHOIS database", which is readily available to anyone with internet access.

Pre-dating Icann, the database identifies the name, address and other personal information of domain name registrants.

Full article at BBCNEWS

Australia: Law Reform Commission to review the Privacy Act

The Federal Government is concerned that developments in information technology have outpaced our privacy laws, and it's asked the Australian Law Reform Commission to review the situation.

Now the Commission has released an issues paper and is calling for public submissions, as Chris Uhlmann reports.

Do Australians feel that their privacy is adequately protected? Is it possible for privacy laws to keep up with technology such as data matching, facial recognition and even body odour measurement? Do younger people care as much about privacy as their elders?

Australians want their personal, financial and employment details better protected from telemarketing firms, but their health information more freely available to hospitals, a new privacy report reveals.

Privacy: Review of the Privacy Act 1988

Issues Paper 31 Review of Privacy(IP 31, October 2006)

Computers, biometrics and Gen Y: Is privacy passé?

EU and US push for air data deal

Text Source BBCNEWS

European and American negotiators are making a new effort to resolve a dispute over the tansfer of data about transatlantic airline passengers.

The US demands up to 34 pieces of information about each traveller, but a deal authorising European airlines to hand it over lapsed on 30 September.

Read full article at BBCNEWS

More info:

Justice and Home Affairs Council in Luxembourg on 5 and 6 October
Council Conclusions on Justice and home affairs council meeting, 5-6 October 2006

- - - - - - - - - - - - - -

01.10.2006 - Airline passenger data - European Commission statement on negotiations with the United States, European Commission DG Justice and Home Affairs

- - - - - - - - - - - - - -

Passenger information row settledGuardian Unlimited, UK

Draft deal reached on EU-US air dataReuters.uk, UK