You are hereFeed aggregator / Sources / Pogo Was Right

Pogo Was Right

Privacy news, updated frequently, from around the world, for those who are serious about privacy.

Updated: 59 min 6 sec ago

Government Pressures Twitter to Hand Over Keys to Occupy Wall Street Protester’s Location Data Without a Warrant

13 hours 27 min ago

Hanni Fakhoury of EFF writes about the Twitter subpoena I previously mentioned on this blog.

… The subpoena is astonishing not only for its poor grammar, but also for the breadth of information the government wants for a trivial crime that hardly requires it. The government’s request that Twitter hand over Tweets is unlikely to succeed because consistent with the Stored Communications Act, Twitter releases “contents of communication” (effectively Tweets and private messages between Twitter users) only with a search warrant. In any event, Mr. Harris’ account is “public”, meaning the government could obtain Tweets simply by checking out Mr. Harris’ Twitter feed. Plus, requesting Tweets only highlights the absurdity of the entire situation: why would the government need Tweets from both before and after the October 1 protest to prove he was obstructing traffic on the bridge? In any event, government fishing expeditions like this raise serious First Amendment concerns. Mr. Harris was very outspoken about his support of and involvement in the Occupy Wall Street movement. With this overbroad subpoena, the government would be able to learn about who Mr. Harris was communicating with for an extensive period of time not only through Tweets, but through direct messages. And with the government’s request for all email addresses associated with @destructuremal, they could subpoena Mr. Harris’ email provider to get even more information about who he communicated with. The First Amendment shouldn’t be trampled with only an expansive subpoena in a case that barely registers as “criminal.”

Given that much of Mr. Harris’ Twitter information (like Tweets and followers) is already public, it’s very likely that the government was really after something else: location data. By attempting to subpoena these records, the government can get around the Fourth Amendment’s prohibition against warrantless searches by requesting information that includes IP addresses.

Data Collection Arms Race Feeds Privacy Fears

Wed, 02/22/2012 - 05:18

Revelations last week that Google Inc, Twitter and other popular Internet companies have been taking liberties with customer data have prompted criticism from privacy advocates and lawmakers, along with apologies from the companies.

They are the latest in a long line of missteps by large Internet companies that have faced little punishment for pushing privacy boundaries, which are already more expansive than most consumers understand.

Despite all the chatter about online privacy and the regular introductions of proposed data protection laws in Congress, Silicon Valley is in the midst of a veritable arms race of personal data collection that is intensifying.

Read more of this Reuters report on Wall Street & Technology.

Categories: Industry Blogs

Google Sued by Apple Safari-User Over Web-Browser Privacy

Wed, 02/22/2012 - 05:13

Phil Milford and Jef Feeley report:

Google Inc. officials were sued for violating users’ privacy rights on Apple Inc.’s Safari Web browser by bypassing computer settings designed to block monitoring of consumers’ online activity.

Google, the world’s biggest Internet-search company, has been dodging privacy settings in Safari, which serves as the primary Web browser on Apple’s iPhone and iPad products, lawyers for an Illinois man who uses the Safari browser said in a lawsuit filed [last Friday] in federal court in Delaware.

Facebook lawsuits sent to SF federal court

Wed, 02/22/2012 - 05:11

Ari Burack reports on the consolidation of Facebook lawsuits:

A series of class-action lawsuits contending that the popular social networking site Facebook illegally tracked members’ Internet activity on other websites has been moved to a federal court in San Francisco.

At issue are claims that Facebook users had their personal information tracked, collected and stored by the website, including portions of their Internet browsing history even when they were not logged in to Facebook. The lawsuits claim violations of the federal Wiretap Act and other laws, as well as of Facebook’s own privacy policy.

Read more on The San Francisco Examiner.

Categories: Industry Blogs

UK: NOTW Computer Hacker Revealed

Wed, 02/22/2012 - 00:22

Philip Campbell Smith, the man at the centre of the News of the World (NOTW) computer hacking allegations, has been convicted of conspiring to illegally access private information for profit.

Legal restrictions around Smith’s involvement were lifted yesterday revealing he allegedly hacked the computer of Ian Hurst, a former British Army intelligence officer, in 2006 as part of a commission for the News of the World. Smith claims he was in contact with former NOTW editor, Andy Coulson, and that he was in his mobile phone directory.

UK: Ryan Giggs finally gives up anonymity over Imogen Thomas ‘affair’

Wed, 02/22/2012 - 00:20

From The Telegraph:

Manchester United and Wales star Ryan Giggs finally gave up all rights to anonymity in the High Court today over his alleged affair with glamour model Imogen Thomas.

Last December he settled his action Against the 28-year-old Big Brother star when he admitted she had not tried to blackmail him.

In court Giggs has always been identified only by the initials CTB but was outed in Parliament and on Twitter.

But today his counsel Hugh Tomlinson QC told Mr. Justice Tugendhat : “He has consented to the removal of the anonymity.”

Ca: Court order required to use facial recognition to identify Stanley Cup rioters

Wed, 02/22/2012 - 00:17

Jonathan Fowlie reports:

The Insurance Corp. of British Columbia cannot use facial recognition to identify Stanley Cup rioters without a court order, B.C.’s privacy commissioner said in a report released Friday.

Commissioner Elizabeth Denham launched an investigation into ICBC’s use of facial recognition technology shortly after the June 2011 Stanley Cup riots, when the corporation — the provincial Crown corporation that provides auto insurance, driver and vehicle licensing and registration to B.C. motorists — offered to match external photographs of alleged rioters against its driver’s licence database.

Argentines concerned about enhanced surveillance measures

Wed, 02/22/2012 - 00:14

Kyle Younker reports:

Denise Saad, who commutes from the outskirts, was happy happy recently to receive a government-issued card to replace the outdated coin-operated system on the buses.

“It’s great the bus system is finally being updated,” she said.

But the 31-year-old theater producer was surprised to learn that her movements were being tracked through the new card, known as SUBE.

It’s one of several new measures that enhance the government’s surveillance and control capacity that have civil liberties groups raising red flags — and Argentines like Saad raising eyebrows.

RIM’s backdoor sniffed by BBM-snooping Indian spooks

Wed, 02/22/2012 - 00:12

Phil Muncaster reports:

Research In Motion is finally set to offer the Indian authorities a permanent system for access to its consumer-focused messaging services with the installation of new Mumbai-based servers.

The Times of India was given a government briefing on the matter. It claimed that the servers have been inspected by government officials and that permission would shortly be granted by the BlackBerry maker for lawful interception of messages if the intelligence agencies there suspect terrorist or other serious illegal activity is being conducted via the platform.

Santorum: Privacy ruined everything

Tue, 02/21/2012 - 23:18

Laura Conaway writes:

Our pal James Carter digs this up from a speech given by Republican frontrunner Rick Santorum back in 2003:

All the rights in the Constitution, which are individually based rights, according to our founders were not there for the individual’s gain, but the reason we established those rights was for the common good. The right to privacy is not the right to a common good. It’s a me-centered right, that obviously started in the sexual revolution with contraception and obviously quickly evolved to abortion, and now has found its way into the marriage debate. And all those acts that were self-giving acts, self-sacrificing acts, have been polluted by this right to privacy.

Transborder Data Flows at Risk

Tue, 02/21/2012 - 23:16

W. Scott Blackmer writes:

… The proliferation of comprehensive data privacy laws, more or less on the European model, increasingly requires US-based multinationals and online companies to adapt to strict requirements for dealing with individuals in other countries. While the rules may soon become more uniform in the EU, they are still new and uncertain in many other countries.

Read his commentary on EU and other non-U.S. countries’ laws on InformationLawGroup.

Categories: Industry Blogs

Il: ACRI files petition against biometric database

Tue, 02/21/2012 - 23:09

The Association for Civil Rights in Israel (ACRI) has petitioned the High Court of Justice to suspend the Biometric Database Law, citing it constitutes a grave breach of privacy.

The law enabled the formation of a biometric database pilot program. The petition claims that other than infringing on the right to privacy, any leak of the database would cause irrevocable damage to public safety and security.

WPF files FTC complaint against Google and others over Safari privacy settings circumvention

Sun, 02/19/2012 - 00:26

The World Privacy Forum filed a complaint with the US Federal Trade Commission today regarding the circumvention of users’ expressly stated browser privacy choices without notice. “The World Privacy Forum requests that the Federal Trade Commission (FTC) investigate Google, Vibrant Media, Media Innovation Group, and Pointroll for potential violations of Section 5 of the FTC Act. These companies willfully overrode users’ privacy preferences as expressly stated by the users in their browser settings. Overriding privacy preferences and doing so without notice are both unfair and deceptive business practices.” The complaint further requests the Commission look into the companies’ violations of the NAI code, and in Google’s case, violation of its consent agreement with the Commission.

The complaint cites the Buzz consent order, an order that EPIC also cited in filing its own action to compel the FTC to block Google’s announced privacy policy changes, slated to go into effect March 1.

The latest brouhaha arose after publication of research by Jonathan Mayer, Safari Trackers.

Categories: Industry Blogs

FTC Files Opposition / Motion to Dismiss in EPIC v FTC

Sun, 02/19/2012 - 00:19

From EPIC.org:

The Federal Trade Commission today filed an opposition and a motion to dismiss in response to EPIC’s complaint to compel the agency to enforce the October 2011 Consent Order against Google. The government stated that EPIC would “deprive the Commission of the discretion to exercise its enforcement authority.” The government also charged that EPIC’s lawsuit is “completely baseless.” The papers were filed in federal District Court on the same today that the Wall Street Journal reported that Google had subverted the privacy settings of millions of users of the Internet browser software Safari. For more information see: EPIC: EPIC v. FTC (Google Consent Order).

Categories: Industry Blogs

Feds Urge Court to Reject Laptop Decryption Appeal

Sun, 02/19/2012 - 00:17

David Kravets reports:

The government is urging a federal appeals court not to entertain an appeal from a bank-fraud defendant who has been ordered to decrypt her laptop so its contents can be used in her criminal case.

Colorado federal authorities seized the encrypted Toshiba laptop from defendant Ramona Fricosu in 2010 with valid court warrants while investigating alleged mortgage fraud, and demanded she decrypt it.

Ruling that the woman’s Fifth Amendment rights against compelled self-incrimination would not be breached, U.S. District Judge Robert Blackburn ordered the woman in January to decrypt the laptop by the end of February. The judge refused to stay his decision to allow Fricosu time to appeal.

The Colorado woman’s attorney appealed anyway, and the government on Thursday asked the 10th U.S. Circuit Court of Appeals to reject the petition that asserts the woman’s constitutional rights would be breached by being forced to hand over evidence against herself.

Twitter stores full iPhone contact list for 18 months, after scan

Fri, 02/17/2012 - 23:17

David Sarno reports:

Twitter Inc. has acknowledged that after mobile users tap the “Find friends” feature on its smartphone app, the company downloads users’ entire address book, including email addresses and phone numbers, and keeps the data on its servers for 18 months. The company also said it plans to update its apps to clarify that user contacts are being transmitted and stored.

The company’s current privacy policy does not explicitly disclose that Twitter downloads and stores user address books.

Read more in the Los Angeles Times. Note that Twitter clarified that names are not stored and that they intend to update their privacy policy to make the collection more transparent. If you are having second thoughts and want to remove your contacts from Twitter’s logs, use the remove link on this page.

Of course, I have been advocating for a long time that Twitter (and other companies) should not retain PII for so long. They are setting themselves up as a more desirable resource for law enforcement and putting our privacy at greater risk of government intrusion or hacking.

Categories: Industry Blogs

Lawmakers to Homeland Security: Social Media Monitoring Threatens Free Speech

Fri, 02/17/2012 - 23:06

Alex Fitzpatrick reports on yesterday’s Congressional hearing:

The U.S. Department of Homeland Security’s monitoring of social media services could be a threat to civil liberties and online free speech, several lawmakers said during a hearing Thursday.

According to a report by a civil liberties group called the Electronic Privacy Information Center, or EPIC, DHS paid more than $11 million to General Dynamics for a system to keep an eye on Facebook and Twitter public posts, as well as comment threads on major news websites.

EPIC’s report found that the system watches public social media posts for comments that “adversely reflect” on the government, and for responses to proposed government plans. EPIC tried to get information about the deal through a Freedom of Information request, but was denied. It then filed a successful lawsuit and was granted access to the specifics by DHS.

During Thursday’s hearing, congressmen from both sides of the asile grilled DHS about the General Dynamics deal as revealed by EPIC’s lawsuit.

Google Circumvents Safari Privacy Protections – This is Why We Need Do Not Track

Fri, 02/17/2012 - 22:41

Peter Eckersley, Rainey Reitman, and Lee Tien and write:

Earlier today, the Wall Street Journal published evidence that Google has been circumventing the privacy settings of Safari and iPhone users, tracking them on non-Google sites despite Apple’s default settings, which were intended to prevent such tracking.

This tracking, discovered by Stanford researcher Jonathan Mayer, was a technical side-effect—probably an unintended side-effect—of a system that Google built to pass social personalization information (like, “your friend Suzy +1′ed this ad about candy”) from the google.com domain to the doubleclick.net domain. Further technical explanation can be found below.

Coming on the heels of Google’s controversial decision to tear down the privacy-protective walls between some of its other services, this is bad news for the company. It’s time for Google to acknowledge that it can do a better job of respecting the privacy of Web users.

FTC Report Raises Privacy Questions About Mobile Applications for Children

Fri, 02/17/2012 - 22:41

From the FTC:

The Federal Trade Commission today issued astaff report showing the results of a survey of mobile apps for children. The survey shows that neither the app stores nor the app developers provide the information parents need to determine what data is being collected from their children, how it is being shared, or who will have access to it.

“At the FTC, one of our highest priorities is protecting children’s privacy, and parents deserve the tools to help them do that,” said FTC Chairman Jon Leibowitz. “Companies that operate in the mobile marketplace provide great benefits, but they must step up to the plate and provide easily accessible, basic information, so that parents can make informed decisions about the apps their kids use. Right now, it is almost impossible to figure out which apps collect data and what they do with it. The kids app ecosystem needs to wake up, and we want to work collaboratively with industry to help ensure parents have the information they need.”

According to the FTC report, Mobile Apps for Kids: Current Privacy Disclosures Are Disappointing, in 2008, smartphone users could choose from about 600 available apps. Today there are more than 500,000 apps in the Apple App Store and 380,000 in the Android Market. “Consumers have downloaded these apps more than 28 billion times, and young children and teens are increasingly embracing smartphone technology for entertainment and educational purposes.”

The report says the survey focused on the largest stores, the Apple App Store and the Android Market, and evaluated the types of apps offered to children, the disclosures provided to users, interactive features such as connectivity with social media, and the ratings and parental controls offered for such apps.

The report notes that mobile apps can capture a broad range of user information from a mobile device automatically, including the user’s precise geolocation, phone number, list of contacts, call logs, unique identifiers, and other information stored on the device. At the same time, “the report highlights the lack of information available to parents prior to downloading mobile apps for their children, and calls on industry to provide greater transparency about their data practices.”

While there was a diverse pool of kids apps created by hundreds of different developers, there was almost no information about the data collection and sharing on the Apple App store promotion pages and little information beyond general permission statements on the Android Market promotion pages. “In most instances, staff was unable to determine from the information on the app store page or the developer’s landing page whether an app collected any data, let alone the type of data collected, the purpose for such collection, and who . . . obtained access to such data.”

The report recommends:

All members of the “kids app ecosystem” – the stores, developers and third parties providing services – should play an active role in providing key information to parents.
App developers should provide data practices information in simple and short disclosures. They also should disclose whether the app connects with social media, and whether it contains ads. Third parties that collect data also should disclose their privacy practices.
App stores also should take responsibility for ensuring that parents have basic information. “As gatekeepers of the app marketplace, the app stores should do more.” The report notes that the stores provide architecture for sharing pricing and category data, and should be able to provide a way for developers to provide information about their data collection and sharing practices.

The report notes that more should be done to identify the best way to convey data practices in plain language and in easily accessible ways on the small screens of mobile devices. The agency will host a public workshop in 2012, in connection with its efforts to update the FTC’s “Dot Com Disclosure” guide, about how to provide effective online disclosures. “One of the topics that will be addressed is mobile privacy disclosures, including how they can be short, effective, and accessible to consumers on small screens.”

The FTC enforces the Children’s Online Privacy Protection Rule. The Rule requires operators of online services, including interactive mobile apps, to provide notice and get parental consent prior to collecting information from children under 13. The report says in the next 6 months, FTC staff will conduct an additional review to determine whether some mobile apps were violating COPPA.

Categories: Industry Blogs

NZ: Lawyers look at privacy after Snapper email marketing

Thu, 02/16/2012 - 10:12

Mathew Dearnaley reports:

Auckland Transport has called in lawyers to review its privacy policy after a technology company used email addresses of more than 50,000 bus passengers to send them marketing offers.

Chief executive David Warburton told his board yesterday the policy had been put under an independent legal microscope as part of an investigation into the use of information obtained from Auckland Transport by electronic card provider Snapper Services


	1300 760 452
	On Line Enquiry
	Info At Swarm-logic.com
	12/1 Elizabeth Plaza, North Sydney

Pogo Was Right

Call Us Today