One of the greatest of these threats to privacy is in the form of
Supermarket Discount Cards. But
in the past, big companies have been known to toss privacy out the window when there is
money to be made. Historically:
- A certain delivery company stated that it would never sell the database
of digitized signatures collected when it started using electronic pads — and
then, some years later, did exactly that.
- Companies with very rigorous privacy policies, having collected
significant amounts of personal customer data, have gone bankrupt, and the
files have been offered for sale.
- Intruders have broken into companies and stolen personal information from computerized
files — or even planted backdoors and logging/reporting software in their
systems.*
Note: The material
about RFID chips has
been moved to another page.
Backdoor found in Energizer Duo USB battery
charger. Software that can be downloaded for use with the Energizer Duo USB battery charger
contains a backdoor that could allow an attacker to remotely take control of a Windows-based PC, Energizer
and US-CERT is warning.
Software Turns Your Cell Phone
Against You. Malicious software for cell phones could pose a greater risk for consumer's personal and
financial well-being than computer viruses, say scientists from Rutgers University. The scientists have made a
particularly resilient malware, known as a rootkit, that can turn a cell phone's microphone, GPS and battery against
the phone's owner.
The Editor says...
That's odd. Up until now, anyone who developed a rootkit was called a hacker by the mainstream
news media. Why, in this case, are they being called scientists?
Windows 7 Update "Phones Home" to Microsoft
Every 90 Days. The release of Windows 7 "Update for Microsoft Windows (KB971033)" will
change the current activation and anti-piracy behavior of Windows 7 by triggering automatic "phone
home" operations over the Internet to Microsoft servers, typically for now at intervals of around
90 days. The purpose? To verify that you're not running a pirated copy of Windows...
What the
data miners are digging up about you: Databases know more about you than you realise. A
Carnegie Mellon University study recently showed that simply by knowing gender, birth date and postal zip code,
87% of people in the United States could be pinpointed by name. Websites can collect huge amounts of data from
users. Retailers, for example, can track our every click, what we buy, how much we spend, which advertisements
we see — even which ones we linger over with our mouse.
The Coolest (or
Creepiest) Thing on Facebook. Facebook likes to talk about privacy, but, let's be honest:
If you've spent any time on the social networking behemoth, you know the site is all about revealing yourself.
A new app, however, may take Facebook's hey-look-at-me culture one step too far.
Photocopiers
with disk drives could be used for ID theft. Consumers are bombarded with warnings
about identity theft. Publicized threats range from mailbox thieves and lost laptops to the
higher-tech methods of e-mail scams and corporate data invasions. Now, experts are warning
that photocopiers could be a culprit as well.
Neighbor's data shows up in my browser.
There seems to be some way that my next-door-neighbor's information got into my PC. They always have their
wireless internet on, but my wireless reception is usually disabled. I really don't know how this could
have happened. Of course, since the problem showed up while I was doing my taxes, I am even more paranoid
about what information of mine might have been swapped between households.
Personal
data found hidden in iTunes tracks. Fresh privacy fears have been sparked after it emerged that
Apple has embedded personal information into music files bought from its iTunes online music store.
Technology websites examining iTunes products discovered that personal data, including the name and e-mail
addresses of purchasers, are embedded into the AAC files that Apple uses to distribute music tracks.
Adi Shamir's bug attack: One
(possibly hidden and intentional) bug in any high-level microprocessor as used in any modern configuration can
possibly leak secret keys used by Public-Key Infrastructures. … How easy is it to verify that such a single
multiplication bug does not exist in a modern microprocessor, when its exact design is kept as a trade secret?
McCain loan could violate donor privacy.
When John McCain's presidential campaign all but went broke, it borrowed money from its bank using its fundraising
list as collateral. Problem: McCain's own privacy policy promises donors he won't sell their
information. That seems to put the Republican senator's campaign in a pickle; either it pledged to its
bank proceeds from something it can't sell, or it offered to violate its own promise to donors.
AT&T's Internet Monitoring Plans: News
stories are now appearing widely about an AT&T plan to try block pirated content at the network
level. … To actually pick out particular content from those streams would imply the need to actually
examine and characterize the payload of files to locate and block potentially offending music and/or video
content.
AT&T
rewrites the rules: Your data isn't yours. AT&T has issued an updated privacy policy that
takes effect Friday [6/23/2006]. The changes are significant because they appear to give the telecom
giant more latitude when it comes to sharing customers' personal data with government officials. The
new policy says that AT&T — not customers — owns customers' confidential info and can
use it "to protect its legitimate business interests, safeguard others, or respond to legal process."
This is apparently related to the issue
of Domestic spying.
RIAA Still Feels Entitled To Scour Everyone's
Hard Drives. Ever since the RIAA started taking on file sharing, it's always acted as if it were
entitled to all sorts of things it isn't: access to the names associated with IP addresses without filing
lawsuits, private info on the people they're suing and even the aid of the FBI in what's clearly a civil, not
criminal, dispute.
Lawsuits mounting over massive customer data
breach at TJX. The TJX Cos. Inc. faces federal lawsuits in five additional states over a data theft
that exposed at least 45 million credit and debit cards to potential fraud, according to a regulatory
filing Thursday [6/7/2007] by the owner of stores including T.J. Maxx and Marshalls.
Printer steganography: Many
color printers (Xerox, HP, etc.) add barely visible yellow dots that encode printer serial numbers and
time stamps, down to the minute. Intended primarily to combat counterfeiters, the purportedly
"secret" steganographic code in color printer copies has now
been decoded by
four people at the Electronic Frontier Foundation. There are of course various
slippery-slope privacy issues.
Sleuths
Crack Tracking Code Discovered in Color Printers. It sounds like a conspiracy theory, but
it isn't. The pages coming out of your color printer may contain hidden information that could be
used to track you down if you ever cross the U.S. government.
Caution:
Your Printer is a Government Spy. The government conspired with manufacturers to hide a
secret code on every page generated by a color printer or copier.
Printer dots raise privacy
concerns. The affordability and growing popularity of color laser printers is raising concerns among civil
liberties advocates that your privacy may not be worth the paper you're printing on. More manufacturers are
outfitting greater numbers of laser printers with technology that leaves microscopic yellow dots on each printed page to
identify the printer's serial number — and ultimately, you, says the San Francisco-based Electronic Frontier Foundation,
one of the leading watchdogs of electronic privacy.
EFF's "Yellow Dots of
Mystery" on Instructables. Since late 2004, EFF has been warning the public about "printer
dots" -- tiny yellow dots that appear on documents produced by many color laser printers and copiers.
These yellow dots form a coded pattern on every page the printer produces and can be used to identify
specific details about a document; for example, the brand, model, and serial number of the device that
printed it and when it was printed. In short, the printer dots are a surveillance tool that can
link each printed page to the printer that printed it.
Keep Your Grubby Mitts Off My Hard
Drive. Amazon's new UnBox video service turns out to have some traits that are even
more annoying than the impenetrable cellophane stickers they put on DVD cases. … To be allowed
the privilege of purchasing a video that I can't burn to DVD and can't watch on my iPod, I have to
allow a program to hijack my start-up and force me to login to uninstall it? No way."
Big
Brother Is Tracking You. Many new cell phones come equipped with tracking devices that
can pinpoint the location of the phone to within 30 feet. The feature offers lots of
possibilities both to users and law enforcement. … Even the simplest phones now have enhanced
911 capability mandated by federal law, which can detect a caller's location within a broad area
through triangulated radio signals sent to cell towers.
20
inspectors suspended over GPS. The Massachusetts public safety commissioner
yesterday [7/10/2006] suspended 20 state building and engineering inspectors for refusing to accept
cellphones equipped with global positioning systems.
Camera With Pitt-Jolie Photos Is
Seized. Local police, accompanied by state police and Secret Service officers, went to the
Westfield home of William Keys on Tuesday to recover a digital camera's memory stick after three photos that
appeared on the Internet were tracked to Keys.
[How did they track the photos to a specific camera? Sounds like I need to do some research.]
Cell Service Lets Parents Track
Kids by GPS. Up until now, parents had to deal with a separate company or buy special equipment
to track their children through their cell phones. Sprint Nextel Corp. becomes the first U.S. wireless
provider to sell its own product when the Family Locator Service rolls out Thursday [4/13/2006].
Editor's Note:
The expression "Track Kids by GPS" is misleading. GPS is a
one-way (receive only) service using weak signals that are unreliable inside
houses and cars, and completely useless in tunnels and underground parking
garages. Nextel is most likely comparing the arrival time of PCS signals
at several different sites, and using simple calculations to figure out where the
phone is. (That would be possible without GPS technology, but you'd need an
atomic clock at every cell phone site, so it wouldn't be economically feasible.) What
it boils down to is simply this: Cell phone signals travel about one foot in one
nanosecond. If every cell phone site has a clock that is accurate to 10
nanoseconds, you can figure out where a PCS phone is within 10 feet by comparing the
arrival time of its signals at various (precisely known) locations around town.
The Choice Point
Syndrome. An extensive list of breaches of sensitive personal
information, disclosed just since January 2005.
A bank
you might not want to have Wachovia. More than
48,000 customers of Wachovia Corp. and 600,000 of Bank of America
Corp. have been notified that their financial records may have been stolen
by bank employees and sold to collection agencies.
Texas
loan company's personal data 'lost'. Texas Guaranteed Student Loan Corp. has announced the loss
of the names and Social Security numbers of 1.3 million customers.
Security
Breach Could Expose 40 Million to Fraud. A computer hacker may have
accessed more than 40 million credit card accounts in what could be the largest
in a series of recent security breaches involving consumer data, officials said.
MasterCard
says 68,000 Customers are at High Risk. Credit card users, don't fret. Only
a small fraction of the 13.9 million credit cards accounts at MasterCard exposed to
possible fraud were considered at high risk, the company said Saturday [6/18/2005].
LexisNexis
May Have Had Earlier Breach. A LexisNexis executive said
Wednesday [4/13/2005] there may have been an earlier breach of consumers' personal
data that was never reported to the public. The disclosure at a Senate hearing
came a day after London-based Reed Elsevier, which owns LexisNexis, revealed that
criminals may have breached computer files containing the personal information
of 310,000 people since January 2003.
Evidence From Black
Boxes in Cars Turns Up in Courts. An estimated 25 million automobiles
in the United States now have so-called event data recorders, a scaled-down version
of the devices that monitor cockpit activity in airplanes. Like aviation recorders,
automobile black boxes mainly receive attention after an accident. What the devices
record increasingly finds its way into courtrooms as evidence in criminal and civil
cases, leading some privacy advocates to question how the recorders came to be
installed so widely with so little public notice or debate.
Privacy
Experts Shun Black Boxes. Some safety and privacy experts
are reacting with apprehension, others with all out condemnation over
a recent ruling by the National Transportation Safety Board to require
electronic data recorders or "black boxes" in all new cars manufactured
in the United States. "I take offense that this personal property of
individuals is now being designed by the federal government," said Jim
Harper, privacy attorney and editor
of Privacilla.org.
Software that
knows your every move: Worklenz tracks workers — what
they do, when they do it, and how long it takes.
Online
job listing an ID theft scam: "Background check"
was used to steal full slate of personal info.
The
ugly truth about privacy: Issues involving our personal privacy
affect our day-to-day lives much more than you might think.
Privacy
Survival Guide: How to Take Control of Your Personal Information.
EPIC's
Caller ID Page: Privacy aspects of Caller ID
EPIC's
Cookie Page: Privacy aspects of browser cookies
Big
Brother rides shotgun: Rental-car company
uses GPS to track customer, fines him $450 for speeding.
Drivers
let Big Brother in to get a break. In two new tests, car owners will be able to
let insurance companies monitor their driving via new technology in exchange for lower
rates. The technology will track some combination of when, where, how far and how
fast they drive, giving insurers a way to reward low-risk driving. Now just
experiments, the technology might be a glimpse of the future of car insurance. [Or
the future of law enforcement. Or tax collection.]
How
to Build Privacy Into Customer Authentication. Reports of worsening identity
theft are pressuring companies to adopt stronger methods of making sure they know the identity
of their customers. Most customers will find this additional layer of security
comforting. But the more invasive authentication methods — biometrics,
especially — have people worried that they'll lose their privacy in the process. How
can businesses authenticate their customers without scaring them away? By putting
the consumer in control throughout the authentication process.
Residential
Internet Security: Two types of bad things can happen to an
Internet-connected home computer: The first involves a miscreant duping a user
into running harmful software-a worm, virus, Trojan Horse, or some form of spyware
that reports back some aspect of the user's activities or configuration. The
second bad thing involves a miscreant taking direct control of the computer
and running arbitrary software-either the user's own or the miscreant's. Of
course, many type-1 Trojan Horses give attackers type-2 control, but
the type-1 exploit isn't the only path to type-2 control.
Car-tracking
system: Promises and potholes. General Motors plans to
begin installing new sensors and communications systems into vehicles
next year in a move that could save lives but that also raises
privacy concerns.
Smile, You're
on In-Store Camera: If you can't shop anonymously at your local
retail giant, then privacy as we know it is dead.
It's
Raining Privacy Notices: American consumers
are being leafleted this spring with privacy notices from financial institutions
that invite them to say “no thanks” to having their personal information shared
with third parties. But some privacy advocates say the notices fail to
communicate to consumers, in clear English, their right under federal law to
opt out of data sharing.
TiVo
Technology Erodes Privacy: A group that is
an advocate for our right to
privacy, The Privacy Foundation, has
discovered that TiVo, a system that allows us to record TV shows onto a hard drive, has
been routinely selling information about viewers' habits to advertisers and
the television networks. In other words, TiVo has been sharing its customers'
viewing practices via the phone lines hooked to their recording devices
without viewers' consent or even knowledge.
Netscape
Navigator Browser Snoops On Web Searches: AOL Time
Warner's Netscape unit is snooping on searches
performed by users of its latest Navigator browser at Google
and other search sites. According to a network traffic analysis
performed by Newsbytes, Netscape is capturing Navigator 6 users' search
terms, along with their Internet protocol (IP) address, the date Navigator
was installed and a unique identification number.
The World's Most Privacy-Conscious
Browser. Most browsers offer the option of removing potentially privacy-shattering content saved
on the user's PC, such as searches performed and visited websites. Enter Browzar — the browser which
specialises in doing so to the extent that all of the user's browsing activity is automatically removed once
the application has been closed.
Anonymous
No More On AOL: Warning to anonymous critics on Internet chat
boards trying to sink stocks: We may soon know who you are.
A Setback
for Online Privacy: The ruling against the world's largest
ISP goes to the heart of the question of anonymity on the Internet, and marks
a new stage in the evolution of privacy laws as they pertain to the Internet and
identities of Web surfers, privacy experts said.
One-Third
of U.S. Online Workforce under Internet/E-Mail Surveillance: This
study is the first attempt to estimate the extent of workplace monitoring
based on self-reported user-base ("seats") and revenue figures from publicly-traded
companies that sell e-mail and Internet monitoring software. The report focuses
strictly on continuous, systematic monitoring of employees, rather than
random spot-checks.
Privacy
groups take aim at Microsoft Passport: Thirteen organizations, headed
by the Electronic Privacy Information Center, supported an updated complaint with
the Federal Trade Commission, alleging that Microsoft is in violation of
Section 5 of the FTC Act because of its data collection, sharing and security
practices with Passport.
Who's
Watching You in Your Hotel Room?: Next
time you check into a hotel, you may want to
consider asking if there are any hidden cameras in
your assigned room. There could be cameras hidden in
mirrors, television sets, lamps and even the radio
alarm clock on your nightstand.
Dissecting the
Cue Cat: It is now obsolete, but the Cue Cat was a trojan horse.
All That Data, All
That Secrecy.
Comcast
tracks Web browsing of its 1 million Internet subscribers: The
nation's third-largest cable company has begun tracking the
Web browsing activities of its 1 million high-speed Internet
subscribers without notifying them.
Privacy
Laws: Not Gonna Happen. Privacy
legislation may not be going public anytime soon. Conventional
wisdom in the nation's capital says that the prospect of Congress
enacting Internet privacy laws is extraordinarily likely, and
perhaps even inevitable.
Privacy
at Work? Be Serious. If you feel
your privacy at work has been eroding lately, it's probably more
than just your imagination. Experts say companies are under
increasing pressure to monitor employees electronically, and
workers should assume they are being watched.
Email
Privacy: If you want privacy, don't count on email. Here's why.
Insurer's
patent targets driver's every move.
Microsoft
denies secret accord with NSA, but doubts persist.
Back to The
Privacy Page
|
|
