I’m taking a few months off to concentrate on some personal developments. Until then, please visit the sites in my blogroll to keep up on privacy and civil liberties news.
On Sunday, May 19 at 7 p.m. ET and PT, “60 Minutes” will have include a segment, “A Face in the Crowd,” on the issue of privacy and facial-recognition technology. Here’s what “60 Minutes” says:
The odds are you are not just a face in the crowd any longer. Even if your picture isn’t plastered all over social networking and photo-sharing sites, facial recognition technology in public places is making it harder if not impossible to remain anonymous. Lesley Stahl reports on the new ways this technology is being used that even has one of its inventors calling it too intrusive. Her 60 MINUTES report will be broadcast Sunday, May 19 (7:00-8:00 PM, ET/PT) on the CBS Television Network.
Professor Alessandro Acquisti of Carnegie Mellon, who researches how technology impacts privacy, stunned Stahl with an experiment. He photographed random students on the campus and in short order, not only identified several of them, but in a number of cases found their personal information, including social security numbers, just using a facial recognition program he downloaded for free. Read more »
In a series about cyber compliance issues, the Wall Street Journal takes a look at how collecting enormous amounts of data, without securing the private or sensitive information, can lead to large problems when there are security breaches:
It’s well-known that many companies aren’t aware when they have had their security breached. Compounding that problem is the fact it is hard to determine what might have been lost, because many companies have accumulated data over years in multiple forms.
Ignorance about stored data can magnify the costs of notifying customers and the risk of regulatory or legal repercussions, according to various experts.
“Companies continue to allow the information haystack to grow and grow and grow,” said Bruce Radke, chair of the data privacy group at law firm Vedder Price. The first step in any company’s assessment of its data should be “really looking at the information you need and getting rid of everything else,” he said. [...] Read more »
MediaPost reports on a privacy lawsuit by Android users against Google, the operating system’s creator:
A group of Android users who are suing Google for allegedly violating their privacy have beefed up their complaint with new claims that the company wrongly transfers users’ names and contact information information to app developers. [...]
The new papers come around six weeks after U.S. District Court Judge Jeffrey White in the Northern District of California dismissed an earlier version of the lawsuit, which accuses Google of wrongly transmitting users’ geolocation data and other personal information to app developers. White previously ruled that the consumers didn’t allege sufficient facts to support their claims that Google violated the federal computer fraud law, as well as a host of state laws.
The Toronto Sun reports on a medical data privacy issue in Ottawa:
OTTAWA — A group of patients whose personal information was lost is suing Montfort Hospital in Ottawa for $40 million.
The suit stems from a lost USB memory stick that contained information on 25,000 patients. The stick was lost in November 2012 before it was eventually recovered.
The memory stick contained patient names, a summary of services received, the date of service and a code representing the health care provider on the case. It also included information on 1,255 members of the Canadian Armed Forces.
The plaintiffs are accusing the Montfort of breach of contract, negligence, breach of privacy and violating its own bylaws and the Personal Health Information and Protection Act (PHIPA), [...]
The suit charges the hospital also failed to ensure the memory device was password protected and that the hospital “failed to disclose the loss of personal information “in a timely manner.”
Politico reports that Republican lawmakers have shown increasing interest in online privacy rights and proposals to update the 1986 Electronic Communications Privacy Act (“ECPA,” also known as Title 18 § 2511 of the United States Code):
Momentum to update the nation’s antiquated email privacy laws is again coursing through the Capitol — and this time, movement is coming from the right.
Republicans have been increasingly attaching their names to reforming the Electronic Communications Privacy Act — an issue where Democrats have traditionally taken the lead.
Four Republican congressmen introduced a pair of bills this week that would require government investigators to score a warrant before obtaining someone’s email content. Arizona Reps. Matt Salmon and Trent Franks are partnering on a House version of ECPA reform; Kansas Rep. Kevin Yoder and Georgia Rep. Tom Graves are teaming up on the Email Privacy Act. Read more »