The New York Times has an interesting article on data mining by banks that target customers with bad credit.

Using techniques that grew more sophisticated over the last decade, businesses comb through an array of sources, including bank and court records, to create detailed profiles of the financial lives of more than 100 million Americans.

They then sell that information as marketing leads to banks, credit card issuers and mortgage brokers, who fiercely compete to find untapped customers — even those who would normally have trouble qualifying for the credit they were being pitched.

These tailor-made offers land in mailboxes, or are sold over the phone by telemarketers, just ahead of the next big financial step in consumers’ lives, creating the appearance of almost irresistible serendipity.

These leads, which typically cost a few cents for each household profile, are often called “trigger lists” in the industry. 

These files don’t just contain financial data. 

But Equifax and its rivals started offering new sets of unregulated demographic data over the last decade — not just names, addresses and Social Security numbers of people, but also their marital status, recent births in their family, education history, even the kind of car they own, their television cable service and the magazines they read.

“A team of Swiss researchers say there are several ways to recover keystrokes from wired keyboards by simply measuring the electromagnetic radiations emitted when keys are pressed,” reports ZDNet. “In all, the team of researchers from the Security and Cryptography Laboratory in Lausanne, Switzerland, found four different ways to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls.”

CNet News describes two videos in which the researchers demonstrate the attacks.

In the first video, he shows how only the keyboard was monitored in the attack. He removed the monitor and the tower. He then attached a laptop, but powered it by battery to reduce other sources of electromagnetic emanation from the test site. Then Vuagnoux types in “Trust no one” on the wired keyboard. A minute later, a program reading the electromagnetic emanations displays the text string “trust no one” on the testing system. Read more »

There has been a lot of discussion about privacy and Internet browsing lately. Last month, Germany’s Federal Office for Information Security issued a recommendation that the public not use Google’s new Chrome browser, which was released in beta form. In June, Mozilla Firefox made news when it said it would not include a feature called “Private Browsing” in its latest version of the popular Web browser. 

The Center for Democracy and Technology has released a new report, “Browser Privacy Features: A Work In Progress.” It reviews and compares the privacy tools offered in Mozilla Firefox, Microsoft Internet Explorer, Google Chrome and Apple’s Safari. “Three types of features are analyzed in the charts below: privacy modes, cookie controls, and object controls. We also evaluate the most popular add-ons for each browser and feature type: Stealther for a Firefox privacy mode, CookieSafe for cookie controls in Firefox, AdBobject controls in Firefox and PithHelmet for object controls in Safari.”

Unsurprisingly, the browsers “varied considerably” in the implementation of privacy tools. “Apple, Google, Microsoft, and Mozilla verified the accuracy of the claims made in the report about their browser software,” CDT said. The report is a short and accessible evaluation of the programs and is worth a read.

“The Privacy Commissioner of Canada has prepared a draft guidance document that sets out good practice rules for private sector organizations that are either contemplating or using covert video surveillance,” said Elizabeth Denham, Assistant Privacy Commissioner, in a press release.

“Through our experience in investigating complaints about covert video surveillance under the Personal Information Protection and Electronic Documents Act (PIPEDA), we have identified a need to educate organizations on the obligation to ensure that covert video surveillance is conducted in the most privacy sensitive way possible. Although the use of covert video surveillance may be appropriate in some circumstances, we view the technology as being inherently intrusive,” Denham said.

The Office of the Privacy Commissioner has previously issued guidelines on video surveillance: Guidelines for Overt Video Surveillance in the Private Sector (in collaboration with Alberta and British Columbia) and Guidelines for surveillance of public places by police and law enforcement authorities.

In the draft guidelines on covert video surveillance, Privacy Commissioner Jennifer Stoddart said that “the decision to undertake covert surveillance should be made at a very senior level of the organization.” The draft guidance sets out a test to determine whether an organization may use covert video surveillance: Read more »

For several months, I have been working at the ACLU’s Technology and Liberty Program on a project concerning searches and seizures of US citizens by Border Patrol agents far inland from the actual borders. Fully two-thirds of the US population (197.4 million people) live within 100 miles of the country’s borders, where Border Patrol has been assuming broad powers to interrogate US citizens, creating a “Constitution-Free Zone.” Today, the ACLU held an event at the National Press Club in Washington, DC, to highlight this problem, and two US citizens described their harrowing experiences with Border Patrol.

Click image for the full map. Then click on each state with orange in it to see what percentage of that state's population lives within 100 miles of the US border, a "Constitution-Free Zone."

Barry Steinhardt, Director of the ACLU’s Technology and LIberty Program, discusses the problem over at DailyKos. He writes:

The government is turning vast swaths of our country into a “Constitution-Free Zone” in which U.S. Customs and Border Protection (CBP) is allowed to exercise extraordinary authority that would not normally be permitted under the Constitution. The government says that “the border” -– where there is a longstanding view that the Constitution does not fully apply -– actually stretches 100 miles inland from the nation’s “external boundary.” And increasingly, we are seeing DHS vigorously utilize that authority.

Today we held a press conference at the National Press Club here in DC to try to draw attention to this problem -– and the fact that, as we showed, nearly two-thirds of the US population live within this “Constitution-Free Zone.” That’s 197.4 million people.

We calculated this using the most recent, 2007 numbers from the U.S. Census, and released a map showing the cities and states that are enveloped by this zone. It includes some of the largest metropolitan areas in the country: New York City, Boston, Chicago, Los Angeles and Portland, Oregon. States that are completely within this Constitution-Free Zone include Connecticut, Delaware, Florida, Hawaii, Maine, Massachusetts, Michigan, New Hampshire, New Jersey, and Rhode Island. When you say “border,” they think “all of New England.” Read more »

The Times UK reveals a massive surveillance plan by the British government.

Everyone who buys a mobile telephone will be forced to register their identity on a national database under government plans to extend massively the powers of state surveillance.

Phone buyers would have to present a passport or other official form of identification at the point of purchase. Privacy campaigners fear it marks the latest government move to create a surveillance society.

A compulsory national register for the owners of all 72m mobile phones in Britain would be part of a much bigger database to combat terrorism and crime. Whitehall officials have raised the idea of a register containing the names and addresses of everyone who buys a phone in recent talks with Vodafone and other telephone companies, insiders say.

Of course, the excuse for broad surveillance of all citizens is the theory that it’s needed to catch the few criminals in the population. “The move is targeted at monitoring the owners of Britain’s estimated 40m prepaid mobile phones. They can be purchased with cash by customers who do not wish to give their names, addresses or credit card details,” the Times reports. These customers can include privacy-protective law-abiding citizens (journalists, whistleblowers, other innocents) along with criminals. More and more, anonymity is equated with criminality. Read more »