Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Civil liberties’ Category

    IT News (Australia): Academics get personal over big data

    Wednesday, July 16th, 2014

    We’ve discussed the pitfalls of various anonymization or “de-identification” techniques and how the information can be “deanonymized” or re-identified, leading to privacy problems for individuals. In 2009, University of Colorado law professor Paul Ohm discussed “the surprising failure of anonymization,” and said, “Data can either be useful or perfectly anonymous but never both.” He said anonymization’s failure “should trigger a sea change in the law, because nearly every information privacy law or regulation grants a get-out-of-jail-free card to those who anonymize their data.”

    Now, IT News reports on a research paper, “No silver bullet: De-identification still doesn’t work” (pdf), by Princeton’s Arvind Narayanan and Edward W. Felten concerning the continued privacy problems with de-identification of personal information. (Felten was chief technologist for the Federal Trade Commission and has been a consultant for various federal agencies.) The new paper is a response to one recently published by ITIF researcher Daniel Castro and Ontario privacy commissioner Ann Cavoukian, “Big Data and Innovation, Setting the Record Straight: De-identification Does Work” (pdf).

    IT News reports:

    Scholars at Princeton University have delivered a stinging rebuke to the ‘big data’ movement, insisting that today’s data de-identification tools are not sufficient to ensure privacy. [...] Read more »

    InformationWeek: Florida Law Aims To Tighten Data Security

    Friday, July 11th, 2014

    InformationWeek reports on a new law in Florida that concerns information privacy and security:

    A new law designed to protect Floridians from identity theft could have far-reaching repercussions on healthcare organizations that reside or do business in the Sunshine State. Under the Florida Information Protection Act of 2014 (FIPA), any covered entity or third-party agent must now report breaches to the Florida Department of Legal Affairs and to consumers within 30 days (compared with the prior law’s 45 days). If they show good cause, organizations may get a 15-day extension or receive a law enforcement extension. Violators can be fined $1,000 per day for the first 30 days and $50,000 for each subsequent 30-day period under the Florida Deceptive and Unfair Trade Practices Act (FDUTPA); the fine is not to exceed $500,000.

    The state also expanded ”personal information” to include individuals’ first name or first initial and last name, in combination with any one of the following: passport number; medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional; or health insurance policy number, subscriber identification number, or any unique identifier health insurers use to classify individuals. [...]

    The act, which passed unanimously, should slow the flood of data breaches, advocates said. Faster reporting times, an expanded collection of relevant data, and increased law enforcement involvement will encourage organizations to be more proactive and give law enforcement more opportunities to catch cybercriminals.

    Consortium for School Networking Issues Privacy Resources for K to 12 Grades

    Thursday, July 10th, 2014

    The Consortium for School Networking has announced the release of privacy resources for school districts:

    CoSN (Consortium for School Networking) today unveiled two freestanding resources to accompany its in-depth, step-by-step privacy toolkit. Designed to help school system leaders navigate the complex federal laws and related issues, the complementary resources include:

    •  “10 Steps Every District Should Take Today”; and

    •  “Security Questions to Ask of an Online Service Provider

    Launched in March through CoSN’s Protecting Privacy in Connected Learning initiative, the existing toolkit addresses compliance with laws such as the Family Education Rights and Privacy Act (FERPA) and the Children’s Online Privacy Protection Act (COPPA) and offers smart practices to better protect student privacy and their data. The security questions for online service providers were included in the v.1 toolkit. [...]

    In the fall, CoSN will expand the toolkit with additional sections covering the Protection of Pupil Rights Amendment (PPRA) and the Health Insurance Portability & Accountability Act (HIPAA) – filling out the privacy guide with all four federal privacy laws applied to K-12 education.

    Businessweek: Hospitals Are Mining Patients’ Credit Card Data to Predict Who Will Get Sick

    Wednesday, July 9th, 2014

    Businessweek reports on a story about data mining that could affect the privacy of individuals’ medical information:

    Carolinas HealthCare, which runs more than 900 care centers, including hospitals, nursing homes, doctors’ offices, and surgical centers, has begun plugging consumer data on 2 million people into algorithms designed to identify high-risk patients so that doctors can intervene before they get sick. The company purchases the data from brokers who cull public records, store loyalty program transactions, and credit card purchases. [Carolinas operates the largest group of medical centers in North and South Carolina.]

    Information on consumer spending can provide a more complete picture than the glimpse doctors get during an office visit or through lab results, says Michael Dulin, chief clinical officer for analytics and outcomes research at Carolinas HealthCare. The Charlotte-based hospital chain is placing its data into predictive models that give risk scores to patients. Within two years, Dulin plans to regularly distribute those scores to doctors and nurses who can then reach out to high-risk patients and suggest changes before they fall ill. [...] Read more »

    Wired: ISPs File Legal Complaint in Europe Over Spying

    Monday, July 7th, 2014

    Wired reports that a group of Internet service providers and nonprofits in different countries have filed a legal complaint over allegations of spying by Britain’s GCHQ and the United States’s National Security Agency:

    Seven Internet service providers and non-profit groups from various countries have filed a legal complaint against the British spy agency GCHQ. Their issue: that the clandestine organization broke the law by hacking the computers of Internet companies to access their networks.

    The complaint, filed with the Investigatory Powers Tribunal, calls for an end to the spy agency’s targeting of system administrators in order to gain access to the networks of service providers and conduct mass surveillance. The legal action was filed in conjunction with Privacy International, and stems from reports last year that GCHQ hacked employees of the Belgian telecom Belgacom in order to access and compromise critical routers in the company’s infrastructure to monitor the communication of smartphone users that passed through the router. [...] Read more »

    Update on PCLOB Report on the Surveillance Program Operated Pursuant to Section 702 of FISA

    Wednesday, July 2nd, 2014

    Today, the Privacy and Civil Liberties Oversight Board (PCLOB), an independent oversight agency within the executive branch, voted on a “Report on the Surveillance Program Operated Pursuant to Section 702 of FISA” (pdf). In January, the board released a report on the NSA’s surveillance program that collects telephone records in bulk in which it said that NSA program is illegal and should be ended. That report was a strong statement for privacy and civil liberties. Unfortunately, the report that the board released on Section 702 today is not. The board has concluded that the program, which authorized the government to target foreigners reasonably believed to be located overseas, is legal.

    The board noted that the Section 702 program does raise privacy issues, but its proposals fall short of what are needed for real reform to protect individuals’ privacy and civil liberties. The board says, “The Section 702 program has enabled the government to acquire a greater range of foreign intelligence than it otherwise would have been able to obtain — and to do so quickly and effectively. [...] The program has proven valuable in the government’s efforts to combat terrorism as well as in other areas of foreign intelligence.” Read more »