Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Civil liberties’ Category

    Ars Technica: Adobe’s e-book reader sends your reading logs back to Adobe—in plain text

    Wednesday, October 8th, 2014

    Ars Technica reports on a privacy and security issue concerning ebooks and Adobe’s popular Digital Editions ebooks and PDF reader (which is used by many libraries):

    Adobe’s Digital Editions e-book and PDF reader—an application used by thousands of libraries to give patrons access to electronic lending libraries—actively logs and reports every document readers add to their local “library” along with what users do with those files. Even worse, the logs are transmitted over the Internet in the clear, allowing anyone who can monitor network traffic (such as the National Security Agency, Internet service providers and cable companies, or others sharing a public Wi-Fi network) to follow along over readers’ shoulders.

    Ars has independently verified the logging of e-reader activity with the use of a packet capture tool. The exposure of data was first discovered by Nate Hoffelder of The Digital Reader, who reported the issue to Adobe but received no reply. [...] Read more »

    DHS Privacy Office Releases 2014 Annual Report to Congress

    Thursday, October 2nd, 2014

    The Department of Homeland Security’s Privacy Office has released its annual report (3 MB pdf) to Congress. The report focuses on the following “core activities”:

    • Requiring compliance with federal privacy and disclosure laws and policies in all DHS programs, systems, and operations;
    • Centralizing Freedom of Information Act and Privacy Act operations to provide policy and programmatic oversight, to support operational implementation within the DHS components, and to ensure the consistent handling of disclosure requests;
    • Providing leadership and guidance to promote a culture of privacy and adherence to the Fair Information Practice Principles across the Department;
    • Advancing privacy protections throughout the Federal Government through active participation in interagency fora;
    • Conducting outreach to the Department’s international partners to promote understanding of the U.S. privacy framework generally and the Department’s role in protecting individual privacy; and,
    • Ensuring transparency to the public through published materials, reports, formal notices, public workshops, and meetings.

    The report also detailed the Privacy Office’s five strategic goals for the year: Read more »

    Associated Press: California enacts strict student privacy law

    Wednesday, October 1st, 2014

    The Associated Press reports that California Gov. Jerry Brown (D) has signed SB1177, a bill concerning student privacy rights:

    SB1177 by Senate President Pro Tem Darrell Steinberg, D-Sacramento, prohibits companies from using students’ personal information for profit.

    It makes companies responsible for protecting any personal information that they gather from elementary and high school students through websites, online applications and other services.

    The bill requires providers to use the data only for school purposes and bans the sale of students’ personal information to advertisers and third parties.

    Brown also approved a related bill, AB1584, by Assemblywoman Joan Buchanan, D-Alamo, that says student information collected by outside companies remains the property of school districts.

     

    Los Angeles Times: Growing use of police body cameras raises privacy concerns

    Monday, September 29th, 2014

    The Los Angeles Times reports that local police departments nationwide are increasingly attaching body cameras to officers. This has raised privacy and civil liberties questions. The Times reports:

    The Los Angeles County Sheriff’s Department and the Los Angeles Police Department, along with police in New York, Chicago and Washington, have launched pilot programs to test cameras for wider deployment.

    But equipping police with such devices also raises new and unsettled issues over privacy at a time when many Americans have been critical of the kind of powerful government surveillance measures that technology has made possible.

    For many departments, questions remain about when officers should be allowed to turn off such cameras — especially in cases involving domestic violence or rape victims — and the extent to which video could be made public. [...] Read more »

    Article 29 Working Party Releases Opinion on Internet of Things

    Friday, September 26th, 2014

    The EU’s Article 29 Working Party on the Protection of Individuals with regard to the Processing of Personal Data has released “Opinion 8/2014 on the on Recent Developments on the Internet of Things” (Working Party pdf; archive pdf). We’ve discussed before  the “Internet of Things,” which is a computerized network of physical objects. In IoT, sensors and data storage devices embedded in objects interact with Web services. (For more on privacy and the IoT, see a Center for Democracy and Technology report that I consulted on and contributed to, “Building the Digital Out-Of-Home Privacy Infrastructure.”) The Working Party writes in its summary:

    The Internet of Things (IoT) is on the threshold of integration into the lives of European citizens. The viability of many projects in the IoT still remains to be confirmed but “smart things” are being made available which monitor and communicate with our homes, cars, work environment and physical activities. Already today, connected devices successfully meet the needs of EU citizens on the large-scale markets of quantified self and domotics. The IoT thus hold significant prospects of growth for a great number of innovating and creative EU companies, whether big or small, which operate on these markets.

    The WP29 is keen that such expectations are met, in the interests of both citizens and industry in the EU. Yet, these expected benefits must also respect the many privacy and security challenges which can be associated with the IoT. Many questions arise around the vulnerability of these devices, often deployed outside a traditional IT structure and lacking sufficient security built into them. Data losses, infection by malware, but also unauthorized access to personal data, intrusive use of wearable devices, or unlawful surveillance are as many risks that stakeholders in the IoT must address to attract prospective end-users of their products or services. Read more »

    Opinion at Guardian (UK): Privacy technology everyone can use would make us all more secure

    Tuesday, September 23rd, 2014

    In an opinion column at the Guardian, Cory Doctorow discusses the need for privacy-protective technology that is easy for the general public to use:

    Internet privacy tools have an unfortunate but well-deserved reputation for being technically difficult and bothersome. There’s a persistent story that says that there is an intrinsic, irreducible complexity to the problem of keeping your communications from being snooped on and keeping your data from leaking that makes it the exclusive domain of spies and the professionally paranoid.

    I don’t believe it. I think that the real reason that privacy is so user-unfriendly is that the case for privacy is intensely technical. [...]

    You don’t need to be a technical expert to understand privacy risks anymore. [...]

    The time has come to create privacy tools for normal people – people with a normal level of technical competence. That is, all of us, no matter what our level of technical expertise, need privacy. Some privacy measures do require extraordinary technical competence; if you’re Edward Snowden, with the entire NSA bearing down on your communications, you will need to be a real expert to keep your information secure. But the kind of privacy that makes you immune to mass surveillance and attacks-of-opportunity from voyeurs, identity thieves and other bad guys is attainable by anyone. Read more »