The Hill reports on new privacy principles from the Defense Advanced Research Projects Agency (DARPA). The agency says in the principles that it has taken steps to improve privacy, including: “Assigned an internal privacy ombudsman to work closely with the DoD Privacy Office, and created an independent Privacy Review Panel that will assess existing and emerging privacy laws, regulations, technologies and norms and analyze their potential. The panel will consist of leading scholars and policy and technology experts in the privacy field.”

The Hill reports that the White House is supporting and commending DARPA’s new guidelines to protect individual privacy. “It is critical that we maintain our privacy and civil liberties in the digital age, and I am delighted to see DARPA’s leadership take this issue so seriously,” Tom Kalil, deputy director for policy at the White House Office of Science and Technology Policy, told the Hill.

Research in Motion (RIM) faced the threat last week that its BlackBerry smartphones would be banned in the United Arab Emirates and Saudi Arabia because of security concerns. Now there are reports that Saudi Arabia and RIM “have reached a preliminary deal on granting access to users’ data,” but these reports are raising questions about the security of the mobile phones, says the New York Times.

Although it is unclear precisely what these countries are asking for, one demand is for the same kind of access to BlackBerry’s encrypted services that they think the company already gives authorities in the United States and other industrialized democracies. [...]

R.I.M. officials flatly denied last week that the company had cut deals with certain countries to grant authorities special access to the BlackBerry system. They also said R.I.M. would not compromise the security of its system.

At the same time, R.I.M. says it complies with regulatory requirements around the world. Read more »

At the Black Hat technology conference in Nevada, Homeland Security Deputy Secretary Jane Holl Lute discussed cybersecurity and privacy.

America needs a safe and secure homeland. We need a dynamic economic engine that generates new wealth. We need strong friends and neighbors. We need predictable relations with others. That’s about the rule of law. What is the role of cyber, cyberspace, and cybersecurity in helping to secure US interests? And to secure them against what? The threat seems pretty comprehensive. You can steal our data, our identities, our past life, our opportunities. But you can’t deter that threat, you can’t have a strategy of deterrence or of prevention, if you never talk about the threat, how we can understand it, indeed, how we can understand cyberspace at all.

Cyberspace and homeland security have a lot in common. A lot of brand recognition. But not everyone knows what those two terms mean. Cyberspace: is it a war zone? Is it a marketplace, a neighborhood, a school, a highway, a do loop of our past activities, a playground, a sandbox, a war zone.

How do cyberspace and war zones compare? Wars happen somewhere. They involve somebody. Geography is key. Seizing and holding terrain. Wars happen somewhere, but cyberspace is sort of this space-time thing. Nobody really gets it. [...] Read more »

The Kansas City Star reports on an issue we’ve seen before: Government use of automatic license-plate recognition cameras. Use of the systems is growing. In March, USA Today reported: “Departments in Denver and Colorado Springs; South Portland, Maine; Gwinnett, Douglas and Cherokee counties in Georgia; and Clinton, Conn., are planning to deploy or have already added License Plate Recognition (LPR) systems this year, officials from those agencies said.”

I discussed the issue when Washington, D.C., began expanding the use of these license plate readers. One of the biggest questions is: What happens to all the data on innocent individuals? In the UK, police admitted (under the pressure of Freedom of Information Act requests) that they are keeping for five years the data from license plate scanners recording the trips of 10 million drivers a day — even those drivers who are innocent.

Constant surveillance treats all individuals as if they are already considered suspicious or guilty. Ubiquitous surveillance occurs in certain situations, such as prisons. Do we want people driving or walking in public to become as watched and tracked as prisoners?

Is this data collection worth the civil liberties costs? Though the scanners do find some criminals, there is a cost-effectiveness argument to be made. For example, in Arizona, “Of the thousands of license plates scanned each day, only a small fraction of the vehicles are tied to some possible criminal activity.”

The Kansas City Star reports:

The readers use three infrared cameras mounted on top of the trunk, pointed in different directions, to constantly scan for nearby license plates. The system compares each plate to lists of stolen vehicles, owners wanted on outstanding warrants, Amber Alert information and more. Read more »

The Associated Press has an update on last week’s Washington Post report detailing a new proposal from the Obama administration that would make it easier for the FBI to get access to an individual’s activities on the Internet via expanded powers in National Security Letters (NSLs). The proposal raises substantial privacy questions.

Federal law requires communications providers to give records in counterintelligence investigations to the FBI, which doesn’t need a judge’s approval and court order to get them.

They can be obtained merely with the signature of a special agent in charge of any FBI field office, and there is no need for suspicion of wrongdoing — the records merely need to be considered relevant to a counterintelligence or counterterrorism investigation. The person whose records the government wants doesn’t even need to be a suspect.

The bureau’s use of these “national security letters,” as the requests are known, has a checkered history. [...] Read more »

The New York Times reports on the issues of privacy and security as applied to electronic information:

The threat by the United Arab Emirates to shut down mobile services on BlackBerrys like e-mail and text messaging underscores a growing tension between communications companies and governments over how to balance privacy with national security.

While communications companies want to be able to ensure that their customers’ messages are shielded from prying eyes, governments increasingly insist on gaining access to electronic messages to track down criminals or uncover terrorist plots. [...]

Internet security experts say the demands by the United Arab Emirates for certain access to communications flowing across the BlackBerry network echo requests of other governments around the world. Many countries have laws and regulations requiring telecommunications providers to grant government agencies access to their systems for court-sanctioned intercepts. Read more »