Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Identification’ Category

    Christian Science Monitor: Privacy concerns? What Google now says it can do with your data (+video)

    Friday, April 18th, 2014

    The Christian Science Monitor considers the issue of privacy and Internet services giant Google:

    Against a backdrop of growing privacy concerns, with every week bringing revelations of data breaches at government or corporate websites, online search behemoth Google quietly updated its terms of service Monday, spelling out just how much personal data it mines as part of its normal business model.

    The new language states: “Our automated systems analyze your content (including e-mails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection.”

    While corporate fine-tuning to an online policy that few users read closely – indeed, most don’t read at all – would not normally be news, Google is singular, say security and legal experts. Not only is the company in the midst of contentious lawsuits over both the spirit and letter of these privacy issues, but, more important, it dominates the online search space to such an extent that what happens at Google impacts the entire cyber-landscape. [...] Read more »

    TechCrunch: HP Finds Mobile Tax Apps Lacking On Security, Privacy

    Thursday, April 17th, 2014

    TechCrunch reports on security and privacy problems with some mobile tax apps:

    As the clock ticks toward midnight, putting an end to tax day 2014, Hewlett-Packard is warning consumers of mobile tax and finance apps that they may want to audit their own usage.

    According to the HP Audit, more than 90 percent of the applications the company tested, including TurboTaxTaxACT and TaxSlayer, contained at least one potential privacy violation.

    Those included accessing the phone’s address book, geo-location, storing sensitive data in clear-text, not setting cookie properties securely and insecurely transmitting data.

    Another 50 percent of the applications use cryptographic methods that are known to have security weaknesses like md5 or SHA1. Other flaws included image caching from a Social Security number input screen, which could expose the information to malware installed on a device. [...]

    “A lot of companies are looking at mobile apps as a fancy user interface, and they’re putting their protection on the back-end behind their firewall,” [said Maria Bledsoe, Senior Manager of Product Marketing at HP.] “But they’re not realizing yet that this is yet another attack vector and is an entry point for the hackers.”

    Center for Investigative Reporting and KQED: Hollywood-style surveillance technology inches closer to reality

    Tuesday, April 15th, 2014

    The Center for Investigative Reporting and KQED looked into emerging surveillance technologies that could have a significant impact on the privacy rights of individuals:

    [Ross McNutt] and his Ohio-based company, Persistent Surveillance Systems, persuaded the Los Angeles County Sheriff’s Department to use his surveillance technology to monitor Compton’s streets from the air and track suspects from the moment the snatching occurred.

    The system, known as wide-area surveillance, is something of a time machine – the entire city is filmed and recorded in real time. Imagine Google Earth with a rewind button and the ability to play back the movement of cars and people as they scurry about the city. [...]

    McNutt who holds a doctorate in rapid product development, helped build wide-area surveillance to hunt down bombing suspects in Iraq and Afghanistan. He decided that clusters of high-powered surveillance cameras attached to the belly of small civilian aircraft could be a game-changer in U.S. law enforcement. [...]

    The Center for Investigative Reporting and KQED teamed up to take an inside look at the emerging technologies that could revolutionize policing – and how intrusively the public is monitored by the government. The technology is forcing the public and law enforcement to answer a central question: When have police crossed the line from safer streets to expansive surveillance that threatens to undermine the nation’s constitutional values? Read more »

    Associated Press: Teens adept at social media get privacy training

    Monday, April 14th, 2014

    The Associated Press reports on a privacy program at St. Michael School in suburban St. Louis. The program is based a privacy curriculum based on one released by the Fordham Law School’s Center for Law and Information Policy. AP reports:

    CLAYTON, Mo. — In an age of increased online government surveillance and targeted social media ads, the notion of privacy as a classroom subject worthy of distinct study is gaining momentum far beyond the narrow niches of First Amendment lawyers and computer hackers.

    Using a privacy curriculum developed at Fordham Law School in New York, educators there and at another dozen of the country’s top law schools want to equip adolescents growing up in a digital world with a user manual that has little to do with apps and pixel resolution.

    At the St. Michael School in suburban St. Louis, middle-school students recently learned how to manage their digital reputations. Led by a law-student instructor from nearby Washington University, the preteens discussed how facial recognition software is used everywhere from Facebook to the local mall. As the cellphone increasingly becomes an early adolescent rite of passage, they debated the legal and ethical issues raised by spending hours each day online or texting with friends. […] Read more »

    GAO: IRS Needs to Address Control Weaknesses That Place Financial and Taxpayer Data at Risk

    Friday, April 11th, 2014

    The Government Accountability Office has released a new report, “IRS Needs to Address Control Weaknesses That Place Financial and Taxpayer Data at Risk (GAO-14-405),” concerning security problems that could affect the privacy of taxpayers. Here’s an excerpt detailing problems at the Internal Revenue Service:

    Specifically, the agency had not always (1) installed appropriate patches on all databases and servers to protect against known vulnerabilities, (2) sufficiently monitored database and mainframe controls, or (3) appropriately restricted access to its mainframe environment. In addition, IRS had allowed individuals to make changes to mainframe data processing without requiring them to follow established change control procedures to ensure changes were authorized, and did not configure all applications to use strong encryption for authentication, increasing the potential for unauthorized access. Read more »

    InformationWeek: When Employees Steal Patient Records

    Thursday, April 10th, 2014

    InformationWeek reports on accusations of insiders misusing their access privileges in New York. We’ve seen the problems that arise when insiders abuse or misuse their access privileges to individuals’ data and violate the individuals’ rights. Such cases have occurred in: Tucson, Ariz., where University Medical Center officials fired three employees for violating privacy of patients connected to the shooting rampage of which Jared Loughner is accused; New York City, where a police sergeant pleaded guilty “to illegally entering a federal database and giving information from a terrorist watch list to an acquaintance to use in a child-custody case in Canada”; Ohio, where the Ohio Inspector General released a report (pdf) finding that state employees improperly accessed and distributed confidential state records related to Samuel Joseph Wurzelbacher, who gained fame during the 2008 election as “Joe the Plumber”; and the U.S. government, where the State Department found that federal employees repeatedly snooped into the passport files of entertainers, athletes and other high-profile Americans. The cases aren’t confined to the United States; for example, they’ve occurred in Canada and New Zealand.

    InformationWeek reports on a case concerning medical privacy in Queens, N.Y., as well as other cases in the United States:

    The Queens, N.Y., district attorney recently charged two employees of Jamaica Hospital Medical Center with illegally accessing emergency room patients’ medical records and personal identification information, and selling that data to individuals who then solicited services such as outpatient care or legal assistance — sometimes while patients were still in the ER. [...] Read more »