The Privacy Commissioner of Canada and the New York Consumer Protection Board have both issued privacy guides for businesses.

The New York Consumer Protection Board’s “Business Privacy Guide” (pdf) explains “how to handle personal identifiable information and limit the prospects of identity theft.” The guide notes that, “After California, New York leads the nation in the number of data breach incidents each year. And, New York is 6th per-capita in identity theft complaints.” The guide also explains how identity theft affects businesses’ bottom lines.

In 2007, identity theft alone cost businesses over 40 billion. The average data breach today will cost your business $192 per-incident. According to a Ponemon Institute study, almost 33% of customers surveyed stated that they would cut ties with a company that had a data breach. It is not only good business sense for your organization to safeguard personal information, but it should be a core value to promote and retain business. A business plan might not stop data breach and identity theft, but good privacy practice will help to limit its adverse effects and to protect your business from potential liability.

The board also released the “Identity Theft Red Flag Rules Business Alert” (pdf), “a fact sheet for business covering promulgated rules to safeguard data and help banks and financial institutions protect customers against identity theft.” What are red flag rules? (more…)

In October, the Privacy Commissioner of Canada’s office announced it “has prepared a draft guidance document that sets out good practice rules for private sector organizations that are either contemplating or using covert video surveillance.” The Commissioner asked for public comment on the draft guidance, which sets out a test to determine whether an organization may use covert video surveillance. See my original post. The deadline for public comment is tomorrow, November 14.

Any questions about the draft guidelines or comments process can be sent via email to: consultation@privcom.gc.ca. Comments on the guidance document may be sent by postal mail to:

Covert Video Surveillance Consultation
Office of the Privacy Commissioner of Canada
112 Kent Street, 3rd Floor
Ottawa, Ontario
K1A 1H3

A number of organizations have created documents to offer the Obama-Biden transition team guidance on priorities in the new administration. The issues are broad, including detainee rights, reproductive health, education, open government, security, and privacy, among others. This is Part Two of an unknown number of posts on such transition plans. I will post documents of interest as I find them. This post includes plans from CDT, Human Rights Watch, and the Cato Institute. Here is Part One.

The Center for Democracy and Technology focuses on, “The Internet in Transition: A Platform to Keep the Internet Open, Innovative and Free” in its document (pdf).

Restoring the Balance between Security and Liberty
[...] In order to restore the balance between security and liberty, the next President and Congress should take specific steps, including the following:

• [...] The next President and Congress should work together to enact legislation to update communications privacy laws to account for dramatic advances in technology.
• The next President and Congress should adopt a balanced framework for information sharing and analysis for counterterrorism purposes.
• The next President and Congress should revisit the REAL ID Act and ensure that all governmental identification programs are necessary and effective and subject to adequate privacy and security protections.
• The next President and Congress should work together to update the Privacy Act; the next President should assiduously enforce the Act’s protections.

Preserving Free Speech and Protecting Children Online
[...] In order to preserve free speech and protect children online, the next President and Congress should take specific steps, including the following: (more…)

Here’s an interesting story from the Rockford Register Star. 

Belvidere police will test a wearable surveillance camera that captures video of cops’ actions from the officer’s perspective.

The 3.5-ounce battery-powered camera looks like a pager and can clip to an officer’s uniform or belt. [...]

The camera starts recording once the officer slides the lens open. It can record more than four hours of color video and audio and sells for about $700.

Police in the UK are already testing hats with cameras in them.

A number of organizations have created documents to offer the Obama-Biden transition team guidance on priorities in the new administration. The issues are broad, including detainee rights, reproductive health, education, security, and privacy, among others. This is Part One of an unknown number of posts on such transition plans. I will post documents of interest as I find them. This post includes plans from the ACLU, EFF, and American Constitution Society.

I have been working on this at the ACLU, which has published a transition plan, “Actions for Restoring America.” The privacy issues include:

1. Warrantless spying.
Issue an executive order recognizing the president’s obligation to comply with FISA and other statutes, requiring the executive branch to do so, and prohibiting the NSA from collecting the communications, domestic or international, of U.S. citizens and residents. Issue an executive order prohibiting new FISA powers from being used to conduct suspicionless bulk collection. Re-examine the recent amendments to Executive Order 12333 to limit and regulate all intelligence community activities and to fully protect the privacy and civil liberties of U.S. citizens and residents. Repeal and make public any secret executive orders that limit or qualify that order. Order the attorney general to launch an investigation to determine if any laws were broken or to appoint a special counsel to do the same.

2. Watch lists.
Issue an executive order requiring watch lists to be completely reviewed within 3 months, with names limited to only those for whom there is credible evidence of terrorist ties or activities. Repeal Executive Order 13224, which creates mechanisms for designating individuals and groups as terrorist suspects and preventing US persons and companies from doing business with them - a power of such breadth that, the record shows, it inevitably leads to the designation of many innocent people and does more harm than good.

3. Freedom of Information - Ashcroft Doctrine.
Direct the attorney general to rescind the “Ashcroft Doctrine” regarding Freedom of Information Act compliance, which instructs agencies to withhold information whenever there is a “sound legal basis” for doing so, and return to the compliance standard under Attorney General Janet Reno, which promoted an “overall presumption of disclosure” of government information through the FOIA unless it was “reasonably foreseeable that disclosure would be harmful.” (more…)

The transition site has been created for the incoming administration of President-Elect Barack Obama and Vice President-Elect Joe Biden. It contains a variety of information on plans for the future, including some that affect individual privacy. Here are a few items of interest under the Protecting America section.

 Defeat Terrorism Worldwide

• [...] New Capabilities to Aggressively Defeat Terrorists: Barack Obama and Joe Biden will improve the American intelligence apparatus by investing in its capacity to collect and analyze information, share information with other agencies and carry out operations to disrupt terrorist operations and networks. [...]

Strengthen American Biosecurity

• [...] Prevent Bioterror Attacks: Obama and Joe Biden will strengthen U.S. intelligence collection overseas to identify and interdict would-be bioterrorists before they strike.
• Build Capacity to Mitigate the Consequences of Bioterror Attacks: A well-planned, well-rehearsed, and rapidly executed epidemic response can dramatically diminish the consequences of biological attacks. Barack Obama will ensure that decision-makers have the information and communication tools they need to manage disease outbreaks by linking health care providers, hospitals, and public health agencies.

Protect Our Information Networks
As president, Barack Obama will lead an effort, working with private industry, the research community and our citizens, to build a trustworthy and accountable cyber infrastructure that is resilient, protects America’s competitive advantage, and advances our national and homeland security. [...]

• Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches: Nearly 10 million Americans are victims of identity theft each year, costing more than $55 billion. We must ensure that the privacy of personnel data in computer systems is better protected. The federal government must partner with industry and our citizens to secure personal data stored on government and private systems. An Obama administration will institute a common standard for securing such data across industries and will back strong legislation to protect the rights of individuals in the information age. [...] (more…)