Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Security’ Category

    Associated Press: Banks harvest callers’ voiceprints to fight fraud

    Thursday, October 16th, 2014

    The Associated Press reports that when some banks’ customers call in to customer service, their voiceprints are being gathered so the banks can identify them. This practice of gathering biometric information, sometimes without giving notice to or obtaining consent from customers, raises substantial privacy questions:

    An Associated Press investigation has found that two of America’s biggest retail banks — JPMorgan Chase & Co., and Wells Fargo & Co. — are quietly recording the biometric details of some callers’ voices to weed out fraud. The technology, sometimes called voiceprinting, is aimed at bad guys rather than legitimate customers, but legal and privacy experts alike still have reservations about the practice. [...]

    As it stands, seven major American financial institutions are already using blacklists or have run pilots, said Shirley Inscoe, an analyst with the Aite Group, a research and advisory firm. Read more »

    Update: Aaron’s Rent-To-Own Chain to Pay $28.4 Million in Settlement Over Privacy, Consumer Protection

    Wednesday, October 15th, 2014

    Last year, the Federal Trade Commission negotiated a settlement with Aaron’s Rent-To-Own concerning surveillance software that was installed on computers that consumers rented from them. The software,  PC Rental Agent from DesignerWare, allowed access to personal e-mails, financial and medical data and webcam photos of partially undressed individuals, the FTC said.

    Now, Aaron’s Rent-To-Own has negotiated a settlement with California over charges that it violated the state’s privacy and consumer protection laws. The privacy portion of the settlement is related to the surveillance software. California Attorney General Kamala D. Harris announced in a statement:

    In addition, the complaint alleges that Aaron’s violated California state privacy laws by permitting its franchised stores to install spyware on laptop computers rented to its customers. A feature in the spyware program called ‘Detective Mode’, which was installed without consumers’ consent or knowledge, allowed the Aaron’s franchisees to remotely monitor keystrokes, capture screenshots, track the physical location of consumers and even activate the rented computer’s webcam. The installation of this software without customer consent violated California law. Read more »

    Intelligence Squared: Debate on constitutionality of mass collection of phone records

    Tuesday, October 14th, 2014

    A recent Intelligence Squared podcast debate included experts discussing whether the mass collection of phone records by the National Security Agency violates the Fourth Amendment. (This was a surveillance program revealed by former NSA contractor Edward Snowden. The program has faced considerable criticism from the public and federal legislators.) The experts are: Alex Abdo, Staff Attorney, ACLU Speech, Privacy and Technology Project; Elizabeth Wydra, Chief Counsel, Constitutional Accountability Center; Stewart Baker, former Assistant Secretary, Homeland Security & former General Counsel, NSA; and John Yoo, Professor of Law, UC Berkeley & former Justice Department lawyer. The moderator is John Donvan, Author & Correspondent for ABC News.

    Here’s the blurb on the podcast:

    Some say that the mass collection of U.S. phone records is a gross invasion of privacy. Others say that it is necessary to keep us safe. But what does the U.S. Constitution say? “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” Is collection of phone records a “search” or “seizure”? If so, is it “unreasonable”? Does it require a particularized warrant and probable cause? These are among the most consequential—and controversial—constitutional questions of our time.

    NPR: Holidays Bring A New Season For Credit Card Breaches

    Monday, October 13th, 2014

    NPR reports on credit card security breaches and the upcoming holiday season in the United States:

    Though cyber thieves have stolen millions of card numbers this year, shoppers are heading into the heavy-spending season with no new credit safeguards in place. [...]

    [Bryan Sartin, who heads a team of forensic computer techs for Verizon,] says data breaches happen all the time; In fact, only about a third of them are ever made public. In midtown Manhattan, that fact surprises many shoppers, like Alexandra Goodell. [...]

    [Jason Oxman, CEO of the Electronic Transaction Association] says the magnetic stripe worked fine until the ’90s. Then came personal computers, which could counterfeit hundreds of credit cards. Because the U.S. had a strong telecom network, retailers went to an online system to verify credit cards’ authenticity. Countries where the Internet wasn’t so great adopted so-called chip cards or smart cards. Read more »

    NSA Releases Second Transparency Report

    Thursday, October 9th, 2014

    The National Security Agency, which has faced considerable criticism from the public and lawmakers since revelations by former contractor Edward Snowden concerning the agency’s broad surveillance programs, recently released its second transparency report.

     The document focuses on the civil liberties and privacy protection practices of NSA in the course of targeted signals intelligence activities under Executive Order 12333. Fair Information Practice Principles (FIPPs), the widely accepted framework of defining principles used by federal agencies to evaluate how systems, processes, or programs impact individual privacy, were used as the basis for assesssment.

    The report details numerous efforts designed to protect civil liberties and privacy protections in six of the eight FIPPs (Purpose Specification; Data Minimization; Use Limitation; Data Quality and Integrity; Security; and Accountability and Auditing). These protections are underpinned by NSA’s enterprise activities, documented compliance program, and investments in people, training, tools and technology. Read more »

    Ars Technica: Adobe’s e-book reader sends your reading logs back to Adobe—in plain text

    Wednesday, October 8th, 2014

    Ars Technica reports on a privacy and security issue concerning ebooks and Adobe’s popular Digital Editions ebooks and PDF reader (which is used by many libraries):

    Adobe’s Digital Editions e-book and PDF reader—an application used by thousands of libraries to give patrons access to electronic lending libraries—actively logs and reports every document readers add to their local “library” along with what users do with those files. Even worse, the logs are transmitted over the Internet in the clear, allowing anyone who can monitor network traffic (such as the National Security Agency, Internet service providers and cable companies, or others sharing a public Wi-Fi network) to follow along over readers’ shoulders.

    Ars has independently verified the logging of e-reader activity with the use of a packet capture tool. The exposure of data was first discovered by Nate Hoffelder of The Digital Reader, who reported the issue to Adobe but received no reply. [...] Read more »