Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Technology’ Category

    SC Magazine: Automakers pen ‘privacy principles’ for in-car technology

    Friday, November 14th, 2014

    SC Magazine reports on a letter (pdf) that 19 automakers (part of the Alliance of Automobile Manufacturers and the Association of Global Automakers) sent to the Federal Trade Commission concerning in-car technology and principle of privacy for protecting drivers and passengers. The companies signing on to the principles are Aston Martin, BMW, Chrysler, Ferrari, Ford, General Motors, Honda, Hyundai, Kia, Maserati, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen and Volvo. SC reports:

    Two automaker groups, with representation from major manufacturers, like Ford Motor Company, BMW, Mercedes-Benz and Toyota, have penned a benchmark privacy document for protecting data collected through in-car technologies.  [...]

    In a letter to FTC Chairwoman Edith Ramirez, the groups’ CEOs Mitch Bainwol and John Bozzella said that the principles coincide with the associations’ existing commitments to the National Highway Traffic Safety Administration (NHTSA). In July, the groups agreed to establish an information sharing and analysis center (ISAC) for the auto industry, where information on “cyber-related threats and vulnerabilities in motor vehicle electronics or associated in-vehicle networks” could be communicated, the letter said. Read more »

    New York Times: Oops! Health Insurer Exposes Member Data

    Thursday, November 13th, 2014

    The New York Times reports that health insurance company Anthem Blue Cross sent e-mails to some customers that contained sensitive information in the subject lines:

    On Monday, in a similar error, some California residents received emails from their health insurer, Anthem Blue Cross, with personal details about them contained in the subject line.

    The text of the emails encouraged members to visit their doctors for checkups and to discuss certain medical screening tests. [...]

    But the emails’ subject lines included member-specific demographic details like age range and language. They also listed possible medical screening tests — marked “Y” for recommended tests and “N” for tests not listed in the email. [...] Read more »

    Electronic Frontier Foundation: ISPs Removing Their Customers’ Email Encryption

    Wednesday, November 12th, 2014

    The Electronic Frontier Foundation reports on disturbing research concerning Internet Service Providers and the privacy of their customers’ e-mail:

    Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the US and Thailand intercepting their customers’ data to strip a security flag—called STARTTLS—from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.

    By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco’s PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception. [...]

    It is important that ISPs immediately stop this unauthorized removal of their customers’ security measures. ISPs act as trusted gateways to the global Internet and it is a violation of that trust to intercept or modify client traffic, regardless of what protocol their customers are using. It is a double violation when such modification disables security measures their customers use to protect themselves.

    Campus Technology: Carnegie Mellon Gives Privacy Grade to Android Apps

    Wednesday, November 12th, 2014

    Campus Technology reports that researchers at Carnegie Mellon University have launched PrivacyGrade, a Web site that reviews mobile apps and how they gather data and affect user privacy:

    Google Maps gets an A. The free version of Angry Birds gets a C. And My ABCs by BabyBus gets a D. The letters assigned to each of these Android apps are grades, and while A is great, D means failure — in privacy, that is.

    Those grades and a million others were assigned through a scanning application that combines automated techniques with crowdsourcing to capture the behavior of an app and measure the gap that exists between how people expect the app to behave and how it actually behaves. [...] Read more »

    Opinion at Slate: Big Data and the Underground Railroad

    Tuesday, November 11th, 2014

    In a column at Slate, Alvaro M. Bedoya, the founding executive director of the Center on Privacy and Technology at Georgetown Law, writes about “big data” and what widespread data collection on individuals can mean for civil liberties:

    Most of the questions, however, focus on how our data should be used. There’s been far less attention to a growing effort to change how our data is collected.

    For years, efforts to protect privacy have focused on giving people the ability to choose what data is collected about them. Now, industry—with the support of some leaders in government—wants to shift that focus. Businesses say that in our data-saturated world, giving consumers meaningful control over data collection is next to impossible. They argue that we should ramp down efforts to give individuals control over the initial collection of their data, and instead let industry collect as much personal information as possible. Read more »

    City of Seattle launches digital privacy initiative

    Monday, November 10th, 2014

    The City of Seattle has announced “a citywide privacy initiative, aimed at providing greater transparency into the City’s data collection and use practices.”

    “In the course of doing business with the public, the City is collecting and exchanging increasing amounts of data,” said [Mayor Ed Murray (D)]. “As we continue to make innovative technology investments, we need to implement practices that support public trust in the security and privacy of personal information.” [...] Read more »