International Data Privacy Day is Sunday. There are a variety of events occurring this week to celebrate. Visit the official site to find events near your area. Take the time to think about how privacy is important in your life and how you can protect your rights from being infringed upon. Please also donate to any number of organizations out there trying to protect your privacy rights.
Archive for the ‘International’ Category
Decades ago, China began a system of online surveillance and censorship that was nicknamed “the Great Firewall of China.” Now, that firewall is getting stronger, and there is also an increase in broader surveillance of the public, and the surveillance is becoming more focused, so a particular individual could be targeted.
China has long had a vast camera surveillance, or CCTV, system throughout the country and it includes face-recognition technology. In June, the Wall Street Journal reported that Industry researcher IHS Markit estimated “China has 176 million surveillance cameras in public and private hands, and it forecasts the nation will install about 450 million new ones by 2020. The U.S., by comparison, has about 50 million.” And the Chinese government is using pairing the CCTV surveillance systems with biometric technology “on streets, in subway stations, at airports and at border crossings in a vast experiment in social engineering. Their goal: to influence behavior and identify lawbreakers.”
The system is powerful. BBC News recently reported that, in a test, it took China’s surveillance system seven minutes to locate and apprehend one of its reporters. Notably, China’s CCTV system isn’t the only one to integrate face-recognition technology in order to better target individuals. Read more »
Today is Giving Tuesday, and here are a few consumer, privacy, and civil liberty groups that could use donations to continue to fight for your rights: ACLU national (or give to your local chapter), Center for Digital Democracy, Consumers Union, Electronic Frontier Foundation, Electronic Privacy Information Center, Privacy International, and the World Privacy Forum.
For years, companies and institutions have been using “anonymization” or “deidentification” techniques and processes to release data concerning individuals, saying that the techniques will protect personal privacy and preclude the sensitive information from being linked back to an individual. Yet we have seen time and again that these processes haven’t worked.
For almost two decades, researchers have told us that anonymization of private information has significant problems, and individuals can be re-identified and have their privacy breached. (I wrote a blog post last year detailing some of the research concerning re-identificaiton of anonymized data sets.)
Recently, Australian Attorney General George Brandis announced that he would seek to amend the country’s Privacy Act to “create a new criminal offence of re-identifying de-identified government data. It will also be an offence to counsel, procure, facilitate, or encourage anyone to do this, and to publish or communicate any re-identified dataset.”
According to the Guardian, the “impetus” for this announcement was a recent privacy problem with deidentified Medicare data, a problem uncovered by researchers. “A copy of an article published by the researchers outlines how every single Medicare data code was able to be reidentified by linking the dataset with other available information,” the Guardian reported. Read more »
As the costs of the technologies fall, biometric identification tools — such as fingerprint, iris or voice-recognition scanners — are increasingly being used in everyday life. There are significant privacy questions that arise as biometric data is collected and used, sometimes without the knowledge or consent of the individuals being scanned.
Biometrics use has become more commonplace. Many smartphones, including iPhones, have fingerprint “touch” ID scanners that people can use instead of numeric passcodes. And law enforcement personnel have been using fingerprint scanners for years, both domestically and internationally. In the past few years, we’ve see banks capturing customers’ voice prints in order, the institutions say, to fight fraud. Or gyms asking members to identify themselves using their fingerprints. Reuters recently reported that companies are seeking to expand fingerprint-identification systems to credit cards and railway commuters.
And the voluntariness of a person submitting his or her biometric has also been questioned. Do you realize when you’re calling your bank that you’re handing over your voice print? Another situation a few years ago in Washington, D.C., also raised at the issue of voluntariness. The District considered requiring that all visitors to its jail “have their fingerprints scanned and checked against law enforcement databases for outstanding warrants.” So if you wanted to visit a friend or relative who was in the D.C. jail, you would have to volunteer to submit your biometric data. The plan was dropped after strong criticism from the public and civil rights groups.
Your biometric data can be gathered for any number of innocuous reasons. For example, I had to submit my fingerprints to obtain my law license, not because of a crime. Family members, roommates and business colleagues of crime victims have submitted fingerprints in order to rule out “innocent” fingerprints at a crime scene in a home or workplace. Some “trusted traveler” airport programs gather iris scans. Some companies use iris-recognition technology for their security systems. Read more »
Recently, President Obama released a package of cybersecurity reform proposals. Along with these proposals, Obama also unveiled a new executive order: “Establishment of the Federal Privacy Council.” The council will be composed of senior privacy officials from at least 24 federal agencies, including Cabinet-level departments and NASA and the Office of Personnel Management, and “may also include other officials from agencies and offices, as the Chair may designate.”
The new council is tasked with developing, coordinating and sharing ideas and best practices for federal programs to protect privacy and implement “appropriate privacy safeguards” throughout the administration.
Although the council’s mission is important, this move seems incomplete. First, such a concerted effort to improve privacy protections throughout the federal government should have begun years ago. If privacy and security protections for sensitive personal data had been prioritized, there might not have been the problems caused by the hacker attack last year against the Office of Personnel Management, which did not use encryption or other such security technology to protect the information (including fingerprints) of the millions of current and former federal employees affected. Read more »