Security in school has increasingly included surveillance of schools. Previously, we discussed some schools using RFID-enabled school uniforms or cards to track students. There’s also been discussion of the use of video surveillance systems, also called CCTV for closed-circuit television, in schools. As the installation of such surveillance systems in K-12 grades and colleges and universities became widespread, officials said the systems were for improved security and to be used by school security or police. But video surveillance has begun spreading beyond security in some schools.

Several years ago, ten schools in the United Kingdom began using facial-recognition camera surveillance systems to make sure students “have turned up, records whether they were on time or late and keeps an accurate roll call,” reported the Daily Mail. And earlier this year, India’s capital of Delhi announced that it “said CCTV will be installed in all government schools within three months” and “Parents in India’s capital will soon be able to watch their children in the classroom in real time, using a mobile phone app,” reported BBC News. (And several schools in India have used RFID technology to track students, including for attendance logs.)

But an even more intimate use of camera surveillance in classrooms is being used in China. People’s Daily Online reports:

The “intelligent classroom behavior management system” used at Hangzhou No. 11 High School incorporates a facial recognition camera that scans the classroom every 30 seconds. The camera is designed to log six types of behaviors by the students: reading, writing, hand raising, standing up, listening to the teacher, and leaning on the desk. It also records the facial expressions of the students and logs whether they look happy, upset, angry, fearful or disgusted.

Read more »

We’ve discussed before the many ways that companies have been monitoring their employees. They’re using key-logging technology to monitor workers’ keystrokes and Internet-tracking software to log the sites that employees visit. Or tracking workers using GPS technology. More workplaces are using employee badges that have microphones and sensors for tracking individuals’ movements. Now, there’s a move toward a more invasive way to track employees: By implanting microchips in workers.

Wisconsin technology company Three Square Market announced that it is “offering implanted chip technology to all of their employees. … Employees will be implanted with a RFID chip allowing them to make purchases in their break room micro market, open doors, login to computers, use the copy machine, etc.” The company continued: “The chip implant uses near-field communications (NFC); the same technology used in contactless credit cards and mobile payments. A chip is implanted between the thumb and forefinger underneath the skin within seconds.” Read more »

There have been myriad data breaches and security problems recently with private and public sector systems. As more sensitive data is passed through more hands — corporate and government — there needs to be an emphasis on security.

Although the Consumer Financial Protection Bureau is focused on financial data, its call for privacy protections to be built into systems from the beginning is valuable for all sectors. In the case of the CFPB, it has set out guiding principles of data privacy and security for the creation of new payment systems.

These new systems are aimed at reducing “pocket-to-pocket” payment times between consumers and businesses or other entities. The CFPB wants to ensure any new payment systems are secure, transparent, accessible, and affordable to consumers. The systems should also have robust protections when it comes to fraud and error resolution. […]

The CFPB wants to ensure that consumer protections are at the forefront as new and improved payment systems are developed. The protections recommended in today’s Consumer Protection Principles relate to privacy, transparency, costs, security, and consumer control. They also relate to funds availability, fraud and error resolution protections, and payment system accessibility. Read more »

Forbes reports that a man has found that E-ZPasses, which are used to pay tolls on highways and bridges, can be read far from toll booths and used to track individuals’ locations. Privacy questions surrounding the use of E-ZPasses and other RFID-enabled toll-payment technology have been raised before, including the question of retention and sale of the data. In 2010, California Gov. Arnold Schwarzenegger signed SB1268 (pdf), which affects consumer privacy. The bill’s digest explains, “This bill would prohibit a transportation agency, as defined, from selling or providing personally identifiable information of a person obtained” through that person’s use of an electronic toll payment system. The law, which went into effect on Jan. 1, 2011, also requires agencies to purge the data when it is no longer needed for billing or law enforcement purposes.

Forbes reports that a man going by the name “Puking Monkey” decided to “hack[] his RFID-enabled E-ZPass to set off a light and a ‘moo cow’ every time it was being read. Then he drove around New York. His tag got milked multiple times on the short drive from Times Square to Madison Square Garden in mid-town Manhattan … and also on his way out of New York through Lincoln Tunnel, again in a place with no toll plaza.” Read more »

The Washington Post’s Navigator column discusses ways that individuals can protect themselves from identity theft when they’re traveling:

One of the latest threats against travelers is invisible and silent: wireless attacks that siphon your credit card number, personal information and passwords. Anything with a radio-frequency identification (RFID) chip, including your passport or a credit card, can be read from afar. Thieves can also mine valuable data from your smartphone when it automatically logs on to a WiFi network.

Fortunately, there are a few simple ways to thwart these wireless assaults, including new luggage products and common-sense steps that protect your devices and credit cards. […] Read more »

The Federal Trade Commission announced that it will conduct a workshop on November 21, 2013, on the privacy and security implications of the “Internet of Things,” which is a computerized network of physical objects. In IoT, sensors and data storage devices embedded in objects interact with Web services. (For more on privacy and the IoT, see a Center for Democracy and Technology report that I consulted on and contributed to, “Building the Digital Out-Of-Home Privacy Infrastructure.”) The FTC is seeking public comments. It said:

The staff of the Federal Trade Commission is interested in the consumer privacy and security issues posed by the growing connectivity of consumer devices, such as cars, appliances, and medical devices, and invites comments on these issues in advance of a public workshop to be held on November 21, 2013 in Washington, D.C.

The ability of everyday devices to communicate with each other and with people is becoming more prevalent and often is referred to as “The Internet of Things.”  […]

Connected devices can communicate with consumers, transmit data back to companies, and compile data for third parties such as researchers, health care providers, or even other consumers, who can measure how their product usage compares with that of their neighbors.  The devices can provide important benefits to consumers:  they can handle tasks on a consumer’s behalf, improve efficiency, and enable consumers to control elements of their home or work environment from a distance. At the same time, the data collection and sharing that smart devices and greater connectivity enable pose privacy and security risks.  Read more »