Saturday, October 27, 2007

100 down, 93,999,900 to go!

http://www.pogowasright.org/article.php?story=20071026225248972

Ann Arbor Police hit the 'mother lode' in identity theft case

Friday, October 26 2007 @ 10:52 PM EDT Contributed by: PrivacyNews News Section: Breaches

In the largest local identity theft probe in recent memory, Ann Arbor Police arrested a man accused of posing as at least a dozen people to bilk banks across the country out of thousands of dollars.

Matthew Kent Ii, 38, was arraigned Thursday on 16 felony counts that included operating a criminal enterprise, punishable by up to 20 years in prison. Matthew Kent Ii.

... The files contained names, dates of birth, Social Security numbers, home addresses and even phone numbers of more than 100 people - other potential identity theft victims from around the country, said Detective Laura Burke.

Source - mLive

[From the article:

... Last year, Pilon discovered that five financial institutions had issued fraudulent credit cards to the same Ann Arbor address [at some point, this information should have been cross-checked. Bob] occupied by two University of Michigan students. The students were cleared by investigators, who found a stack of unopened mail containing credit cards the students believed were intended for a previous resident.

... Several more banks reported that fraudulent credit cards were sent to Ann Arbor addresses within the same apartment complex and a complex nearby.

Using a federal database, ['cause the phone book is too unreliable... Bob] investigators learned Ii lived in the complexes and built enough evidence to obtain a search warrant, Burke said.



For my Security Management class. This suggest that there might be a lot more data spills (of a typr that does not require disclosure) Question: If the IT Forensics guys work for the lawyers, are they covered by privilege?

http://www.darkreading.com/document.asp?doc_id=137438&f_src=darkreading_gnews

What Not to Do After a Security Breach

Expert familiar with TD Ameritrade, TJX cases discusses the mistakes enterprises often make following a breach

OCTOBER 26, 2007 | 4:00 PM By Kelly Jackson Higgins Senior Editor, Dark Reading

Step number one after a security breach: Don't immediately bring in the outside forensics team --- get your attorney up to speed on the attack first. And don't assume just because you had a break-in that you have to disclose it publicly -- it all depends on whether data covered under regulatory mandates was exposed.



It still comes down to proving damages...)

http://www.pogowasright.org/article.php?story=20071026095353250

Ca: Case Report - Court articulates framework for privacy tort

Friday, October 26 2007 @ 09:53 AM EDT Contributed by: PrivacyNews News Section: Non-U.S. News

Although there have been previous cases that have recognized the common law tort of invasion of privacy in Ontario and a few recent cases in which Ontario courts have made strong statements in refusing to strike claims based on the tort, the confines of the tort have not yet been clearly articulated. On September 21st, Deputy Judge Criger issued a small claims court judgement in which she articulated a form of test that balances an individual’s expectation of privacy in personal information against any countervailing interests in the information’s collection use and disclosure.

Source - All About Information (blog)

[From the article:

Here is her six-part test:

  1. Is the information acquired, collected, disclosed or published of a kind that a reasonable person would consider private?

  2. Has the Plaintiff consented to acquisition or collection of the information?

  3. If not, has the information been acquired or collected for a legal process or public interest reason? If so, what is that reason?

  4. Has the Plaintiff consented to disclosure or publication of the information?

  5. If not, has the information been disclosed or published for a legal process or public interest reason? If so, what is that reason?

  6. Is the legal process or public interest reason put forward for acquisition, collection, disclosure or publication one that a reasonable person would consider outweighs the interest of the individual in keeping the information private?



Inevitable, but not welcome...

http://www.technewsworld.com/rsstory/60025.html

The University's Role in Advancing Data Encryption, Part 1

By Andrew K. Burger TechNewsWorld 10/27/07 1:30 AM PT

"Much like Moore's Law, PGP has seen huge advances in encryption technologies over the years -- specifically the ability for encryption to work faster and easier in a network while still being transparent to the end user," said PGP spokesperson Tom Rice. Excellent encryption research is being carried out at a number of major universities, though it's still at a nascent stage.

Technological advances are making adoption of network and data encryption more practical than ever, spurring its use in enterprises. Sixty-six percent of respondents to a Ponemon Institute survey said they were hatching strategic plans to meet their organizations' encryption needs, and 16 percent of them already had enterprise-wide encryption strategies in place.



Start with the ones that are hard to argue with, then extend the program to children (who don't get a choice) then eventually we can force everyone to have them installed at birth!

http://yro.slashdot.org/article.pl?sid=07/10/27/0621254&from=rss

Technology as Tattletale

Posted by Zonk on Saturday October 27, @05:15AM from the spy-in-your-belt-buckle dept.

The New York Times is carrying an article noting the increasing presence of location-sensing technologies in our lives. It discusses several applications of the technology like tracking stolen cash from a bank, or making sure a teenage son follows the rules. The article also notes that these ultra-high resolution GPS trackers can allow freedom as much as restrict it:

"Project Lifesaver, a nonprofit group in Chesapeake, Va., fits Alzheimer's patients and autistic children with radio frequency beacons disguised as bracelets, which help emergency responders find them if they are lost. Next spring the group will introduce new bracelets, created by Locator Systems, a British Columbia company, that combine radio signals with G.P.S. and cellular communications. That should allow caregivers to establish a zone where patients can safely wander, said Jim McIntosh, the company's chief executive. If patients wander off, emergency crews could receive more specific information."



“We're number 168! We're number 168!” (US moves up to #48!)

http://www.bespacific.com/mt/archives/016361.html

October 26, 2007

2007 World Press Freedom Index

Press release: "Eritrea has replaced North Korea in last place in an index measuring the level of press freedom in 169 countries throughout the world that is published today by Reporters Without Borders for the sixth year running...Outside Europe - in which the top 14 countries are located - no region of the world has been spared censorship or violence towards journalists. Of the 20 countries at the bottom of the index, seven are Asian (Pakistan, Sri Lanka, Laos, Vietnam, China, Burma, and North Korea), five are African (Ethiopia, Equatorial Guinea, Libya, Somalia and Eritrea), four are in the Middle East (Syria, Iraq, Palestinian Territories and Iran), three are former Soviet republics (Belarus, Uzbekistan and Turkmenistan) and one is in the Americas (Cuba)."


Related: How the press is “handled” in a democracy. Politicians and bureaucrats can't stand reporters – but this may be a bit over the top. “Hey! You'll never know what you can get away with unless you try!”

http://yro.slashdot.org/article.pl?sid=07/10/27/067235&from=rss

FEMA Sorry for Faking News Briefing

Posted by Zonk on Saturday October 27, @03:25AM from the if-you-want-a-job-done-right-do-it-yourself dept. United States Censorship The Media Politics

theodp writes "The Federal Emergency Management Agency's No. 2 official apologized Friday for leading a staged news conference Tuesday in which FEMA employees posed as reporters. All the while, real reporters listened on a telephone conference line and were barred from asking questions. In the briefing, Vice Adm. Harvey E. Johnson Jr., FEMA's deputy administrator, called on questioners who did not disclose that they were FEMA employees, and gave replies emphasizing that his agency's response to this week's California wildfires was far better than its response to Hurricane Katrina in August 2005."


Another helpful government agency?

http://digg.com/politics/TSA_Breaks_Your_Laptop_Threatens_You_With_Arrest

"TSA Breaks Your Laptop, Threatens You With Arrest"

"Reader Jake says a TSA agent dropped his laptop, smashing it in several places, then threatened him with arrest when he asked about filing a damage claim."

http://consumerist.com/consumer/jerks-with-authority/tsa-breaks-your-laptop-threatens-you-with-arrest-315478.php

No comments: