Thursday, October 23, 2008

The world, she is a-changin'

http://www.pogowasright.org/article.php?story=20081023053244112

CDT Report: Browser Developers Compete on Privacy Controls

Thursday, October 23 2008 @ 05:32 AM EDT Contributed by: PrivacyNews

CDT released a report today showing that Internet browser developers are increasingly competing to offer better privacy controls. This new competitive focus on privacy represents a boon to consumers who can now base their Web surfing decisions on which browser best suits their personal privacy needs. The report reviews and compares the privacy tools available for the latest versions of Mozilla Firefox, Microsoft Internet Explorer, Google Chrome and Apple's Safari. The report compares the browsers in their offering of three key tools -- privacy mode, cookie controls and object controls – which can greatly reduce the amount of personal information users give up online and leave behind on their computers.

Source - Browser Privacy Features [PDF] October 22, 2008



Isn't Customs at DIA a “Port of Entry?”

http://www.pogowasright.org/article.php?story=200810221206594

ACLU Assails 100-Mile Border Zone as "Constitution-Free"

Wednesday, October 22 2008 @ 12:06 PM EDT Contributed by:PrivacyNews

Government agents should not have the right to stop and question Americans anywhere without suspicion within 100 miles of the border, the American Civil Liberties Union said Wednesday, pointing attention to the little known power of the federal government to set up immigration checkpoints far from the nation's border lines.

The government has long been able to search people entering and exiting the country without need to say why, which is known as the border search exception the the Fourth Amendment.

After 9/11, Congress gave the Department of Homeland Security the right to use some of its powers deeper within the country, and now DHS has set up at least 33 internal checkpoints where they stop people, question them and ask them to prove citizenship, according to the ACLU.

Source - Threat Level



Some progress is being made...

http://www.pogowasright.org/article.php?story=20081022120856704

GAO: Social Security Numbers Are Widely Available in Bulk and Online Records, but Changes to Enhance Security Are Occurring

Wednesday, October 22 2008 @ 12:08 PM EDT Contributed by:PrivacyNews

Summary:

Various public records in the United States contain Social Security numbers (SSN) and other personal identifying information that could be used to commit fraud and identity theft. For the purposes of this report, public records are generally defined as government agency-held records made available to the public in their entirety for inspection, such as property and court records. Although public records were traditionally accessed locally in county courthouses and government records centers, public record keepers in some states and localities have more recently been maintaining electronic images of their records. In electronic format, records can be made available through the Internet or easily transferred to other parties in bulk quantities. Although we previously reported on the types of public records that contain SSNs and access to those records, less is known about the extent to which public records containing personal identifying information such as SSNs are made available to private third parties through bulk sales. In light of these developments, you asked us to examine (1) to what extent, for what reasons, and to whom are public records that may contain SSNs available for bulk purchase and online, and (2) what measures have been taken to protect SSNs that may be contained in these records. To answer these questions, we collected and analyzed information from a variety of sources. Specifically, we conducted a survey of county record keepers on the extent and reasons for which they make records available in bulk or online, the types of records that they make available, and the types of entities (e.g., private businesses or individuals) that obtain their records. We focused on county record keepers because, in scoping our review, we determined that records with SSNs are most likely to be made available in bulk or online at the county level. We surveyed a sample of 247 counties--including the 97 largest counties by population and a random sample of 150 of the remaining counties, received responses from 89 percent, and used this information to generate national estimates to the extent possible. Our survey covered 45 states and the District of Columbia, excluding five states where recording of documents is not performed at the county level (Alaska, Connecticut, Hawaii, Rhode Island, and Vermont). We used the information gathered in this survey to calculate estimates about the entire population of county record keepers.

Many counties make public records that may contain Social Security numbers (SSNs) available in bulk to businesses and individuals in response to state open records laws, and also because private companies often request access to these records to support their business operations. Our sample allows us to estimate that 85 percent of the largest counties make records with full or partial SSNs available in bulk or online, 3 while smaller counties are less likely to do so (41 percent). According to county officials and businesses we interviewed, SSNs are generally found in certain types of records such as property liens and appear relatively infrequently. However, because millions of records are available, many SSNs may be displayed. Counties in our survey cited state laws as the primary reason for making records available, and requests from companies may also drive availability, as several told us they need bulk records to support their businesses models. Counties generally do not control how records are used. Of counties that make records available in bulk or online, only about 16 percent place any restrictions on the types of entities that can obtain these records. We found that title companies are the most frequent recipients of these records, but others such as mortgage companies and data resellers that collect and aggregate personal information often obtain records as well. Private companies we interviewed told us they obtain records to help them conduct their business, including using SSNs as a unique identifier. For example, a title company or data reseller may use the SSN to ensure that a lien is associated with the correct individual, given that many people have the same name. Information from these records may also be used by companies to build and maintain databases or resold to other businesses. Businesses we contacted told us they have various safeguards in place to secure information they obtain from public records, including computer systems that restrict employees' access to records. In some cases, information from these public records is sent overseas for processing, a practice referred to as offshoring. We were not able to determine the extent of offshoring, but both record keepers and large companies that obtain records in bulk told us that it is a common practice. In the course of our work, we found that public records data are commonly sent to at least two countries--India and the Philippines. State and local governments, as well as the federal government, are taking various actions to safeguard SSNs in public records, but these actions are a recent phenomenon. Based on our survey, we estimate that about 12 percent of counties have completed redacting or truncating SSNs that are in public records--that is, removing the full SSN from display or showing only part of it--and another 26 percent are in the process of doing so. Some are responding to state laws requiring redaction or truncation, but others have acted on their own based on concerns about the potential for identity theft. For example, California and Florida recently passed laws that require record keepers to truncate or redact SSNs in their publicly available documents, while one clerk in Texas told us that in response to public concern about the vulnerability of SSNs to misuse, the county is redacting SSNs from records on its own initiative. In recent years, 25 states have enacted some form of statutory restriction on displaying SSNs in public records. Some states have also enacted laws allowing individuals to request that their SSNs be removed from certain records such as military discharge papers.

Source - Full Report [pdf] (GAO-08-1009R, September 19, 2008)

Related - Social Security Numbers: Transfers and Sales of Public Records That May Contain Social Security Numbers (GAO-08-1004SP, September 2008), an E-supplement to GAO-08-1009R [pdf] (GAO-08-1004SP, September 19, 2008)


Related ...and that's good, because online ID Theft classes are a hot new area in education.

http://www.pogowasright.org/article.php?story=20081023053033603

Ore. inmate held ID-theft conference calls

Thursday, October 23 2008 @ 05:30 AM EDT Contributed by: PrivacyNews

Officials are blaming a staffing shortage for allowing an Oregon jail inmate to run an identity theft operation from behind bars.

The (Portland) Oregonian said Wednesday Shawn "Sammy Straight Razor" McGinnis allegedly used the Multnomah County jail's inmate phone system to arrange conference calls with people trading in personal information.

The alleged trading went on for nearly a year because the jail staff does not have enough deputies to listen in on inmate calls and only tapes them.

Source - UPI


Related But we seem to be in no great hurry. We've said we are serious, but we haven't said “We realy, realy mean it this time – honest injun!”

http://www.pogowasright.org/article.php?story=20081022153528859

FTC Will Grant Six-Month Delay of Enforcement of 'Red Flags' Rule Requiring Creditors and Financial Institutions to Have Identity Theft Prevention Programs

Wednesday, October 22 2008 @ 03:35 PM EDT Contributed by: PrivacyNews

The Federal Trade Commission will suspend enforcement of the new “Red Flags Rule” until May 1, 2009, to give creditors and financial institutions additional time in which to develop and implement written identity theft prevention programs. Today’s announcement and the release of an Enforcement Policy Statement do not affect other federal agencies’ enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance.

Source - FTC



Useful collection?

http://www.bespacific.com/mt/archives/019613.html

October 22, 2008

New on LLRX.com: A Compilation of Legal Problem-Solving Models

The Art of Written Persuasion: From IRAC to FAILSAFE - A Compilation of Legal Problem-Solving Models - Troy Simpson's third column focuses on "a process model of problem-solving that provides a useful framework, because it offers a systematic, non-random way of tackling problems."



I'm gonna live forever!

http://science.slashdot.org/article.pl?sid=08/10/22/2230223&from=rss

Researchers Developing Cancer-Fighting Beer

Posted by samzenpus on Wednesday October 22, @08:15PM from the drink-your-way-to-a-better-you dept. Medicine Science

CWmike writes

"Ever picked up a cold, frosty beer on a hot summer's day and thought that it simply couldn't get any better? Well, think again. A team of researchers at Rice University in Houston is working on helping Joe Six Pack fight aging and cancer with every swill of beer."

Thank you science! Now we just need cigarettes that cure baldness. [They said it, I didn't. Bob]

No comments: