VA: New Details on Stolen Laptops (follow-up)
Friday, November 07 2008 @ 03:59 PM EST Contributed by: PrivacyNews
There is new information about those two stolen laptops that have sensitive, personal information about every registered voter in Charlottesville. Friday afternoon the city's electoral board is explaining why the laptops were left behind on election night. The head of Charlottesville's electoral board says its standard protocol to leave behind election equipment, just bring back the ballot data.
... As for liability, Charlottesville says it's not at fault. City spokesperson Ric Barrick says police told the city not to say anything about the theft because it was part of an ongoing investigation. Barrick also points to a "reasonable amount of time" clause as a defense as well.
Source - WVIR-TV
[From the article:
The city contends that the risk of identity theft is low. "They've got to get through three levels of passwords in order to even turn the computer on. [If the computer is turned off, where do they enter the passwords? Bob]
... Sincere adds that the laptops were set up so people could access the data only on Election Day. Information is still on the laptops, but it's not in any readable form.
... The city has claimed that everything on the computers was a public record and that no social security numbers are in the records. Half of that is true.
The laptops had voters' driver’s license numbers on them. Seven out of every 1,000 drivers Virginia still have their social security numbers as their driver’s license numbers. The DMV numbers are not public information available through voting lists or anywhere else, despite the city's claims.
Late Friday afternoon the state board of elections told us that the vendor supplying the polling software reviewed all 25,000 names in the Charlottesville lists scanning for social security numbers in the driver’s license field. They tell us none were found.
Boy oh boy, with a book review yesterday and these articles today you might mistake me for someone who reads! (You could catch stupid terrorists, smart ones have plenty of alternatives.)
Article: Run for the Border: Laptop Searches and the Fourth Amendment
Friday, November 07 2008 @ 08:11 AM EST Contributed by: PrivacyNews
Should customs officers be able to search laptop computers at the border in the same way they inspect suitcases and packages? This article argues that, in general, suspicionless border searches of laptops and other electronic storage devices are permissible under the Fourth Amendment. It begins by surveying the competing interests that are implicated by laptop searches at the border, including the government's need to combat terrorism and child exploitation, as well as travelers' interests in privacy and free expression. Next, the article discusses the Supreme Court's border-search doctrine. "Non-routine" border searches (e.g., invasive searches of the body) are subject to the reasonable-suspicion standard, but "routine" searches (e.g., searches of property) need not be based on any individualized suspicion at all. The article then considers how the border-search doctrine might apply to laptops. Lower courts generally hold that customs can inspect laptops without reasonable suspicion, and this consensus is largely correct. Laptops differ from other kinds of property: They contain a greater volume of material, the data they store is intensely personal, and digital searches can leave a permanent copy of the data in the government's hands. But those differences generally do not justify a special exception to the border-search doctrine. In fact, laptop searches have the potential to be less, not more, intrusive than traditional border inspections of physical objects. Finally, the article discusses possible legislative or administrative reforms that might better balance travelers' interests against the government's needs. It might be appropriate to protect laptop owners' privacy interests at the border, not through traditional "collection limits" (which restrict the government's ability to gather information in the first place), but with "use limits" (which restrict the government's ability to share or otherwise use the information it does gather).
Sales, Nathan Alexander, Run for the Border: Laptop Searches and the Fourth Amendment (October 6, 2008). George Mason Law & Economics Research Paper No. 08-58
Available at SSRN: http://ssrn.com/abstract=1279683, where you can download the full-text article for free.
Article: Privacy by Deletion: The Need for a Global Data Deletion Principle
Friday, November 07 2008 @ 08:15 AM EST Contributed by: PrivacyNews
With global personal information flows increasing, efforts have been made to develop principles to standardize data protection regulations. However, no set of principles has yet achieved universal adoption. This Note proposes a principle mandating that personal data be securely destroyed when it is no longer necessary for the purpose for which it was collected. Including a data deletion principle in future data protection standards will increase respect for individual autonomy and decrease the risk of abuse of personal data. Data deletion is already practiced by many data controllers, but including it in legal data protection mandates will further the goal of establishing an effective global data protection regime.
Keele, Benjamin J., Privacy by Deletion: The Need for a Global Data Deletion Principle (September 26, 2008). Indiana Journal of Global Legal Studies, Vol. 16, No. 1, 2009
Available at SSRN: http://ssrn.com/abstract=1262533, where you can download the full-text article for free.
Article: Facebook and the Social Dynamics of Privacy
Friday, November 07 2008 @ 08:22 AM EST Contributed by: PrivacyNews
This Article provides the first comprehensive analysis of the law and policy of privacy on social network sites, using Facebook as its principal example. It explains how Facebook users socialize on the site, why they misunderstand the risks involved, and how their privacy suffers as a result. Facebook offers a socially compelling platform that also facilitates peer-to-peer privacy violations: users harming each others' privacy interests. These two facts are inextricably linked; people use Facebook with the goal of sharing some information about themselves. Policymakers cannot make Facebook completely safe, but they can help people use it safely.
The Article makes this case by presenting a rich, factually grounded description of the social dynamics of privacy on Facebook. It then uses that description to evaluate a dozen possible policy interventions. Unhelpful interventions - such as mandatory data portability and bans on underage use - fail because they also fail to engage with key aspects of how and why people use social network sites. The potentially helpful interventions, on the other hand - such as a strengthened public-disclosure tort and a right to opt out completely - succeed because they do engage with these social dynamics.
Grimmelmann, James Taylor Lewis, Facebook and the Social Dynamics of Privacy (September 3, 2008). Iowa Law Review, Vol. 95, No. 4, May 2009
Available at SSRN: http://ssrn.com/abstract=1262822, where you can download the full-text article for free.
Now we're getting serious!
Pakistan Declares Death Penalty for 'Cyber Terror'
By Noah Shachtman November 07, 2008 6:22:19 PM
American officials can have some pretty over-the-top reactions to hackers and so-called cyber terrorists. Once, I saw a briefing comparing our own Kevin Poulsen to Osama bin Laden and Pablo Escobar -- seriously. But the U.S. has nothing on Pakistan, when it comes to cyber terror paranoia. Yesterday, Pakistani president Asif Ali Zardari signed a law making cyber terror a crime "punishable with death."
Executions will only be allowed if the hack attack "causes [the] death of any person," the Prevention of Electronic Crimes law states.
Cloud Computing's definition starts to firm up (and expand)
The future of the cloud
Posted by Dan Farber November 7, 2008 12:30 PM PST
... Warrior believes that cloud computing will evolve from private and stand-alone clouds to hybrid clouds, which allow movement of applications and services between clouds, and finally to a federated "intra-cloud."
... Warrior laid out the cloud-computing stack as having four layers: IT foundation, flexible infrastructure, platform as a service, and applications (software as a service).
... Dave Giroaurd, president of Google Enterprise, brought up the potential legal tangles of moving intellectual property between clouds. "It's an unclear area of the law as to who owns what," he said.
Extending the Digg Effect (AKA: Slashdotting) In short, when you can't access a web site because too many users tried to access it, this app automates the attempt to connect adding even more traffice for the site to handle. (The Internet equivalent of “Are we there yet?”)
MrUptime.Pingdom.com - Address The Digg Effect
The expression “Digg effect” refers to the unavailability of pages due to exceedingly-high amounts of traffic. This is a common occurrence when browsing through social sites or news resources that link to the hottest spots on the web. Pingdom is a company that realized that many people were missing on interesting contents because of this. With all the information that is available on the Web, it is a fact that people forget about articles they could not read, and just move on. Consequently, the company set to work on an application that has recently been launched.
This application goes by the name of Mr. Uptime. In general terms, what this browsing tool does is to try to reach a website in the background while you carry on browsing as usual. As soon as the website can be accessed, Mr. Uptime will notify you so that you can check it right away.
Mr. Uptime is presented as a Mozilla Firefox extension that can be easily procured and installed through the site. The system requirements are also included, along with a FAQ that provides guidance on bandwidth usage and related considerations.
Something for the Swiss Army File?
CellphoneMessageSender.com - SMS To Cell
Cell Phone Message Sender is a well-established company that provides a suite of free text messaging applications and services. These aim to allow users to send text messages from any computer to a cellphone at no cost. All the major carriers in the United States are supported, and carriers from all over the world are also taken into account.
The services on offer will also enable you to create groups for sending bulk messages, saving time and money in the process.
As it was already mentioned, these services are rendered free of charge, but paid accounts are also available. These will allow you to send more than 50 messages per month.
The corporate website includes a comprehensive FAQ guide that explains how the system works in minute detail, and account-related considerations are also duly dealt with.
Moreover, the site features a collection of wallpapers and other resources such as mobile themes and games. Also included is a reverse phone search tool that will let you find out who owns any cellphone in a practical way. [Everyone seems to include a surveillance/stalking option these days... Bob]
Not sure this is a “better Search Engine” but the little screenshots help you find that website you remember from last week but can't put a name to...
Middlespot.com - Where Search Meets Research
“Where search meets research” is the tagline of this new web-hosted service, an endeavour that will let you look up research materials in a straightforward manner, and present the results to you using a flexible interface.
Several screenshots are displayed when seeing results, and you can easily zoom in and out of the relevant pages. You can also save individual results to your own personal workpad for ulterior reference. Moreover, this personal workpad can be shared with any person you wish, so that sharing results is an easy task indeed.