Tuesday, October 16, 2007

America's first line of defense, and best source of bad examples.

http://www.pogowasright.org/article.php?story=2007101517205316

TSA Laptops With Personal Info Missing

Monday, October 15 2007 @ 05:20 PM EDT Contributed by: PrivacyNews News Section: Breaches

Two laptop computers with detailed personal information about commercial drivers across the country who transport hazardous materials are missing and considered stolen.

The laptops belong to a contractor working for the Transportation Security Administration and contain the names, addresses, birthdays, commercial driver's license numbers and, in some cases, Social Security numbers of 3,930 people, according to an Oct. 12 letter from TSA to lawmakers.

The contractor told TSA that the personal information was deleted from the computers before they were stolen, the letter stated. But after the second laptop was stolen, TSA investigators discovered that a person with data recovery skills [your average 12-year-old... Bob] could recover the personal information that the contractor deleted.

Source - Associated Press



I wonder what the contract says...

http://www.pogowasright.org/article.php?story=20071015192900534

Office of financial aid loses back up info

Monday, October 15 2007 @ 07:29 PM EDT Contributed by: PrivacyNews News Section: Breaches

Iron Mountain Incorporated has notified the Louisiana Office of Student Financial Assistance (LOSFA) that it lost back-up media belonging to LOSFA on September 19, 2007.

... The lost media includes some personal information on individuals participating in, or considered for participation in, programs administered by LOSFA. The data is compressed and requires special software, specific computer equipment and sophisticated computer skills to access it.

Source - KATC



Terminated!

http://www.pogowasright.org/article.php?story=20071015100858879

Governor Kills California Data Protection Law

Monday, October 15 2007 @ 10:08 AM EDT Contributed by: PrivacyNews News Section: State/Local Govt.

California Gov. Arnold Schwarzenegger on Oct. 13 vetoed—and effectively killed—one of the nation's most stringent proposed e-tail data breach security laws, saying that the bill would have "driven up the costs of compliance, particularly for small businesses."

The proposed California law—AB 779—would have required retailers to protect data in a manner more demanding than the current PCI DSS (Payment Card Industry Data Security Standard) requires.

Source - eWeek



Will this help put a value on personal information?

http://www.pogowasright.org/article.php?story=20071015103247942

Customer is entitled to damages after CVS adds name to mailing

Monday, October 15 2007 @ 10:32 AM EDT Contributed by: PrivacyNews News Section: In the Courts

A CVS customer whose name and address were taken from a prescription list and used as part of a mailing campaign without his permission was entitled to damages where the pharmacy failed to notify him that it was profiting from the arrangement, a Superior Court judge has found.

The defendant CVS argued it had not engaged in any unfair or deceptive act where it had not disclosed any of the customer's privileged medical information and had included an explanation in the letter that the mailing was funded by a co-defendant pharmaceutical company.

Source - Massachusetts Lawyer Weekly

The 32-page decision is Kelley v. CVS Pharmacy, Inc., et al., Lawyers Weekly No. 12-278-07



One guidebook. Perhaps a basis for more comprehensive guidelines?

http://yro.slashdot.org/article.pl?sid=07/10/16/011219&from=rss

Inside Comcast's Surveillance Policies

Posted by kdawson on Monday October 15, @11:24PM from the cost-you-a-pretty-penny dept. Privacy

Monk writes "The Federation of American Scientists has obtained a recently disclosed Comcast Handbook for Law Enforcement which details its policies for divulging its customers' personal information. (Here's the handbook itself in PDF form.) All of Comcast's policies seem to follow the letter of the law, and seem to weigh customer privacy with law enforcement's requests. This is in apparent contrast to AT&T and a number of other telecommunication companies, which have been only too happy to give over subscriber records. According to the handbook, Comcast keeps logs for up to 180 days on IP address allocation, and they do not keep all of your e-mails forever (45 days at most). VoIP phone records are stored for 2 years, and cable records can only be retrieved upon a court order. The document even details how much it costs law enforcement to get access to personal data (data for child exploitation cases is free of charge)."


The initial take was that these were good...

http://www.pogowasright.org/article.php?story=20071015124531910

Proposed global privacy standard is too vague and too weak, says expert

Monday, October 15 2007 @ 12:45 PM EDT Contributed by: PrivacyNews News Section: Internet & Computers

Last month Google's Global Privacy Counsel Peter Fleischer endorsed the Privacy Framework published by the Asia-Pacific Economic Community (APEC) in 2005, describing it as "the most promising foundation on which to build."

"Surely, if privacy principles can be agreed upon within the 21 APEC member economies, a similar set of principles could be applied on a global scale," wrote Peter Fleischer in the search giant's Public Policy Blog.

But privacy expert Dr Chris Pounder of Pinsent Masons, the law firm behind OUT-LAW.COM, has analysed the APEC rules and found that they are not only significantly more lax than those in operation in Europe, they are so broadly defined that they cannot operate as a standard at all.

Source - Out-Law.com



Any guidelines here?

http://www.bespacific.com/mt/archives/016268.html

October 15, 2007

New Report Highlights Available Technologies Being Adapted for Homeland Security

Press release: "Innovations being developed for commercial use also have the potential to play a major role in protecting the country and improving our ability to respond to and quickly recover from a catastrophic event, according to a new report from the nonpartisan Reform Institute. From the Storefront to the Front Lines: The Private Sector and Homeland Security Investment (28 pages, PDF) examines commercial technologies that are currently being utilized in the homeland security arena." [Homeland Security Digital Library]



Where the data goes...

http://www.bespacific.com/mt/archives/016269.html

October 15, 2007

Annual Report to Congress on the Information Sharing Environment

Annual Report to Congress on the Information Sharing Environment, Department of Homeland Security's Information Sharing Environment, submitted by Ambassador Thomas E. McNamara, Program Manager for the Information Sharing Environment, September 2007 (44 pages, PDF).



Apparently they don't teach Constitutional Law at this school.

http://www.law.com/jsp/article.jsp?id=1192093405994

Law Student Faces Disciplinary Action Over Facebook Photo of Pat Robertson

Larry O'Dell The Associated Press October 12, 2007

A Regent University law student says school officials have threatened to discipline him for posting an unflattering photo of founder Pat Robertson on his Facebook page.

Adam M. Key, 23, posted a picture of Regent's founder and president making what appears to be an obscene gesture on the social networking Web site. Key copied it from a YouTube video in which Robertson scratches his face with his middle finger.

The second-year law student said officials at the private Christian university in Virginia Beach, Va., demanded that he either publicly apologize and withhold public comment about the matter, or submit to the law school dean a legal brief defending the posting. Key chose the latter, arguing that his posting was satire protected under the First Amendment. [Of course, it is also FACT... Bob]



Food for thought?

http://digg.com/business_finance/Email_becomes_the_electronic_equivalent_of_DNA_evidence

Email becomes the electronic equivalent of DNA evidence

IDC reports that companies will dump over $21.8 billion dollars into legal research data mining and litigation-support infrastructure services by 2010. Employees emails are being used in court more and more. ISPs are being forced to log emails, IMs and more. Warrants are not required to obtain most of this information. Enter the new DNA evidence.

http://businessshrink.biz/psychologyofbusiness/2007/10/15/email-becomes-the-electronic-equivalent-of-dna-evidence/



Is this another case of “Our software doesn't work like we promise, so let's blame someone else?”

http://www.siliconvalley.com/news/ci_7185042?nclick_check=1

Judge bars sale of software that lets brokers snag prime event tickets

Associated Press Article Launched: 10/15/2007 01:27:34 PM PDT

NEW YORK - A federal judge ordered RMG Technologies on Monday to stop selling software that lets users flood the Ticketmaster Web site with requests and snap up tickets in bulk, beating the humans who log in manually to buy tickets.

"We will not allow others to illegally divert tickets away from fans," Ticketmaster Chief Executive Sean Moriarty said in a statement. Ticketmaster is a leading seller of concert and sporting event tickets.

No comments: