Centennial Man

Thursday, March 27, 2008

There seems to be little news on the Hannaford breach. Perhaps it has become to commonplace?

http://www.pogowasright.org/article.php?story=20080326114237134

Banks saddled with costs to replace compromised cards

Wednesday, March 26 2008 @ 11:42 AM EDT Contributed by: PrivacyNews News Section: Breaches

The multi-million dollar tab for replacing credit and debit cards that were compromised by the Hannaford Brothers security breach will likely be borne by banks and credit unions that issued the cards.

The Maine-based supermarket chain says it fulfilled its responsibility by identifying and fixing the breach and notifying customers, credit card companies and financial institutions.

Source - WPRI.com

What is an appropriate fine?

http://www.pogowasright.org/article.php?story=20080326175603192

CVS, Texas Settle Over Record Dumping

Wednesday, March 26 2008 @ 05:56 PM EDT Contributed by: PrivacyNews News Section: Breaches

Caremark Corp. will overhaul its information security system and pay the state of Texas $315,000 to settle a lawsuit that accused the drugstore operator of dumping credit card numbers, medical information and other material from more than 1,000 customers into a garbage container.

[…] Records allegedly dumped by employees behind the store included credit and debit card numbers and prescription forms that contained customers’ names, addresses, dates of birth and types of medications, Abbott has said.

CVS’s revamped information security program must have administrative, technical and physical safeguards designed to protect the personal information of customers. It also must create a training program to inform new hires of its enhanced security procedures and conduct unannounced compliance checks at some stores, among other measures.

Source - Houston Chronicle

[From the article:

On Monday, the company said it expects full-year revenue of more than $85 billion.

I doubt there is a high percentage of credit card owners in this database. Perhaps the plan is to overwhelm the banks with credit applications?

http://www.pogowasright.org/article.php?story=20080326103745475

Privacy breach: Russians exposed on internet

Wednesday, March 26 2008 @ 10:37 AM EDT Contributed by: PrivacyNews News Section: Breaches

Millions of Russians and other CIS citizens have had their private details placed on the internet, in what many say is a massive breach of human rights.

It’s not clear who’s behind the internet site, as the authors have carefully hidden their identity. The site is registered to an apparent false name in California and the server is located in the U.S. city of Saint-Lewis.

For many years secret databases from the Interior Ministry, road police and phone operators have been available on the Russian black market.

Source - Russia Today

When you understand that technologies will converge (global positioning systems, auto “black box” and insurance databases) this should be obvious. Still available for patent: Speeding; failure to slow in a school zone, rolling through a stop sign, failure to signal a turn... Probably the entire list of possible traffic violations.

http://techdirt.com/articles/20080313/221036.shtml

IBM Patents Real-Time Auto Insurance Surcharges

from the fair's-fair dept

theodp writes "Better think twice before volunteering to tutor underprivileged kids or delivering Christmas gifts to homeless children. Thanks to IBM, you could be rewarded with a hefty car insurance premium increase for your efforts. A new patent was issued to Big Blue last Tuesday for its 'invention' of the Location-Based Vehicle Risk Assessment System, which describes how surcharges will be added to your auto insurance premium when a GPS device reports that you drove into an area in IBM's bad neighborhood database (stay too long and your car is disabled). It's all about assigning insurance costs more appropriately, explains Big Blue, which used the same argument to justify punishing employees for having fat kids."

Sometimes I forget that there are states who don't require notification...

http://www.pogowasright.org/article.php?story=20080326230640656

Man sentenced for theft of drive with 1 million bank records

Wednesday, March 26 2008 @ 11:08 PM EDT
Contributed by: PrivacyNews
News Section: Breaches

The following refers to the story we reported here on Mar. 23. Computerworld now adds that Real stole a hard drive containing the database, and that not everyone who had account info on the drive was notified of the theft....

A former programmer at Birmingham, Ala.-based Compass Bank who stole a hard drive containing one million customer records and used some of that information to commit debit-card fraud was sentenced last week to 42 months in prison by an Alabama District Court judge.

Source - Computerworld

[From the article:

The Compass Bank compromise is one of the largest bank-related breaches yet revealed, in terms of the number of customer records that were potentially exposed. The incident, however, appears to have surfaced for the first time only after the Birmingham News carried a story on the sentencing last week.

... As a result, apart from the 250 or so individuals from whose accounts Real fraudulently withdrew money, no other customers were notified of the incident, Bilek said.

Interesting, but this seems a bit “off.” Is it required that government agencies “spin” their programs? Isn't it a bit disingenuous to say that Real ID is under the control of individual states when the Feds dictate the information/evidence states must gather and states must share that information (How else could a Real ID be the basis for access to (federal) government buildings and services?)

http://www.pogowasright.org/article.php?story=20080326181625573

Setting the Record Straight on REAL ID -- Part II Privacy

Wednesday, March 26 2008 @ 06:16 PM EDT Contributed by: PrivacyNews News Section: REAL ID

Is REAL ID a threat to privacy? There are critics who will say so. But, these same critics can’t and won’t tell you precisely how REAL ID threatens privacy. There’s a reason for that. They have no evidence. The facts are that REAL ID will actually increase privacy protections for Americans, and in several concrete ways.

Source - Dept. of Homeland Security

If the government is looking at every transaction, is there a market for off-shore, Internet based, financial institutions that don't share information?

http://www.pogowasright.org/article.php?story=20080326115958914

Bob Barr: Every bank transaction triggers snooping

Wednesday, March 26 2008 @ 11:59 AM EDT Contributed by: PrivacyNews News Section: Businesses & Privacy

I am not an Eliot Spitzer fan. The now-former New York governor and I have disagreed privately and publicly on any number of issues, mostly involving questions of prosecutorial abuse. Still, I have great concern with the manner in which his fall from grace was orchestrated, and with the federal laws and regulations on which it was based. The sad saga of Spitzer should concern every American, or at least all those who maintain accounts at any financial institution or who engage in any form of electronic financial transactions.

The web of snooping in which federal investigators and regulators are now able to ensnare any person who engages in any form of financial transaction has become so complex and pervasive that almost no person anywhere in the world can escape its clutches.

Source - AJC

“Well it seemed like a good idea right up until the time all those citizens pointed out to our crack law firm that it was probably illegal. We've decided to go without security until we can think of something else to do...”

http://www.pogowasright.org/article.php?story=20080326130744594

BAA AXES T5 FINGERPRINTING PLAN

Wednesday, March 26 2008 @ 01:07 PM EDT Contributed by: PrivacyNews News Section: Non-U.S. News

Airport operator BAA will not be taking fingerprints of passengers using Heathrow's £4.3 billion Terminal 5 (T5) following doubts over the legality of such a move.

BAA had hoped to fingerprint T5 domestic-flight passengers and international passengers transferring on to domestic flights at the west London airport from the start of business at the new terminal on Thursday.

But the Information Commissioner's Office was concerned the fingerprinting could breach the Data Protection Act.

Source - Daily Express

When you have a technology that is “harmless,” there is a tendency to use it more frequently. (The Brits studied the use of “rubber bullets” in Northern Ireland and found an increase in serious injury.)

http://www.chroniclejournal.com/stories_national.php?id=99485

RCMP boss orders second look at Taser forms after critics slam secrecy

By Sue Bailey And Jim Bronskill, THE CANADIAN PRESS Wednesday, March 26, 2008

OTTAWA - The RCMP, stung by criticism over secrecy, is rethinking its decision to strip Taser reports of crucial information after the public safety minister demanded a second look.

... The force no longer reveals whether Tasered people were armed or not, the precise dates of firings, and whether the device caused any burns, cuts or bruises.

... The Mounties said they correctly withheld information on the forms under provisions of the information law related to personal privacy and police investigations.

Tremblay had no comment when asked if the RCMP broke the law by previously releasing details that it now insists must be protected.

A Canadian Press analysis last November of 563 cases between 2002 and 2005 found three in four suspects Tasered by the RCMP were unarmed.

Technology diffusion. Once the exclusive tools of the military, coming soon to a neighborhood near you! (It sure looks interesting. Ducted fan, so it shows no rotor blades and no wings.)

http://tech.slashdot.org/article.pl?sid=08/03/26/178204&from=rss

Aerial Drones To Help Cops In Miami

Posted by Zonk on Wednesday March 26, @01:23PM from the now-we-just-need-a-good-rigger dept. Government Privacy Robotics Technology

Catoonsis writes

"Reuters is reporting that 'Miami police could soon be the first in the United States to use cutting-edge, spy-in-the-sky technology to beef up their fight against crime.' The police force is planning to make use of a small aerial drone, capable of hovering and quick maneuvers, to monitor the Miami-Dade area and alert officers of potential problems. The device, manufactured by Honeywell, is awaiting FAA approval before it can be put into use. This decision is just the latest chapter in the developing relationship between law enforcement and robotic assistants. 'U.S. Customs and Border Protection has been flying drones over the Arizona desert and southwest border with Mexico since 2006 and will soon deploy one in North Dakota to patrol the Canadian border as well. This month, Customs and Border Protection spokesman Juan Munoz Torres said the agency would also begin test flights of a modified version of its large Predator B drones, built by General Atomics Aeronautical Systems, over the Gulf of Mexico.'"

Research

http://www.dfes.gov.uk/byronreview/

Safer Children in a Digital World: the report of the Byron Review

Published 27th March 2008

On 6th September the Prime Minister asked me to conduct an independent review, looking at the risks to children from exposure to potentially harmful or inappropriate material on the internet and in video games.

Safer Children in a Digital World (Full)
The Full Report also contains a glossary, bibliography, details of the Review process, and a list of key contributors to the Review.