Wednesday, January 28, 2009

I'm wearing a T-shirt that reads: It's International Privacy Day – Piss Off!

http://www.pogowasright.org/article.php?story=20090127185017972

How To Celebrate Privacy Day (And How Not To)

Tuesday, January 27 2009 @ 06:50 PM EST Contributed by: PrivacyNews

Wednesday, Jan. 28, has been designated International Privacy Day, and I'm still not sure how to celebrate. Should I invite all of my friends and family over, then go in the bathroom, lock the door, and make an entry in my personal diary? Or maybe we should all put on funny hats and go outside with noisemakers, screaming, "It's none of your friggin' business!!" Ah, those holiday traditions.

Seriously, though, I'm a little confused. Who is this international day of observance for? It can't be for private citizens -- we already know the value of our privacy and how much we treasure it. If anybody's going to celebrate my privacy, I wish it could be the other parties out there who seem to disregard it on every other day of the year.

Source - Dark Reading



Now that we have your attention...

http://www.databreaches.net/?p=1028

Washington state CUs introduce data breach bill

Posted January 27th, 2009 by admin

In the wake of the Heartland Payment Systems data breach announced last week, Washington state’s credit unions once again have introduced legislation to encourage financial institutions to take “extraordinary proactive steps” to protect consumers from identity theft and financial fraud after a breach.

Receiving its first hearing before the Full House Financial Institutions and Insurance Committee hearing Thursday, HB 1149 is sponsored by State Reps. Brendan Williams (D-22), Dan Raoch (R-31), Geoff Simpson (D-47), Steve Kirby (D-29), Hans Dunshee (D-44), Sharon Nelson (D-34) and Timm Ormsby (D-33).

Like a similar proposal last year, the bill would allow credit unions and other financial institutions to sue negligent data breachers for the cost of aggressively protecting Washingtonians’ personal and private information.

Read more on CUNA More info on HB 1149



First out of the blocks. (These are neither fast nor satisfying. See the next article.)

http://www.databreaches.net/?p=1049

Send in the lawyers (Heartland Payment Systems update)

Posted January 27th, 2009 by admin

Over on Computerworld, Jaikumar Vijayan reports that a class action lawsuit has been filed in the Heartland Payment Systems breach:

[...]

A Pennsylvania law firm today filed the first class action lawsuit related to the breach. The lawsuit was filed by Chimicles & Tikellis LLP of Haverford, PA on behalf of Alicia Cooper, a resident of Woodbury, MN, and others who might have been affected by the breach.

The complaint, filed in the U.S. District Court for the District of New Jersey in Trenton, alleges that Cooper, whose card was compromised in the breach, and others, were victims of Heartland’s negligence in protecting card-holder data. The lawsuit, which calls for a jury trial, charged Heartland with breach of contract, breach of implied contract and breach of fiduciary contract for the breach.

Comment: OK, here’s the thing: if the banks reverse the charges so that the individuals have not incurred any actual financial harm, are we back to the situation where courts will throw out the lawsuits because plaintiffs cannot demonstrate “harm?”



My share should be about $0.08, fortunately I suffered no great harm (cussing the VA's security failures apparently don't count.)

http://www.databreaches.net/?p=1035

VA agrees to settle data theft lawsuit

Posted January 27th, 2009 by admin

The Associated Press is reporting:

The Veterans Affairs Department has agreed to pay up to $20 million to veterans for exposing them to possible identity theft in 2006 after losing their sensitive personal information.

In court filings Tuesday, lawyers for the VA and the veterans said they had reached agreement to settle the veterans’ lawsuit alleging invasion of privacy. The money will be used to pay for veterans who suffered actual harm, such as emotional distress or expenses incurred for credit monitoring.

Read more on WAVY.com

Comment: the APl describes the incident as a lost laptop that was later recovered. The May 2006 incident involved the theft of a laptop from a VA analyst.

Update: a fuller version of the AP story does note that the laptop had been stolen in a home burglary. The proposed settlement would give veterans who show harm from the data theft payments ranging from $75 to $1,500, with any balance of the settlement being donated to veterans’ charities agreed to by the parties, such as the Fisher House Foundation Inc. and The Intrepid Fallen Heroes Fund. The proposal still has to be approved by the judge.



It would be interesting to list some hacker (or if you prefer, intelligence gathering) techniques and compare them to current rules of evidence.

http://www.pogowasright.org/article.php?story=20090128060707557

Ca: Technology straining paper-era privacy laws

Wednesday, January 28 2009 @ 06:07 AM EST Contributed by: PrivacyNews

Something about the image of Big Brother sifting through cellphone records of 7,000 law-abiding citizens touched a nerve in Mr. Justice Michael Quigley of the Ontario Superior Court.

In a ruling several weeks ago, Judge Quigley denied police the fruits of their "high-tech fishing expedition" - uncovering a series of cellphone calls that potentially linked several suspected jewellery store robbers.

It was a classic clash between privacy and new technology, and Judge Quigley was intent on applying aging provisions to a scenario never anticipated by those who drafted them.

Source - Globe and Mail

[From the article:

He argues that the definition of what constitutes a "reasonable" search has got to change: "The real issue is not making electronic information off limits, but making sure that access is regulated using the same values as we apply to regulate real-world searches."



“You can't be serious! That would make us just like those second class citizens we're supposed to keep in line!”

http://www.pogowasright.org/article.php?story=2009012717333242

LAPD, union tangle over collection of officers' DNA

Tuesday, January 27 2009 @ 05:33 PM EST Contributed by: PrivacyNews

Since its arrival as a crime-fighting tool, Los Angeles police officers have aggressively used the power of DNA technology to solve countless cases.

When it comes to handing over their own genetic code, however, they've been told to be a lot more reticent.

Source - Los Angeles Times



Makes me want to say: “Well DUH!”

http://www.pogowasright.org/article.php?story=20090128060803143

Microsoft Study Finds Consumers Want Control Over Data

Wednesday, January 28 2009 @ 06:08 AM EST Contributed by: PrivacyNews

The software vendor's commissioned research will be revealed during a panel discussion with leaders from a Calif. Office of Privacy Protection, Intel, and MySpace.

Source - InformationWeek

[From the article:

"We wanted to understand how different segments of consumers, from teens to professionals to boomers, thought about privacy," he said. "There were some rather interesting results that came out of this."

"Our hypothesis is that across these three segments, there would be different ways of thinking about these things," said Cullen. "We were really surprised to learn there's a large degree of similarity in the way people think about privacy."

… The top areas of concern for consumers in the Microsoft focus groups were identity theft (for all segments), child protection (for parents), and the sharing or selling of personal information without consent (for all segments).



See the sidebar for a summary of what he found and what he didn't (yet)

http://yro.slashdot.org/article.pl?sid=09%2F01%2F27%2F1914229&from=rss

What Web Surfers Can Find Out About You

Posted by kdawson on Tuesday January 27, @02:39PM from the private-first-class dept.

cweditor writes in with an updated version of a story the likes of which you might have read before, What the Web Knows About You. But reporter Rob Mitchell found out vastly more about himself (his research subject) online than he could have even a year or two ago. The big difference is that state and local governments are putting online digitized records, often with Social Security numbers and other personal details intact. Mitchell ends by questioning how much good it does for banks or credit card companies to require 4, 5, or more independent identity "factors" before providing access to account details, when most or all of the factors they request can be found online about nearly anyone.



Related?

http://www.pogowasright.org/article.php?story=20090128062353400

Hunting cyber-thieves

Wednesday, January 28 2009 @ 06:23 AM EST Contributed by: PrivacyNews

In his day job, David Shettler labors to keep hackers from breaching the computer system at the College of the Holy Cross.

At night and on weekends, he takes his search for cyber-thieves national, scouring the Internet and identifying thefts of personal data, called data breaches. He’s chief technical officer and vice president of the Open Security Foundation, a nonprofit group based in Virginia that compiles data breaches online at its Web site, datalossdb.org. The group, which has four core volunteers and hundreds of other helpers, also makes regular Freedom of Information Act requests with state governments to gather more information on data breaches.

Source - Telegram & Gazette

[From the article:

Open Security Foundation is one of a handful of organizations nationally that are dedicated to publicizing data breaches. There’s also the Identity Theft Resource Center in San Diego, Databreaches.net, and dozens of bloggers who act as “cyber-sleuths,” tracking down the source of data breaches and identity thefts.



First, know the law.

http://tech.slashdot.org/article.pl?sid=09%2F01%2F27%2F2336224&from=rss

How the US Lost Its China Complaint On IP

Posted by kdawson on Tuesday January 27, @11:51PM from the evidence-from-the-newspaper dept. The Internet Software

An anonymous reader writes

"The World Trade Organization yesterday released its much-anticipated decision involving a US complaint against China over its protection and enforcement of intellectual property rights. The US quickly proclaimed victory, with newspaper headlines trumpeting the WTO panel's requirement that China reform elements of its intellectual property laws. Yet the reality is somewhat different. As Michael Geist notes, the US lost badly on key issues such as border measures and criminal IP enforcement, with the international trade body upholding the validity of China's laws."



Is this why Google's CEO supported Obama? Perhaps it's just a risk he's willing to take now that Guantanamo is closing?

http://news.cnet.com/8301-17939_109-10151390-2.html?part=rss&subj=news&tag=2547-1_3-0-5

Stark relief: White House, VP's residence now visible in Google Maps

Posted by Rafe Needleman January 27, 2009 5:44 PM PST



Something tells me this is cover for their “traffic shaping” efforts.

http://news.cnet.com/8301-1023_3-10151389-93.html?part=rss&subj=news&tag=2547-1_3-0-5

Sources: AT&T, Comcast likely to help RIAA foil piracy

Posted by Greg Sandoval January 28, 2009 4:00 AM PST CNET staff writer Maggie Reardon coauthored this report.

AT&T and Comcast, two of the nation's largest Internet service providers, are expected to be among a group of ISPs that will cooperate with the music industry in battling illegal file sharing, three sources close to the companies told CNET News.



Interesting summary. Any lessons to be learned?

http://www.bespacific.com/mt/archives/020418.html

January 27, 2009

Assessing the Impacts of Changes in the Information Technology Research and Development Ecosystem

"This report examines changes in the IT R&D ecosystem over the past decade and makes recommendations to strengthen the effectiveness and impact of federally funded information technology research; for the U.S. to remain the strongest generator of and magnet for technical talent; to reduce friction that harms the effectiveness of the U.S. IT R&D ecosystem; and to ensure that the U.S. has a communications, computing, and applications infrastructure which enables U.S. IT users and innovators to lead the world."



Interesting variation on a Dutch Auction.

http://www.killerstartups.com/eCommerce/countspin-com-live-online-auctions

CountSpin.com - Live Online Auctions

http://www.countspin.com

“Live deals, one at a time, price drops till none left…” is the premise of this new service (just out in public beta). Whenever you visit the site, you will come across a wide-ranging collection of watches and accessories whose price drops second by second. The starting price is clearly denoted, whereas the amount that you could save is also set down. You are likewise informed about shipping and handling costs. If all is right by you, you can click on the provided “Buy 1 Now” button which is displayed, and carry the transaction to completion.

The featured watches come from big names such as Casio and Seiko, and in every case a “Compare Deal” button is included for you to figure how much of a bargain the transaction you are interested in can be.

As regards the length of the auction, that is stipulated right above the concerned item. In any case, you must understand that the auction ends when all the items that were in stock are sold out. That is obvious, really. Everybody would wait until the very end in order to start bidding otherwise. And that is what makes the whole process entertaining to begin with. Give it a try and see if you feel the same way.



A useful time-saving tool or the e-quivalent of Readers' Digest?

http://www.killerstartups.com/User-Gen-Content/synopit-com-synopses-at-your-disposal

Synopit.com - Synopses At Your Disposal

http://www.synopit.com

We all come across articles that seem interesting while surfing the Net, yet the length quite often prevents us from delving into them. You should make a point of keeping this site in mind if that ever happens again. Essentially, Synopit will empower you to carry a search for summaries that have been created for that very same article, and if any are found you will be able to see the most important takeaways from the article.

On the other hand, if no summary is found you can choose to be notified through e-mail when one surfaces by signing up. Moreover, you are given the option to create a summary yourself if you think you are skilled enough to do that, and wish to make a contribution to the cause.



Something for those Computer Science PhD candidates to consider?

http://news.cnet.com/8301-19413_3-10148806-240.html?part=rss&subj=news&tag=2547-1_3-0-5

The need for a standard cloud taxonomy

Posted by James Urquhart January 27, 2009 11:15 PM PST



Just interesting

http://news.cnet.com/8301-17939_109-10150445-2.html?part=rss&subj=news&tag=2547-1_3-0-5

Which HD video Web service is the best?

Posted by Josh Lowensohn January 28, 2009 5:00 AM PST



A purely economic question? Anticipating future costs of your dream ride?

http://news.cnet.com/8301-17852_3-10151497-71.html?part=rss&subj=news&tag=2547-1_3-0-5

Why some cars get stopped by cops and others don't

Posted by Chris Matyszczyk January 27, 2009 10:40 PM PST

… It seems that the police love to ticket Hummers most of all.

No comments: