Privacy Digest

Counting Electronic Votes in Secret - Via Freedom to Tinker:

Things are not looking good for open government when it comes to observing poll workers on Election Night. Our state election laws, written for the old lever machines, now apply to Sequoia electronic voting machines. Andrew Appel and I have been asking a straightforward question: Can ordinary members of the public watch the procedures used by poll workers to count the votes?

I submitted a formal request to the Board of Elections of Mercer County (where Princeton University is located), seeking permission to watch the poll workers when they close the polls (on Sequoia AVC Advantage voting computers) and announce the results. They said no!

The Election Board said this election is “too important” to permit extra people in the polling place.  read more »

Report: Data Mining Ineffective Anti-Terrorist Tool - Via CDT - PolicyBeta:

A new National Research Council report cautions that government data mining programs cannot effectively identify patterns of terrorist activity. Pattern-based or predictive data mining was singled out as likely to generate huge numbers of useless leads. Because of this, the authors warned, pattern-based data mining should not be used to deny a person rights and liberties. This mirrors past conclusions that CDT and others have drawn about data mining efficacy.

The Committee that drafted the October 7th report, entitled “Protecting Individual Privacy in the Struggle Against Terrorists,” recommended that all U.S. data mining programs be re-evaluated according to criteria set forth in the 376-page document. The authors – which included former Secretary of Defense William Perry – made the case that even well-managed data mining efforts are of only limited usefulness and can infringe on Americans’ privacy.  read more »

Verizon plays fast and loose with the wrong 1,200 e-mail addresses - Via NetworkWorld.com Community:

This should be a vendor's first rule when inviting 1,200 IT pros to a seminar about securing data and protecting personal information: Make sure you protect the personal information of the 1,200 professionals you're trying to impress.

How did Verizon do in that regard on Tuesday? They failed miserably ... and not just once.

David Williams, technology coordinator for a Texas school district, alerted me to the situation because he had read my recent post -- "Run-amok Verizon robo-caller torments 1,400 customers" -- which recounted the nine phone calls in 24 hours that were received at my house last month.

"I had something similar occur today," Williams writes. "In a period of three hours I received 14 e-mails promoting Verizon's 'Secure the Information. Secure the Infrastructure' webinar series, and three e-mails promoting their '2008 Data Breach Investigations Report Road Show.' "

The excessive volume of e-mail wasn't the half of it, though.  read more »

Wink Wink: RealNetworks Says Don't Copy Rented DVDs - Via Threat Level:

While urging a federal judge not to pull the plug on its DVD-copying software, RealNetworks told a federal judge there's no harm to the movie studios because consumers are only supposed to reproduce their personal movies, not rented ones.

The argument was taking a page right out of head shops that warn consumers that the colorful glass bongs and pipes on display are for tobacco use, not "illegal substances." 

RealNetworks' made the statement at the tail end of a three-hour federal court hearing Tuesday to U.S. District Judge Marilyn Hall Patel. She was hearing last-ditch arguments on why she should not bar the sale of RealNetworks' $30 DVD copying software.  read more »

'Unbreakable' encryption unveiled - Via BBC NEWS | Science & Environment :

Perfect secrecy has come a step closer with the launch of the world's first computer network protected by unbreakable quantum encryption at a scientific conference in Vienna.

The network connects six locations across Vienna and in the nearby town of St Poelten, using 200 km of standard commercial fibre optic cables.

Quantum cryptography is completely different from the kinds of security schemes used on computer networks today.  read more »

World Bank Under Cyber Siege in 'Unprecedented Crisis' - Via FOXNews.com :

The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned.

It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July.

In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.  read more »

NSA Spying on Americans in the Green Zone - Via Center for Democracy and Technology:

The National Security Agency is intercepting and retaining communications of innocent Americans in Iraq's so-called "Green Zone"; agency workers even pass around the most titillating conversations, according to explosive allegations made by two NSA whistleblowers in an ABC News segment airing tonight. According to the report, collection of telephone conversations U.S. soldiers and aid workers in Iraq had with their families in the U.S. continued even after NSA analysts knew that the telephone numbers on which they were eavesdropping belonged to Americans who had no ties to terrorism. The report calls into question assurances the NSA and Justice Department repeatedly gave Congress that internally enforced "minimization procedures" are adequate to protect the private conversations of Americans.

• ABC News Story of NSA Whistleblower Allegations October 09, 2008 [off-site]
• Testimony of Assistant Attorney General Wainstein [PDF] September 06, 2007 [off-site]
• CDT memo on inadequacy of minimization procedures [PDF] September 07, 2007

(Read Original Article - Via Center for Democracy and Technology.)

NSA Snooped on Innocent Americans' Private Calls from Iraq, Former Operators Charge - Via Threat Level:

The National Security Agency routinely listened in on the intimate and innocent phone calls of Americans in Iraq, including government personnel, journalists and aid workers, as they called back into the United States, according to two former NSA operators who spoke to ABC News.

The accusations that the NSA routinely listened in on Americans' phone calls contradicts the Administration's repeated claims that its secret spying did not listen to any Americans other than suspected terrorists.

The conduct also appears to violate the rules that govern when the NSA can listen in to Americans' making calls overseas-- which then required high-level approval for each target.  read more »

Exclusive: Inside Account of U.S. Eavesdropping on Americans - Tonight on Nightline - Via ABC News: Nightline :

U.S. Officers' "Phone Sex" Intercepted; Senate Demanding Answers

Despite pledges by President George W. Bush and American intelligence officials to the contrary, hundreds of US citizens overseas have been eavesdropped on as they called friends and family back home, according to two former military intercept operators who worked at the giant National Security Agency (NSA) center in Fort Gordon, Georgia.  read more »

Satellite-Surveillance Program to Begin Despite Privacy Concerns - WSJ.com - Via Wall Street Journal / WSJ.com :

The Department of Homeland Security will proceed with the first phase of a controversial satellite-surveillance program, even though an independent review found the department hasn't yet ensured the program will comply with privacy laws.

Congress provided partial funding for the program in a little-debated $634 billion spending measure that will fund the government until early March. For the past year, the Bush administration had been fighting Democratic lawmakers over the spy program, known as the National Applications Office.

The program is designed to provide federal, state and local officials with extensive access to spy-satellite imagery -- but no eavesdropping -- to assist with emergency response and other domestic-security needs, such as identifying where ports or border areas are vulnerable to terrorism.

Since the department proposed the program a year ago, several Democratic lawmakers have said that turning the spy lens on America could violate Americans' privacy and civil liberties unless adequate safeguards were required.  read more »

Piracy Statistics and the Importance of Journalistic Skepticism - Via Freedom to Tinker:

If you've paid attention to copyright debates in recent years, you've probably seen advocates for more restrictive copyright laws claim that "counterfeiting and piracy" cost the US economy as much as $250 billion. When pressed, those who make these kinds of claims are inevitably vague about exactly where these figures come from. For example, I contacted Thomas Sydnor, the author of the paper I linked above, and he was able to point me to a 2002 press release from the FBI, which claims that "losses to counterfeiting are estimated at $200-250 billion a year in U.S. business losses."

There are a couple of things that are notable about this. In the first place, notice that the press release says counterfeiting, which is an entirely different issue from copyright infringement. Passing stronger copyright legislation in order to stop counterfeiting is a non-sequitur.

But the more serious issue is that the FBI can't actually explain how it arrived at these figures. And indeed, it appears that nobody knows who came up with these figures and how they were computed. Julian Sanchez has done some sleuthing and found that these figures have literally been floating around inside the beltway for decades. Julian contacted the FBI, which wasn't able to point to any specific source. Further investigation led him to a 1993 Forbes article:  read more »

Lessons from the Fall of NebuAd - Via Freedom to Tinker:

With three Congressional hearings held within the past four months, U.S. legislators have expressed increased concern about the handling of private online information. As Paul Ohm mentioned yesterday, the recent scrutiny has focused mainly on the ability of ISPs to intercept and analyze the online traffic of its users-- in a word, surveillance. One of the goals of surveillance for ISPs is to yield new sources of revenue; so when a Silicon Valley startup called NebuAd approached ISPs last spring with its behavioral advertising technology, many were quick to sign on. But by summer's end, the company had lost all of its ISP partners, their CEO had resigned, and they announced their intention to pursue "more traditional" advertising channels.

How did this happen and what can we learn from this episode?  read more »

Feds Start Moving on Net Security Hole - Via Threat Level:

Starting Thursday morning, the U.S. government is seeking comment on who should create and vouch for the internet's most crucial document -- the root zone file -- that serves as the cornerstone of the system that lets users get to websites and emails find their way to inboxes.

The non-profit ICANN, the for-profit Verisign and the Commerce Department's National Telecommunications and Information Administration all have different answers to what is a long-standing, and geopolitically charged internet governance question.

But the only thing that matters for the security of the internet is the speed that they answer the question, according to domain-name system expert
Paul Vixie.  read more »

I don't see anything on their site yet, but the closing comments on tonights Nightline says that Thursdays show will include interviews with ex-employees who listened to those wiretaps of phone calls that supposedly did not include innocent US citizens.

The Presidency & the Courts [Ashbrook Center & Federalist Soc.] - Via JURIST - Video Monitor:

Conference on the Presidency and the Courts with keynote address by President George W. Bush, Ashbrook Center for Public Affairs & Federalist Society, October 6, 2008. Microsoft Silverlight, 136 minutes. Watch recorded video.

(Read Original Article - Via JURIST - Video Monitor.)

Maryland Cops Put 53 Non-Violent Activists on Terrorist List - Via Threat Level:

Maryland State police placed the names of 53 left-leaning political activists into federal and state databases, labeling them as terrorists, the state's police chief admitted Tuesday.

Evidence that the state police had been infiltrating anti-war and anti-death penalty groups first came to light in July following a government sunshine lawsuit filed by the ACLU on behalf of a prominent peace activist named Max Obuszewski.

Police added Obuszewski and others to a federal database called the Washington-Baltimore High Intensity Drug Trafficking Area database, The nation's main terrorist watch list is built from nominations from federal databases, but Maryland's current police superintendent told Maryland lawmakers that he didn't think the activists made their way onto that list, according to the Washington Post.

The Maryland spying on peace groups took place in 2005 and 2006, under the leadership of then-police superintendent Thomas Hutchins.

Hutchins defended the spying and the use of undercover informants in anti-war planning meetings, the Post reported.  read more »