Privacy Digest

Report: Data Mining Ineffective Anti-Terrorist Tool - Via CDT - PolicyBeta:

A new National Research Council report cautions that government data mining programs cannot effectively identify patterns of terrorist activity. Pattern-based or predictive data mining was singled out as likely to generate huge numbers of useless leads. Because of this, the authors warned, pattern-based data mining should not be used to deny a person rights and liberties. This mirrors past conclusions that CDT and others have drawn about data mining efficacy.

The Committee that drafted the October 7th report, entitled “Protecting Individual Privacy in the Struggle Against Terrorists,” recommended that all U.S. data mining programs be re-evaluated according to criteria set forth in the 376-page document. The authors – which included former Secretary of Defense William Perry – made the case that even well-managed data mining efforts are of only limited usefulness and can infringe on Americans’ privacy.  read more »

Exclusive: Inside Account of U.S. Eavesdropping on Americans - Tonight on Nightline - Via ABC News: Nightline :

U.S. Officers' "Phone Sex" Intercepted; Senate Demanding Answers

Despite pledges by President George W. Bush and American intelligence officials to the contrary, hundreds of US citizens overseas have been eavesdropped on as they called friends and family back home, according to two former military intercept operators who worked at the giant National Security Agency (NSA) center in Fort Gordon, Georgia.  read more »

Satellite-Surveillance Program to Begin Despite Privacy Concerns - WSJ.com - Via Wall Street Journal / WSJ.com :

The Department of Homeland Security will proceed with the first phase of a controversial satellite-surveillance program, even though an independent review found the department hasn't yet ensured the program will comply with privacy laws.

Congress provided partial funding for the program in a little-debated $634 billion spending measure that will fund the government until early March. For the past year, the Bush administration had been fighting Democratic lawmakers over the spy program, known as the National Applications Office.

The program is designed to provide federal, state and local officials with extensive access to spy-satellite imagery -- but no eavesdropping -- to assist with emergency response and other domestic-security needs, such as identifying where ports or border areas are vulnerable to terrorism.

Since the department proposed the program a year ago, several Democratic lawmakers have said that turning the spy lens on America could violate Americans' privacy and civil liberties unless adequate safeguards were required.  read more »

Piracy Statistics and the Importance of Journalistic Skepticism - Via Freedom to Tinker:

If you've paid attention to copyright debates in recent years, you've probably seen advocates for more restrictive copyright laws claim that "counterfeiting and piracy" cost the US economy as much as $250 billion. When pressed, those who make these kinds of claims are inevitably vague about exactly where these figures come from. For example, I contacted Thomas Sydnor, the author of the paper I linked above, and he was able to point me to a 2002 press release from the FBI, which claims that "losses to counterfeiting are estimated at $200-250 billion a year in U.S. business losses."

There are a couple of things that are notable about this. In the first place, notice that the press release says counterfeiting, which is an entirely different issue from copyright infringement. Passing stronger copyright legislation in order to stop counterfeiting is a non-sequitur.

But the more serious issue is that the FBI can't actually explain how it arrived at these figures. And indeed, it appears that nobody knows who came up with these figures and how they were computed. Julian Sanchez has done some sleuthing and found that these figures have literally been floating around inside the beltway for decades. Julian contacted the FBI, which wasn't able to point to any specific source. Further investigation led him to a 1993 Forbes article:  read more »

I don't see anything on their site yet, but the closing comments on tonights Nightline says that Thursdays show will include interviews with ex-employees who listened to those wiretaps of phone calls that supposedly did not include innocent US citizens.

Maryland Cops Put 53 Non-Violent Activists on Terrorist List - Via Threat Level:

Maryland State police placed the names of 53 left-leaning political activists into federal and state databases, labeling them as terrorists, the state's police chief admitted Tuesday.

Evidence that the state police had been infiltrating anti-war and anti-death penalty groups first came to light in July following a government sunshine lawsuit filed by the ACLU on behalf of a prominent peace activist named Max Obuszewski.

Police added Obuszewski and others to a federal database called the Washington-Baltimore High Intensity Drug Trafficking Area database, The nation's main terrorist watch list is built from nominations from federal databases, but Maryland's current police superintendent told Maryland lawmakers that he didn't think the activists made their way onto that list, according to the Washington Post.

The Maryland spying on peace groups took place in 2005 and 2006, under the leadership of then-police superintendent Thomas Hutchins.

Hutchins defended the spying and the use of undercover informants in anti-war planning meetings, the Post reported.  read more »

Beyond the Bailout: Congress Passes a Flurry of ‘Child Safety’ Bills - Via CDT - PolicyBeta:

While the public’s attention was focused on the drama unfolding around the economic bailout, it was actually a busy time for other bills to get pushed – sometimes under the cover of the bailout darkness. Just before recess, Congress considered parts of four “child safety” bills, acted on three, and sent two to the White House. While not all the provisions in these bills raise red flags, some language gives free expression advocates plenty to worry about.

One bill that is awaiting a Presidential signature confronts child pornography head on in a constructive way is S. 1738, the “PROTECT Our Children Act of 2008. Among the important and positive steps taken in this new law are (a) a dramatic increase in funding for fighting child pornography, (b) a mandate to the Department of Justice that it develop a real strategy to fight such material, and (c) the provision of new forensic and other resources to help state law enforcement protect kids. These provisions should – if the bailout leaves any money to actually spend on law enforcement – really help in the fight against child pornography.

Congress should have stopped there; it didn’t. Some in Congress insisted that the core parts of S. 519 – the “SAFE Act” – be added to S. 1738 before passage. Among the most problematic provisions in S.519 – which was never publicly debated by any committee–is the outsourcing of significant law enforcement investigative functions to the National Center for Missing & Exploited Children (NCMEC), which as a non-governmental entity operates outside of the core constitutional and legal protections that govern (or should govern) our criminal justice system (such as the 4th Amendment, the Privacy Act, the Freedom of Information Act, etc.). Although NCMEC makes valuable contributions in the child safety arena, the growing trend in Congress to outsource law enforcement functions to a nominally private group—without any serious oversight or procedural protections— takes us down a dangerous path.  read more »

Facial Recognition Technology Is Here, But Privacy Lags - Via CDT - PolicyBeta:

The San Francisco Chronicle recently reported on the rapid development of facial recognition technology. While the increased availability of these robust features are something to celebrate, the privacy implications loom especially large. Combined with online photo storage services and a lack of meaningful limits on government or corporate access to data, facial recognition technology raises serious privacy concerns.

Last month, Google incorporated facial recognition technology in its online photo sharing service, Picasa. The new feature spares us the tedium of hand-tagging personal photos one by one. By analyzing the facial features of the people in your photos, Picasa identifies all the people in your photos for you. No one can deny the positive social benefits of these kinds of services— dozens of digital images filling our pictures folders are begging to be organized and shared. However, policymakers need to address the power of facial recognition technology in the hands of government or corporate snoopers.

What’s to stop a zealous prosecutor from searching the state’s digital database of driver’s license photos for people under 21 whose online Flickr photos show them engaged in underage drinking? What’s to stop an employer from doing the same with a photo taken by a video camera in the lobby of the building where you went for your job interview?  read more »

Supremes Mull Whether Bad Databases Make for Illegal Searches - Via Threat Level:

If a false entry in a database leads to a unconstitutional police search that reveals illegal drugs, does the government get to hold it against you?

That's the question the Supreme Court will tackle on Tuesday in a case civil liberties groups such as the Electronic Privacy Information Center argue will have broad implications  in a world where we are constantly being evaluated against databases and watch lists that are riddled with frustratingly persistent errors.

"In these interlinked databases, one error can spread like a disease, infecting every system it touches and condemning the individual to whom this error refers to suffer substantial delay, harassment, and improper arrest," EPIC director Marc Rotenberg argued in a friend of the court brief (.pdf).

Not surprisingly, the government disagrees.  read more »

Gov't Database Errors Leading To Unconstitutional Searches? - Via Slashdot:

Wired is running a story about a case the Supreme Court will be hearing on Tuesday that relates to searches based on erroneous information in government databases. In the case of Herring vs. US 07-513, the defendant was followed and pulled over based on a records indicating he had a warrant out for his arrest. Upon further review, the local county clerk found the records were in error, and the warrant notification should have been removed months prior. Unfortunately for Herring, he had already been arrested and his car searched. Police found a small amount of drugs and a firearm, for which Herring was subsequently prosecuted. Several friend-of-the-court briefs have been filed to argue this case, some calling for "an accuracy obligation on law enforcement agents [PDF] who rely on criminal justice information systems," and others defending such searches as good-faith exceptions [PDF].

(Read Original Article - Via Slashdot.)

MI6 Terror Photos, Data Accidentally Sold On Ebay - Via Slashdot:

Barence writes "In what's turning out to be a bad week for security in the UK, confidential MI6 documents, fingerprints and photos relating to suspected Al-Qaeda terrorists have been found in the memory of the second-hand Nikon Coolpix camera, which was bought on eBay for only £17. The buyer immediately went to the police, who initially treated it as a joke; when they realised he was serious, they swooped on his home and seized his camera and PC. Remember, this is the same MI6 which plans to recruit new members via Facebook, a userbase not exactly famous for its dedication to privacy, security and discretion. The news comes on the back of yesterday's embarrassment over a local council whose VPN device ended up on eBay with confidential login details left on it."

(Read Original Article - Via Slashdot.)

Police 'find' author of notorious virus - Via Techworld.com :

The infamous Gpcode 'ransomware' virus that hit computers in July was the work of a single person who is known to the authorities, a source close to the hunt for the attacker has told Techworld.

The individual is believed to be a Russian national, and has been in contact with at least one anti-malware company, Kaspersky Lab, in an attempt to sell a tool that could be used to decrypt victims' files.

Initially sceptical, the company was able to verify that the individual was the author of the latest Gpcode attack - and probably earlier attacks in 2006 and 2007 - using a variety of forensic evidence, not least that he was able to provide a tool containing the RC4 key able to decrypt the work of the malware on a single PC.  read more »

Salon Radio: ACLU's Mike German on new FBI spying powers - Via Salon: Glenn Greenwald:

Last month, Attorney General Michael Mukasey announced that the FBI -- with four months left in the Bush administration -- was adopting new regulations for itself which would vastly increase its power to investigate and spy on American citizens, on U.S. soil, even in the absence of any suspicion that the targeted citizen is involved in any wrongdoing. My guest today on Salon Radio is former long-time FBI agent and current ACLU Policy Counsel Michael German to discuss those new regulations, why they are both so dangerous and counter-productive, the ways in which FBI Director Robert Mueller is spouting clearly misleading statements to justify them, and what the prospects are for stopping their implementation. Speaking about these new regulations, German said in the interview:  read more »

Privacy concerns on speed cameras - Via Australian IT:

CRIMTRAC's planned automatic number plate recognition (ANPR) system could become a mass surveillance system, taking as many as 70 million photos of cars and drivers every day across a vast network of roadside cameras.

State and federal police forces want full-frontal images of vehicles, including the driver and front passenger, that are clear enough for identification purposes and usable as evidence in court.

"All vehicles passing through a fixed or mobile ANPR camera will have the data recorded and available for interrogation," CrimTrac told the Queensland TravelSafe inquiry into the use of ANPR for road safety.

"Existing camera applications, such as Safe-T-Cam, red light and speed cameras could be upgraded where necessary to provide constant live streaming to a central database.  read more »

Slashdot | Positive Rights News From Europe - Via Slashdot :

Various readers are sending in good news from Europe on the rights front. First, at the EU level, Mark.J brings word that the European Parliament has canned a number of controversial amendments to its updated Telecoms Package, which could have resulted in ISPs being forced to disconnect customers for involvement in illegal file-sharing of copyrighted material. Next, SplatMan_DK writes from Denmark on a recent ruling by the Danish High Court that means that Danes are still innocent until proven guilty  read more »