Nov 232014

Rhea Mahbubani reports:

Three license plate readers that Menlo Park police began using this summer captured images of more than 250,000 plates between July 1 and Oct. 1, according to a police staff report.

Out of all those images, however, only one could be tracked to a crime. Police recovered a stolen car and arrested the thief.

Read more on San Jose Mercury News.


Nov 222014

Peter Dujardin reports:

A civil liberties group contends Virginia’s attorney general’s office is not following steps outlined in state law to provide insight into the gathering of telephone records by police departments and sheriff’s offices statewide.

For at least 10 years, the attorney general’s office has been submitting required annual reports to the General Assembly only about wiretaps, a rare kind of intercept that records actual phone conversations.

But the reports say nothing of the much more prevalent court orders that police agencies use to obtain past call log records and live access to data about a phone’s activity — such as the phone numbers being dialed out and calling in.

Read more on Daily Press.

Nov 222014

Cory Bennett reports:

A judge Friday unsealed a trove of court documents that could shed light on a secret cellphone tracking program used by police nationwide.

The judge in Charlotte, N.C., acted after a petition from the Charlotte Observer to make the documents public.

Included are 529 requests from local Charlotte-Mecklenburg police asking judges to approve the use of a technology known as StingRay, which allows cellphone surveillance.

Read more on The Hill.

Update: From the original reporting by the Charlotte-Mecklenburg Observer:

The files contain no records showing CMPD received court permission to use a StingRay from when it first purchased the device in 2006 until 2010. That means there is no way to readily determine how often police used the device, if they were justified or if they had judicial oversight during that time span.

Senior Deputy City Attorney Judith Emken said during that period, police applied for court orders giving them permission to deploy the device, generically called a cell-site simulator.

Court officials, however, did not file the records in the clerk’s office. Instead, police detectives kept copies in investigative files, which are not open to public inspection.


Applications for cellphone surveillance filed by CMPD give the suspect’s name, a brief description of the case and boilerplate language connected to phone data.

There is no mention of a StingRay or any indication of how the device would be used.

Read more on The Charlotte-Mecklenburg Observer.

Nov 222014

CTV Saskatoon reports that Ward 2 city councillor Pat Lorje is facing sanctions after an investigation into a privacy breach that followed a closed executive committee meeting. An investigation reportedly concluded that Lorje was responsible for releasing details of a confidential report that was tabled at an in camera  meeting.

Lorje reportedly apologized for the breach, but is still facing sanctions. An announcement is expected Monday.

CTV does not indicate the nature of the material that was in the confidential report, nor how many individuals’ information may have been involved – only that the report was improperly forwarded to a member of the public.

In related coverage, The StarPhoenix also reports that the nature of the breach or the identity of the individual who received the confidential report have not been made public, but reports:

Two city hall sources said the leaked information was highly sensitive.

The majority of items discussed at private committee meetings involve human resources, city finances and land sale matters.

So here are the questions PogoWasRight.org has:

1. Was any identifiable personal information included in the leaked report?

2. If so, have the individual(s) whose private information was leaked been notified of the breach? If not, why not?

Nov 222014

Michael Geist writes:

… Canadian Uber users can be forgiven for wondering whether the company takes their privacy rights seriously since it does not even have a Canada-specific privacy policy. The Uber website features three privacy policies: one for the United States, one for South Korea, and a global catch-all for users in 48 other countries. That approach effectively lumps Canadians into a privacy policy shared by users everywhere from Beirut to Beijing to Bogota.

The policy identifies certain privacy rights (and seeks to bring global users under a European Union privacy umbrella), but does nothing to ensure that it is fully compliant with Canadian privacy law standards. Interestingly, the company does have a Canada-specific user agreement, so the company’s legal rights are designed to comply with Canadian law.

Read more on Toronto Star.

Nov 222014

Alex Hern reports:

E-cigarettes may be better for your health than normal ones, but spare a thought for your poor computer – electronic cigarettes have become the latest vector for malicious software, according to online reports.

Many e-cigarettes can be charged over USB, either with a special cable, or by plugging the cigarette itself directly into a USB port. That might be a USB port plugged into a wall socket or the port on a computer – but, if so, that means that a cheap e-cigarette from an untrustworthy supplier gains physical access to a device.

Read more on The Guardian.

Thanks to Joe Cadillic for this link.