PogoWasRight - Businesses & Privacy

Charter To Begin Tracking Users' Searches And Inserting Targeted Ads

Tue, 13 May 2008 13:04:51 -0400

Charter Communications is sending letters to its customers informing them of an "enhanced online experience" that involves Charter monitoring its users' searches and the websites they visit, and inserting targeted third-party ads based on their web activity. Charter, which serves nearly six million customers, is requiring users who want to keep their activity private to submit their personal information to Charter via an unencrypted form and download a privacy cookie that must be downloaded again each time a user clears his web cache or uses a different browser.

Source - The Consumerist

Reddit It | Digg This | Add to del.icio.us

EDITORIAL: A price on privacy

Tue, 13 May 2008 06:37:52 -0400

If you have an unlisted phone number, you may have noticed that the monthly cost for this "service" jumped last year from 28 cents to $1.25 on your AT&T bill. It's still cheaper than Verizon, which charges $1.75 a month for an unlisted landline.

Regardless of your phone company, you might wonder whether the cost is justified and whether you can do something about it.

You can.

Sen. Sheila Kuehl, D-Santa Monica, working with consumer and privacy advocates, has been pushing legislation that would prohibit phone companies from charging an extra fee for an unlisted number. Consumer advocates argue that the costs of data processing for an unlisted number are minuscule. Privacy groups suggest it is unfair to impose a surcharge on customers who don't want their phone number or addresses exposed to telemarketers and other strangers.

The phone companies are arguing that it's inappropriate for state legislators to regulate "specific features on a phone," as Verizon spokesman Jon Davies put it, adding that there are costs associated with maintaining separate databases for listed and unlisted customers.

Source - San Francisco Chronicle

Reddit It | Digg This | Add to del.icio.us

Proposed privacy rules rile small brokerage firms

Mon, 12 May 2008 05:47:13 -0400

Small and independent-contractor brokerage firms are convinced that the SEC's proposed changes to privacy rules related to client information will crush them with new costs and burdensome procedures.

The Securities and Exchange Commission proposed the changes to Regulation S-P in March, and the deadline for broker-dealers and financial advisers to comment is today.

The proposed amendments to the regulation would create more-specific requirements for safeguarding client information and responding to information security breaches. They are also designed to align the rule's privacy guidelines more closely with those of the Federal Trade Commission and federal banking agencies, industry observers and attorneys noted.

Source - Investment News

Reddit It | Digg This | Add to del.icio.us

Using cell phones to find missing persons pushes law

Tue, 06 May 2008 06:12:03 -0400

The call came in to police just after midnight April 16.

Hours before, a distraught young man had phoned his mother, hinting he wanted to kill himself. When he didn't meet her as planned, she telephoned Seattle police and reported her son missing.

Because of increasing advances in technology, officers were able to find the missing man's cellular phone using his wireless network. Two hours after he was reported missing, the man was found alive but unwell lying on his desk and taken to University Hospital for a psychological evaluation.

... "All the officer needs to do is confirm to us that an exigent circumstance exists," she said.

No legal challenges have been filed related to cell locater technology in missing persons cases. But privacy rights advocates say unambiguous guidelines are needed to ensure that the technology isn't misused.

Source - Seattle Post-Intelligencer

hat-tip, slashdot

Reddit It | Digg This | Add to del.icio.us

Home Depot Won't Let You Buy Stuff Without Knowing What You Plan To Do With It

Mon, 05 May 2008 16:21:34 -0400

Reader Helen went to Home Depot to buy some various and sundry items, but left empty-handed after the self-checkout refused to let her complete her purchase without disclosing what she planned to do with her items:

On Sunday, May 4, 2008 I went to the Home Depot on Joppa Rd, Baltimore County Maryland. My purchases includes several plants, pots, and tile sealer. I went to the self check-out line because of the speed and scanned my items. Before I could indicate I was paying by cash the machine wanted me to enter a zip code, I entered 11111 because it's really none of their business. The next screen wanted me to key in if my items were for home or business use. I had no ability to bypass this screen even thought I did not want to answer this question.

Source - The Consumerist blog

Reddit It | Digg This | Add to del.icio.us

Just Between Us

Fri, 02 May 2008 13:21:25 -0400

The Bush administration is refusing to disclose internal e-mails, letters and notes showing contacts with major telecommunications companies over how to persuade Congress to back a controversial surveillance bill, according to recently disclosed court documents.

The existence of these documents surfaced only in recent days as a result of a Freedom of Information Act lawsuit filed by a privacy group called the Electronic Frontier Foundation. The foundation (alerted to the issue in part by a NEWSWEEK story last fall) is seeking information about communications among administration officials, Congress and a battery of politically well-connected lawyers and lobbyists hired by such big telecom carriers as AT&T and Verizon. Court papers recently filed by government lawyers in the case confirm for the first time that since last fall unnamed representatives of the telecoms phoned and e-mailed administration officials to talk about ways to block more than 40 civil suits accusing the companies of privacy violations because of their participation in a secret post-9/11 surveillance program ordered by the White House.

Source - Newsweek

Reddit It | Digg This | Add to del.icio.us

Anonymizer acquired by risk-mitigation firm

Thu, 01 May 2008 17:21:53 -0400

Risk-mitigation firm Abraxas Corp. today announced it has acquired Anonymizer for an undisclosed price.

Anonymizer makes products that can conceal an online user's identity. The San Diego company's founder and CTO Lance Cottrell, has been an outspoken privacy advocate, particularly in areas of the world where government-based censorship and monitoring of individuals exists.

Herndon, Va.-based Abraxas, which provides technology for the national security community, intends to keep Anonymizer as a subsidiary.

Source - NetworkWorld

Reddit It | Digg This | Add to del.icio.us

Microsoft Gives Backdoor to Law Enforcement -- Well, Not Really

Wed, 30 Apr 2008 12:34:08 -0400

Admit it. You always thought Microsoft had put a backdoor into its operating system to allow law enforcement agents to worm their way into your computer.

Source - Threat Level

Reddit It | Digg This | Add to del.icio.us

Jobs.com Refuses To Delete Your Private Information

Mon, 28 Apr 2008 12:59:13 -0400

Dan is pissed because Jobs.com won't remove his name, email address, phone number, and home address from their servers. For reasons unknown, someone else set up a profile with his personal info on Jobs.com. When Dan contacted Jobs.com, they said that because they "must account for all transactions and account histories" they couldn't delete the info. They also assured him that since he didn't have a resume posted, recruiters can't search or view his information. Dan feels Jobs.com internal "requirements" shouldn't have any bearing on his right to privacy. What do you think? Correspondence between the two, after the jump.

Source - The Consumerist

Reddit It | Digg This | Add to del.icio.us

Chase-ing away credit card customers? Company gives woman�s credit info to press

Sat, 26 Apr 2008 09:05:59 -0400

Even though her testimony before a Congressional committee resulted in private, confidential credit history and personal information being released to the public without her knowledge, Susan Wones said she has no regrets.

The 46-year-old Denver woman said it was important to tell her story to the House Financial Services Committee so that lawmakers could be informed about what she considers to be unjust practices committed by credit card companies throughout the country. But after signing a waiver she thought authorized the release of her Chase Card Services credit history only to lawmakers, she was shocked to learn that Chase sent a representative to reporters in Washington, D.C., to share her personal credit information.

What was supposed to be redacted Chase credit information for lawmakers� eyes only became public information after the Chase representative shared Wones� personal credit history with journalists following the Congressional committee meeting last week.

Source - Denver Daily News

Reddit It | Digg This | Add to del.icio.us

Google to �systematically� provide data on suspect Orkut users to Brazilian authorities

Thu, 24 Apr 2008 11:32:01 -0400

Social network services are increasingly being used in legal and criminal investigations. Google�s social networking site Orkut, which is immensely popular in Brazil, is no exception.

[...]

But what concerns me most about this report is this passage:

Google representatives met with police, prosecutors and other officials late Wednesday in Sao Paulo to negotiate a wide-ranging deal that would see the US company systematically providing data on suspect Orkut users to Brazilian authorities.

What does �systematically providing data� mean? Will the Brazilian authorities have direct access to Google�s systems? Will a data file be routinely and �systematically �shared with the police? How will �suspect Orkut users� be defined and identified? Exactly what data will be shared? Will Google require warrants or subpoenas before �systematically� providing data on its users?

This needs further clarification.

Source - MichaelZimmer.org

Reddit It | Digg This | Add to del.icio.us

SANS: Pressure on vendors can prevent security woes

Wed, 23 Apr 2008 11:06:57 -0400

Companies are having more success in pressuring software vendors into baking security into their products, a trend that vendors are resisting less, the director of research for the SANS Institute said Wednesday.

Before granting a contract, companies now are requiring that vendors also test software patches on systems with the same configurations as users are running, said Alan Paller of SANS, an IT training organization.

Another new trend is groups of companies agreeing on base security standards for applications and then passing those requirements onto vendors.

Source - InfoWorld

Reddit It | Digg This | Add to del.icio.us

Infosec: Reputation driving information security

Wed, 23 Apr 2008 07:13:15 -0400

Concerns over reputation and brand protection are key drivers of information security for nearly three-quarters of companies worldwide.

The findings come from the latest Global Information Security Workforce Study from ISC2 published at Infosec Europe 2008.

'Corporate image' topped the list of top priorities for motivating information security governance, but the privacy of customer data, identity theft and breach of laws and regulations are also key factors.

The fourth edition of the study was conducted by Frost & Sullivan and surveyed 7,548 information security professionals from companies and public sector organisations in more than 100 countries.

Source - IT Week

Reddit It | Digg This | Add to del.icio.us

FTC issues final order in the matter of Life is good, Inc., and Life is good Retail, Inc.

Sun, 20 Apr 2008 07:10:59 -0400

In January, the FTC issued a press release stating, "An apparel company that collected sensitive consumer information and pledged to keep it secure has agreed to settle Federal Trade Commission charges that its security claims were deceptive and violated federal law. The order against Life is good, Inc. and Life is good Retail, Inc. bars deceptive claims about privacy and security policies and requires that the companies implement a comprehensive information-security program and obtain audits by an independent third-party security professional every other year for 20 years."

Now, after a period of public comment, the FTC has issued a final consent order [pdf].

The order contains specific provisions about improving security and privacy, and also requires initial and biennial assessments for a period of 20 years.

Source - FTC

Reddit It | Digg This | Add to del.icio.us

Facebook admits Beacon ad serving error

Mon, 14 Apr 2008 08:34:23 -0400

Facebook has admitted that it made big mistakes in launching its Beacon ad serving system last year.

Speaking at the Venice Festival of Media, Mike Murphy, global vice president of ad sales at Facebook, said: "We absolutely made mistakes - we didn't communicate it well, we didn't ask customers and we had an opt out rather than an opt in."

Source - Brand Republic

Reddit It | Digg This | Add to del.icio.us

FCC to look into firms' use of customer data

Sat, 12 Apr 2008 06:18:53 -0400

Staff at the Federal Communications Commission are expected to recommend that it review rules on how phone and cable companies can use customer information as they try to take business from each other, an FCC official said on Friday.

The FCC enforcement bureau will recommend that the commission reject a complaint by cable operators charging that Verizon Communications Inc violated the agency's customer privacy rules by using customer information to prevent them from switching their phone service to cable, an agency official said, on condition of anonymity.

Source - portfolio.com

Reddit It | Digg This | Add to del.icio.us