Jan 312014
 January 31, 2014  Posted by  Business, Featured News

Dana Liebelson reports:

Lately, fitness-minded Americans have started wearing sporty wrist-band devices that track tons of data: Weight, mile splits, steps taken per day, sleep quality, sexual activity, calories burned—sometimes, even GPS location. People use this data to keep track of their health, and are able send the information to various websites and apps. But this sensitive, personal data could end up in the hands of corporations looking to target these users with advertising, get credit ratings, or determine insurance rates. In other words, that device could start spying on you—and the Federal Trade Commission is worried.

“Health data from [a woman’s] connected device, may be collected and then sold to data brokers and other companies she does not know exist,” Jessica Rich, director of the Bureau for Consumer Protection at the Federal Trade Commission, said in a speech on Tuesday for Data Privacy Day.

Read more on Mother Jones.

Related to the issue of apps and privacy: IAPP has posted an interesting chart allowing you to compare the guidelines for mobile apps offered by different agencies or organizations: California Attorney General’s Mobile Privacy Guide, the Article 29 Opinion on Apps, the Future of Privacy Forum – CDT Best Practices guidelines, the NAI Mobile Code, the GSMA Mobile Privacy Principles, the NTIA Short Form Notice, and the FTC Mobile Privacy Disclosures. See how the guidelines agree or differ on issues such as data collection, data retention, choice and consent, and other issues here.

Jan 312014
 January 31, 2014  Posted by  Laws

Two privacy-related bills passed the California Assembly this week.  Courtesy of the Paparazzi Reform Initiative who have been actively advocating for these bills:

California Assembly Bill 1256 (AB 1256) – Privacy and Buffer Zones:

AB 1256 amends the California Privacy Law to include within the definition of “personal and familial activity” activities of children occurring at private and public schools, activities occurring at various medical facilities, and activities occurring where a reasonable expectation of privacy exists at other locations. It also creates a new section in the law that creates buffer zones around entrances and exits at specified facilities, including schools and medical facilities, to prevent barriers and obstructions from impeding ingress and egress to and from such facilities, and to prevent the interruption of important and vital functions of such facilities.

Full language of bill:   AB 1256
Official bill Fact Sheet:   AB 1256 Fact Sheet 

California Assembly Bill 1356 (AB 1356) – Stalking Reform:

AB 1356 amends the California Civil Stalking Law to include as actionable placing someone “under surveillance” in a way that causes “substantial emotional distress,” if all other elements of the law are proved. Licensed private investigators, law enforcement agencies and some other organizations and purposes for surveillance are exempt (see full language of bill for complete details).

Full language of bill:   AB 1356
Official bill Fact Sheet:   AB 1356 Fact Sheet

Both bills passed by votes of 53-19, and the bills now move on to the Senate.

Jan 312014
 January 31, 2014  Posted by  Breaches, Business, Online

Vabren Watts reports:

Medical communication companies (MCCs) are doing more than offering online continuing medical education (CME) courses to physicians—the companies may be monitoring clinicians’ website behavior as well.

Researchers from the Mailman School of Public Health and the Center for the Study of Society and Medicine at Columbia University investigated the financial relationship between MCCs and drug companies and whether MCCs accurately represent themselves to clinicians using their CME offerings. They reported their findings in the December 18, 2013, Journal of the American Medical Association.


Eighteen MCCs received more than $2 million each in funding. Of those heavily funded MCCs, 99 percent offered free online CME courses, and approximately 60 percent of these companies acknowledged using cookies and Web beacons to track physicians’ online activity, in addition to sharing physicians’ personal information—such as demographics, professional specialty, and license number—with third parties including “educational partners” and companies with which they have a working relationship..[…]  According to the study authors, although MCCs did not elicit users’ explicit consent, the companies did interpret “participating in a CME course and navigating the [MCCs’] website as an implicit agreement to share information with third parties.”

Read more on Psychiatry Online.


Jan 312014
 January 31, 2014  Posted by  Business, Surveillance

From the is-this-the-old-good-Google-or-the-newer-evil-one dept.:

Quentyn Kennemer reports:

We come across tons of interesting patents each and every day, but recently none have caused as much concern and curiosity as this one. Google recently filed a patent for a system that identifies when and where a “mob” event takes place and sends multimedia alerts to relevant parties. The patents are actually titled “Mob Source Phone Video Collaboration” and “Inferring Events Based On Mob Sourced Video“.

No… not that mob. In this case a “mob” is essentially an activity or event attracting an abnormal amount of attention in the form of video recording and picture taking. Here’s a quick blurb from the patent description:

“When there are at least a given number of video clips with similar time stamps and geolocation stamps uploaded to a repository, it is inferred that an event of interest has likely occurred, and a notification signal is transmitted (e.g., to a law enforcement agency, to a news organization, to a publisher of a periodical, to a public blog, etc.).”

Read more on Phandroid.

Thanks to Joe Cadillic for this link.