Mar 292014
 March 29, 2014  Posted by  Breaches

Graham Cluley writes:

A researcher has discovered that so-called Smart TVs from Philips suffer from a number of serious security flaws that could allow hackers to not only steal information from attached USB sticks, and play pornographic movies as a prank, but also pilfer authentication cookies which could give them access to viewers’ online accounts.


Mar 292014
 March 29, 2014  Posted by  Court
Jason C. Gavejian writes:

The United States District Court for the Middle District of Alabama recently held in Bruce v. McDonald that the “mere access” of an e-mail account and subsequent printing/possession of e-mails from the same account did not constitute an “interception” in violation of the federal Wiretap Act.

Under the Wiretap Act, as amended by the Electronic Communications Privacy Act, criminal and civil liability is imposed on any person who intentionally intercepts any electronic communication. The Wiretap Act also imposes liability on any person who intentionally discloses,” or “intentionally uses, the contents of an electronic communication “knowing or having reason to know” the communication was intercepted in violation the Wiretap Act. Thus, “interception” is a necessary element for each type of violation.

Read more on Workplace Privacy Data Management & Security Report.

Mar 292014
 March 29, 2014  Posted by  Laws

Brian Heaton reports:

New California legislation aims to give car owners control over who gets to view data generated from their vehicles. But one expert thinks the bill is fundamentally flawed and potentially dangerous.

Fred Cate, privacy expert and law professor at Indiana University’s Maurer School of Law, called California Senate Bill 994 – the Consumer Vehicle Information Choice and Control Act – “completely unworkable in practice.” He noted that the bill requires a car manufacturer to provide the registered owner with “access from the motor vehicle to the vehicle information.” But while technologically possible to bring that data up on a console screen, Cate doesn’t think it’s realistic.

Read more on Government Technology.

Mar 292014
 March 29, 2014  Posted by  Court, Laws, Surveillance, U.S.

The ODNI has released more documents. This time, they didn’t try to suggest that it was purely voluntary on their part, and they mention EFF:

Newly Released and Reprocessed Documents Responsive to a Freedom of Information Act Request by the Electronic Frontier Foundation

Docket Number BR 08-13

March 2, 2009 — Order from the Foreign Intelligence Court (Updated)

In light of the compliance incidents identified and reported by the Government, the FISC ordered NSA to seek Court approval to query the telephony metadata on a case-by-case basis, except where necessary to protect against an imminent threat to human life “until such time as the Government is able to restore the Court’s confidence that the government can and will comply with the previously approved [Court] procedures for accessing such data.”

Docket Number BR 09-06

June 22, 2009 — Order (Updated)

In response to the Government’s reporting of a compliance incident related to NSA’s dissemination of certain query results discovered during NSA’s end-to-end review, the FISC ordered the Government to report on a weekly basis, any disseminations of information from the metadata telephony program outside of NSA and provide further explanation of the incident in its final report upon completion of the end-to-end review.

Docket Number BR: 10-82

November 23, 2010 — Supplemental Order from the Foreign Intelligence Surveillance Court (Newly Released)

Supplemental Order issued by the FISC in response to a government request for records concerning an individual target, not an application requesting records in bulk. The order interprets the relationship between the Right to Financial Privacy Act and Section 215 of the USA PATRIOT Act.