May 312019
 May 31, 2019  Posted by  Non-U.S., Surveillance

Kate Allen and Wendy Gillis report:

Toronto police have been using facial recognition technology for more than a year — a tool police say increases the speed and efficiency of criminal investigations and has led to arrests in major crimes including homicides.

But the emerging technology — which relies on artificial intelligence — has generated enough privacy and civil liberty concerns that the city of San Francisco, worried about police and state overreach, recently became the first U.S. city to ban the tool.

Read more on Toronto Star.

May 312019
 May 31, 2019  Posted by  Surveillance, U.S.

Joe Cadillic writes:

TSA-style body scanners are coming to public spaces, and that should scare the hell out of everyone.

If you thought the NYPD’s Z-Backscatter vans and police mini-Z’s were intrusive, you have not seen anything yet.

Soon, nowhere will be safe from Big Brother’s prying eyes, as police prepare to use HEXWAVE to spy on people in public spaces.

Last week the Salt Lake Tribune revealed that the Utah Attorney General and law enforcement are partnering with Liberty Defense, a 3D image scanning company that makes its money from scanning the public in real-time. (3D means capturing rich information (size, shape, depth) about the detection space. It can detect any material that has a physical form.)

Read more on MassPrivateI.

May 312019
 May 31, 2019  Posted by  Govt, U.S.

Stephanie Goldberg reports:

As genetic testing gains popularity both at home and in the doctor’s office, gaps in privacy protections are becoming more apparent.

Existing restrictions are full of loopholes. Federal law prevents genetic discrimination by health insurance companies and employers, but it doesn’t prevent other insurers—including those selling life and disability policies—from making coverage decisions based on an applicant’s DNA.

A bill headed for Gov. J.B. Pritzker’s desk would prevent at-home DNA testing companies in Illinois from sharing information with any health or life insurance company. But there are a number of other ways people can lose control of their sensitive biological data. For example, a long-term care insurer can require consumers to turn over DNA test results before issuing a policy. Worrisome indicators could lead to higher premiums.

Read more on Crain’s Chicago Business.

Yesterday, I attended a fascinating session at the Privacy Law Scholar’s Conference in Berkeley. The attendees were discussing a draft paper by Natalie Ram dealing with law enforcement searching commercial DNA databases like GEDmatch to find people who might be suspects in crimes or even related to suspects.  We discussed a number of concerns, including the fact that a suspect may have never given consent for their DNA to be shared with anyone, and yet their DNA is essentially shared if a relative decides to share THEIR DNA.

“It’s complicated” would be a pretty good summary of the conversation and issues. What should the standard be for law enforcement to be able to access a database to do a broad search for a person with a particular DNA profile or close to that profile?

And while the search/Fourth Amendment issues predominated the discussion, a number of attendees communicated that they were more concerned about other uses — or potential misuses of these databases.

May 312019
 May 31, 2019  Posted by  Breaches, Court, U.S., Workplace

Joseph J. Lazzarotti, Jason C. Gavejian and Maya Atrakchi of JacksonLewis write:

No industry or sector is immune to privacy or security issues.  This week a jury in a district court in Pennsylvania awarded $1,000 to each of the 68,000 class members who claimed that Bucks County, a county just outside Philadelphia, and several other municipal entities, violated state law by making their criminal records public, in Taha v Bucks County. Bucks County potentially faces up to $68 million in damages.

This case arises from claims brought by Daryoush Taha in 2012, who alleged that the county’s inmate search tool, which was made available to the public in 2008, included access to an online database with criminal history records for all current and former Bucks County Correctional Facility inmates dating back to 1938 (nearly 68,000 individuals), in violation of Pennsylvania’s Criminal History Records Information Act (“CHRIA”).

Read more on Workplace Privacy, Data Management & Security Report.