Privacy

  • Identifying, thwarting insider threats before they do damage

    Researchers argue that one way to identify and predict potential insider threats even before these individuals begin to do damage like stealing and leaking sensitive information, is by using Big Data to monitor changes in behavior patterns. Researchers at PARC, for example, found that individuals who exhibit sudden decrease in participation in group activity, whether in a game like World of Warcraft or corporate e-mail communications, are likely to withdraw from the organization. A withdrawal represents dissatisfaction with the organization, a common trait of individuals who are likely to engage in insider security breaches.

  • Portland’s Christmas Bomber challenges NSA-gathered evidence used to convict him

    Mohamed Mohamud, a Somali immigrant and former Oregon State University student, was convicted last year of attempting to detonate a bomb in 2010 near Portland’s Christmas holiday tree-lighting ceremony at Pioneer Courthouse Square. His lawyers are questioning the legality of evidence used against him. Attorneys for Mohamud are claiming that the evidence used was obtained without a warrant and should have been barred by the court.

  • Florida mulling banning school collection of students’ biometric information

    Some school districts in Florida, including Polk County and Pinellas County, are using scanners to collect fingerprints and hands, eyes, and voice characteristics from students. Pinellas County school district allows students to use palm scans instead of cash to pay for meals in the cafeteria. The collection of students’ biometric information has alarmed many parents who are concerned that students’ identity or personal records may be stolen or sold to private companies. Florida state legislators are debating a proposal which would stop school districts from collecting biometric information from students.

  • Arizona lawmaker pushes measure to limit NSA operations in the state

    Arizona State Senator Kelli Ward, a tea party Republican representing the Lake Havasu area, is pushing a bill in the State Senate which would impose limits on the ability of the NSA to operate in Arizona. In December Ward became the first legislator in the nation to declare she would introduce legislation to limit NSA activities in the state, and so far legislators in twelve other states have introduced similar bills. Arizona SB 1156 would. Among other things, prohibit local and state law enforcement officials from cooperating with the NSA and would prevent state or local prosecutors from using NSA-collected information which had not been obtained with a warrant. The bill would also withhold funds from state universities and colleges supporting the NSA with research or recruitment. Legal scholars say the courts would in all likelihood strike down Ward’s measure because Arizona, in essence, is trying to regulate the federal government.

    • TECHEXPO - Exclusive Security-Cleared Hiring Events - Register Now!
    view counter

  • A first: Constitutionality of NSA warrantless surveillance challenged by terrorism suspect

    Jamshid Muhtorov, a refugee from Uzbekistan now facing terrorism charges in Colorado, is the first criminal defendant who, as part of his lawyers’ defense strategy, is challenging the constitutionality of the NSA’s warrantless surveillance program. Muhtorov filed a motion Wednesday in federal court in Denver to suppress any evidence obtained through the agency’s surveillance program on grounds that it was unlawful. In July 2013 the Justice Department reversed an earlier policy, and now informs defendants whether the case against them, in whole or in part, is based on information obtained through warrantless surveillance. To date, six months after the review process at Justice was launched, Muhtorov and Mohamed Mohamud, a Portland, Oregon teenager who had been convicted after an FBI sting operation of attempting to detonate a bomb at a Christmas tree lighting ceremony, are the only defendants to receive such a disclosure.

  • A first: Judge in terrorism case rules defense may examine government secret FISA application

    U.S. District Judge Sharon Johnson Coleman ruled yesterday (Wednesday) that the U.S. government cannot keep secret its request to conduct clandestine surveillance of an accused would-be terrorist. The ruling gives defense attorneys an unprecedented access to a request made to the Foreign Intelligence Surveillance Act (FISA) court for permission to spy on an American citizen. Judge Coleman said her ruling is the first time a defendant’s lawyers will be given access to an application prosecutors submitted to the FISA court. Security experts warned that opening FISA applications to review in a criminal case may set a dangerous precedent.

  • Minnesota wants to limit law-enforcement use of wireless tracking devices

    The Minnesota Department of Public Safety’s acquisition of Kingfish and Stingray II wireless surveillance devices has come under scrutiny as the department’s Bureau of Criminal Apprehension(BCA) has used the devices in investigations. Some legislators are considering placing limits on law enforcement’s use of the data captured by the devices because of concerns over who has access to the data and how long it is being kept.

  • Expert calls for “surveillance minimization” to restore public trust

    Surveillance minimization — where surveillance is the exception, not the rule — could help rebuild public trust following revelations about the collection of personal data, according to an expert on privacy and surveillance. “Surveillance minimization requires surveillance to be targeted rather than universal, controlled and warranted at the point of data gathering rather than of data access, and performed for the minimum necessary time on the minimum necessary people,” he says.

  • California bill would restrict selling, access to LPR-collected data

    A bill before the California State Senate would to prohibit law enforcement agencies and private firms in California from selling data collected by automatic license plate readers. (LPRs). The proposed Senate Bill 893 would prohibit LPR operators from selling data to non-law enforcement agencies or to non-law enforcement officials. Law enforcement access to LPR data retained for more than five years would require a court order.

  • For oppressive regimes, the Internet is another tool of repression

    Claims that the Internet will “democratize” the global village are not supported by just-published research. Instead, non-democratic governments simply exploit the networks to spy on and control their citizens more effectively and efficiently than they did before. A study of Internet use – and misuse – around the world found that the Internet, rather than being the great democratizing “carrot,” it is yet another stick with which authoritarian, and supposedly non-authoritarian, governments can beat their citizens into submission.

  • Telephony metadata: Matching numbers to names

    Explaining why American should not be worried about the NSA collection of telephony metadata, President Obama, in a PBS interview, said: “You have my telephone number connecting with your telephone number…. [T]here are no names … in that database.” Two Stanford graduate students set out to discover just how much effort it would take to identify the names of phone number owners. Their answer: a trivial amount of effort. themselves the task out to find out. Querying the Yelp, Google Places, and Facebook directories, and running their sample numbers with Intelius, a cheap consumer-oriented service, they matched 91 percent of the sample numbers with the number owners. “If a few academic researchers can get this far this quickly, it’s difficult to believe the NSA would have any trouble identifying the overwhelming majority of American phone numbers,” they write.

  • Social network spying may backfire, lead to low returns

    Organizations looking to hire new staff should rethink their clandestine use of social networking Web sites, such as Facebook, to screen new recruits. Researchers found that this practice could be seen as a breach of privacy and create a negative impression of the company for potential employees. This spying could even lead to law suits.

  • Review panel calls for prohibiting NSA bulk collection of phone metadata

    A 300-page report prepared for President Barack Obama made forty-six recommendations for better management of, and different guiding rules for, U.S. surveillance programs. Among the report’s recommendations: The NSA should be banned from attempting to undermine the security of the Internet and prohibited from collecting telephone records in bulk; spying on foreign leaders should require an authorization from a higher level then is currently the case; the government should be banned from undermining encryption. The president will announce by 28 January which of the forty-six recommendations he would accept.

  • Lawmaker wants to know how cyber-safe vehicles are

    Senator Ed Markey (D-Massachusetts) has asked twenty automobile manufacturers to submit details of their plans to prevent vehicles from wireless hacking attempts, as well as plans to prevent violations of driver privacy. Markey wants automobile manufacturers to apply computer-industry security processes and technology — including anti-virus software, incident logging, incident-response planning, software vulnerability patching, and third-party penetrating testing — to mass produced vehicles.

  • Police cell-phone tracking raises privacy concerns

    Law enforcement agencies around the country are using the International Mobile Subscriber Identity locator (IMSI catcher), known as Stingray, to track cellphone users for the purpose of assisting criminal investigations. Stingray masquerades as a cellphone tower, tricking phones into sending it a signal that law enforcement can later use to identify the serial number of the phone and track the subscriber or cellphone user. Privacy advocates are worried about widespread police tracking of cellphones and violations of privacy.