privacy
Latest
Microsoft, Google, and others developing code of conduct
It's not often you see a group of companies like this working together on something, but Microsoft, Google, Yahoo, and Vodafone look to have put aside their differences and sat down with each other in an effort to address concerns of privacy rights and freedom of expression relating to their various business dealings (most prominently those with China), joining with a group of nongovernmental organizations to develop a code of conduct that each will follow when such issues arise. While there's no indication when the code of conduct will be finalized or go into effect, the groups working to develop it certainly lead quite a bit of credibility to it, with the Berkman Center for Internet & Society at Harvard Law School, Business for Social Responsibility, the Electronic Frontier Foundation, Human Rights Watch, and Reporters Without Borders all having a hand in its drafting. What's not so clear, however, is what, if any, consequences the companies would face should they violate the code, only that they'll be held "accountable for their actions."
This week's overblown privacy scare, courtesy of RFID tires
Alright, everybody panic: they can track us through our tires! Just like how all those nefarious nasties have been stalking our women and children via Nike+iPod, it turns out the new RFID-based pressure gauges in our tires can be turned against us for tracking purposes by the evil hax0rs. Of course, with the kind of range available to RFID, if you're close enough to a car to track it via RFID, you can probably see it with your eyeballs, and data collected by stationary RFID sensors to track the comings and goings of such compromised vehicles seems to be of minimal use, but that doesn't mean we can't get our panties all in a wad and start screaming bloody murder about privacy and stuff. But in all seriousness, would it really hurt to put a bit more encryption on these things?[Via Techdirt]
Heathrow airport testing opt-in big brother biometrics
For every vocal privacy advocate, there are probably one hundred people who would just like to get through the lines a bit quicker at the airport, and perhaps cut down on that 3 hour pre-flight arrival time -- as long as it didn't mean compromising national security in the process. To that end, the UK's Heathrow airport is implementing an opt-in biometrics system called miSense that allows passengers to bypass lines and breeze through the check-in process if they agree to selling their souls forking over some private data do the BAA. Beyond your fingerprint data, you'll need to have held a valid passport for over six months and be subjected to some UK government background checks, but after that you'll get your fingerprints tied to your passport and be able to bypass lines at the airport with a simple swipe of the finger -- and eventually face and eye biometric scans as well. Seems to be a pretty good trade-off to us, and we like how the program is optional right now, we just hope that with UK's predilection for big brother activity, this won't become a mandatory program and get all biometric on the more paranoid privacy types who would rather not fork over such data.[Via Fark]
Traffic reports to derive from cellphone location data
Intelligent roadways and traffic monitoring systems have been available (albeit not always entirely accurate) for some time now, but if IntelliOne and AirSage have their way, finding out about real-time roadblocks (and voyeurism lawsuits) could become a more fleshed-out reality. The firms are looking to utilize that oh-so-telling "anonymous" location data from each traveler's cellphone to pinpoint locations and overlay that information with maps. If wireless companies open up that data at a rate of "twice per second" while users are conversing and "once every 30 seconds" when not on a call, the entrepreneurial duo hopes to offer more detailed information and pragmatic advice than "radar, helicopters, or cameras" currently do. While keeping a keen eye on traffic developments certainly has its benefits, the real issue here is privacy (or the lack thereof); while government uses have already been in place, carriers are (understandably) more hesitant to turn over consumer data for locating purposes. While the service would be marketed free of charge to wireless carriers, interested customers not enraged by such intrusions could purchase the data for a monthly fee, and if all goes as planned, the Tampa pilot that is currently ongoing will lead to "40 other markets" being invaded by this time next year.[Via The Wireless Report]
Ireland getting naked e-passports
If you think you're at risk of identity theft and targeted assassination attempts with your new RFID-enabled passport, just think of the Irish for a moment: they started getting e-passports last week that don't even include the little mesh jacket that supposedly keeps our version safe from unauthorized readers. With Dutch and German passports based on the same ICAO guidelines having already been successfully intercepted and decrypted, people are understandably concerned that the US didn't think this policy all the way through before making it a requirement of the Visa Waiver program, and now it seems that some of the affected countries are willing to implement even shoddier security than a type that is already deemed risky. According to Ireland's Department of Foreign Affairs, shielding the new documents is not necessary because they can only be detected when open and close to a reader, even though the general consensus is that the read distance of the chips they're using can be as much as several meters. Apparently the immediate fear is not so much over stolen identities (because of encryption), however, as it is about terrorists being able to use so-called RFID skimmers for targeting groups of people based on their nationality.
Angered parents considering lawsuit over unconsented fingerprinting
Although it still seems a bit dodgy, we can understand the need for biometric identification in governmental positions and (to a lesser extent) the chaotic lines of Walt Disney World. But when a school system starts swiping fingerprints from students without so much as prior notification to the guardians, thoughts of a lawsuit are imminent. Janine Fletcher, a "solicitor and concerned parent who instigated the legal response," found the actions of 70 schools in Cumbia County downright disturbing, and has apparently rounded up a group of sue-happy supporters to back the cause. Institutions in the area reportedly acquired the unsuspecting students' fingerprints without so much as asking the parents for their consent, and once the prints are on file, local police have a "huge database" of potential crime lords to sift through without the need to arrest them first. While the schools did muster the courage to drop each parent a note in the mail regarding their recent deeds, alerting the cautious mums after invading their kids' privacy indeed seems a bit backwards. Anyways, if you've got nothing to hide (at the moment, of course), then there's no need to fret -- the classic argument -- but having the biometrics already on tap should make prosecuting those students-turned-thieves a much easier process should it become necessary.
Wal-Mart to use infrared to track shoppers / promotions
As if its insanely coordinated logistics system, biometric payment system, and (potential) RFID shelving weren't eerie enough, America's largest retailer is taking consumer voyeurism one step further with the use of infrared technology. In an apparent attempt to avoid the taboo "RFID" flavor of intrusion, Wal-Mart is hoping to sneak an IR system into its stores to gauge the effectiveness (and elicit more advertising dollars, of course) of its various promotions. Dubbed Prism, the arguably dodgy system was crafted by Coca-Cola, Kelloggs, Kroger, Procter & Gamble, Walgreens, and Disney in order to "track shoppers' movements around the store" and correlate them with actual sales in order to judge display effectiveness. The consortium of firms has coaxed the corporate giant to install a trial system in ten of its SuperCenters, with a much broader rollout expected to follow soon; so when making that mad dash to the Tickle Me Elmo eXtreme (or bathroom supplies) section, just remember that Big Brother could be keenly watching.[Via TechDirt]
Hitachi's employee-tracking AirLocation II Tag-w WiFi-enabled RFID tags
Think wearing RFID-embedded clothing is pushing the limits of intrusion? If Hitachi has its way, your employer will soon be swapping out that company badge for a significantly more tricked-out version, complete with WiFi and RFID modules. Moving forward from the not-so-harmless RFID mirror, Hitachi is unveiling its AirLocation Tag-w at this week's CEATEC expo, which boasts a frightening ability to track and locate employees anywhere within the workplace. Aiming for "thorough and precise management of people," the device can pinpoint one's exact location, and also monitors any attempts to "enter and leave buildings." In an apparent attempt to color this voyeuristic tag in a positive hue, it also features an "emergency message function" which will broadcast a distress signal from the employee to a central help desk in case an uncontrollable robot army decides to invade your mundane corporate office. Although your manager may be salivating over the sudden ability to know the whereabouts of every mischievous subordinate on site, he / she may think twice once that ¥21,000 ($178) per unit expense hits the cost sheets.[Via MobileMag]
RFID-enabled smart shelves heading into stores?
What could be more frightening than an uninvited shopping cart following you around with the Jaws theme song looping in your head? How about RFID-enabled shelves that peer into every decision you do (or don't) make while shopping for gifts, gadgets, or everyday necessities? Japanese outfits DNP, Tana-X, and SEARS (not to be confused with Sears), are developing an intelligent shelving system that tracks information on the amount of folks who pondered a purchase, how many tossed it in their carts, which items attracted little to no attention, and essentially anything else regarding the popularity (or lack thereof) of a stocked item. Information is also gathered on the kinds of products individuals purchase together (i.e. a PSP and a UMD in the same trip), and strategically located "POP" machines conveniently give detailed descriptions about scanned items to customers, while sneakily collecting data of its own for those oh-so-clever marketers behind the scenes. While we aren't sure which nations are targeted for primary testing in December, you should probably pack some RFID-zapping heat when perusing through the aisles this holiday season if this tin-hat-donner has you in a tizzy like it does us.[Via Textually]
Second Life's user database breached
Hackers broke into the Second Life user databases on Thursday, according to this post on the official blog of Second Life parent company Linden Labs. Intruders gained access to Second Life account names, real life names, contact information, encrypted account passwords and encrypted payment information. So what? Well, there's something scarier about this theft. Name, address and credit card information is stolen daily from various inept ecommerce sites. We're kind of accustomed to that level of theft. But how many of us are really comfortable with data stolen from the place where we spend our leisure time? To put a finer point on it, what happens when archived MMOG chat logs are breached? It's going to be ugly, like AOL ugly: "I swear honey, that Furry meant nothing to me. It was totally just research for my new book. I'll sell the teledildonics equipment on eBay first thing tomorrow." Gamers haven't been paying much attention to privacy of in-game communications. Given how intimate some of those communications have become, maybe it's time for more scrutiny of privacy protection measures taken by MMOG providers. [Via Techcrunch] [Image via furry.wikia.com]
Researchers developing anti-RFID device
Ever wonder if you'd object to currency, clothing, or even your body getting embedded with an RFID chip? The idea isn't that far-fetched, and it's just a matter of time before something you own is tagged. Joining a growing list of RFID-shielders, Vrije University's Andrew Tanenbaum, an anti-RFID advocate, is pressing forward with a team of researchers in Amsterdam to finalize a palm-sized device that would block incoming RFID searches and alert the user that they just about got violated. The RFID Guardian is powered by a 550MHz XScale processor (as found in many PDAs) with 64MB of RAM and runs on the eCos open source OS. The mechanics are pretty complex, but the short of it is the Guardian uses "standard authentication algorithms from cryptography" to recognize RFID readers and to accomplish its two primary objectives: tag spoofing and tag jamming, both of which prevent your RFID tagged object from being identified. The likelihood of mainstream adoption of the device is probably slim, but if your paranoia gets the best of you the RFID Guardian can keep the digital violators at bay. There's currently no estimated price as finalized specs have yet to be determined, but just to get a better idea of its design, peep a picture of the prototype after the break. [Via Personal Tech Pipeline]
RFID Passports coming to the US in August
It has been a long and extremely troubled road for the ePassport here in the US, but it looks like they'll finally start hitting carry on bags of non-diplomats late next month. The new RFID tag-toting documents will store all of your personal data, including name, address, nationality, a picture, a digitized fingerprint and just about every other thing crooks would need to take your identity for a joyride. The government is insisting that they've taken the necessary precautions to prevent data "skimming," but that can be a lot trickier than it sounds. Just ask the Dutch. Ultimately, the technology could go either way, acting as an effective method of cross-checking people across a vast security network as they move from country to country, or evolving into an omnipresent grid of surveillance that will spread viruses and confine us all to our homes lest we feel the wrath of cyber criminals or high-tech fascists. So let us know how it turns out, we'll be in the basement with our RFID-blocking wallet and tin foil hat.
Prototype device detects, disables digital cameras
Proving once again that "outdated technology" still has its place among today's high-tech products, old-school film cameras may soon be the only shooters not rendered ineffective in the face of a new device that promises to identify and disable their digital counterparts in secure environments. Currently still in the prototype phase, the device developed by researchers at the Georgia Tech College of Computing's Interactive and Intelligent Computing Division uses its own set of digital cameras along with a scanning laser to inspect a given area for telltale signs of CCD imagers (shape, size, reflectivity), and subsequently shoots out concentrated beams of light to overwhelm the sensors of offending gadgets. Although the device is still unable to accurately detect camcorders whose CCDs are set farther back from the lens than regular still cameras, once that obstacle is overcome, this technology is expected to be deployed by governments and businesses as an anti-espionage technique or in movie theaters as a way of combating piracy. See, you thought you were ahead of the game with your ten megapixel cameraphone, but it's actually the spies and pirates equipped with those old medium-format Pentaxes who will soon rise to the top of their respective professions.[Via Dvorak Uncensored]
"Cell atlantic" personal cellphone booth offers portable privacy
Out of the many gadgets and devices that have been featured on these pages over the years, the last one you'd think someone would make improvements upon would be the personal cellphone booth invented last year by Nick Rodrigues, which seems to perform its intended duty almost perfectly. Well NYU student Jenny Chowdhury, the same person who brought us that team-building Mobile Assassins game, decided to take the mobile phone booth to the next level by making it both lighter and more private. Instead of the folding plastic and metal design built by Rodrigues, Chowdhury decided to use Chinese merchant bags to stitch together her cleverly-named, full-length "cell atlantic" phonebooth, as a symbol of the structure's nomadic nature. Chowdhury hopes that people seeing or using the booth will take a moment to consider the impact of cellphones on our daily lives, while forcing them to stand still and concentrate on a call instead of engaging in the usual multitasking.[Via textually]
FTC sues to keep your phone records safe
Were you aware that your phone records are available to just about anyone willing to fork over $100 beans in exchange for a month’s worth of activity? Yeah, in what has become a booming Internet business aimed primary at Private Dicks, your phone records (including lists of incoming and outgoing calls) are being made available via dozens of web-based brokers who openly advertise their ability to obtain your data with the help of company insiders or via a little deception -- in violation of law. See, the 1996 Telecommunication Act which deregulated the phone and media industries, also states that consumers’ phone records are private property and can only be publicly disclosed with our approval. As such, the FTC has now taken action and like Cingular, T-Mobile, Sprint Nextel, and Verizon before them, are going after these bastages in a variety of sting operations and costly litigation meant to oust and ultimately shut ‘em down. The five sites targetted by the FTC in their lawsuit include 77 Investigations, Accusearch, Check Em Out, Information Search, and Integrity Security & Investigations Services with the latter accused of selling personal financial info and credit card deets to boot. Sure, these US-based companies will just reopen off-shore but still, we’ve got your back on this one FTC.
