Aug. 8, Business Week
"Surveillance Society: The Experts Speak"
BW asked top names in the security and privacy fields about how much monitoring is necessary and what can be done to prevent abuses
Q: Is the power of databases a growing threat, and how can we curb it?
Lee Tien, senior staff attorney at the Electronic Frontier Foundation in San Francisco: Data, whether from biometrics or tracking devices or purchasing records, are tributaries flowing into one giant river of databases. Up until the last 10 years, it would sit in one company's computers and wouldn't be aggregated with [other data] to complete a profile. The prize was to correlate and put the information together. We're seeing the little obstacles that used to protect privacy eroding with increased information sharing.
If databases had a basic level of encryption, you would be less worried about how the data is handled. It's premised on government and companies taking elementary precautions to make sure the front door is locked. But even that isn't happening.
Aug. 8, Internet News
"Wiretaps for VoIP"
By Roy Mark
The Federal Communications Commission (FCC) is expanding the reach of U.S. wiretapping laws to wireline broadband providers and Internet telephone companies . . .
Friday's FCC ruling re-interprets CALEA to include wireline broadband and VoIP.
"Expanding CALEA to the Internet is contrary to the statute and is a fundamentally flawed public policy," Kurt Opsahl, an attorney for the privacy advocacy organization Electronic Frontier Foundation, said in a statement.
According to Opsahl, the FCC's action will force VoIP providers to build backdoors into their systems that hobble "technical innovation by forcing companies involved in broadband to redesign their products to meet government standards."
Aug. 8, PC World
"The case of the stolen wifi"
By Stephen Lawson
Benjamin Smith III and Gregory Straszkiewicz both were arrested for allegedly stealing something no one could see, hear, or feel. That thing was valuable enough for victims to press charges in both cases. But the arrests were over something many consumers throw out their windows every day: a Wi-Fi signal . . .
When crimes are suspected on the Internet, usually the first piece of evidence investigators look for is the IP address from which the activity was carried out, the the Electronic Frontier Foundation's Kevin Bankston said. Organizations such as the FBI or the Recording Industry Association of America can subpoena your ISP to find out who you are.
Though there aren't many precedents from which to judge, lacking any other evidence, it's unlikely someone with an unprotected Wi-Fi network would be convicted just because a crime was committed from that network, both Hunter and Bankston said. But along the way, investigators could seize your computer to look for evidence and discover something else that could get you in trouble, such as your own illegally downloaded music, he said.
For that matter, arrests for "stealing" Wi-Fi are still rare and if someone taps into your network, in some places it may be hard to prosecute them, Bankston said. It's hard to prove an intruder was deliberately snooping rather than just taking advantage of signal that was intentionally made public. The flip side is that if you're the one looking for a signal and you happen to find your neighbor's wireless LAN, the odds seem fairly slim that you'll be punished for it . . .
Some consumers will still choose to leave their networks open as a public service, the EFF's Bankston said. In addition to possibly violating the terms of your broadband contract, that move calls for all the safeguards mentioned above.
"If you don't know how to control network permissions, you should not run open Wi-Fi," Bankston said. "Even if you know what you're doing, opening up your network to the public will increase your risk."
Aug. 10, AP
"Groups Slam FCC on Internet Wiretap Rule"
WASHINGTON - New regulations making it easier for law enforcement to tap Internet phone calls will also make computer systems more vulnerable to hackers, digital privacy and civil liberties groups say . . .
Besides the privacy and security concerns, digital rights experts worry that expansion of the wiretapping law, known as CALEA, will stifle innovation.
"Creativity and innovation will end up moving offshore where programmers outside the U.S. can develop technologies that are not required to address the onerous CALEA requirements," said Kurt Opsahl, staff attorney at the Electronic Frontier Foundation. "The U.S. companies will face competition from foreign providers who will enjoy an advantage."
The groups also argue that the FCC doesn?t have the authority to order the companies to make changes to their systems for wiretapping purposes, since CALEA only pertains to telecommunications systems, not information systems like the Internet.
Aug. 11, Computerworld
"Electronic U.S. Passports Coming in December"
By Todd Weiss
The U.S. government plans to begin issuing electronic passports in December that feature a built-in chip that contains information about the passport holder and facial-recognition capabilities . . .
To prevent unauthorized reading, or "skimming" of the data, antiskimming technology will be built into each electronic passport's front cover, according to the agency. Officials are also considering inclusion of basic access control technology that would prevent the data from being accessed until the passport is opened and its machine-readable zone on the data page is read electronically.
Those built-in safeguards may not be enough, said Lee Tien, a senior staff attorney at the Electronic Frontier Foundation, a San Francisco-based privacy group. Earlier this year, the group joined other privacy groups in submitting comments to the State Department about the new passports, arguing that the security efforts don't do enough to protect Americans from unauthorized data theft. The proposed shielding may not work in all scenarios when a passport is opened and read, Tien said.
"We are very dubious of the need for any kind of electronic ID for security purposes," he said. "We have concerns that if they do implement it ... that they are not planning on using any technological safeguards other than shielding to protect [the passports] from unauthorized reading. We believe more needs to be done.
"Given that they do seem to be going forward, they need to study and implement better privacy protection," Tien said.
Aug. 15, USA Today
"Google library project runs into resistance"
By Michelle Kessler
Search engine Google has changed its digital library project to appease copyright holders -- but has ended up angering both publishers and free-speech advocates.
Google now says it will include copyrighted material but will give publishers a chance to request that their books not be included.
That decision may spark yet another Napster-like battle over copyrights in the digital age . . .
Free-speech advocates say Google shouldn't give publishers the choice of opting out, because copying the books for searches is a fair use. "The point of copyright law is not to give people absolute control over everything they write," says Jason Schultz, a lawyer at the Electronic Frontier Foundation, an advocacy group. "It's to compensate artists and authors for the works that they create." Google's library won't take away from book sales, and could even increase them, Schultz says.
Aug. 21, USA Today
"Anti-Porn Spam Laws to Shield Kids Backfire"
By Jon Swartz
Laws in two states to shield children from objectionable e-mail are having a chilling effect on nearly everyone but the spammers they were intended for . . .
Spammers, ironically, may be tempted to send more e-mail to those states to gain valid e-mail addresses.
"Everyone is being impacted but the spammers," says Kurt Opsahl, a staff attorney at Electronic Frontier Foundation, a non-profit civil-liberties group . . .
Children could inadvertently be endangered by the laws. Opsahl and others say many spammers will bombard both states with e-mail and, based on automated e-mail warnings, discover valid addresses.
Aug. 19, San Antonio Business Journal
"Unsealed court records in Rackspace case shed light on cyber privacy"
By Catherine Dominguez
. . . The Electronic Frontier Foundation (EFF), a San Francisco-based nonprofit "digital" civil rights group, filed a motion on Oct. 20, 2004, with the U.S. District Court for the Western District of Texas in San Antonio seeking to unseal the documents. The EFF's motion argued that "the public and the press have a clear and compelling interest in discovering under what authority the government was able to unilaterally prevent an Internet publisher from exercising their First Amendment rights."
The court granted the motion in late July, unsealing a majority of the record in the case. EFF received those documents earlier this month.
Officials with the EFF now claim it is clear that Rackspace over-reacted and should have never provided the government with the entire content of the servers . . .
Kurt Opsahl, staff attorney with the EFF, says he along with other EFF representatives are reviewing the unsealed documents and the Electronic Communications Privacy Act to determine what the group's next step will be.
"The commissioner's subpoena was seeking only log files and yet Rackspace handed over the entirety of the servers going beyond what the government had requested," Opsahl notes. "We think it was inappropriate to provide the government with the entirety of the servers."
Aug. 23, San Francisco Chronicle
"Google speeds searches on PCs"
By Benjamin Pimentel
In a move that highlights the heated battle for desktop dominance, Google introduced a feature Monday that allows computer users to search their PC hard drives faster.
Google's Desktop 2, which users can download for free, also analyzes users' habits and interests in order to point them to Web pages, news stories and photos they might find useful . . .
But Kurt Opsahl, staff attorney with the Electronic Frontier Foundation, a San Francisco group focused on technology and civil liberties issues, cited privacy concerns with Google's new feature. "I think that new technologies are making it easier and easier to collect a database of a wide variety of personal information of what you are looking at and reading," he said. "Everyone should be concerned when their surfing habits are tracked."
