Biometrics

Media articles about the proposed UK identity cards scheme


1
In a land mark case two MPs, David Davis and Tom Watson, have won a High Court judgement that the Data Retention and Investigatory Powers Act (DRIPA) is incompatible with human rights (see this BBC News article here). Legislation is normally subject to significant Parliamentary scrutiny, but the MPs claimed that because DRIPA was rushed through in days, there was no time for proper parliamentary scrutiny, hence the need for the unusual step of judicial review.   The MPs argued before the court that DRIPA was incompatible with the right to a private and family life, and data protection, under both the Human Rights Act and the European Union Charter of Fundamental Rights.  An argument that the court accepted. In the judgement the court has ruled that the unlawful sections of DRIPA can stay in force until the end of March 2016, to allow time for the government to compose new […]

MPs Win Surveillance Powers Legal Challenge, but Government to Appeal



A recent article in The Independent newspaper by Andrew Griffin highlights that Facebook is almost certainly tracking people using its rainbow picture tool, which enables users to change their profile picture to rainbow coloured in support of same-sex marriage. In using the tool many users are probably not aware that they are providing demographic data to Facebook which could be used to target advertising, or be supplied to third parties.  Just as many are not aware that the Facebook “pay with data” financial model, means that all information provided to the site may potentially be used for commercial purposes.  It should also be noted that although Facebook has stated that the information gathered by the tool will not be used for serving advertising, the site is notorious for its ever-changing privacy model, so the assurance probably needs to be taken with a pinch of salt. Interestingly, social scientists have already […]

Facebook Could Use Rainbow Profile Pictures to Profile Users



5
Julian De Vries reports on The Nation website that in the US it is possible for someone to be prosecuted for deleting their browser history or other electronic records, even though the individual has no idea they are under any sort of investigation. The problem lies with the Sarbanes-Oxley Act, which was originally enacted in the wake of the Enron scandal to stop corporations under investigation from shredding or destroying incriminating documents.  However, its application has been broadened out by prosecutors to cover situations way beyond its original aims. One reason why it has been possible to expand its use is that prosecutors do not have to show that an individual deleting material is aware an investigation is underway.  As a result anybody even innocently deleting electronic records such as browser history or text messages, could years later be prosecuted for doing so.  The scenario is not a hypothetical one […]

In the US You Can Be Prosecuted for Clearing Your ...


Ryan Whitwam reports on the ExtremeTech website that researchers have found a way to track android phones by studying their power use over time. The technique works on the principle that the further away a phone is from a base station, the more power the phone uses to maintain a connection.  Researchers called their proof of concept application PowerSpy.  Before it can be used a power map of an area has to be established so that PowerSpy knows what performance to expect in a particular location. Although making a call or using apps will also drain power, the algorithm used in PowerSpy is designed to monitor power use over several minutes, so that battery usage not associated with location can be filtered out.

Battery Power Alone Can be Used to Track Android Phones


2
Ellen Nakashima reports in the Washington Post that the recently discovered hack (see previous post here) by the Chinese of the US Office of Personnel Management, has included a database holding sensitive security clearance information on US Government workers and contractors. Joel Brenner, a former US counter­ intelligence official said about the news, “This is potentially devastating from a counter­ intelligence point of view,”  “These forums contain decades of personal information about people with clearances . . . which makes them easier to recruit for foreign espionage on behalf of a foreign country.” Sir Tim Berners-Lee has previously highlighted the dangers of blackmail if foreign spy agencies get hold of data on persons with access to national security information, although in the context of the retention of web surfing and phone records – see here.

Chinese Hack has Compromised US Security Clearance Database



4
Today is the 800th anniversary of the signing of the Magna Carta, a document which has very much changed the world, being the first document of its kind to protect the rights and freedoms of society and establish that the king was subject to the law.  Of course there is an argument that at the time of its signing, the Magna Carta was not as significant as it has become, but that really isn’t the point, it is what it now stands for that matters. Amongst the many events that have been held to celebrate the anniversary the British Library has revealed the current top 10 clauses people would like to see in a “Magna Carta for the digital age”.  This was the result of a British Library’s project conceived to encourage particularly young people to think about privacy, internet access and freedom in the digital age. See the British […]

Digital Magna Carta ‘Top 10’ Clauses Revealed


1
David Barrett reports in the Daily Telegraph that telephone masts which can listen to mobile phone conversations without the owner’s permission are being operated in Britain. The devices, technically known as IMSI catchers, but also referred to stingrays, trick handsets into thinking they are genuine mobile phone towers in order to monitor calls and other data including texts and emails.  They have been used in a number of foreign countries to target the communications of criminals, but are difficult to use in a targeted manner and will also hoover up data from innocent people’s mobile phones. Police have refused to discuss whether they are behind the installation of the masts, at least 20 of which were uncovered in London in an investigation by the Sky News television channel.

Fake Mobile Phone Masts Spy on your Calls


1
Ellen Nakashima reports in the Washington Post that Hackers working for the Chinese state breached the computer system of the US Office of Personnel Management in December 2014. The Office of Personnel Management is essentially the Human Resources function of the US Government.  The breach is believed to have resulted in the loss of the personal details of up to four million current and former US Government employees. The breach is the second major breach of US Government networks by China in the past year.  Austin Berglas, a former cyber official at the FBI’s New York field office said in response to the news: “China is everywhere. They’re looking to gain social and economic and political advantage over the United States in any way they can. The easiest way to do that is through theft of intellectual property and theft of sensitive information.”

Chinese Breach Data of Four Million Federal Workers



Maggie Ybarra reports in the Washington Times that FBI agents cannot identify any major terrorism cases they have cracked using the snooping powers in the US Patriot Act. The revelation is interesting given the claims of its supporters that powers provided by the act such a bulk phone data collection, were critical to national security and had to be retained. The Patriot Act expired on Monday (1st June) and some (see here) of its surveillance powers were incorporated into the USA Freedom Act which was approved by Congress on Tuesday (2nd June).  Amongst the powers transferred was the power to enable bulk phone data collection; however, on a positive note this data can now only be accessed with court permission.

FBI Admits That No Major Cases Cracked by Patriot Act ...


2
The BBC News website reports that UK Police made 733,237 requests to view communications data over a three-year period according to a report by Big Brother Watch, equivalent to an access request every two minutes. Police Officers wanting to gain access to communications data have to be internally approved by a senior member of the relevant force and on average 96% of such requests are approved. Big Brother Watch wants more transparency about how such requests are authorised and the crimes the data is used to fight.  The group also wants judicial involvement as a final step in the approval process. The actual Big Brother Watch Report can be found here.

UK Police Seek Data Access ‘every two minutes’


2
Leo Kelion reports on the BBC news website that Google has looked into making internet-connected toys that control smart home appliances. A Google patent describes devices that would turn their heads towards users and listen to what they were saying, before sending commands to remote computer servers to control other devices.  The three-year old patent was spotted recently by the legal technology firm SmartUp.  It described the proposal as: “One of Google’s creepiest patents yet”. The Google patent suggests that the devices could be made into toys to encourage young children to interact with them.  However, campaigners have highlighted the privacy concerns with such devices which rather like Smart TVs send data back to remote servers, data which could potentially include private conversations. Google was unable to confirm if they might go on to develop the devices.

Google Patents ‘Creepy’ Internet Toys to Run the Home



John Leyden reports on the Register website that South Wales Police have been fined £160,000 for losing DVDs of an interview with a sex abuse victim and not reporting the loss for nearly two years. The unencrypted DVDs were left in a desk drawer and the loss was discovered after an office move in October 2011.  It emerged during the investigation that South Wales Police had no specific force-wide policy for the safe storage of victim and witness interviews. Commenting on the case Anne Jones, ICO Assistant Commissioner for Wales said: “Without any doubt we would expect a professional police force, in a position of trust, dealing with this type of highly sensitive information from victims and witnesses on a daily basis, to have robust procedures to keep track of the personal data in their care.”  

Welsh Police Force Fined £160,000 after Losing Sensitive Video Interview



4
Benny Evangelista and Peter Fimrite report on the SFGATE website that a bill is to be put forward in the Californian Assembly to force smart TV makers to give customers the ability to opt out of features that could monitor their conversations. The bill is being put forward by Assemblyman Mike Gatto, who amongst other things is concerned about the ability of smart TV’s to be turned into tools that determine what kind of adverts viewers see.  Gatto said: “It’s not just that you could be sent bankruptcy ads after you talk with your wife about financial problems while watching television, it’s what happens if someone hacks it.” He also highlights the privacy issues if a smart TV is listening in a room where a couple are getting intimate. “Those sounds, if you had your voice recognition on, is what would be included,” Gatto said. “That’s what’s disturbing about this.” […]

Bill seeks ban on Smart Televisions becoming ‘Big Brother’