Biometrics

Media articles about the proposed UK identity cards scheme


2
Alex Matthews-King reports in Pulse that the NHS is overriding 700,000 patient opt-outs to GP data being shared. The Health and Social Care Information Centre has said that 700,000 patients registered an objection to their identifiable information being passed from the HSCIC to a third-party before the aborted roll-out of care.data in March 2014.  However, it admitted that it doesn’t currently have the resources to deal with this volume of objections and thus it has not been possible to implement the patient opt-outs. Dr Beth McCarron-Nash, who leads on care.data for the General Practitioners Committee, told Pulse: ‘Obviously, if there are technical difficulties that HSCIC are experiencing, they must be resolved, and it is their responsibility to make sure patients are protected. But basically it’s a mess.’

NHS overriding 700,000 patient opt-outs


David Kravets reports on the Ars Technica website that the US National Security Agency’s bulk telephone metadata collection program is illegal, but not unconstitutional according to a federal appeals court ruling. The case was brought by the American Civil Liberties Union and sets aside a judgement by a lower court that metadata collection was permissible. According to the article, the court noted that the Patriot Act gives the government wide powers to acquire all types of private records on Americans as long as they are “relevant” to an investigation.  But the government is going too far when it comes to acquiring, via a subpoena, the metadata of every telephone call made to and from the United States. The legal authority allowing the NSA to collect telephone metadata expires on 1st June 2015 and will need renewing by Congress if it is to continue.  It is not clear how the ruling […]

US Court Rules NSA Phone Metadata Collection is Illegal


The campaign group Big Brother Watch has prepared a briefing note on privacy and other issues with the European Union’s eCall system which the European Parliament voted on 28th April 2015 to make compulsory in all new cars. Although eCall is promoted as an EU-wide emergency alert system to help ambulance crews get to road accidents faster, it raises significant privacy and snooping concerns because it works in partnership with an Event Data Recorder (EDR).  The EDR records for 20 seconds before an accident and 10 seconds afterwards; however, as the briefing note points out this means it must be recording and erasing continuously. Currently it is not intended that eCall should transmit data continuously, but it could do so and this opens up the possibility of mission creep such as the system being used to track motorists, as the EDR has the ability to record a vehicles exact location. […]

Big Brother Watch Briefing Note on EU Car Tracking eCall ...



The BBC News website reports that Airbus says it will file a criminal complaint over allegations that German intelligence helped the US carry out industrial espionage on the company. German media reports suggest that the country’s spy agency BND collected data on European firms at the behest of the US National Security Agency.  Airbus said it had asked for more information from the German government and said in a statement: “We are aware that large companies in the sector, like ours, are targets of espionage,” …… “However, in this case we are alarmed because there is concrete suspicion.” Airbus was named by the German press as one of the firms that was targeted by the spying operation.  It is believed that BND eavesdropped on online, phone and other communications in order to gather information.

Airbus to sue over US National Security Agency Spying


2
The Law Gazette reports that professional bodies representing lawyers and other legal professionals are calling for statutory protection for professional privilege. It follows a landmark ruling by the Investigatory Powers Tribunal (IPT) ordering the intelligence agency GCHQ to destroy illegally intercepted communications between Libyans subjected to renditions and their lawyers in the UK. However, despite the ruling both the Law Society and the bar have said the ruling does not sufficiently protect lawyer-client communications.  Andrew Caplen, president of the Law Society commenting on the current situation said: ‘The current legislative framework remains unsuitable and we hope that the Regulation of Investigatory Powers Act will be amended or replaced to include explicit protection of legal professional privilege.’

Legal bodies call for statutory protection for professional privilege following ...


4
The This is Money website reports that insurance customers who swear or use racist language on websites such as Twitter or Facebook could soon find themselves missing out on cheaper insurance deals. California-based Social Intelligence Corp is in talks with UK insurers about introducing software to analyse social media accounts and will allow insurers to decide if someone should be given a special offer. The firm claims that someone with 200 LinkedIn connections, an email address in use for five years and a Facebook profile, is a better risk than someone who doesn’t meet these criteria.  In contrast, insurance customers who swear or use racist language on websites such as Twitter or Facebook could find themselves missing out on cheaper insurance deals.

Insurers on the Lookout for Swearing or Racist Language on ...



4
Fred Pearce reports in New Scientist magazine that many people in the UK are worried about having smart meters in their homes because they fear that data about their personal energy use will be shared. The online survey of more than 2400 people in the UK was conducted by Alexa Spence of Nottingham University.  Commenting on the findings that people are worried about what might happen to their energy use data Spence said: “People are becoming increasingly aware of the value of their personal data and privacy, and they often err on the side of caution.”

UK People Wary of Smart Meters


The Mail Online reports that e-reader devices can track users and report back to e-book stores information such which books you are reading, the amount of time spent on a particular passage and what time you put the e-reader device down to go to sleep. Michael Tamblyn, of Kobo, which supplies e-readers to WHSmith, John Lewis and Tesco, said it collects information from users to recommend new books and boost sales.  Amazon’s Kindle also collects similar information. Commenting on the revelation Renate Samson, of Big Brother Watch, said: ‘That these products feel the need to monitor more than just what we read, but to actively store data on what page we might linger on or more worryingly what time of day or night we choose to read seems disproportionately intrusive on what is to most of us a moment of personal quiet time.’

Your e-reader is Watching You


Yasha Levine reports on the PandoDaily website on how the U.S. Government has and continues to fund internet tools that provide anonymity and privacy such as Tor, CryptoCat and Open Whisper Systems. The article provides an interesting insight into the activities and history of the blandly named Broadcasting Board of Governors (BBG), which has its origins in the cold war, and the way money passes through BBG controlled Radio Free Asia and the stations Open Technology Fund, to groups and individuals developing various privacy technologies. Although the author questions whether privacy activists should be accepting funding from the US Government, a probably more important question is why the US Government would want provide funding to organisations and individuals to develop technology that provides protection from surveillance by the US National Security Agency (NSA) and the UK’s GCHQ etc.  This is a question very rarely discussed by privacy campaigners or journalists, […]

Internet Privacy Funded by Spooks: A Brief history of the ...



The BBC News website reports that the Conservatives say that if they win the general election they will introduce legislation requiring pornography websites to adopt age-restriction controls, or face closure. Both UK-based and overseas websites will be targeted and foreign websites that do not comply will be blocked.  The system would be overseen by an independent regulator with the power to force internet service providers to block sites and issue fines to any which did not comply. The decision follows a recent call by the UK Video on demand watchdog to require age verification on pornography sites. Comment from Newsblog Editor: What is concerning about this proposal versus a web filter approach, is that any age verification system inevitably means that the authorities can track at least some of a citizen’s web habits.  If, as is more than likely, the policy undergoes mission creep and is extended to other types […]

Porn sites must have age checks, say Conservatives


4
Ray Massey reports on the This is Money website that nearly 19,000 foreign drivers failed to pay ANPR generated fines for none payment of the Dartford River Crossing toll in December 2014. Toll booths were removed in November 2014 with payment required by internet, phone or account. Vehicles using the crossing are identified by an automatic number plate recognition (ANPR) system and fines are issued if the £2.50 toll is not paid by midnight the following day. The 19,000 foreign drivers are amongst 130,306 road users sent penalty charge notices in December 2013 of which 73,898 had been settled by the end February.  As many as one in seven drivers using the Dartford River Crossing failed to pay in the schemes first month, which was double the expected non-payment rate of one in 14. Comment from Newsblog Editor: It is worth considering the financial model being employed on the crossing […]

19,000 foreign drivers fail to pay ANPR generated fines


2
Following a series of high-profile losses of customer’s personal data suffered by major companies such as Sony, Home Depot and Target, Erik Sherman considers on the CBS Moneywatch website why companies do not improve IT security and safeguards for customer data. The answer is that although the cost of remediation and fixes following such data leaks looks enormous to the average person, the financial impact on companies is negligible.  For example, when Target lost 40 million credit card numbers and 70 million other records, the cost after deductions was 105 million dollars which is less than 0.1 percent of the company’s revenue. Even the reputational damage to companies from huge data losses seems relatively short-lived.  Following a major breach of Sony’s network the Ponemon Institute polled consumers every 48 hours to check the company’s reputation.  After less than six months the Sony’s reputation had recovered its place to where it […]

The reasons companies don’t fix cyber security



Neal Keeling reports in the Manchester Evening News that an investigation has been launched after scores of hospital staff at Salford Royal Hospital allegedly broke data protection rules to look at a colleague’s medical records. The person’s records were accessed via the Electronic Patients Record system which was installed two years ago.  Some 7,000 health care professionals have access to the system which is supposed to have a high level of security control, with users receiving formal training in information governance on an annual basis. The member of staff whose records were viewed had been admitted to the hospital for treatment a few months ago and is now believed to have commenced legal action against the hospital.

Hospital staff breached rules to view colleague’s medical records


The Intelligence and Security Committee (ISC) has issued a report into surveillance by the security services in the United Kingdom.  The report titled “Privacy and Security: A modern and transparent legal framework” is the result of a review started by the ISC in 2013, following revelations by the former US Intelligence contractor Edward Snowdon about the extent of surveillance by UK and US intelligence services. The report considers whether current legislation provides sufficient oversight and accountability and the impact of surveillance on privacy.  It concludes that there is a lack of transparency around surveillance which is not in the public interest.  This has come about due to the way the legal framework has developed in a piecemeal fashion. The key recommendation of the report is that the current legal framework should be replaced by a single new Act of Parliament governing the intelligence and security agencies. The report can be […]

The Intelligence and security Committee (ISC) Report into Surveillance in ...


2
Kevin Rawlinson reports on the BBC news website that the Parliamentary Office of Science and Technology (POST), has issued a report which states that banning online anonymity networks such as Tor, would not be technologically feasible. POST, which provides analysis and advice to MPs on public policy issues related to science and technology also stated that there was: “widespread agreement that banning online anonymity systems altogether is not seen as an acceptable policy option in the UK”. The report highlights that anonymity often had legal and socially useful benefits such as protection of whistleblowers. While trying to block such sites would present significant technical challenges, as demonstrated by the difficulties the Chinese government is having with trying to block access to Tor in order to enforce bans on unauthorised websites. The report contradicts the view of Prime Minister David Cameron, who earlier this year said that law enforcement should be […]

Banning Tor unwise and not feasible, MPs told