 |
Identity-Based,
Interoperable Web Services
Liberty Alliance
March 22, 2004
|
Liberty Alliance, the global consortium developing an open federated identity standard and business tools for implementing identity-based services, today announced the successful completion of two projects based on Liberty’s new Identity Web Services Framework (ID-WSF). Liberty’s Identity Web Services Framework, part of the organization’s Phase 2 specifications, is now being used as the underlying architecture for unique new identity-based services.
|
|
Comment Sought on CALEA Petition for Rulemaking RM-10865
Federal Communications Commission
|
On March 10, 2004, the Federal Bureau of Investigation, U. S. Department of Justice, and U.S. Drug Enforcement Administration (“Law Enforcement”) filed with the Commission a “Joint Petition For Expedited Rulemaking” (RM-10865). The Petition requests that the Commission initiate a new rulemaking proceeding to resolve, on an expedited basis, various outstanding issues associated with the implementation of the Communications Assistance for Law Enforcement Act (“CALEA”). |
|
Oppose the New Ashcroft Internet Snooping Request!
ACLU
|
If implemented, this Ashcroft plan would dramatically increase the government’s surveillance power and risk making surveillance and privacy violations much more widespread. It would force technology companies to build “backdoors” in their systems for wiretapping and thereby create weaknesses that hackers, thieves and rogue government agents could exploit to invade your privacy and conduct identity theft.
|
|
Home User Security: Personal Firewalls
Sarah Granger
SecurityFocus
|
Firewalls play a crucial role in network and computer security. Part I of this series, Home User Security: Your First Defense, examined the typical functions of firewalls and how they can be of use on an individual level. More specifically, the need for personal firewalls in the home office was discussed. Now we will explore some of the best options on the market, many of which are available free of charge or are already installed on major operating systems. |
|
Privacy Villain of the Week:
Internet Excise Taxers
James Plummer
NCC/Consumer Alert
|
As if last week's update on the scheme to build an elaborate network to record and tax consumer purchases made online wasn't enough, some tax-hungry bureaucrats are already chasing down and subpoenaing records about cigarette consumers who shop online. And it appears at least one delivery company is turning over that consumer information to the tax hawks despite pledging not to.
|
UPS eyed as source for names
Boston Globe
10/22/2003
|
United Parcel Service, apparently breaking an earlier pledge, appears to have turned over to the Massachusetts Department of Revenue the names and addresses of Bay State customers to whom it has delivered cigarettes from out-of-state vendors. The Revenue Department, which obtained the information by using an administrative summons, is sending letters to the customers demanding they remit unpaid cigarette excise taxes plus interest and penalties. The agency also threatened civil fines and imprisonment if the taxes are not paid within 30 days.
|
|
The Anonymity Doomsday Factor
John C. Dvorak
PC Magazine
|
The Recording Industry Association of America (RIAA) may become indirectly responsible for our inability to stop the next terrorist attack on the US. Hear me out on this one. The association's recent move to bust individuals, mostly students, for music trading will spark a movement toward anonymous computing unlike anything we've ever seen. Already two anonymous music swapping systems have appeared: Filetopia and Blubster. This is just the beginning.
|
|
Compromised Remailers
cryptome.org
|
Technical analysis of security holes in anonymous remailers. |
|
Privacy Villain of the Week:
Online Privacy CANners
James Plummer
NCC/Consumer Alert
|
The pushers of the so-called CAN-SPAM bill [pdf] now making its way through the U. S. Senate, eager to make a show of standing up against junk mail, have written a prescription for less privacy online. And their plan will do little if anything to actually curb the tide of spam in the inboxes of Internet users.
|
|
Wishful Anti-spam Thinking
Clyde Wayne Crews Jr.
Cato Institute
|
The House is gearing up to pass new anti-spam legislation. The effort is understandable: The increasingly apparent downside of an Internet on which you can contact whomever you want, is that anyone can contact you. The "openness" once central to the "Internet experience," is increasingly a drawback.
|
FBI moves to bring online calls under scanner
LAT-WP
December 03, 2003
|
Worried that terrorists and criminals can communicate without being caught, the FBI wants to tap into online phone calls. As federal regulators on Monday debated how — or whether — to regulate the fast-growing technology of Internet phone service, the FBI and Justice Department sought to ensure that law enforcement has the same ability to eavesdrop as it does on virtually every other form of communication.
|
CAN-SPAM Act vs. privacy
John Gilmore
|
This bill makes it a crime to use any false or misleading information in a domain name or email account application, and then send an email. That would make a large fraction of hotmail users instant criminals. It also makes it a crime to remove or alter information in message headers in ways that would make it harder for a police officer to determine who had sent the email. Anonymizers will be illegal as soon as this bill becomes law.
|
Privacy Isn't the Issue, Trust Is
Dave Morgan
Editor & Publisher
|
Privacy is an issue that uniquely plagues the online industry. Consumers don't seem to mind that banks sell their balance information, or that their in-store transactions, catalogue purchases, and magazine subscriptions are routinely sold to direct marketers. Or that security cameras record their comings and goings. For years, customers of Radio Shack freely gave up their home addresses and phone numbers just to buy some batteries.
|
|
Consumers Are in Dark On Web-Site Privacy
WALL STREET JOURNAL
June 25, 2003
|
A majority of Americans who see privacy policies on popular Web sites mistakenly assume those sites aren't collecting or selling consumers' personal information, leaving them unaware of the vast amounts of data being shared with other companies, according to a new study.
The study [Americans and Online Privacy: The System is Broken, 37 pp., PDF, 1.7MB; excerpts below], to be released Wednesday by the Annenberg Public Policy Center of the University of Pennsylvania, comes as Congress is considering a flurry of bills that would put new restrictions on how consumer data can be collected and shared. |
|
Is Chat-Room Speech Protected?
Associated Press
Mar. 05, 2003
|
Messages about public figures in Internet chat rooms are akin to anonymous pamphlets like Thomas Paine's "Common Sense," and their authors should have the same right to keep their identities secret, advocates told Pennsylvania's highest court.
|
|
Feds Building Internet Monitoring Center
Washington Post
January 31, 2003
|
The Bush administration is quietly assembling an Internet-wide monitoring center to detect and respond to attacks on vital information systems and key e-commerce sites. |
|
White House Scrambles to Defuse Privacy Concerns
DC Internet
Dec. 23, 2002
|
The White House scrambled over the weekend to alleviate privacy violation fears raised by its proposal to build a monitoring system as an "early warning center" to track Internet use in the U.S. The proposal is part of the final version of "The National Strategy to Secure Cyberspace," expected to be released in early 2003.
|
|
Whatever Happened to Leaving the Internet Unregulated?
Cato Institute
Dec. 22, 2002
|
Business use of personal information to move merchandise may sometimes be irritating, federal regulation, which will hurt e-commerce and consumers, isn't the answer. Small businesses will suffer more than larger companies that have already assembled databases.
Moreover, Washington itself can be the leading privacy offender, not just with regard to such things as driver's licenses and Social Security numbers. Post-September 11 has brought renewed government surveillance, such as pushes for mandatory national ID cards, escalated monitoring of emails facilitated by the USA Patriot Act, and ubiquitous surveillance cameras. These incursions raise serious constitutional issues and should be the focus of any serious congressional privacy debate. We don't get to "opt out" of government information collection. Washington does not have a track record that inspires confidence as a protector of personal information.
|
|
Spyware: Are you being watched online?
MSNBC
Nov. 13, 2002
|
Here’s a sobering thought: While you’re looking at your computer, it may be looking back at you. There is easy-to-get, even free, software that lets anybody spy on you, anytime you are on your computer.
|
|
A New Code for Anonymous Web Use
Wired.com
|
Peer-to-peer networks such as Morpheus and Audiogalaxy have enabled millions to trade music, movies and software freely. A group of veteran hackers is about to unveil a new peer-to-peer protocol that may eventually let millions more surf, chat and e-mail free from prying eyes.
Hacktivismo, a politically minded offshoot of the long-running hacker collective Cult of the Dead Cow, will announce the protocol -- called "Six/Four," . . . on its website
|
|
FBI digs deeper into the Web
Wayne Crews
June 10, 2002
|
In this privacy-sensitive era, the obvious question arises: Assuming you were gambling on the Internet, how would the government ever know about it? For the government to know about such personal, consensual behavior requires spying. And that's what anti-gambling legislation would require. Banks and Internet Service Providers would be drafted into the role of snooper, sifting all financial transactions. The notion of government mandating surveillance of private computers is repugnant.
|
|
FBI digs deeper into the Web
News.com
June 6, 2002
|
[New] Justice Department guidelines . . . give federal investigators new license to mine publicly available databases and monitor Web use. The changes, which come after a major FBI shakeup last week, have sparked intense debate over the merits of expanding government surveillance powers
|
|
Mandating Opt-In May Cause Consumers to Be Left Out
James Plummer
Consumer Alert
|
As the Congress holds hearings on a handful of bills to set a national policy for the information management policies for online businesses, a number of states are considering their own set of "privacy" laws. Before they pass such laws governing the exchange of information between consumers and businesses, both Congress and the states should seriously consider the ultimate ramifications of their actions. |
|
Terrorism Fears Push Md. Toward Wider Police Power
Washington Post
March 25, 2002
|
Maryland's House of Delegates is preparing to pass anti-terrorism legislation today that would dramatically expand the ability of police to tap phones and eavesdrop on the e-mail and Internet activity |
|
Unwanted Gift for Free File-Swappers
Wired News
Jan 3, 2002
|
Trojan horse unknowingly tucked into software of peer-to-peer services such as Grokster may now be on millions of hard drives
|
|
SafeWeb Promises Security Fix
Wired News
Feb. 14, 2002
|
SafeWeb has pledged to repair security problems reported this week in its anonymous-surfing technology.
The Emeryville, Calif. firm, which has received funding from the CIA, said late Wednesday it soon would release a patch to fix Javascript bugs that can decloak users by exposing their Internet addresses.
|
|
Internet anonymity for Windows power users
The Register
|
There's no such thing as perfect anonymity if you're going to insist on connecting a computer to the Internet. But there is a lot you can do to make it extremely difficult for anyone to track you.
|
|
Do-it-yourself Internet anonymity
The Register
|
How do you make a truly anonymous post to a newsgroup or a BBS? How do you keep the Web sites you visit a secret? How do you send e-mail and ensure that its contents can't be read by someone who intercepts it? How do you chat anonymously?
|
|
A Windows hack for web-surfing privacy
Politechbot
|
Not even the most sophisticated forensics tool can re-construct your surfing
history if it's never written to disk in the first place. I've come up with
two rough hacks which accomplish this, one for Windows 95 and 98, and one
for 2K and XP. This is pretty beta stuff, admittedly:
RamSurf for Win-9x
RamSurf for Win-2K/XP
|
|
FBI To Require ISPs To Reconfigure E-mail Systems
National Journal
Oct. 2001
|
The FBI is in the process of finalizing technical guidelines
that would require all Internet service providers (ISPS) to reconfigure
their e-mail systems so they could be more easily accessible to law
enforcers. The move, to be completed over the next two months, would cause
ISPs to act as phone companies do to comply with a 1994 digital-wiretapping
law. "They are in the process of developing a very detailed set of
standards for how to make packet data" available to the FBI, said Stewart
Baker, an attorney at Steptoe & Johnson who was formerly the chief counsel
to the National Security Agency (NSA).
|
|
Keeping Big Brother From Watching You:
Privacy in the Internet Age
Philippa Jeffery
Citizens Against Government Waste
|
The advent of the Information Age raises old concerns about protecting personal privacy and proprietary information, including medical and financial data, from the government, private companies, and other individuals. Information on one's personal habits is increasingly gathered through myriad transactions, including credit card charges, cell phone calls, and check card purchases at the local grocery store. While these activities are generally financially secure, data from such New Economy tools can be used to keep track of people's personal preferences. In today's world, Orwell's concerns can shed light on the collection of personal medical or financial information by federal government agencies, and the sharing of that information with other agencies
|
|
Safe Harbor or Stormy Waters?
Living with the EU Data Protection Directive
Aaron Lukas
Cato Institute's Center for Trade Policy Studies
|
On July 1, 2001, the European Commission was scheduled to complete a one-year review of how well non-European companies were complying with the European Union’s Directive on Data Protection. More important, that date was also supposed to mark the end of an informal standstill on enforcement of the directive’s restrictions on cross-border data flows. Both the report and the end of the enforcement moratorium have been postponed, but for how long is uncertain. |
|
Where Everybody Knows Your Name . . .
A Pragmatic Look at the Costs of Privacy and the
Benefits of Information Exchange
Kent Walker
Stanford Law Review 2000
|
The author examines how sharing of personal information provides individual benefits (lower costs, greater access, and more convenience), collective benefits (benefits to both individuals and the community achievable only through collective rules favoring information exchange), and social benefits (security, accountability, and trust). He then examines the difficulties of privacy regulation, using as case studies the "fair information practices" advocated by the U.S. Federal Trade Commission and the European Union's Privacy Directive.
|
|
Internet Privacy and Self-Regulation:
Lessons from the Porn Wars
Tom W. Bell
August 9, 2001
|
"The availability and adequacy of technical remedies ought to play a crucial role in evaluating the propriety of state action with regard to both the inhibition of Internet pornography and the promotion of Internet privacy. Legislation that would have restricted Internet speech considered indecent or harmful to minors has already faced and failed that test. Several prominent organizations dedicated to preserving civil liberties argued successfully that self-help technologies offered less-restrictive means of achieving the purported ends of such legislation, rendering it unconstitutional. Surprisingly, those same organizations have of late joined the call for subjecting another kind of speech—speech by commercial entities about Internet users—to political regulation. "
|
|
Protecting Consumer Privacy: Is More Legislation the Answer?
Jim Harper
August 3, 2001
|
"Federalism distributes problems the way networked computers do, or the way the Internet does. Almost all issues will be dealt with better by distributing them among governments and allowing states and localities to learn from one another, rather than putting everyone in one federal boat and seeing if it floats."
|
|
High Tech Briefing: Online Privacy
Jessica Melugin
June 2001
|
A survey of current online privacy issues, this essay was a chapter in the Competitive Enterprise Institute's CEI High Tech Briefing Book 2001.
|
 |
High Tech Briefing: COPPA and On-line Privacy for Children
Dan Alban
June 2001
|
A look at the effects of the Children's Online Privacy Protection Act, this essay was a chapter in the Competitive Enterprise Institute's CEI High Tech Briefing Book 2001.
|
|
Prohibition, Privacy and Protection: The Real Online Gamble
Thomas Pearson
August 2000
|
Efforts to prohibit gambling over the Internet leave the door open for government abuses of privacy. Inevitably, some form of government monitoring of individual's conversations and electronic correspondence will be proposed under the auspices of intercepting illicit bettors and bookies. However, honest citizens will most likely receive the most harassment from these measures.
|
|
"Privacy Online": Fear and Loathing at the FTC
Jason Thomas
June 23,2000
|
The Federal Trade Commission’s (FTC’s) recommendations in Privacy Online: Fair Information Practices in the Electronic Marketplace have replaced the heat and humidity as this summer’s most stifling climatic development. The FTC’s suggestion that legislation is needed to supplement industry self-regulation disregards private-sector developments and long-established American values.
|
|
Empowering Consumers on the Internet: How Privacy-Protecting Technologies Have Rendered Regulation Unnecessary
Jessica Melugin
May 2000
|
Supporters of new government regulations not only ignore the economic incentives companies have to cater to consumer privacy preferences, they also overlook the technological tools already available to give consumers increased control over their personal information.
|
|
TEMPEST GLOSSARY
NCSC
1981
|
This Glossary was prepared by the National Communications Security Committee's Subcommittee on Compromising Emanations (SCOCE). It contains definitions of terms associated with TEMPEST, which is the investigation and study of compromising emanations from electromechanical and electronic communications and noncommunications signal processing equipement.
|
|
