subscribe: Posts | Comments

DHS: All your Gadgets are Belong to Us...

After careful consideration, the Department of Homeland Security has concluded that American citizens near national borders are subject to having their personal electronics (including smartphones, tablets, and laptops) seized, and their contents examined without DHS officialns needing to articulate reasonable suspicion— or any reason whatsoever. Basically, if you are within 100 miles of the Mexican or Canadian border, you have no Fourth Amendment rights against unreasonable search and seizure. Note that you are not obligated to disclose account or decryption passwords, so make sure your hard drives are encrypted and your computer is shut down when you’re near a border. Hopefully, this will be tested by a high court soon. Not only is the decision completely unreasonable, so...

DHS: All your Gadgets are Belong to Us
posted on: Feb 11, 2013 | author: privacycast

State of Email Privacy

Schneier has excellent meta-analysis of the state of email privacy. The conclusion: there isn’t much. While the details of this investigation that have leaked thus far provide us all a fascinating glimpse into the usually sensitive methods used by FBI agents, this should also serve as a warning, by demonstrating the extent to which the government can pierce the veil of communications anonymity without ever having to obtain a search warrant or other court order from a neutral judge. Definitely worth a read– if you want to know what law enforcement can access without a warrant, this is eye opening...

State of Email Privacy
posted on: Nov 19, 2012 | author: privacycast

Petraeus Reminder of Email Retention Policy Importance...

Little known fact: The 1986 Electronic Communications Privacy Act stipulates that any email message that has resided on a server for more than six months is “abandoned.” This esoteric legal definition became critical in the recent investigation and subsequent sex scandal involving General David Petraeus. Thanks to the Patriot Act, federal can access “abandoned messages” with a subpoena (which is approved only by a prosequtor) rather than needing a warrant (which would require the approval of a judge.) Might be time to start thinking about an email retention policy. PrivacyCast’s recommendation would be to keep only relatively new (3 months?) messages on your server, and either delete or locally archive older messages in an encrypted...

Petraeus Reminder of Email Retention Policy Importance
posted on: Nov 13, 2012 | author: privacycast

Traffic Court Judge Obscured License Plate to Avoid Cameras...

Who watches the watchers, indeed. A close inspection of Judge Jones’ city-owned Mercury Grand Marquis LS showed that it also was outfitted with another device that poses a potential traffic violation. His license plate [was] obscured by a plastic cover that reflects flash cameras, including the dozens of traffic cameras used to collect millions of dollars from tickets in New Orleans. His honor feels the laws that invade the privacy of citizens (not to mention their pocketbooks) don’t apply to him. (Via NBA...

Traffic Court Judge Obscured License Plate to Avoid Cameras
posted on: Nov 2, 2012 | author: privacycast
Federal Judge: Police can install cameras on private property without warrant

Federal Judge: Police can install cameras on private property without warrant...

posted on: Oct 31, 2012 | author: privacycast

A federal judge ruled Wisconsin police officers did not violate the Fourth Amendment prohibition against unreasonable search and seizure when they covertly installed automated cameras on the defendant’s private property, despite their failure to secure a warrant first. The cameras were installed by the officers in an open field because they suspected that the defendants (Manuel Mendoza and Marco Magana) were growing marijuana there. To be clear, they did eventually obtain a search warrant… but only after (and possibly because of) incriminating pictures were taken by the cameras. Attorneys for the defendants asked Judge William Griesbach to suppress all images collected prior to the issuance of the search warrant, but in a Monday decision he approved the previous ruling that the Fourth Amendment only protected the home and land directly adjacent (known as “curtilage”) not open fields further from the residence....

Unpaid Traffic Ticket? It’s Strip-Search Time

Unpaid Traffic Ticket? It’s Strip-Search Time...

posted on: Apr 2, 2012 | author: privacycast

Yesterday, the Supreme Court ruled that cops have a right to strip-search you, without a warrant or conviction of guilt, for any type of arrest. Along with strip-searches, here’s some other things police can do that you would never expect. Disclaimer: Aside from a couple speeding tickets and accidentally running a red light, I have never committed a crime, nor intend to. I don’t even violate carpool rules. I have great respect for the difficult and important role that police play in our society. However, discovering that there are circumstances in which I, a law-abiding citizen, could end up being told to “squat and cough” while a warden watched made me want to find out what else they can do that I didn’t know about. The results stunned me – instead of being heroes in blue, my mental image of cops is rapidly swaying toward enforcers in brown shirts. Strip-Searches Without...

Weekly Recap: April 2 Update on Privacy News

Weekly Recap: April 2 Update on Privacy News

posted on: Apr 1, 2012 | author: privacycast

Take 15 minutes to get updated on all the ongoing privacy issues we’re tracking. This week, we’re running the numbers from the uptick in DHS complaints to the time it takes to crack your cell passcode to the (zero) hours that the TSA allowed Bruce Schneier to testify. Zero Hours of TSA Testimony by Schneier Bruce Schneier, the most respected security expert in the U.S., received a formal invite to testify about the TSA to the House Committee on Oversight and Government Reform. Apparently, Schneier’s testimony terrifies the TSA, because they used a loophole to strike him from the witness list. Maybe they read the debate he recently had with former TSA administrator Kip Hawley on the Economist website. Read his closing argument. Privacy Forecast: The TSA once again demonstrates it’s more concerned about protecting its reputation than protecting citizens. 295 DHS Privacy Complaints in 3 Months The DHS...

Can the Government Protect Consumer Privacy?

Can the Government Protect Consumer Privacy?

posted on: Mar 30, 2012 | author: privacycast

March saw several government entities voicing their concern about our privacy rights with much fanfare and really long titles. And yet, March also saw their actions betray a remarkable lack of  actual concern. Attacks and Counter-Attacks on the Privacy Act Senator Daniel Akaka (D-HI) requested that EPIC review his proposed Privacy Act Modernization for the Information Age Act of 2011 legislation which is intended to refurbish the original Privacy Act of 1974. EPIC’s comments noted that the proposed modernization were largely beneficial, but had issues about vagueness that has led to “mission creep” in the past. EPIC released it’s letter on March 27. On March 28, the Supreme Court ruled in FAA v. Cooper that the Privacy Act of 1974 does not include recovery of mental and emotional damages. This dramatically weakens the amount of ‘punishment’ that can be meted out when the government violates your privacy, which means the government will have less reason to abide...

Privacy Policy Comparison: Top Five Social Networking Apps

Privacy Policy Comparison: Top Five Social Networking Apps...

posted on: Mar 26, 2012 | author: privacycast

Social networking apps that broadcast your location to just your contacts list or Facebook friends are a thing of the past. The newest ambient social media apps eagerly broadcast your info to anybody in your vicinity that shares the same app. Since protecting privacy in networking apps is often an afterthought for the builders, we investigated the privacy policies of the five most popular networking apps. To find the top five, we simply sorted iTunes’ Social Networking category by the most popular and picked the first five ambient social media apps. To qualify as ambient social media and not just social networking, the app’s primary purpose must be to broadcast your GPS location and some type of personal info to anybody nearby who’s running the same app. This definition narrows the usual meaning of the term, but it fits our purpose better. As expected, dating and mating apps lead...

Monday Morning Quickie: Updates to Ongoing Privacy Concerns

Monday Morning Quickie: Updates to Ongoing Privacy Concerns...

posted on: Mar 26, 2012 | author: privacycast

Take 15 minutes to get updated on all the ongoing privacy issues we’re tracking. This week’s report includes employers accessing your Facebook, backlash against the TSA, Facebook changing its privacy policy, the NSA building a spy center, and some other tidbits that didn’t make it into last week’s posts. Job Applicants Forced to Reveal Facebook Profiles A few weeks ago, we noted a rise in reports that employers were forcing – implicitly or explicitly – job applicants to give them access to the applicants’ Facebook page to be used as a form of background check or character reference. Colleges are using Facebook friending to keep student athletes on the straight and narrow, and a growing number of police departments are using the resource. On Friday, Facebook’s head of privacy policy Erin Egan wrote a public post condemning the practice and promising to protect its users through legal action if necessary. Today, Senators...

How Many Employers Are Asking for Facebook Passwords?

How Many Employers Are Asking for Facebook Passwords?...

posted on: Mar 23, 2012 | author: privacycast

Mass media just discovered that some employers are requesting access to applicants’ Facebook accounts after Chief Privacy Officer Erin Egan issued a press release condemning the practice. Egan stated that it violated the user agreement that Facebook has with its users and said Facebook is willing to “where appropriate” initiate legal action. Hearing that was definitely a great way to start the day, and I settled in with my coffee to dig into the issue. How Pervasive Is the Practice? We reported on this issue three weeks ago, and I had assumed that there would be a lot more revelations of the seedy practice…but there’s not. I skimmed through a couple dozen of the 1000+ articles on it that have popped up on Google News in the last two days, and the same two instances were repeated over and over – New York City statistician Justin Bassett and Maryland Department of...

Take a Stand Against the TSA

Take a Stand Against the TSA

posted on: Mar 23, 2012 | author: privacycast

The latest viral video of the TSA’s ridiculousness features a toddler in a cast and wheelchair receiving an unnecessarily thorough pat down. If you’re not one of the 1.5 million who have watched it already, the Today Show’s Travel segment has good coverage. Did it make you mad? Then do something about it… [youtube]http://www.youtube.com/watch?v=YNO-AzPxS4U[/youtube] Stay Angry Head over to The Daily Patdown. This brilliantly simple anti-TSA advocacy shows pictures and videos of screenings that actual travelers have filmed of other passengers experiencing enhanced screening. Videos range from silly to worrisome to downright horrifying. Buy a card-sized, metallic Bill of Rights to put in your wallet. Every time you go through a scanner, you’ll be reminded of the civil violation when you physically ‘give up’ your Bill of Rights to pass through. (When the scanner pings, make sure to loudly say, “Oops, I forgot I have to give up my Bill of Rights...

Whistle Blown on NSA, FBI, CIA’s Domestic Spying

Whistle Blown on NSA, FBI, CIA’s Domestic Spying...

posted on: Mar 21, 2012 | author: privacycast

In less than 15 hours, reliable sources Wired and The Verge called out the CIA, NSA and FBI for secretly spying on U.S. citizens; or as the agencies call it, domestic surveillance. All three are disturbing in their own right, but reading them together raised some interesting points. March 15, 5:35pm: CIA Chief: We’ll Spy on You Through Your Dishwasher. March 15, 7:42pm: The NSA is Building the Country’s Biggest Spy Center. March 16, 8:49am: Is the FBI breaching the Constitution in the name of national security? What They Said In Wired’s Danger Room, Spencer Ackerman reported on the CIA Director’s response to the potential spycraft use of home devices that connect to the internet like security alarms, geolocation devices, and, of course, dishwashers. General David Petraeus, who was made director in 2011, discussed the potential of home electronics at a CIA In-Q-Tel summit: “Items of interest will be located, identified,...

Crossing Customs with Your Privacy Intact

Crossing Customs with Your Privacy Intact

posted on: Mar 20, 2012 | author: privacycast

On your last trip home from abroad, you may have noticed the customs agents making some unusual requests, like asking a traveler for their fingerprints or surfing through another’s laptop. New technology has given the border patrol the capability to both increase your security and invade your personal privacy. We read up on the CBP’s new policies that affect your privacy, especially regarding digital devices, which they are currently allowed to search without a warrant or suspicion. We are passing what we learned on to you. (This information is limited to U.S. citizens or permanent U.S. green card holders. If you fall outside these two groups, the CBP’s Welcome to the U.S. is a good place to start.) What’s the difference between the TSA and the CBP? Both have agents in uniforms at the airport, search your stuff and ask for your I.D., so it’s easy to group them. The Transportation...

2011 DHS Data Mining Report Review

2011 DHS Data Mining Report Review

posted on: Mar 19, 2012 | author: privacycast

The Department of Homeland Security (DHS) Privacy Office just released their 2011 Data Mining Report to Congress. We burrowed beyond the many, many acronyms to find out what they were up to last year. DHS divides its activities into four programs: Automated Targeting System (ATS), Analytical Framework for Intelligence (AFI), Data Analysis and Research for Trade Transparency System (DARTTS), and Freight Assessment System (FAS). Automated Targeting System (ATS) Terrorist Targeting Framework The ATS-TF is Custom and Border Patrol’s (CBP) infamous ‘risk assessment’ program which essentially assigns a potential terrorist rating to individuals and files that in a database. The database indexes millions of people, the majority of which are U.S. citizens. The ratings are kept secret and are never up for review. This is a truly scary prospect, and EPIC is actively working to ensure privacy safeguards are in place. On the upside, the department has narrowed the scope of...

Background Checks Performed on Private Facebook Profiles

Background Checks Performed on Private Facebook Profiles...

posted on: Mar 9, 2012 | author: privacycast

A new trend in human resources hiring protocol is worrisome. Job interviewers and college coaches are starting to use Facebook pages as a background check. If you’re thinking that any idiot who isn’t smart enough to set their profile to private deserves it, you’re probably right. However, in these situations, the people are essentially being coerced into giving full access to everything on their page: their profile, wall, photos, friend list…everything. Interviewers claim it’s voluntary, but the implicit message is that if you want the job, you’ll hand over your username and password. Colleges are much more direct; if you want to play a sport, you have to friend a coach. The ACLU already has cases lined up in the docket alleging that this violates your civil rights. We’d consider this a serious threat to privacy rights, except that we’re pretty sure this trend is going to get stopped dead by the...

« Previous Entries