Microsoft said it will release a software patch later today to fix a hole in its Windows 2000 operating system that could leak usernames and passwords to unauthorized individuals.

The problem involves the Windows 2000 Telnet client, a program that lets someone connect a PC to a network server and execute commands on a second machine remotely.

The security hole stems from Microsoft's convenient single sign-on feature that saves people the hassle of logging in for each Telnet session by automatically providing the required user ID and encrypted password.

USA TODAY - Lawmakers call for Net privacy legislation.

The U.S. Congress must set minimum guidelines to protect consumers' privacy on the Internet, two key legislators said, while acknowledging that industry has made substantial progress to guard personal data.

Legislation should require that every Web site post privacy policies, let users prohibit companies from collecting information, supersede any state laws and give U.S. regulators the power to enforce and review policies, said Representative Rick Boucher, a Virginia Democrat.

Computerworld (IDG) - European official: 'Safe harbor' deal doesn't fully bridge data privacy divide.

Despite the "safe harbor" agreement that was approved earlier this summer to make U.S. companies compliant with Europe's stringent data privacy laws, European countries and the U.S. continue to have different perspectives on privacy issues, according to European Parliament member Patrick Cox. And the safe harbor deal isn't unanimously supported in Europe, he said.

Speaking at the Global Privacy Summit, a privacy-related conference that began here today, Cox nonetheless called the agreement negotiated over a two-period by U.S. and European officials a "good starting point" in setting the rules for passing data and transacting online commerce between the two regions.

Technology News from Wired News - Windows ME Bugged by Flaw. Computers running the Web TV for Windows program can be hacked into from the Internet. The problem existed in Windows 98, and has not been corrected in Windows ME.

Political News from Wired News - Privacy Group Drops Amazon.

The Electronic Privacy Information Center(EPIC) has to find another way to sell its books.

In light of a recent change to Amazon.com's privacy policy, the privacy group decided it could no longer in good conscience use the Internet book retailer as an affiliate. EPIC used the company's affiliate program to distribute its publications focused on privacy and civil liberty issues and the Internet.

Political News from Wired News - Kids' Sites Cite COPPA Woes. The Children's Online Privacy Protection Act isn't hurting the big sites. But the little guys are finding compliance to be too costly, and many aren't complying at all. Lynn Burke reports from Digital Kids in San Francisco.

Business News from Wired News - Defame Game Serious in Canada.

EDMONTON, Alberta: Canadian e-mailers can no longer hide behind a cloak of anonymity if reasonable grounds exist to show they've distributed defamatory statements over the Internet.

The change in Canadian law came after a landmark court ruling this week when an Ontario Superior Court Justice ordered Internet service provider iPRIMUS Inc. of Toronto to reveal the identity of an anonymous e-mailer.

Computerworld | Privacy Reporting.

Computerworld | Carnivore Coverage.

New York Times - free registration required New Report Examines Commercialism in U.S. Schools. And in at least one case, students using computers in classrooms were offered incentives to enter personal data -- names, addresses, information on personal habits -- which would then be sold to advertisers.

New York Times - free registration required, probably a short term link Personal Web Data Theft Flourishing. Identity theft is one of the fastest-growing crimes in the United States, ensnaring some 500,000 people a year, the government estimates. The cruder methods, such as digging through people's trash for credit card receipts or bank statements, have been largely supplanted by more technologically savvy techniques. In the most advanced cases, hackers have been able to penetrate big corporations' databases and download credit card numbers and other data.

Slashdot | FBI Rep To Speak. Tucson Computer Society in Tucson Arizona is having a guest speaker, "Special Agent Thomas Liffiton of the F.B.I.'s National Infrastructure Protection and Computer Intrusion Program" regarding carnivore, 7 P.M., Tuesday, September 19, 2000

ZDII InterActive Investor - The cost of COPPA: Kids' site stops talking.

Techweb > News > privacy on the Internet > Global Web Privacy Presents Cultural Challenges.

Nations will have to come up with realistic policies to protect the privacy of Internet users because a global standard crafted by an international organization is not going to happen, an Australian government official said Wednesday.

"It would be ideal to have more international cooperation toward putting standards into place, but that probably won't happen," Australian Data and Privacy Commissioner Malcolm Crompton said. "We need to come up with real-world solutions, such as privacy seal programs, and make sure controls on data transfers make sense."

Newsbytes - Consumer Groups Dump Amazon Affiliation Over Privacy.

Two leading online privacy groups, the Electronic Privacy Information Center (EPIC), and "Junkbusters.com", have dropped out of Amazon.com's affiliate program, citing the e-tailer's revamped privacy policy in which the company reserves the right to sell information about its customers.

In a letter to EPIC newsletter subscribers, executive director Marc Rotenberg said EPIC would no longer recommend that consumers buy books through Amazon, [NASDAQ: AMAZ] and that it would stop distributing its own publications through the company.

"Because of this decision, and in the absence of legal or technical means to assure privacy for Amazon customers, we have decided that we can no longer continue our relationship with Amazon," Rotenberg wrote.

CNET.com - News - E-Business - Privacy groups criticize new Amazon policy .

Amazon.com's new privacy policy could put customers at risk, according to two watchdog groups that have recently cut ties with the online bookseller.

One of the groups, the Electronic Privacy Information Center (EPIC)--a research center in Washington, D.C.--pulled its books from Amazon's shelves last night, ending a four-year relationship. The move was a way of protesting a common practice by online retailers of periodically changing privacy rules, said Sarah Andrews, a policy analyst at EPIC.

CNET.com - News - Entertainment & Media - Privacy advocates write Web bug rules .

A privacy group today issued a new set of industry guidelines to regulate the use of invisible technology that keeps tabs on Web site visitors.

The Privacy Foundation, a nonprofit privacy group based in Denver, is proposing that Internet advertising companies and Web sites disclose the use of "Web bugs" wherever they are found online. Web bugs, or clear GIFs, are tiny images embedded in a Web page or HTML-enhanced email that transmit information to a remote computer when the page is viewed.

Law.com - Feds Flunk Web Privacy, Says GAO.

CNET.com - News - Entertainment & Media - U.S. on defensive at global privacy summit .

The U.S. policy of industry self-regulation for privacy came under fire from attendees representing five continents at a privacy summit here today.

Conference organizer Gary Clayton, chief executive of the Privacy Council, opened the conference by saying there is a woeful lack of U.S. presence at global privacy summits, and it is important to bring U.S. policy-makers and businesses into the debate.

CNNfn (Video) - Online privacy invasion .