NEW YORK (CBS.MSW) - The Bush administration's recent proposals to alter federal medical confidentiality rules would cut patients' control of their records and expose them to drug companies' targeted pitches for alternative therapies -- a potentially booming business, consumer advocates said.

Under the new rules, patients would no longer be able to decide in advance who should have access to their personal health information. They'd no longer be required to give written permission to have their records revealed to doctors, hospitals, health insurance companies and pharmacies. Instead, health care providers would notify them of any disclosure, even if it's done after the fact.

There still is no federal law protecting the privacy of patients' health information, but the first set of rules came about during the Clinton administration to facilitate information sharing among health care providers.

While the regulations needed strengthening to allow relatives to pick up prescriptions and physicians to make referrals, the U.S. Health and Human Services Department weakened privacy protection by eliminating consent requirements all together instead of correcting specific problems, said Chris Hoofnagle, legislative counsel for the Electronic Privacy Information Center.

"The health care provider will show you the privacy policy and all you have to do is say 'Yes, I've seen it' not 'Yes, I consent,'" he said. "That's a significant symbolic difference."

What's more, chain drugstores and pharmaceutical companies stand to gain at the expense of consumer privacy, he said.

Protecting Your Privacy Online. One company offers a way for Internet users to keep their activities private.

"On the internet no one knows you're a dog," mused one canine to another in a famous 1993 New Yorker cartoon. Today, though, thanks to techniques ranging from Web browser "cookies" to sophisticated data mining, they may know you're a dog--and even which breed.

Companies can combine information voluntarily submitted by users with data automatically transmitted by a user's Web browsers and other software to provide a detailed picture of an individual. In some cases, interested parties can discover detailed personal information about people who visit their Web sites or use their software.

Montreal-based Zero-Knowledge Systems (ZKS) believes it has the solution for people worried about online privacy. In December the company unveiled Freedom, a system that uses sophisticated encryption software and servers to cloak the true identity of an Internet user behind a pseudonym that no one other than the user--not even the company--knows.

Zero-Knowledge Systems has recetly downgraded their product. Since I don't have access to the entire article I am not sure which version the author is talking about.

Paid subscription required if you want to read the entire article. There is only a teaser for free reading.

MIT's Technology Review - Privacy Is Not Doomed. We can solve the electronic privacy problem, if we can just agree on how much privacy we really want.

The china at the electronic-spy agency's dining room was exquisite, as was the meal. Ron Rivest, inventor of the RSA approach to public cryptography, and I were having lunch with the National Security Agency's director, Bobby Inman. We were trying to impress on him that the forthcoming growth of the Information Marketplace would create severe privacy problems and the agency should extend the role of cryptography from ensuring secure communications within the U.S. government (and breakable ones outside it) to protecting the privacy of U.S. citizens and organizations, with approaches like RSA. The admiral didn't believe us--our claims of a widely interconnected civilian world in the '90s sounded like pie in the sky. Twenty-five years later, in April 1999, at the other extreme, The Economist proclaimed on its cover "The End of Privacy."

Under-reaction then! Over-reaction now!

Paid subscription required if you want to read the entire article. There is only a teaser for free reading.

Electronic Commerce Guide - Insights - Trends: A Modest Treatise on Obfuscation in Gobbledygooky Privacy Policies .

In the course of working on these stories I was required to read through quite a bit of what one might call "obfuscatory" prose. Much of it apparently was crafted by lawyers fluent in legalese but with only a passing knowledge of "English as she is spoke."

So I was pretty interested when I heard from readability consultant Mark Hochhauser in Minnesota, who advised me that eBay's new privacy policy and user agreement together are about 7,800 words -- the equivalent of about 31 pages of double-spaced text.

[ ... ]

Just for fun I asked him to run similar tests on the privacy policies of Amazon.com, Yahoo! and InternetNews.com, where I work.

[ ... ]

"You can say you have a privacy policy, but if no one understands it, it's pointless," Hochhauser has said. "It does something for the organization, but nothing for the consumer."

ZDNet |UK| - Privacy comes under attack. The right to privacy of correspondence received a disproportionate shake-up in the aftermath of the terrorist attacks on New York

The events of 11 September provoked a new urgency in the need for powers that would allow law enforcement officers to retain traffic data for anti-terrorist investigations. Within a matter of weeks, the privacy rights of British citizens had been hugely compromised by emergency legislation, which allowed the automated surveillance of all electronic communications.

Now at the start of 2002, British surveillance laws are at risk of infringing what are seen by some as basic human rights. Huge demands have been placed on Internet Service Providers (ISPs) to stockpile traffic data on customers under the new Anti-Terrorism, Crime and Security Bill (ATCS), and the Information Commissioner has characterised the requirements as "disproportionate general surveillance".

Computerworld - No Terrorism Toll on Privacy -- Yet.

Much ink has been spilled since Sept. 11 over the prospect of big brother rising from the grave to steal Americans' civil liberties. Tales of privacy lost and due process ignored have buried last summer's headlines about dot-com layoffs. Even calmer heads are ruing the unabated swing of the pendulum from privacy to security. But what really has happened to Americans' privacy since the declaration of war on al-Qaeda?

The author thinks there are no privacy problems because he hasn't seen enough headlines pointing out violations. He seems to forget that a least a few of the monitoring options the government was given come with built in gag orders. They won't be obvious till the trials which may be years.

WashTech.com part of the Washington Post - Hackers, Viruses Fuel Security Market, Not 9-11.

Businesses beefing up network-security measures these days still worry more about viruses and the antics of renegade hackers than international terrorists, according to a new report from In-Stat/MDR.

A survey by the technology market research firm suggests that attacks on the U.S. by terrorists last fall had little impact on the network security concerns of most businesses.

kuro5hin.org || In-Depth on the CBDTPA.

There has of course, been a lot of talk, some hysterical, some quite intelligent and practical, going on everywhere about the potential havoc that the CBDTPA could wreak, if passed in anything resembling its current form. What I haven't really seen, however, is an in-depth treatment of the issues raised by this bill, and the larger issue of piracy vs fair use in digital mediums. So, I decided to take my best shot at doing exactly that...

BBC News | SCI/TECH | 'Cyborg' sues airline.

Professor Steve Mann, from the University of Toronto, has worn a computer system for the past 20 years and is furious about the treatment he received when he attempted to board an Air Canada flight in Newfoundland.

The self-proclaimed cyborg was prevented from boarding a flight after the airline lost the documents he sent in advance warning them of his unusual taste in fashion.

Mr Mann was delayed for three days and subjected to a humiliating strip search.

His equipment, including computerised glasses which connect him to the internet 24 hours a day, was damaged during the search.

A computerised heart monitor that Mr Mann has attached to his skin was removed, leaving him bleeding.

Netcraft What's That Site Running Results. Guess what operating system is running Microsoft and Unisys' new 'We Have The Way Out' advertising campaign?

Google Technology - The technology behind Google's great results. So thats how they do it.

Slashdot | U.S. Gov't Sponsors InfoSec Defense Training.

CNN.com - U.S. government trains cyberdefenders.

MONTEREY, California (AP) -- Long before September 11 and last year's virus-like attacks over the Internet, the United States government announced plans to train an elite corps of computer security experts to guard against cyberterrorism.

Officials warned it would be only a matter of time before terrorists learned to exploit vulnerabilities in major systems, from air traffic and banking to spacecraft navigation and defense.

Now, more than three years later, the first students have been awarded scholarships to study computer security in return for working at least two years at a federal agency after graduation.

But is it too little, too late?

"In terms of solving our cybersecurity problems, it doesn't have a chance," said Michael Erbschloe, vice president of research at the consulting firm Computer Economics and author of books on cyberwarfare.

Only about 180 students over four years will get scholarships from the first round of federal grants awarded last May to six universities. More schools will be added this year, increasing the corps by 120 students.

EFF Quotes Collection 19.6. Updated: Apr. 9, 2001

A collection of the wittiest and stupidest, most sublime and most inane comments ever said or written about free speech, cryptography, privacy, civil liberties, networking, government, communication, society, human nature, reason, optimism and pessimism, progress, and more.

One of the most common misconceptions one has to deal with in the endeavor of political and social action is that one's ideas are so new that they have no history and no basis. We all stand on the shoulders of giants in one way or another, and hopefully spreading a few of the following bon mots can help activists stand more firmly on the shoulders of our perceptive forbears (and tread into the dust our less cogitative predecessors) who could only dream of (and in some cases dread) the world we are making and living in today.

[ ... ]

"Legislation needs a better reason than that lawyers like it, and that America does it." - Lawrence Lessig, Stanford U. law professor (and EFF boardmember)

House of Myrrh - Why I oppose CBDTPA.

While I don't usually get involved with political issues. This one threatens my ability to stay on the internet. And, not me alone. There are a lot of us who can't afford a big formal web hosting service and it's these 'little' ISP's that cut us the slack that allows us to operate.

This one has me worked up enough to actually join the EFF, though I don't endorse all that they do.

Do your own web research by searching for 'SSSCA' and/or 'CBDTPA'. Then you decide if I'm really as crazy as I sound.

I strongly urge all Americans to write, on paper, their representatives and oppose this legislation.

The Shifted Librarian. - Mike wrote me to note the letter he has written to his elected officials advocating that they oppose the CBDTPA. In it, he makes some excellent points, and he's posted it so that you can use it as a template in case you'd like to make your voice heard, too. Thanks, Mike!

Asia Computer Weekly - Governments take a hard look at privacy.

With the Internet threatening the invasion of personal privacy, Asia-Pacific governments are taking measures to address this issue.

The governments in Asia-Pacific have been behind the region's ongoing drive for privacy, both in and outside of the enterprise.

This is because regional authorities have become increasingly aware of the need to ensure users' privacy in their goal of riding the Internet wave. Analyst group IDC conducted a survey in February that said countries throughout the region are launching "ambitious" government initiatives, using electronic technologies to improve both internal operations and public service delivery.

Asia Computer Weekly - HK moves to protect employee privacy.

Employers in Hong Kong might not be able to monitor employees' communications and activities at the workplace in the future as freely as they can now. That is if the draft code on employee privacy proposed by the Office of the Privacy Commissioner (PCO) for Personal Data, gets approved.

The Privacy Commissioner for Personal Data, Raymond Tang, has issued a draft of the Code of Practice on Monitoring and Personal Data Privacy at Work, which is intended to provide guidelines for monitoring and recording activities and behaviour of employees at work, for public consultation up to early June of the year. "This affects every working person and it really is a question of respect," said Tang.

OverClockers.com - I Have My Rights!.

You have legal rights, and you have constitutional rights. The difference between the two is that a legal right can be changed or taken away, while a constitutional right can't (short of a constitutional amendment).

In the areas we are concerned with, in general, the fair use rights that exist are legal, not constitutional rights. Certain specific actions are called OK by a specific provision of the law. Congress can giveth, and Congress can taketh away.

This can also work the other way, too. Copyright owners get certain rights, not absolute rights. If they can't show that some use seriously hurts the rights they do have, the courts are unlikely to prevent that use.

Slashdot | Your Rights Online - Fair Use is Not a Constitutional Right.