[ ... ]

Supporters at the Capitol said it would make Minnesota the first state with such a law, which requires all ISPs to alert their Minnesota consumers when the ISP plans to disclose personal information.

That includes which Web sites the customer has visited, e-mail or home addresses and even telephone numbers.

In addition to alerting customers the reason for the information disclosure, the ISP must say in a "conspicuous" way, telling their customers the required action to prevent the information-sharing from taking place.

The bill would allow consumers to sue businesses that violate the law, with exceptions for giving information to law enforcement.

Slashdot | Your Rights Online - Minnesota Passes First Online Privacy Law.

Cipher - The Newsletter of the IEEE Computer Society Technical Committee on Security and Privacy

IEEE Computer Society Technical Committee on Security and Privacy.

2002 IEEE Symposium on Security and Privacy. Just found out about it today. I don't see any info on what actually happened (the program is shown) at the symposium (It was May 12-15, 2002 ) so I guess its time to keep an eye out. If anyone finds anything let us know. A weblog would be perfect.

Slashdot | MS Cites National Security to Justify Closed Source. guacamolefoo writes: --- "It was recently reported in eWeek that "A senior Microsoft Corp. executive told a federal court last week that sharing information with competitors could damage national security and even threaten the U.S. war effort in Afghanistan. He later acknowledged that some Microsoft code was so flawed it could not be safely disclosed." (Emphasis added.) The follow up from Microsoft is even better: As a result of the flaws, Microsoft has asked the court to allow a "national security" carve-out from the requirement that any code or API's be made public. Microsoft has therefore taken the position that their code is so bad that it must kept secret to keep people from being killed by it. Windows - the Pinto of the 21st century."

MS-NBC - Spam, privacy legislation advance. Senate committee approves consumer protection bills

U.S. citizens would gain more legal leverage against spammers and Internet companies that might violate their privacy under two bills approved Friday by the Senate Commerce, Science, and Transportation Committee. But both bills face an uncertain future: interest groups are mustering vocal challenges to the privacy bill; and anti-spam groups wonder if the "CAN-SPAM" will really do any good.

[ ... ]

The Online Privacy Act is a kinder, gentler version of a similar bill proposed two years ago by Senator Ernest Hollings. Kinder, gentler, to companies, that is. This version divides the private information Web sites collect into two categories -- sensitive and non-sensitive. Sensitive information, such as race, political party, or social security number, gets a higher standard of protection. Web sites couldn't share sensitive personal data without a user's prior consent, a so-called "opt-in" requirement. But other information, like name and address can be shared unless a user expressly forbids a site, or "opts-out."

The law also gives consumers the right to see whatever personal information an Internet company stores about them.

Privacy experts are concerned that the bill tacitly endorses swapping of so-called "non-sensitive" information, with the lower "opt-out" standard now in place.

CNN.com - Web privacy bill sent to Senate.

A Senate committee Friday sent an online privacy protection bill to the full Senate, but business lobbyists vowed to keep trying to derail the measure before it becomes law.

Computerworld New Zealand - Auckland City: We took legal advice on privacy. "We have deliberately not introduced more sophisticated search mechanisms"

Auckland City Council says it underwent a rigorous "due process" and took legal advice on privacy implications before putting up property information on its website.

The council confirms that some members of the public have been surprised at the amount of information available. The site supplies property information such as capital, rateable and land values, land areas and annual rates. Some users of the service have been taken aback that entering a street name brings up every property in the street.

ABCNEWS.com : FDA Launches Investigation Into VeriChip. Feds Claim Company Includes Medical Data in its Controversial Device

May 17 -- The Food and Drug Administration has launched a formal investigation into Applied Digital Solutions, the Florida-based company behind the implantable VeriChip.

[ ... ]

VeriChip's problem, according to Pellerite, is that the FDA was "very clear" in its response to an email from the company seeking FDA approval to sell its chip. At the time, the FDA responded -- informally according to Pellerite -- that as long as "no medical information" of any kind was encoded on the chip, and as long as the chip was not used to link to any kind of medical database, the company was free to go to market.

But instead, Pellerite said, Applied Digital Solutions issued statements saying that its chip had been given governmental approval and that the first implant would be scheduled for May 10.

[ ... ]

Additionally, Pellerite told TechTV that Applied Digital may have violated the law when Bolton claimed, "There's more information that can be pulled out of the FDA-compliant database."

Pellerite said, "The firm made reference to using an FDA-compliant [database]. It is a violation of the law to use the FDA in such a way that it would be used to endorse your particular product."

The penalties for those violations can be stiff: up to $15,000 for each violation and up to $1 million for the company, as well as for each individual officer of the company.

"Once an identification number is retrieved from the chip, the user can use it to access any information -- without making the product a medical device," said David Hughes, vice president of Technology Sourcing International, a consultant to Applied Digital Solutions helping the company navigate the FDA approval process.

Upon hearing that the FDA expressed concerns about the chip being tied to a medical database, Hughes said, "That is contrary to my conversations with staff members at the FDA. Until we have an opportunity to discuss it with them more, I can't give you any information. The storing of medical data does not make it a medically regulated device."

This is from the same folks as the Digital Angel chip that has been mentioned here before.

For more background on Digital Angel see our archive from August 14,2000, September 4,2000, September 7,2000, October 18,2000, October 30,2000, February 22,2001, December 04,2001, December 06,2001, December 20,2001, January 09, 2002, January 25, 2002, April 25, 2002 and May 02, 2002

Technology News from Wired News - Tagging Books to Prevent Theft. One of the positive uses of these radio tags.

Technology News from Wired News - Radio ID Tags: Beyond Bar Codes.

Radio frequency tags could some day be used to track everything from soda cans to cereal boxes, becoming as ubiquitous as the bar code.

[ ... ]

According to an Auto-ID Center survey, approximately half of the center's sponsors said they can imagine these tags making a significant impact on their business in the next 2 to 3 years, and many anticipate needing billions of EPC tags by the end of the decade.

[ ... ]

Some privacy advocates are concerned that organizations like insurance companies will want to use collected information to track individual consumers.

"Privacy is our biggest single research area," Ashton said. "We need to make sure the technology is not a threat to anyone's privacy and we need to make sure everyone is comfortable with that -- we can't just expect the world to take our word for it."

The Auto-ID center has designed privacy protection measures into the ePC system. The chips contain no useful data -- just a unique code number that refers to information held remotely on the Internet. Access to this information is restricted and controlled. The tags cannot be read through walls or from more than about five feet away.

Just because there is a database of info about the tag on the internet that is protected, doesn't mean that organizations can't start their own database. All that is really needed is access to that unique ID code, and then they can start correlating.

Medical News from Wired News - The Push to Expose Quacks Online.

You can get more information about a car mechanic online than a doctor with malpractice history, says a patient who backs a bill to force physicians to make full disclosures.

[ ... ]

Other Californians may be able to avoid doctors with bad track records if the state joins a national movement to disclose physicians' complete malpractice information -- including out-of-court settlements -- on the Internet.

The Federation of State Medical Boards has heartily endorsed the trend.

"We suggest that malpractice information ought to be part of a physician's profile," federation spokesman Dale L. Austin said. "Patients should have as much information about prospective doctors as possible in order to make informed decisions."

Although most states reveal information about malpractice judgments and arbitration awards against physicians, only 10 disclose out-of-court settlements. As a consequence, patients have no way of knowing whether their doctors have left behind a trail of unhappy clients and botched surgeries.

Indeed, many doctors choose to settle out of court precisely to keep damning information off their records, said Julianne D'Angelo Fellmeth, administrative director for the Center for Public Interest Law.

CNET NEWS.COM - Paid content comes to Kazaa.

Paid content will invade the Kazaa file-swapping network Monday in a major commercial test of a service that until now has lured millions of people with free music, video and other digital files.

Along with finding search results that point to unfettered MP3s, Kazaa users will begin to see links to songs for sale from record labels and advertisements linked to keyword searches.

The move is fraught with controversy as it is the first application of Altnet, a service from Kazaa partner Brilliant Digital Entertainment that came to light amid a Web privacy storm last month. Some Kazaa users reacted with outrage when they discovered that bits of Altnet had been quietly installed on their computers with the potential to turn their machines into drones at the beck of a little-known company whose ambitions were unknown.

After weeks of watching for signs of Altnet's awakening, a wary file-swapping world will see the first glimpse of the service this week--an unveiling that Brilliant Digital CEO Kevin Bermeister hopes will put most, if not all, of the fears to rest.

Slashdot | File Swapping and the Analog Hole. forehead writes --- "Lawmeme is running an interesting piece on piracy in the digital age. It covers a number of the logical fallacies often cited by the major media companies and certain lawmakers."

New York Times - Editorial Op-Ed: free registration required Protecting Online Privacy.

The dark side of the Internet revolution is the unprecedented access corporations now have to our private information. Financial data, Social Security numbers, home addresses -- all can be collected when we go online and sold to third parties without our knowledge. A bill working its way through the Senate, the Online Personal Privacy Act, would give individuals more control. It includes an array of common-sense protections, like a requirement that consumers give their consent before companies sell or trade their Social Security numbers.

The bill faces fierce opposition from the technology, financial services and health care industries. Its opponents will not admit that there is money to be made invading privacy and selling sensitive information.

Instead, they have introduced an array of red herrings, like objections that the bill does not do enough to protect privacy offline. But offline privacy is a separate issue that can be addressed with a separate law. They are also upset that the bill gives individuals whose privacy rights have been infringed the right to sue. But the only way the law will have any force is if companies know they can be held accountable by their victims.

New York Times - Editorial Op-Ed: free registration required Modifying Medical Privacy.

Making sure medical records are kept private is a worthy goal, universally popular with voters. But it has been far from a lay-down hand for the federal government.

This piece thinks that with Bush's version of the medical privacy law that info can't go out to marketeers. From what I remember, in at least some cases, it can. The trick was that it was just declared a non-marketing use. That's like declaring any day with less than an inch of rain a dry day. It may not be a monsoon but its not dry.