TOKYO -- The Metropolitan Police Department (MPD) said Thursday it has arrested nine suspects and put another on the wanted list in a drugs case using a wiretapping law for the first time since it entered into force in 2000.

SecurityFocus News: Qwest Glitch Exposes Customer Data. Critics say the phone company took too long to close a hole that left some long-distance phone bills and subscriber credit card numbers accessable to anyone.

[ ... ]

Earlier this month the system stopped checking passwords, allowing anyone who enters a valid username to access that subscriber's billing record, including the type of phone service for which they're signed-up, their name and billing address, the name on any calling cards issued though the account, and a complete copy of their most recent phone bill.

"An unauthorized user could go in there, if they knew the username, and they could go on there and look at billing information," said company spokesperson Barbara Faulhaber.

Examining the source code of the billing accounts preferences page also yielded the customer's credit card number and expiration date, according to users who reported the problem.

Only long-distance customers who opted for the paperless billing option were affected by the leak -- a similar system used by Qwest's local phone subscribers was not exposed.

Qwest took the site offline for several hours Thursday to close the hole. But two of the users who discovered the issue say they reported it to Qwest last week, and fault the company for not taking action faster.

BW Online | May 23, 2002 | A Very Public Battle over Privacy. Predictably, a Senate bill aimed at strengthening consumer safeguards is already running into heavy opposition from business groups

[ ... ]

For business, the difference between the two approaches is very worrying. Opt-out standards give companies a lot more leeway to pull the wool over consumers' eyes. Last year, for example, financial companies were legally required to inform consumers that a new law gave them the right to opt out of having their personal information shared.

Boy, did the credit-card companies and banks finesse that transition! They buried the opt-out notices within masses of legal jargon at the bottom of monthly mailings. The result was that many consumers had no idea that opt-out was available.

If the Hollings bill should pass and people begin to see the wonders of opt in, it's very likely many would demand similar treatment from offline outfits. Because they require affirmative assent, opt-in standards stand to make consumers much more aware of both their rights and the ways businesses have made money by using their information. Companies rely on consumers being unaware, or just too lazy, to remove themselves from telemarketing and magazine lists, or to find out where their bank has been selling the information. The last thing information-sellers want is an obligation to ask permission.

New York Times - Editorial Op-Ed/Letter to the Editor free registration required A Need to Protect Medical Privacy.

Under pressure from the health care industry, the administration is proposing to eliminate the new rule's core consent requirement and authorize the use of people's medical records for far more than just "health professionals' communicating among themselves." The administration is also proposing to open up medical records without patient consent for marketing, legalizing the growing practice of pharmacies' being paid by drug companies to contact patients to urge them to switch to a new or different drug.

WashTech.com part of the Washington Post - Minnesota Gov. Signs Internet Privacy Bill .

Minnesota Gov. Jesse Ventura signed a bill yesterday that lets Internet users decide whether Internet service providers can share their personal data.

Ventura signed the bill despite opposition from Internet giants like America Online and Yahoo, which say that the law will hamper the fight against cybercrime and impose new liabilities on ISPs.

The law requires ISPs - no matter where they are based - to tell Minnesota consumers when and why they plan to disclose personal information such as which Web sites users have visited, their e-mail or home addresses and their telephone numbers.

Newsbytes - State Wiretap Usage Up 40 Percent In 2001.

State courts authorized a dramatic increase in the use of electronic surveillance last year, mostly to listen in on cell phones, pagers and other wireless devices, according to a government report released yesterday.

In its annual Wiretap Report, the Administrative Office of the U.S. Courts said state courts approved 1,005 wiretap applications last year, up from 711 in the previous year.

Federal judges, by contrast, approved 486 wiretap requests, just six more than in 2000.

The report indicates criminals are using anything but plain old telephone lines: 68 percent of all wiretaps last year authorized police to eavesdrop on portable communications devices such as cell phones, pagers and cordless phones.

BW Online | May 23, 2002 | Microsoft's Privacy Czar on the "Trust Model". Richard Purcell, the man Bill Gates charged with creating security standards, talks about the huge dimensions of the job

[ ... ]

Richard Purcell, Microsoft's director of corporate privacy, is the man charged with making it all happen. An avid rock climber, Purcell knows it won't be easy to scale privacy's rough terrain. It's all about trust, Purcell points out. And many consumers, it seems, don't completely trust Microsoft. Recently, I discussed with Purcell Microsoft's approach to protecting users' information. Here are edited excerpts from our conversation:

BBC News | BUSINESS | Top 10 e-mail scams exposed.

Consensus at Lawyerpoint: (EFF) -Hollywood Wants to Plug the "Analog Hole".

The people who tried to take away your VCR are at it again. Hollywood has always dreamed of a "well-mannered marketplace" where the only technologies that you can buy are those that do not disrupt its business. Acting through legislators who dance to Hollywood's tune, the movie studios are racing to lock away the flexible, general-purpose technology that has given us a century of unparalelled prosperity and innovation.

The Motion Picture Association of America (MPAA) filed the "Content Protection Status Report" with the Senate Judiciary Committee last month, laying out its plan to remake the technology world to suit its own ends. The report calls for regulation of analog-to-digital converters (ADCs), generic computing components found in scientific, medical and entertainment devices. Under its proposal, every ADC will be controlled by a "cop-chip" that will shut it down if it is asked to assist in converting copyrighted material -- your cellphone would refuse to transmit your voice if you wandered too close to the copyrighted music coming from your stereo.

The report shows that this ADC regulation is part of a larger agenda. The first piece of that agenda, a mandate that would give Hollywood a veto over digital television technology, is weeks away from coming to fruition. Hollywood also proposes a radical redesign of the Internet to assist in controlling the distribution of copyrighted works.

This three-part agenda -- controlling digital media devices, controlling analog converters, controlling the Internet -- is a frightening peek at Hollywood's vision of the future.

[ ... ]

Virtually everything in our world is copyrighted or trademarked by someone, from the facades of famous sky-scrapers to the background music at your local mall. If ADCs are constrained from performing analog-to-digital conversion of all watermarked copyrighted works, you might end up with a cellphone that switches itself off when you get within range of the copyrighted music on your stereo; a camcorder that refuses to store your child's first steps because he is taking them within eyeshot of a television playing a copyrighted cartoon; a camera that won't snap your holiday moments if they take place against the copyrighted backdrop of a chain store such as Starbucks, which forbids on-premises photography because its fixtures are proprietary works.

As was mentioned, ADCs are fundamental, generic computing components, found in medical and scientific equipment, computers, and a variety of consumer electronics. Surely Hollywood doesn't mean to suggest that geologists will have to equip their seismographs with cop-chips (lest they should accidentally record a copyrighted earthquake)?

Slashdot | MPAA to Senate: Plug the Analog Hole!

A month ago, the MPAA filed its report [PDF] with the Senate Judiciary Committee on the terrors of analog copying. I quote: "in order to help plug the hole, watermark detectors would be required in" -- are you sitting down? -- "all devices that perform analog to digital conversions." At their page Protecting Creative Works in a Digital Age, the Senate lays out the issues they'll be looking at, including briefs from corporate groups, and provides a comment form so your opinion can be heard as well. As Cory Doctorow writes: "this is a much more sweeping (and less visible) power-grab than the Hollings Bill, and it's going forward virtually unopposed. ...the Broadcast Protection Discussion Group is bare weeks away from turning over a veto on new technologies to Hollywood." Doctorow's article on the "analog hole" for the EFF does a great job of explaining the issues to non-electrical-engineers, and has many thought-provoking examples of how requiring such technology would be a giant step backwards.

Cryptome.org - Architect for Echelon II. Interview w. Bruce McIndoe, lead architect, Echelon II

I thought you might find this interesting. As a follow up, the issue will be debated - once again - in the Danish parliament and one of the Danish members of the EU parliaments temporary Echelon committee, Torben Lund, has stated that he will discuss the new information from Bruce McIndoe with the leader of the temporary committee, Gerhard Schmid (DE).

[ ... ]

Meet Bruce McIndoe. He has information that the Danish government and several others around the globe, continuously pretends isn't there. McIndoe knows that Echelon is real. Because he helped to build it. "Yes, that's right", McIndoe confirms to the Danish paper Ekstra Bladet today Bruce McIndoe dedicated more than ten years of his life to Echelon. He helped to finalize the original Echelon system starting in 1987. After that, he started to design Echelon II, an enlargement of the original system.

Slashdot | Echelon Architect Interviewed.