Here are three tools for detecting wireless LAN access points (AP) that haven't been secured by the IT department:

Slashdot | Detecting Wireless LAN Users.

technosavvy writes "With wireless home networks and applications like NetStumbler becoming so popular, it's surprising that there are so few consumer-oriented applications that help monitor who is connecting to your wireless network. Bob Brewin of ComputerWorld lists three tools with this purpose in mind in his article "Tools for detecting rogue wireless LAN users"." --- I just like running etherape.

eWeek - New Privacy Czar on Way.

Eager to head off criticism from privacy advocates and users over the expanded surveillance provisions in its forthcoming National Strategy for Securing Cyberspace, the Bush administration is expected to recommend appointing a federal "privacy czar" to act as watchdog. Chief among the czar's duties would be to vet all government data gathering and security initiatives for potential privacy problems, according to a draft of the plan.

The draft plan, obtained by eWeek, also calls for the government to find a "flexible, nonregulatory" approach to encourage enterprises to improve their privacy protections and policies.

The chief privacy officer would work in the proposed Department of Homeland Security and would oversee a privacy advocate at each federal agency. The advocates would be responsible for facilitating an annual review of each agency's compliance.

Wall Street Journal via MS-NBC - Citibank mails raise privacy concern. Messages sent to customers without address verification

Sept. 3 -- Citibank , in a move that has raised privacy concerns, used an outside company to gather e-mail addresses of its credit-card customers and then sent e-mails offering recipients access to sensitive financial data without verifying each address actually belonged to the customer.

Citibank , the banking unit of Citigroup Inc., New York, is reviewing the program and said there is a roadblock in place to prevent sensitive information from reaching the wrong people. Still, the matter, which grew out of a pilot Citibank initiative seeking more effective electronic communications with its customers, may raise questions about whether federal regulation is needed to ensure consumers' online privacy is protected.

[ ... ]

Citigroup said some of the e-mail addresses used don't belong to the targeted cardholders. The e-mails have as their subject the name of the cardholder whose account they refer to and then provide a link to a Web page allowing recipients to choose what kind of data they receive and which e-mail address they want it sent to. The Web page, which doesn't ask for a user name or password, says recipients can obtain information including "time-sensitive communications, such as verifications or confirmations of transactions ... past due bill reminders or unusual account activity." Such data could potentially be used for credit-card fraud or identity theft.

Citigroup spokeswoman Maria Mendler said the wording of the Web page may have led recipients to believe sensitive account data would be sent to them electronically. But she said those who tried to access account-specific information would be led back to the main Citibank Web site, which requires a user name and password.

[ ... ]

Privacy experts said Citibank's e-mails don't appear to violate U.S. privacy laws, but they said the company might face inquiries from state attorneys general or the Federal Trade Commission if it failed to provide the security measures it told consumers were in place. "Consumer-protection agencies are taking a much closer look at bad security practices at companies," said Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington.

ZDNet |UK| - Anti-terror blitz hits privacy worldwide.

Two human rights groups have undertaken a comprehensive survey of how privacy rights have been affected in the year since the 11 September attacks

In the year that has elapsed since the 11 September terrorist attacks, the world's governments have moved to restrict privacy, boost surveillance and increase linking of databases, according to a survey released by a pair of advocacy groups on Tuesday.

CNET NEWS.COM - Microsoft beefs up Passport security.

Microsoft began notifying Passport users Monday night of changes that would give them more control over their accounts and increased privacy and security.

The changes could eliminate two of the biggest customer gripes against Passport: That users can create accounts using bogus e-mail addresses and that users cannot easily cancel accounts they no longer wish to keep.

"Microsoft is just trying to clean up stuff," said independent security analyst Richard Smith. "They're fixing some problems here in what is a natural evolution of Passport."

The Redmond, Wash.-based software giant will begin making the account changes immediately but expects it to take several weeks before all Passport holders will have access to the new features. Like competing technology being developed by Sun Microsystems-sponsored Liberty Alliance, Passport is a single ID mechanism that can be used to access multiple Web sites, thus eliminating the need for users to remember many different IDs or passwords.

Privacy & Human Rights 2002.

This annual report by EPIC and Privacy International reviews the state of privacy in over fifty countries around the world. It outlines legal protections for privacy, new challenges, and summarizes important issues and events relating to privacy and surveillance.

The 2002 edition of Privacy and Human Rights examines the impact of government proposals after September 11, 2001 on privacy and civil liberties.  The report documents many new anti-terrorism and security measures and identifies key trends including increased communications surveillance, weakening of data protection regimes, and increased profiling and identification of individuals.

The 2002 Privacy and Human Rights report finds that laws to protect privacy in the workplace are gaining more support and that efforts to pass new data protection laws are continuing in Eastern Europe, Asia and Latin America.  Important debates are also taking place around the world concerning the future of new technologies for identification and surveillance.

The report is broken down into three parts and is available for download as PDF files or purchase at the EPIC book store.

CNET NEWS.COM By Declan McCullagh - Report: Anti-terror efforts pinch privacy.

In the year that has elapsed since the Sept. 11 terrorist attacks, the world's governments have moved to restrict privacy, boost surveillance and increase linking of databases, according to a survey released by a pair of advocacy groups on Tuesday.

The 393-page report, which reviews current and proposed laws in 50 nations, is the first comprehensive survey of how privacy rights have been globally affected after last September's catastrophes. It was released by human rights group Privacy International and the Electronic Privacy Information Center.

Four trends have become apparent, according to the report: the swift erosion of pro-privacy laws; greater data sharing among corporations, police and spy agencies; greater eavesdropping; and sharply increased interest in people-tracking technologies, such as face-recognition systems and national ID cards.

"It's actually pretty shocking if you look at the timeline that's involved here," said Sarah Andrews, research director of the EPIC and the author of the report. "Getting legislation through a government is not an easy thing to do, and most of this happened before the end of 2001."

[ ... ]

The government activities reached well beyond the United States, where the attacks took place, according to the report. "The policy changes were not limited to the United States, as a large number of countries responded to the threat of terrorism."

In response, the European Commission is considering a requirement that would make cyberattacks punishable as a terrorist office, Australia and Canada are drafting laws to permit spy agencies to conduct domestic surveillance of citizens, and a U.K. law now authorizes Internet providers to retain data for police purposes. Canada has proposed opening airline passenger databases to police, and German officials have suggested creating a database of "known troublemakers."

[ ... ]

Besides government eavesdropping, the survey worries about the future of workplace privacy rights, genetic privacy, hidden spyware implanted into software and technology for managing digital rights.

EPIC's report is an annual event, but last year's edition was sent to the printer in August and distributed in mid-September, after the assaults on the World Trade Center and the Pentagon changed the way Washington felt about privacy. Since then, the political mood has shifted away from a privacy-protective stance to one that seeks to preserve security instead.

CNET NEWS.COM - New 'entertainment' PCs restrict copying.

Microsoft and Hewlett-Packard on Tuesday released additional details about digital entertainment PCs coming for the holidays. But new anti-copying technology could hamper sales, say analysts and potential buyers.

EFF - CAFE Project Music Share-In Festival 2002.

When: Saturday, September 14th, Noon-5pm

Where: Music Concourse Bandshell in Golden Gate Park, near the Japanese Tea Gardens between MLK Drive and JFK Drive

San Francisco - Join the Electronic Frontier Foundation and five Bay Area bands for an afternoon of live music and outdoor fun at EFF's second annual Share In. The festival will be held in Golden Gate Park's Music Concourse Bandshell on Saturday, September 14th from noon - 5pm. The celebration of independent music will be hosted by Grateful Dead lyricist and EFF co-founder John Perry Barlow, and former wife of the late great Jerry Garcia, Mountain Girl Garcia.

Artists participating in this event will permit recording of their performances by those in attendance in support of EFFs Open Audio License (OAL). Musicians performing at the event include: the Box Set Duo - clown princes of folk-rock, the classic funk band Funkmonsters, celtic world-fusion group Hy Brassyl, harmony based folk-pop band Atticus Scout, and Berkeley-based party band Shady Lady.

In addition to music, the Share-In will feature performers including Ashley Foster the One Wheeled Wonder, the Existential Circus, Frantastic Hands, the Metronome Dancers, and Willy Bologna and his Sideshow Circus. Bring your family and friends!