After a 90-minute committee briefing with FTC Chairman Timothy J. Muris, Rep. W.J. "Billy" Tauzin (R-La.), chairman of the House Energy and Commerce Committee, said he will help the agency obtain quick approval for the plan -- as long as the funding is limited and Congress has a chance to review the program in a couple of years.

"We are working with the FTC to try to get one to two years' funding authority" for the anti-telemarketing registry, Tauzin spokesman Ken Johnson said shortly after the briefing. "We are shooting to get this done," he added, so the $16 million in funding can be approved by the end of this month and the do-not-call list can be operational by the end of the year.

Tauzin's support contrasted with reservations he expressed as recently as Tuesday. In a letter to Muris late last month, Tauzin said he would block the agency's request for immediate funding until his committee had "adequate opportunity to properly review and evaluate" the plan.

ADage - Spot-free Show Nears Deal With WB. All Commercial Messages Would Be Woven Into Content Found via The Shifted Librarian: Thursday, January 09, 2003.

[ ... ]

Instead of traditional ads, each hour-long episode will work advertisers' products or services into variety/news (ed. emphasis added) segments, both live and taped.

I may think that adding the commercial info to a variety show may be in bad taste (but not illegal) but making it part of the news would be going to far.

Bloomberg.com : Technology News - Microsoft Answering EU Privacy Fears, Lessening Penalty Risk.

Brussels, Jan. 10 (Bloomberg) -- Microsoft Corp. has made ``substantial progress'' to ease European Union concerns that its Passport Web-surfing program breaks privacy laws, a U.K. official said, lessening the risk that it could face penalties.

[ ... ]

Separately, the world's largest software maker still faces the threat of a European Commission fine for abusing the dominant position of its Windows operating system, which runs 90 percent of the world's personal computers.

The privacy investigation covers the data-protection standards used by Web sites affiliated with Passport, the methods for obtaining users' consent and risks that the data may fall into the wrong hands. In theory it could lead to a fine.

Bamford did not give details about how Microsoft is addressing EU privacy concerns. Two other national data protection officials said Microsoft is making progress to resolve the outstanding issues.

Japan Today Japan News - Aozora Bank leaks customer data.

TOKYO -- Aozora Bank confirmed a media report Thursday that it provided customer information to U.S. investment fund Cerberus Group, one of its top shareholders, on request between January and February 2002. But the bank denied a portion of the Nihon Keizai Shimbun newspaper report saying the action was illegal because some of the information given to Cerberus is usually kept secret.

The business daily said the information included customer assets, creditworthiness indicators and even some private data on the presidents of customer firms.

law.com - Fingerprint Scanners Can Protect Data Privacy.

No lawyer worth his salt wants unfriendly eyes poking around his computer. That's obvious.

Unfortunately, it's also uncomfortably obvious that few devices can really keep the wrong people away from the sensitive documents, data and correspondence on one's hard drive.

Passwords can be hacked. Computers can be momentarily left unattended, allowing an intruder to jump onto the keyboard and go for a ride. What a litigator needs is a better security system -- one that can determine that the person sitting at a machine is the right user. Enter the biometric security device.

Biometric devices measure the physical traits of the person sitting at the computer and check those measurements against a pre-established database; if a fingerprint, voice, retina or whatever the device measures doesn't match against the list of allowed users, access to the computer is denied.

Computer equipment makers have been scrambling to offer simple, yet effective, biometric security. Most are some variation of fingerprint scanners, easy to install and understand. Given the numerous privacy obligations lawyers face every day, they're worth considering.

CNET NEWS.COM - Schools profit from privacy settlement.

Several law schools and privacy rights groups will benefit from a settlement that Amazon.com subsidiary Alexa Internet reached in 2001.

Alexa Internet settled several class-action lawsuits in April 2001, which alleged that it misused consumers' personal information without their consent.

Under the terms of the settlement, Alexa said it would destroy some of the personally identifiable records in its database and pay up to $40 per person to customers whose records were found in the database.

According to a court order issued last month, at least one individual applied for the $40 disbursement. Alexa did not release any further information on how many individuals had been awarded money.

The rest of the money was spread among 17 schools and organizations, including the Internet Education Foundation, the Electronic Frontier Foundation, the American Booksellers Foundation for Free Expression, the Center for Democracy and Technology, the University of San Francisco, the University of Washington and Carnegie Mellon University. Grants ranged from $50,000 to $250,000.

IT-Director.com | Is growing freedom ofinformation eroding privacy?

With war in the Middle East and maybe even elsewhere seeming to be coming closer, how can we reconcile the principles of freedom of access to information with privacy of access?

In the Western World freedom of information is either enshrined in national legislation or in some European Union countries, incorporated through the European Convention on Human Rights. This supposedly not only affirms rights of freedom of expression but less obtrusively, though of equal importance, "the right to receive and impart information and ideas". Sitting side by side with this are Data Protection Acts, which respect the privacy of the individual and the individual's correspondence. The notions are not entirely compatible.

ZDNet |UK| - Privacy tsar: Data protection should be 'way of life'.

Richard Thomas has called for the private sector to punish companies that don't respect customers' personal information

Breaking the government's 'culture of secrecy' while protecting the privacy of UK citizens is one of the key challenges facing the new Information Commissioner as he settles into his role.

Richard Thomas, 53, formerly the director of public policy at law firm Clifford Chance, took over from Elizabeth France in December 2002, and having got to grips with his new job, he on Tuesday stressed the importance of striking this balance between openness and privacy.

He said: "People will not trust government if there is excessive secrecy. And they will get increasingly anxious about a 'surveillance society' if they cannot be confident that information about their private lives is being handled properly. My job will be to shed more light on what the public sector is doing in our name with our money."

Privacy News from Wired News - Traveler Logs Worry Rights Groups.

The INS mandate requiring airlines and cruise ships to electronically transmit passenger logs in near real time has civil rights groups and privacy advocates wondering how the data might be misused.

[ ... ]

Michael Cronin, INS assistant commissioner of inspections, told CNN on Wednesday that passenger data will be saved and could be used by law enforcement.

Critics charge that the government doesn't need to track the travel habits of every American citizen, and that the proposed rules don't do enough to limit access to this information.

"Given the government is considering the "Total Information Awareness" program, asking for this information raises questions about the kind of monitoring that will be done," said Timothy Edgar, legislative counsel for the American Civil Liberties Union.

"This rule is unprecedented historically. It could be seen as encumbering the constitutionally guaranteed right to travel and may also be in violation of the Privacy Act," said David Sobel, general counsel for the Electronic Privacy Information Center.

AMI.COM - American Megatrends Inc. - AMIBIOS® enables secure and trusted computing with a TCPA-compliant module.

ATLANTA (Monday, January 6, 2003) American Megatrends Inc. (AMI), a leading developer of computing and storage solutions, today announced its AMIBIOS8[trademark] system software enables secure and trusted computer transactions by introducing an eModule option supporting the TCPA specification.

A new AMIBIOS8 eModule supporting the TCPA 1.0 specification (Trusted Computing Platform Alliance) is now available for AMIBIOS® customers.

Slashdot | AMI Introduces 'Trusted Computing' BIOS.

An anonymous reader writes "American Megatrends announced its 'trusted computing' Palladium BIOS on Jan 6. It seems that the encrypted BIOS' integrity will be verified by a special chip or flash ROM, and will in turn verify the 'authenticity, integrity and privacy' of the boot loader and the operating system. Does that mean such machines may refuse to boot any other non-'trusted' OS? After all, the list of supporting corporations include AMD, Intel, IBM, and HP, of whom we heard quite favourable statements about Linux (just for example -- *BSDs will be equally affected) so far."

TechNews.com part of the Washington Post - The View From Symantec's Security Central.

An ordinary office building on Route 1 in Alexandria offers a rare window into the Internet hacker wars and a few clues to why Uncle Sam wants more monitoring capabilities in cyberspace.

Inside a cavernous room on the first floor there, security analysts for Symantec sit in long, curved rows 24 hours a day, working on computers and facing a wall of theater-size screens. Information displayed on the screens helps them keep tabs on whether any attacks are underway at any of the company's more than 600 corporate clients.

Every five minutes or so, a giant, illuminated globe appears on the central screen and starts to rotate, displaying the locations worldwide where hackers are launching the most attacks. Symantec uses special technology to monitor a huge chunk of the public Internet along with the internal nooks and crannies of its clients' private networks, looking for telltale signs of computer break-ins.

Its software constantly compares current hacker activity with a database of prior attacks, then displays in red the names of countries where an unusual amount of malicious Internet activity is originating that day. The rotating globe also displays the number of attempted break-ins against Symantec clients over the past 24 hours in the 10 most active countries.

[ ... ]

The ACLU is not arguing that the data about citizens shouldn't be sent -- only that it should not be stored.

"The job of the INS is to check the names versus the watch lists," Edgar said. "After that, there is no reason to retain the data. Creating a massive database tracking American citizens' travel patterns is not what Congress intended when it passed this law."

But the new rules may not be much of a departure from the past. Airlines have routinely submitted complete passenger manifests, even though they were only required to send information about non-citizens, said Justice Department spokesman Jorge Martinez.

Slashdot | Inside Symantec's 'Security Center'.

dipfan writes "There's a fascinating view looking at Symantec's Virginia security centre, where the company defends its corporate clients' networks against those wicked hackers. Scary quote from the Washington Post article: 'The Alexandria facility is a private, miniature version of the kind of public Internet-monitoring capability the Bush administration wants the federal government to develop to protect the nation's electronic infrastructure.'"