Opponents of entitlement cards are bringing the parliamentary ombudsman into play, alleging maladministration by the government

Civil liberties group Privacy International lodged a complaint of maladministration with the parliamentary ombudsman on Thursday against the government over its handling of the consultation into entitlement cards.

Privacy International claims that the Home Office has breached several key requirements of the Cabinet Office code of practice that governs such consultations, and has written to the prime minister asking for the consultation -- which is scheduled to finish on Friday -- to be extended for another six months.

New York Times - free registration required In Net Attacks, Defining the Right to Know.

In reality, few computer attacks are ever reported, and the ones that are made known tend to be those that affect thousands of computers.

Consumers often find out about breaches to computers that contain their credit card numbers, their credit history or their Social Security numbers only if the problem is so widespread that there is no way to keep it under the radar. There is a loose threshold - in terms of numbers of computers attacked, whether consumers were affected and the extent of financial damage - above which an incident becomes public.

CNET NEWS.COM - Verizon appeals RIAA subpoena win.

Verizon Communications is asking an appeals court to block a court order that would reveal the identity of an alleged peer-to-peer pirate to the music industry.

In what is widely viewed as a test case pitting privacy against copyright laws, Verizon said on Thursday that it would file the request for a stay with the District of Columbia Court of Appeals by the end of the day.

"Verizon will use every legal means to protect its subscribers' privacy," said John Thorne, a senior vice president for Verizon. "If this ruling stands, consumers will be caught in a digital dragnet, not only from record companies alleging infringement of their copyright monopolies, but from anyone who can fill out a simple form."

School News from Wired News - FTC Eyes 'Educational' Marketers.

Companies that snooker students into revealing personal information under the guise that it will be sent to colleges better watch it. The FTC is cracking down on outfits that sell survey data to marketers.

[ ... ]

The FTC began investigating deceptive student surveys in December 2001. According to the investigation, ERCA sent surveys to teachers and guidance counselors that asked for students' names, addresses, gender, date of birth, religious affiliation, racial and ethnic background and extracurricular interests.

The FTC found that information collected from high school and middle school students, which was supposed to be sent on to colleges and universities, was also being shared with banks, consumer goods and service providers, and other list brokers.

"We found very little middle school data was tabulated into any report shared with colleges and universities," said Laura Mazzarella, attorney for the FTC's bureau of consumer protection.

CNET NEWS.COM - Microsoft agrees to Passport changes.

Microsoft has reached an agreement with the European Union to implement a package of changes in its .Net Passport online authentication service, to prevent the service from running afoul of EU data protection laws.

Although the changes came about as a result of a yearlong dialogue between the company and the European Union, they will be implemented globally, said Matt Lambert, director of government affairs for Microsoft in Europe, the Middle East and Africa.

The main changes should give Passport users more control over how their personal data is shared with partner sites such as auction company eBay and music service Pressplay.

[ ... ]

However, the EU still has unresolved questions about privacy protections in Microsoft software. "In particular, two issues need further consideration," said Todd. These are, he said, the "current electronic advertisement communication within Hotmail" and the use of identifiers both in the .Net Passport system and by the Liberty Alliance Project.

Slashdot | Your Rights Online - MS Agrees To EU-Proposed Passport Changes.

glitch_ writes "News.com has a story about how Microsoft has reached an agreement with the European Union to implement a package of changes in its .Net Passport online authentication service, to prevent the service from running afoul of EU data protection laws."

Slashdot | Your Rights Online - UK MPs Campaign For Internet Privacy.

WIAKywbfatw writes "The BBC is reporting that the All Party Internet Group (APIG), a committee of UK MPs has criticised the Anti-Terrorism Crime and Security Act (ATCS) that was pushed through by the British government following the September 11 attacks in the US. As well as a host of other measures aimed at curbing terrorist activities, the ATCS required ISPs to keep customer data for up to six years, which the police have now admitted is illegal, as it contrevenes the Human Rights Act. The APIG is suggesting that data retention be discarded in favour of data preservation, essentially a snap-shot of internet traffic at the time of any future terrorist attacks. Certainly seems like a move to be applauded."

Bloomberg.com : Technology News - IBM Loses Private Information on Canadian Insurer's Clients.

Regina, Saskatchewan, Jan. 30 (Bloomberg) -- International Business Machines Corp., the world's largest computer maker, lost a hard drive containing bank account numbers and other private details of clients of a Canadian insurance company, raising concerns over possible identity theft.

Closely held Co-operators General Insurance Co. sent a letter to its clients this week informing them that the hard drive is missing from a secure area in Regina, Saskatchewan. About 180,000 clients were warned about the possibility that someone could assume their names, the Toronto Star reported.

The information includes names, addresses, beneficiaries, social insurance numbers, pension values, pre-authorized checking information and mothers' maiden names, Co-operators Chief Executive Kathy Bardswick wrote in the letter. Regina police are investigating, and IBM's Information Systems Management unit, which lost the hard drive, has begun an internal enquiry.

``While it is possible that this is simply an issue of misplaced hardware, theft of an individual's identity is possible,'' Bardswick said. The information can be used to access bank accounts, transfer balances or apply for new loans under a client's name, the letter said.

CBC News: Co-operators Life CEO apologizes for theft of sensitive customer data .

REGINA - The chief executive officer of Co-operators Life Insurance apologized to the company's customers Thursday after sensitive personal information on thousands of the company's customers was stolen.

"The Co-operators takes this situation very seriously and everyone in this organization, starting with me, is making this their top priority," Co-operators CEO Kathy Bardswick told a Toronto news conference.

Thousands of customers of the Co-operators Life Insurance company have received letters warning them that their private information, including banking information, is at risk. The alert followed the revelation that a missing hard drive in Saskatchewan could contain sensitive information on as many as 180,000 of the company's customers.

Slashdot | Your Rights Online - Missing Hard Drive Spurs Data-Theft Fears In Canada.

DevNull writes "A government of Saskatchewan (Canada) hard drive has gone missing, and it contains significant personal data - in fact, the government won't even detail what all is contained in it. Read about it from the CBC. So much for people who think the internet is the cause of all their security fears! Identity theft is the major concern at the moment." --- B5_geek links to this report on Bloomberg.com which says that --- "'[t]he information includes names, addresses, beneficiaries, social insurance numbers, pension values, pre-authorized checking information and mothers' maiden names," --- according to Co-operators Chief Executive Kathy Bardswick

InfoStructure News from Wired News - Sneaky Toolbar Hijacks Browsers.

It's the most evil thing on the Internet, according to some of its victims. But it's not a virus, a scam or a raunchy porn site.

It's a browser toolbar that some swear is doing "drive-by downloads" -- installing itself without users' permission -- then taking over their systems and making it impossible to uninstall.

[ ... ]

Xupiter is an Internet Explorer toolbar program. Once active in a system, it periodically changes users' designated homepages to xupiter.com, redirects all searches to Xupiter's site, and blocks any attempts to restore the original browser settings.

The program attempts to download updates each time an affected computer boots up, and has been blamed for causing system crashes. Several versions of Xupiter also appear to download other programs, such as gambling games, which later appear in pop-up windows.

Slashdot | World's Most Annoying IE Toolbar.

nautical9 writes "Following the same devious footsteps of the infamous Bonzi Buddy, Gator, and Comet Cursor "enhancements", Xupiter now has their own self-installing toolbar for IE. There are many claims that if you leave your security preferences at their default level, it will install itself without your express permission. And once on your system, it's gracious enough to reset your homepage to xupiter.com, forward all your searches to their search engine, download and automatically launch applications (like gambling applets), and blocks all attempts to set these back to normal. Removing it isn't trivial either - it automatically checks for updates upon reboot, where it constantly changes the registry settings it uses, making the jobs of spyware removal programs like AdAware or Spybot Search & Destroy much harder. No word yet if it collects and forwards personal data."

Yahoo News - Telemarketers Sue to Stop Do-Not-Call List.

Four telemarketing companies and a trade group filed suit in federal court in Oklahoma City to stop the Federal Trade Commission from setting up a program that would allow consumers to place their names on a list of households that do not want to receive such calls.

Telemarketers who ignore the FTC's list would face fines of up to $11,000. Callers for charities and political groups would be exempt.

The FTC's proposal, which could be up and running as early as August, has won unprecedented support from consumers who have swamped the agency with more than 50,000 letters of support.

But telemarketers say 27 existing state do-not-call lists and a voluntary national list run by the Direct Marketing Association trade group should provide consumers enough protection.

In the suit, the DMA and four telemarketing firms said the FTC's effort would violate free-speech laws and discriminate against an industry that provides millions of jobs.

[ ... ]

One privacy advocate said the suit had little chance of success, as federal courts have upheld similar laws banning unsolicited faxes.

"The DMA are plainly going though the motions that they must know will be ineffective simply to placate some of their members," said Jason Catlett, president of Junkbusters Corp., a privacy consulting firm.

The proposal cleared a crucial hurdle earlier Wednesday when a House of Representatives committee voted to give the FTC the power to collect fees from telemarketers to pay for the list.

[ ... ]

A DMA spokesman said the suit was filed in Oklahoma City because one of the plaintiffs, U.S. Security, is based there.

But one privacy advocate said the case was filed there because Oklahoma falls in a federal circuit that is known to be sympathetic to business interests in privacy cases.

"This is a strategy known in legal circles as 'forum shopping,"' said David Sobel, general counsel at the nonprofit Electronic Privacy Information Center.

Slashdot | Your Rights Online - Telemarketers Sue to Block Do-Not-Call List.

chumpieboy writes "A story on Yahoo tells about about the DMA's attempts to stop a national DoNotCall list, essentially claiming that Opt Out is not a viable model for telemarketers. Yet they claim that Opt Out is a viable model for email marketing?"

Slashdot | Hollywood Says No to Filtering DVD Player.

haplo21112 writes "There is a posting over at ZDNet about how Hollywood continues to trample on the American consumer's free use rights. They want to prevent the sale of a special DVD player which can be used to edit out offensive material from a DVD in realtime. While I don't agree with censorship in general, I do believe its everyone's right to do what they wish with their own media."

Slashdot | BSD - OpenBSD Gets Even More Secure.

Telent writes "As seen in this post by Theo de Raadt, OpenBSD is getting even more secure, working on smashing script kiddies running buffer overflow exploits dead. Tightening PROT_* according to the POSIX standards and creating a non-executable stack on most architectures are just two of the recent enhancements, most of which are in -current now."

DC InternetNews.com - CIA Wins Control of Terrorist Data Mining Program.

The White House released additional details Wednesday about President Bush's new initiative to create a data mining Terrorist Threat Integration Center under the direction of the Central Intelligence Agency (CIA) to close the "seam" between analysis of foreign and domestic intelligence on terrorism.

The center will have access to all intelligence information from raw reports to finished analytic assessments available to the government.

The plan calls for a cross-agency integration of terrorist-related information collected domestically and abroad in order to form the "most comprehensive possible threat picture." Funding for the project was not mentioned, but Administration officials said the program would not require approval from Congress.