In Australia, iris technology is already being used by Qantas Airlines, Sydney Airport, foreign embassies, some banks and TAFE colleges, the Australian Protective Services, the Defence Department and the Police Integrity Commission.

"Already it's being used for everything from apartment blocks in Brisbane, where your eye is the key to your apartment ... to gymnasiums where it is used to identify its membership," Argus Solutions strategic development director John Grimes told the conference.

When forming in the womb, the iris tears open, creating a unique pattern that is consistent throughout a person's life from the age of one year.

Slashdot | ATM Iris Recognition Coming Soon.

Anonymous Cow writes "In Australia, iris technology is already being used by Qantas Airlines, Sydney Airport, foreign embassies, some banks and TAFE colleges, the Australian Protective Services, the Defence Department and the Police Integrity Commission. It is predicted that within five years every ATM in Australia will have iris recognition technology."

Computerworld - Privacy - Special Coverage. A collection of articles at this publication

Computerworld - Catch me if you can: How to prevent identity theft.

Identity theft is the fastest-growing crime in the U.S. The Federal Trade Commission received about 86,000 consumer complaints regarding identity theft in 2002, by far the largest category (43%) of consumer complaint recorded. This represents a 500% growth rate in the past three years.

Today, the consumer is no longer the prime target. Just as in the physical world, where it is far more profitable for a thief to rob a bank or a store than to steal wallets one by one, it's much more profitable (and less risky) for thieves to break into databases that store thousands of consumer records than it is for them to employ the traditional methods of Dumpster-diving, stealing mail or pretext phone calling.

[ ... ]

Most identity theft precautions and warnings are aimed at the wrong targets. Although consumers are ultimately responsible for protecting themselves and their information, they lose direct control over that information at precisely the point when it becomes an attractive target for thieves. During an online transaction, the consumer hands direct control over to a merchant for the furtherance of that transaction. When it has been completed, the consumer's personal information becomes a data file, residing in the online organization's network. The consumer is now completely dependent on the organization to effectively maintain the security and confidentiality of that data.

[ ... ]

Other financial services companies -- typically nontraditional lenders such as auto leasing and credit providers, private-label and boutique credit cards, or debt consolidation managers -- have no security provisions whatsoever. Some organizations, supervised at arm's length by the FTC, are not even aware that they are required to meet Gramm-Leach-Bliley standards, because they don't consider themselves "financial services" providers. The FTC does not directly examine the organizations it supervises as the banking agencies do, but rather investigates on the basis of consumer complaints. This leaves a large portion of the industry without specific federal guidance and little incentive to spend resources on information security.

[ ... ]

HIPAA and Gramm-Leach-Bliley represent a new trend in federal regulation because they focus not only on technical security but also make provisions for physical and administrative security protections, taking security measures strictly out of the IT department and expanding them across the enterprise.

[ ... ]

Computerworld - Privacy again a hot-button issue for legislators.

Top federal and state privacy enforcement officials are promising aggressive action against companies that, through theft or accident, allow customer data to leak out. But there are divergent views on whether tougher privacy legislation is actually needed to protect customer data.

U.S. Rep. Clifford Stearns (R-Fla.), the leading advocate of privacy legislation in the House of Representatives, said he plans to reintroduce within a few days privacy legislation that would set an "opt-out" standard for consumers. That would give consumers some way to limit the sharing of data, but it would also protect businesses from private lawsuits and leave enforcement to federal and state authorities.

Citing the Republicans' control of Congress, Stearns said prospects for passage of his bill this session are good. He also said the possibility of an invasion of Iraq and the continuing hunt for terrorists are leading to an erosion of privacy at the same time that the aggregation of personal data is happening quickly. "In the end, we are acquiescing in many ways, giving up more of our privacy," Stearns said today at the International Association of Privacy Professionals conference.

[ ... ]

Officials at the Federal Trade Commission promised similar enforcement action. But one commissioner, Orson Swindle, said he doesn't think new laws are needed. Swindle said he firmly believes "that private-sector leadership and creativity are a far better solution than cumbersome and highly likely ineffective new legislation."

Joel Winston, associate director of the FTC, said he doesn't believe that Congress will approve broad privacy legislation this year. Instead, he predicted that new privacy rules would arrive as part of the extension of the preemption provision of the Federal Fair Credit Reporting Act. That provision, which keeps states from blocking the sharing of consumer credit data, is due to expire next January.

Winston said he expects the preemption to be extended, but only after provisions for tougher identity-theft protections and financial privacy provisions are included.

Stearns' privacy bill may include some new provisions, including one antispam measure that lessens the possible penalties for people who forge e-mail headers. Many of the bills introduced in previous sessions set criminal penalties for header falsification. His proposal would impose fines that, according to one person familiar with the bill, would be more in line with the actual seriousness of the action.

MS-NBC - Fines leveled in online privacy case.

WASHINGTON, Feb. 27 -- Candy maker Hershey Foods Corp. and cookie baker Mrs. Fields Original Cookies Inc. agreed to pay $185,000 to settle charges that they collected personal information from children without their parents' permission, U.S. regulators said Thursday.

CNET NEWS.COM - Tracking manufacturers map out future.

Developers of location-tracking services say they're finally making some headway into the consumer market, but a shortage in handsets that connect to the technology could hamper their plans.

Industry leaders gathering Thursday for the GPS-Wireless 2003 conference here said so-called location-based technology is moving beyond niche services such as Wherify Wireless' child finder devices and Autodesk's software that pinpoints shipments that go astray. Newer services are offering consumers everything from finding a potential mate to personal mobile maps.

Online dating service Match.com, for instance, recently announced its 8 million registered users can now find each other using AT&T Wireless' location technology. People can determine a potential suitor's approximate geographical location by using their wireless phones. And in March, car rental company Avis will kick off its "Avis Assist" service in Dallas and Dulles, Va., which determines a person's location and reads turn-by-turn directions out loud over a Motorola phone. Location-based services rely on Global Positioning System (GPS) technology, which uses satellites in space to transmit location data to devices on Earth.

BW Online | February 27, 2003 | These Are Not Your Father's Wiretaps.

Privacy advocates fear that the FBI's need to monitor Internet Age technologies, such as voice over IP, will give it far too sweeping powers

[ ... ]

The job of sorting out the mess falls in large part to Les Szwajkowski, the director of the FBI's CALEA surveillance policy and planning unit. (CALEA is an acronym for Communications Assistance for Law Enforcement Act, which was passed in 1994 and granted the FBI the right to conduct surveillance on any new technologies that arise.) With his staff of 50 engineers, lawyers, and surveillance experts, Szwajkowski's most pressing task is finding a way to tackle the challenge of packetized voice, better known as VOIP (for voice over Internet protocol), which is steadily gaining a foothold in the U.S. market. VOIP provider Vonage in Edison, N.J., alone has lured 15,000 customers since it launched in April, 2002.

[ ... ]

Here's why: VOIP travels across the Internet the same way that e-mail does. Address information (the number dialed or the e-mail address) is contained in the same packet as the content (what is said or written). The FBI's solution for e-mail is the notorious Carnivore technology, which sucks up all data that passes its way. The FBI claims that Carnivore filters traffic and delivers to investigators only packets that they're lawfully authorized to obtain. But because the details remain secret, the public must trust the FBI's characterization of the system and -- more significant -- that it's complying with legal requirements.

Carnivore has been highly controversial, and privacy advocates fear the FBI will develop a similar system for VOIP. "The very nature of packet technology means that whether it's an e-mail or a voice call, [the FBI] can get more and more information that allows them to be more and more privacy-invasive," says the EFF's Tien.

The sheer number of players could put privacy at an even greater disadvantage. In the old days, the FBI went head-to-head with the likes of AT&T or Verizon, each of which has an army of lawyers to fight off any onerous requirements. In an emerging area such as VOIP, however, small companies are on the cutting edge, and they have no money to staff a huge legal department.

[ ... ]

Business News from Wired News - Monster.com Warns About ID Theft.

Internet job board Monster.com, acknowledging a growing problem for online career sites, is e-mailing millions of job seekers, warning that fake listings are being used to gather and steal personal information.

An e-mail message from Monster, which arrived in many users' computer mailboxes Thursday, cautions that "regrettably, from time to time, false job postings are listed online and used to illegally collect personal information from unsuspecting job seekers."

The e-mail, labeled a "critical service message," is going out this week to all active users of Monster's main site, company spokesman Kevin Mullins said Thursday. Mullins said he did not know exactly how many people that included, but that it is "definitely well into the millions."

[ ... ]

The job sites generally advise users not to give out their social security, credit card or bank account numbers, not to disclose personal information that isn't related to work such as their marital status, and to be particularly careful of prospective employers from outside the country.

[ ... ]

But Pam Dixon, a research fellow with the Denver-based Privacy Foundation who has studied Internet job sites, said the Monster e-mail confirms what has become a major hazard for online job seekers.

"This is a very big problem, and it's throughout the job-search industry. It's not just on Monster. I've heard of this on all the major sites," she said.

The Herald - technology - French legislators vote to ban spam.

PARIS (AFP) - France's National Assembly on Monday voted in favor of banning unsolicited e-mail sales messages, known as spam.

The move, presented to the lower house of parliament in the form of government amendments to a law to "increase confidence in the digital economy," was approved by deputies at a first reading.

Direct electronic marketing without prior consent would be allowed in certain circumstances where the parties involved were properly registered so as not to penalise e-business between companies.

The law now goes up to the upper house, the Senate, for its approval.

The draft bill, presented by deputy industry minister Nicole Fontaine, would ban "direct marketing, notably advertising, via electronic messages" to individuals who had not given consent.

Slashdot | Your Rights Online - French Legislators Vote to Ban Spam.

mlawmlaw writes "The Herald is reporting that France's National Assembly has voted 'in favor of banning unsolicited e-mail sales messages.' This is an admendment to a law to 'increase confidence in the digital economy.' This would ban 'direct marketing, notably advertising, via electronic messages' to individuals who had not given consent. The article is light on details, but it's nice to see France taking a step to reduce spam."

DMNews.com - Call Center Mailer Touts TeleZapper Immunity.

Teleservices technology firm Castel claims in a direct mail campaign that its call management system gives outbound callers immunity to the TeleZapper, a home-privacy device that fools predictive dialers into thinking that a line is disconnected.

The technology is intended not to help telemarketers evade privacy safeguards to reach consumers, but to help collection agencies reach those in debt who use the TeleZapper to mask their phone lines, according to Castel, Beverly, MA.

The TeleZapper -- marketed by Royal Appliance Manufacturing Co., which also makes the Dirt Devil -- mimics the three-tone sound phones emit when a disconnected or out-of-service number is dialed.

Predictive dialers generally listen for that tone to remove disconnected numbers from a calling list. Castel's system, dubbed DirectQuest, works not by listening for tones but by looking for digital codes -- sent by central offices in the telephone network -- that accompany calls.

[ ... ]

Castel solves this problem by letting call centers change outgoing caller-ID information on their own without going through their carrier, Elicker said. Other predictive-dialer makers, including SER Solutions Inc., are touting similar capabilities in their call center technology.

New York Times - free registration required Keeping an Eye on Things, by Cellphone.

The picture is on the small side - 160 by 120 pixels, or about the size of a Wheat Thin - and the quality is not what you would call high-definition. In fact, even calling it "video" is an act of the purest kindness; instead of smooth motion, you see a still frame that updates itself every two seconds to two minutes, depending on the technology gods' sense of humor.

But never mind all that. The color, contrast and detail are easily good enough to make out what's going on in the picture. Furthermore, Logitech says that in the coming months, new technology on its end, including a new version of Brew, will greatly improve the video quality of this weeks-old service.

[ ... ]

The real power of Mobile Video, though, becomes apparent when you hook up a Webcam of your own. Using Logitech's free Mobile Video software for Windows, you can broadcast your own video, either publicly (to any Mobile Video subscriber) or privately (to people who have the password). Either way, a task bar balloon pops up on your PC each time someone tunes in to your broadcast. If it's someone you recognize as, say, the high school bully who used to make your life miserable, you can hang up on him with two clicks. (On his cellphone, the video image goes blank, and a message appears that says, "You have been kicked out by the camera owner.")

Traffic, schmaffic: here's the real fun of Mobile Video. Now your private cellular televison network is limited only by the number of Webcams you care to set up (and, of course, the number of PC's to which you can hook them up). You can peek in on sleeping children, monitor the coffee level in the pot in the teacher's lounge, or check your house for fire, flood or thieves while you're away.

[ ... ]

It's perfectly possible, of course, to use Mobile Video for more controversial purposes like surreptitious viewing. Certain people will probably see Mobile Video as an ideal babysitter-cam, for example. In fact, it's not ideal - it is soundless and sends only snapshots every few seconds. And the Logitech Webcam itself isn't exactly unobtrusive; it looks like a giant robotic eyeball on a stick. Still, the Mobile Video concept may well become Exhibit 14,207 in the rapidly heating national debate on privacy versus security.