Breaching your online privacy to fight crime: Via The Ottawa Citizen.

The "mosaic effect" is an argument often put forward by governments and police to block access to sensitive information. It suggests even seemingly innocuous pieces of information can be fitted together like a puzzle to form a meaningful picture of something they want kept secret, typically a national security operation.

But when the tables are turned and it's police and government that want to piece together seemingly innocuous bits of your personal and digital information to form a picture of you, the "mosaic effect" is recast as "lawful access" and characterized as benign state intervention into the online lives of Canadians in the name of crime-fighting.

Your name, address, telephone number, e-mail address and Internet Protocol (IP) address can reveal your Internet habits, social network, personal interests, political views, secrets and more.

The government's new "lawful access" initiative, contained in bills C-46 and C-47, was tabled in the Commons in June. It's the latest attempt in a decade-long push by successive governments to give police and other agents of the state, such as the Canadian Security Intelligence Service and the Competition Bureau, modernized surveillance powers and technical capabilities to better patrol the dark side of the digital world.

But here's the rub: C-47 allows police and government agents to demand basic subscriber data from telecommunication and Internet service providers without a warrant. (Some companies routinely volunteer the data when asked, others don't, according to police.)

Privacy and Smart Grid - More Than Meets the Eye: Via Smart Grid at Technology Marketing Corp.

One of the speakers I enjoyed hearing at the Smart Grid Summit was Catherine Thompson, who spoke on the Privacy and Security session. Catherine is the Regulatory and Policy Advisor at the Ontario Information and Privacy Commissioner’s Office. We all know there are many privacy issues associated with smart grid, but we don’t often get to hear from someone with such a strong focus in this area.
 
Aside from hearing her insights on privacy, Catherine has kindly offered to share a paper that her office recently produced specifically about smart grid issues. The paper is titled “SmartPrivacy for the Smart Grid: Embedding Privacy into the Design of Electricity Conservation,” and can be downloaded from our portal. Since most of you have not seen the paper yet, I’d like to summarize the key ideas here, and would encourage you to read it in full, and then see how these principles can be applied to your smart grid initiatives. [ Read more ... ]

Canada says "no" to Yes Men website: Via Law & Disorder Section - Ars Technica.

When corporate pranksters The Yes Men staged a December stunt against the Canadian government's emission proposals, the group had no idea that the resulting backlash would take down more than 4,000 unrelated websites. Whatever you think of the hoax, the saga is a reminder of the power of ISPs and Web hosting companies. If they don't like what you're saying and doing, there are often no consequences to shutting down or blocking sites, even when tremendous collateral damage ensues. [ Read more ... ]

Behind the scenes: NORAD's Santa tracker: Via Geek Gestalt - CNET News.

All joking aside, NORAD has been taking its Santa tracking project seriously for decades. But it actually began in 1955 with a wrong number.

One morning that December, U.S. Air Force Col. Harry Shoup, the director of operations at CONAD, the Continental Air Defense Command--NORAD's predecessor--got a phone call at his Colorado Springs, Colo., office (see video below). This was no laughing matter. The call had come in on one of the top secret lines inside CONAD that only rang in the case of a crisis.

Grabbing the phone, Shoup must have expected the worst. Instead, a tiny voice asked, "Is this Santa Claus?" [ Read more ... ]

A court decision that reflects what type of country the U.S. is: Via Salon: Glenn Greenwald.

It's not often that an appellate court decision reflects so vividly what a country has become, but such is the case with yesterday's ruling by the Second Circuit Court of Appeals in Arar v. Ashcroft (.pdf).  Maher Arar is both a Canadian and Syrian citizen of Syrian descent.  A telecommunications engineer and graduate of Montreal's McGill University, he has lived in Canada since he's 17 years old.  In 2002, he was returning home to Canada from vacation when, on a stopover at JFK Airport, he was (a) detained by U.S. officials, (b) accused of being a Terrorist, (c) held for two weeks incommunicado and without access to counsel while he was abusively interrogated, and then (d) was "rendered" -- despite his pleas that he would be tortured -- to Syria, to be interrogated and tortured.  He remained in Syria for the next 10 months under the most brutal and inhumane conditions imaginable, where he was repeatedly tortured.  Everyone acknowledges that Arar was never involved with Terrorism and was guilty of nothing.  I've appended to the end of this post the graphic description from a dissenting judge of what was done to Arar while in American custody and then in Syria. [ Read more ... ]

Advocates Renew Calls for Transparency in ACTA process: Via CDT - PolicyBeta.

CDT and other advocates sent a letter to President Obama today once again urging greater transparency as the US negotiates a new Anti-Counterfeiting Trade Agreement (ACTA). While the administration has permitted some advocates (including my colleague David Sohn) to review the US-authored Internet portion of the current draft under strict non-disclosure rules, such limited access does not allow for full analyses of the agreement and its implications (even by other CDT staff members, much less the broader public interest community). Some leaks have surfaced which suggest that ACTA could require DMCA-style notice-and-takedown and anti-circumvention laws, or even graduated-response obligations on ISPs (see coverage here and here). [ Read more ... ]

The Copyright Lobby's Secret Pressure On the Anti-Spam Bill: Via Michael Geist's blog.

As I posted earlier today, the Electronic Commerce Protection Act comes to a conclusion in committee on Monday as MPs conduct their "clause by clause" review.  While I have previously written about the lobbying pressure to water down the legislation (aided and abetted by the Liberal and Bloc MPs on the committee) and the CMA's recent effort to create a huge loophole, I have not focused on a key source of the pressure.  Incredibly, it has been the copyright lobby - particularly the software and music industries - that has been engaged in a full court press to make significant changes to the bill.

The copyright lobby's interest in the bill has been simmering since its introduction, with lobbyists attending the committee hearings and working with Liberal and Bloc MPs to secure changes.  The two core concerns arise from fears that the bill could prevent surreptitious use of DRM and block enforcement initiatives that might involve accessing users' personal computers without their permission. [ Read more ... ]

Federal Court Denies Government Attempt to Delay Release of Telecom Records. Again.: Via EFF.org Updates.

Today a federal district court denied the government's latest emergency motion asking for a 30-day stay in last Friday's deadline to release records relating to telecom lobbying over last year's debate over immunity for corporate participation in government spying. The new deadline is October 16, at 4 p.m. Pacific time. We sought the records pursuant to the Freedom of Information Act.

On September 24, Judge Jeffrey White had ordered the Director of National Intelligence and Department of Justice to turn over many of the records we requested by Friday, October 9, 2009. Last week, the agencies asked him to postpone his order while the government de [ Read more ... ]

IT security breaches soar in 2009: Via The Globe and Mail.

Employees within business and government organizations are the fastest-growing threat

Information Technology departments in government and business organizations across Canada have seen the number and cost of security breaches soar this year, and the fastest-growing cause of such breaches is often employees within those organizations, according to a new study released Tuesday.

The 2009 joint study on Canadian IT security practices – conducted by TELUS and the Rotman School of Management at the University of Toronto – surveyed more than 600 Canadian IT security professionals.

According to the study, IT security breaches – everything from viruses to intellectual property theft to abuse by employees – cost the average Canadian organization $834,149 in 2009, almost double the amount reported in last year's study. [ Read more ... ]

Green light for scanners: Via Canada | News | Edmonton Sun (Hat Tip to Canadian Privacy Law Blog ).

The Canadian Air Transport Security Authority is charging ahead with plans to buy seven controversial virtual strip search scanners, but has decided against genital blurring software to go with them.

According to documents obtained by Sun Media under Access to Information, CATSA is recommending Transport Canada accept the scanner for use in Canada even though a seven-month trial at Kelowna International Airport showed the machine didn't meet the security agency's expectations.

CATSA's 60-page report shows the scanner took much more time to process travellers than a regular pat-down or metal detector and left blind spots over the head and feet. [ Read more ... ]

New Facebook Privacy Policies Will Have A Significant Impact On Platform Applications: Via All Facebook.

As a result of a new privacy agreement with Canada, Facebook has issued statements suggesting that there could be major platform changes ahead for developers. In a blog post this morning, Ethan Beard suggests that users may have to explicitly opt-in to granting profile information. This news comes as Facebook is under increasing scrutiny from privacy advocates including the California ACLU chapter which has released a new quiz application to inform users of what data applications have access to.

In a blog post on the Facebook developers blog today, Ethan Beard writes: [ Read more ... ]

School bus driver wins privacy battle: Via CBC News.

A Saskatoon bus driver who was worried a mandatory background check with a U.S. security firm would result in a loss of her privacy has scored a victory.

Stephanie Sydiaha drives for First Student Canada, formerly known as Firstbus Canada.

She had refused to let her employer do a background check on her because it was using a U.S.-based security firm.

Sydiaha was concerned about what would happen to her personal information once it crossed the border, where privacy laws are more lax than Canada's. [ Read more ... ]

ISPs must help police snoop on internet under new bill: Via Canadian Broadcasting Centre.

Internet service providers would have to make it possible for police and intelligence officers to intercept online communications and get personal information about subscribers under bills tabled Thursday. [ Read more ... ]

Lobby Groups Launch Full Assault For Canadian DMCA: Via Slashdot.

An anonymous reader writes "Bill C-61, the previous attempt at a Canadian DMCA, may have failed, but it is clear that the music, movie, and business software industries are engaged in putting massive pressure on the Canadian government to bring it back. Lobbying records show several meetings each week with Government Ministers for CRIA, CMPDA, and Microsoft over the past month. Meanwhile, the CRIA is preparing a grassroots campaign in support of new copyright laws, even claiming that the current rules are costing jobs to truck drivers delivering CDs and DVDs."

Read Original Article:(Via Slashdot.)

Ontario Court Orders Website To Disclose Identity of Anonymous Posters: Via Michael Geist's blog.

An Ontario court has ordered the owners of the FreeDominion.ca to disclose all personal information on eight anonymous posters to the chat site.  The required information includes email and IP addresses.  The case arises from a lawsuit launched by Richard Warman, the anti-hate fighter, against the site and the posters.  The court focused heavily on the Ontario Rules of Civil Procedure, which contain a strong duty of disclosure on litigants. 

The discussion includes a review of many key Internet privacy cases, including the CRIA file sharing litigation (which the court distinguishes on the basis of different court rules) and the Irwin Toy case (which emphasized the importance of protecting anonymity, but which the court tries to distinguish on the basis of the newness of the issue at the time).  The court also looks at the string of recent cases involving child pornography cases and ISP disclosure of customer information, concluding that "the court's most recent pronouncement on this is that there is no reasonable expectation of privacy." [ Read more ... ]

'The Analyzer' Hack Probe Widens; $10 Million Allegedly Stolen From U.S. Banks: Via Wired: Threat Level.

Ehud Tenenbaum, an Israeli hacker arrested in Canada last year for allegedly stealing about $1.5 million from Canadian banks, also allegedly hacked two U.S. banks, a credit and debit card distribution company and a payment processor in what U.S. authorities are calling a global "cashout" conspiracy.

The U.S. hacks have resulted in at least $10 million in losses, according to court records obtained by Threat Level, and are just part of a larger international conspiracy to hack financial institutions in the United States and abroad. [ Read more ... ]

Canadian ISPs stand up for content blocking, throttling Via Law & Disorder Section - Ars Technica :

Canada's telecoms regulator, the Canadian Radio-television and Telecommunications Commission (CRTC) is in the midst of a network neutrality proceeding, and the responses that rolled in this week were vociferous. Several ISPs and music groups objected to any such rules, arguing that they might stop ISPs from implementing all sorts of wonderful policies such as P2P upload throttling, website blocking, and graduated response rules.

Ca: We have our winners!: Via PogoWasRIght - Privacy News Headlines

We have the winning videos from the 2008 My Privacy & Me National Video Competition for young people! Participants from Encounters with Canada, a national youth forum that brings together teens from across Canada for week-long adventures in learning and discovery, selected the winners from among seven finalists.

Source - Office of the Privacy Commissioner of Canada

Read Original Article ( Via PogoWasRIght - Privacy News Headlines. )

NSA Whistleblower: Wiretaps Were Combined with Credit Card Records of U.S. Citizens: Via Threat Level

NSA whistleblower Russell Tice was back on Keith Olbermann's MSNBC program Thursday evening to expand on his Wednesday revelations that the National Security Agency spied on individual U.S. journalists, entire U.S. news agencies as well as "tens of thousands" of other Americans.

Tice said on Wednesday that the NSA had vacuumed in all domestic communications of Americans, including, faxes, phone calls and network traffic.

Today Tice said that the spy agency also combined information from phone wiretaps with data that was mined from credit card and other financial records. He said information of tens of thousands of U.S. citizens is now in digital databases warehoused at the NSA. [ Read more ... ]

Big brother at the bar? - Cactus Jacks implements new way to screen attendees - Via The Omega - TRU's Independent Student Newspaper:

In the name of safety many British Columbia bars, including Kamloops’ Cactus Jack’s, are using technology to collect and store personal information as people enter the establishment.

“We have a new monitoring system called Treoscope that everyone that comes into the pub must go through,” said Cactus Jack’s manager Pete Backus. “It takes your picture and also records your name and where you are from.”

The entire system has brought up privacy concerns. The B.C. privacy commissioner is ruling on the legality of the way Treoscope collects and stores information. [ Read more ... ]

BEWARE - Canada Border Services Agency WILL Read Lawyer's Mail - Via PogoWasRIght - Privacy News Headlines:

I can report this because it happened to me and not a client. The Canada Border Services opened mail addressed to "Todgham Cherniak, Counsel, Lang Michener LLP". The Canada Border Services Agency knew the package was being sent to a lawyer at a lawyer's office and they opened it and read it. I know because the package arrived re-taped and a stamp notified me that the contents were "EXAMINES / RELEASED - CUSTOMS - TORONTO - DOUANES, EXAMINE / LIBERE". However, there is no indication of the date that this invasion of privacy occurred and there is no indication of the identy of the officer who made the decision to examine my package. There certainly was no reasonable or probably cause to examine this lawyer's mail.

Source - Trade Lawyer's Blog

hat-tip, Canadian Privacy Law Blog

Reddit It | Digg This | Add to del.icio.us

(Read Original Article - Via PogoWasRIght - Privacy News Headlines.)

NORAD TRACKS SANTA 2008 - International (English, Deutsch, Espanol, Italiano, Francais, 中文, 日本語, ): Via The North Pole

All the preparations for this year are in place! Return on Christmas Eve to track St. Nick on his magical flight around the world!

Until then, come back each day to receive updates from the North Pole and to discover new surprises in the Kids' Countdown.

And you can get a little history about this from Wikipedia. And for those of you who prefer making phone calls the official hotline: 1-877-HI-NORAD Google Analytics also has some details about this tracking program. [ Read more ... ]

Hacker makes costly calls: Via Winnipeg Free Press

A local business owner is on the hook for a $52,000 phone bill after his voice-mail system was hacked and hundreds of calls were made to Bulgaria.

Alan Davison, who owns HUB Computer Solutions, noticed something was wrong when "feature 36" -- a message unknown to him -- kept popping up on his phone.

He called MTS and found that hundreds of calls were recently made to Bulgaria, racking up $52,321.14 in overseas long distance due Jan. 5. [ Read more ... ]

RIAA Vs. Web 2.0? Social Media and Litigation: Via Slashdot

NewYorkCountryLawyer writes "After learning that Professor Nesson's CyberLaw class at Harvard Law School has set up a Facebook page to assist in its defense of Joel Tenenbaum in an RIAA case, SONY BMG Music v. Tenenbaum, Wendy Davis of the Online Daily Examiner opines that 'Web 2.0,' and more particularly, the 'social media,' are playing an increasingly important role in RIAA litigation. We at Slashdot have already learned that principle, and have made good use of it, as have our friends at Groklaw."

Read Original Article (Via Slashdot.)

New short film asks, "Why Copyright?": Via arstechnica

50 years ago, did anyone but big rightsholders and lawmakers care about copyright? It certainly wasn't the tremendous public issue it has become today, and a new short film from Canadian law professor Michael Geist takes a look at why copyright matters to people and what they think copyright should cover. [ Read more ... ]