Privacy Digest

FTC Takes Aim at "Stalker Spyware" Company: Via Center for Democracy and Technology

Acting on a request from the Federal Trade Commission, a U.S. District Court has temporarily halted the sale of "stalker spyware," pending a decision on whether these products engage in unfair and deceptive practices by enabling and encouraging privacy invasion. Keylogger programs are often sold as "stalker spyware" and describe in detail how to spy on others without being detected, according to the FTC complaint. CDT applauds the hard work of the Electronic Privacy Information Center, which first brought a petition to the FTC to stop these deceptive, privacy invasive technologies.

FTC Notice on Court Action November 17, 2008 [off-site]

Read Original Article (Via Center for Democracy and Technology.)

Supreme Court’s “Fleeting” Interest in the First Amendment: Via CDT - PolicyBeta

On Election Day last week, the legal community was momentarily distracted from the momentousness of the election by the possibility that the Supreme Court Justices might utter profanities in the hallowed chamber. Sadly, they restrained themselves. But the lack of “f-bombs” (as the Solicitor General called them) didn’t take away from the intrigue surrounding the oral argument in FCC v. Fox – the amusing but important case that challenges the Federal Communications Commission’s regulation of one-time or “fleeting” expletives on broadcast television.

It hasn’t been clear why the High Court decided to take this case in the first place. The key question before the Justices is whether the FCC violated the Administrative Procedure Act’s prohibition against agency action that is “arbitrary and capricious” when the Commission – reversing decades-long policy – suddenly began fining television stations for airing fleeting expletives during daytime and primetime hours.  read more »

U.S. Identity Theft Convictions Increase 26 Percent, Feds Say - Via Threat Level:

Federal identity theft convictions increased 26 percent in 2007 from the year prior, according to a Bush administration task force report on identity theft unveiled Tuesday.

According to the "Identity Theft Task Force Report," as many as 1,534 people were convicted in 2006, and a year later, 1,943 were convicted nationwide on various identity theft violations. The report, however, said there are about 1.6 million complaints of identity thefton file with the Federal Trade Commission.  read more »

Prepared Statement of the Federal Trade Commission On the Telemarketing Sales Rule, the Do Not Call Registry, and Telemarketing - Via PogoWasRIght - Privacy News Headlines:

Prepared Statement of the Federal Trade Commission On the Telemarketing Sales Rule, the Do Not Call Registry, and Telemarketing Call Centers, Presented by Lois Greisman, Associate Director For Marketing Practices, Bureau of Consumer Protection, Before the Subcommittee On Commerce, Trade, and Consumer Protection of the Committee On Energy and Commerce, United States House of Representatives (September 11, 2008)

Source - Text of Statement [pdf]

(Read Original Article - Via PogoWasRIght - Privacy News Headlines.)

Do Not Call Registry Gets Glowing Reviews - Via Slashdot: Your Rights Online:

coondoggie writes to tell us that in a recent report to Congress by the FTC the National Do Not Call Registry got glowing reviews. They seem to be well established now with $21 million in fees in the bank, 22 successful court cases, and an almost 70% approval rating. "In 2007, a total of 6,242 entities paid fees totaling $21,602,003 for access to the National Registry. According to the FTC, telemarketers and sellers can access registered telephone numbers and pay the appropriate fee for that access, if any, through an Internet website dedicated to that purpose. The only information about consumers that companies receive from the National Registry is the registered telephone number. Since the Registry's inception, a total of 18,197 unique entities have paid fees for access to the National Registry. The total amount of fees paid by all entities since the inception of the National Registry through the end of 2007 is $80,629,778, the report stated."

(Read Original Article - Via Slashdot: Your Rights Online.)

CRS Report of the Week - “Spam”: An Overview of Issues Concerning Commercial E-Mail - Via CDT - PolicyBeta:

The report gives an overview of CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing Act), how it is implemented, related legislation, and legal actions based on the act. The report also looks at the FTC rules on CAN-SPAM compliance and related state anti-spam laws.

CRS No. RL31953, May 14, 2008

From the report’s summary:  read more »

Credit Card Firm Cut Limits After Massage Parlor Visits, Feds Allege - Via Threat Level:

Government regulators are suing a sub-prime credit card issuing firm, alleging that the company secretly profiled its customers' transactions and reduced the credit limits of those who used the cards at bars, marriage counselors and tire retread stores.

The Federal Trade Commission filed the complaint against CompuScore in a federal court in Atlanta on June 10, alleging the Visa-card marketing service routinely abused debt collection law, failed to disclose hidden fees, and withheld the credit limits it promised to subprime borrowers.

Most intriguingly, however, the complaint (.pdf) alleges that CompuScore kept track of the kinds of purchases its card holders made, without adequately explaining they were doing so or what kinds of purchases would lead to lower limits.  read more »

Spyware bill cloaks a mini-UCITA - Via Ed Foster's Gripelog :

The holy grail for the software industry's political muscle has long been what in UCITA was called "electronic self help" - the right of software publishers to remotely disable their software on the mere suspicion that it hasn't been paid for. UCITA was ultimately stopped, but last Wednesday the Senate Commerce Committee held a hearing on a bill that nominally is supposed to fight spyware but seems intended to make remote disabling legal.

As I suggested last week, S. 1625 -- the Counter Spy Act -- takes an anti-spyware approach that's very similar to the way the failed Can-Spam Act of 2003 attacked spam. Its list of prohibited behaviors - like taking over computers with zombies and collecting information for identity theft -- are all already clearly illegal under existing laws. Its various loopholes would allow some bad actors to claim they're actually following the law. And actual victims would have virtually no recourse but to beg the FTC to take action.  read more »

FTC Should Strengthen Behavioral Advertising Principles - Via Center for Democracy and Technology:

The Federal Trade Commission's proposed behavioral advertising principles aren't strong enough on their own to adequately protect consumers, according to comments filed jointly today by CDT, Consumer Action and Privacy Activism. Although the principles represent a solid first step in the process, protecting consumer privacy interests in this space will require a rigorous mix of self-regulation, enforcement of existing law, and the passage of new general privacy law. The comments include CDT's finding that there are several practices of concern occurring on the Internet today that remain unaddressed by current self-regulation. Based on this research and other industry developments, CDT, Consumer Action, and Privacy Activism recommend ways for the FTC to bolster several of its proposed principles. The groups also urge the Commission to explain how it will ensure industry compliance with the principles.

Comments of CDT, Consumer Action, and Privacy Activism [PDF] April 11, 2008

FTC Proposed Principles [PDF] April 11, 2008 [off-site]

(Read Original Article - Via Center for Democracy and Technology.)

Google Seals DoubleClick Deal, Learns More About You - Via Threat Level:

Google finalized its $3.1 billion purchase of ad delivery giant DoubleClick Tuesday after European Union regulators ruled that the purchase does not violate anti-monopoly rules in Europe which removed the last legal hurdle for the hotly contested acquisition.

Microsoft hoped that regulators in Europe and the United States would block or attach conditions to the purchase as a way to slow Google's growing lead in online advertising and search. Privacy groups opposed the sale on the grounds it would give Google too much information about what individuals do on the internet and thus much power to shape what content is created online.  read more »

CDT Releases Principles for Behavioral Targeting Privacy Tools - Via Center for Democracy and Technology:

CDT today released a set of privacy principles to help guide the development of software tools related to online behavioral targeting. Developed in consultation with members of CDT's Internet Privacy Working Group (IPWG), the principles aim to bolster the development of tools for Web browsers and other software that empower users with the ability to manage their privacy and control online behavioral tracking activities. The document is a result of meetings with IPWG, sparked by renewed interest in behavioral targeting at the FTC, in the private sector and among consumer groups.

(Read Original Article - Via Center for Democracy and Technology.)

Bank of America, HSBC Most Prone to I.D. Theft, Report Says - Updated - Via Threat Level:

In a first ever study of which companies have the most identity theft incidents, Bank of America, HSBC, and Washington Mutual were named as the companies with the most incidents per billions of dollars of deposits, according to a study released Wednesday by Berkeley Law School fellow Chris Hoofnagle.

Among the nations' largest banks, ING Bank looks to be the safest, with only 0.085 identity theft complaints per billion dollars of insured deposits.

In terms of sheer numbers of complaints, Bank of America, AT&T and Sprint were named most often in the complaints, followed closely by Chase, Capital One and Citibank.

The study, entitled Measuring Identity Theft at Top Banks (Version 1.0), looks to be the first-ever attempt to name-and-shame companies based on their identity theft protections, or lack thereof.  read more »

FTC Takes On Sanford Wallace… Again - Via CDT - PolicyBeta:

Earlier this week, the FTC filed a new brief against notorious spammer/spyware purveyor Sanford Wallace, and his partner Walter Rines, for violating the default judgment against them that was originally based on CDT’s 2004 petition.

Good to see that the Commission is not letting Wallace and Rines slip, but let’s hope that they can collect more than the $50,000 that it did last time around.

(Read Original Article - Via CDT - PolicyBeta.)

CDT Urges FTC to Support Privacy Enhancing Technologies - Via Center for Democracy and Technology:

CDT today urged the Federal Trade Commission to expeditiously review and publicly dismiss a complaint against Ask.com alleging unfair and deceptive practices relating to the company's AskEraser technology. CDT believes the allegations are unfounded, noting that Ask.com addressed the issues within its control prior to the filing of the complaint, and is in the process of investigating how to provide consumers with more choices. CDT urged the Commission to use this opportunity to send an affirmative message in support of companies seeking new and innovative methods of privacy protection.

(Read Original Article - Via Center for Democracy and Technology.)

Whoops! Ask.com complaint to FTC is an EPIC mistake - Via The Iconoclast - politics, law, and technology - CNET News.com:

A zealous band of pro-regulation privacy groups made a valiant effort a few days ago to convince the Feds to forcibly pull the plug on a new feature on the Ask.com search engine.

The groups, which include the Electronic Privacy Information Center and the Center for Digital Democracy, told the Federal Trade Commission on Saturday that that a formal injunction was necessary to halt some supposedly pernicious practices on the part of Ask.com.

The only problem? Those supposedly pernicious practices don't actually exist.

Ask.com already had voluntarily changed the way it handled its new privacy feature weeks earlier.  read more »

Google spars with European lawmakers over privacy - Via Privacy : Tech news from CNET :

Google attacked European parliamentarians and privacy advocates on Monday for trying to have competition authorities consider the handling of personal information in its $3.1 billion takeover of rival DoubleClick.

The argument was the centerpiece of a European Parliament hearing to consider the burgeoning role of the Internet in impinging on the privacy of citizens.

The Federal Trade Commission signed off last month on Google's $3.1 billion deal, which combines its dominance in pay-per-click Internet advertising with DoubleClick's market-leading position in display ads.  read more »

DoubleClick Goes MIA At FTC Chief's Old Law Firm - Via Slashdot: Your Rights Online:

theodp writes "FTC Chairwoman Deborah Platt Majoras has refused to recuse herself from the agency's review of Google's $3.1B DoubleClick acquisition, despite her current and past ties to DoubleClick law firm Jones Day. EPIC and the Center for Digital Democracy, which had requested her recusal, are keeping up the pressure as DoubleClick-related pages and references have been disappearing from Jones Day's website.  read more »