Wyndham Worldwide hacked and database breached, giving access to some payment card information: Via Wyndham Worldwide.

To our Wyndham Hotels and Resorts guests:

In late January, 2010, our company discovered that a sophisticated hacker penetrated the computer systems of one of the Wyndham Hotels and Resorts (WHR) data centers. By going through the centralized network connections, the hacker was then able to access and download information from several, but not all, of the WHR hotels and remove payment card information of a small percentage of our WHR customers. The incident did not affect any of the other branded hotels in the Wyndham Hotel Group system. We deeply regret that this incident occurred and are doing everything we can to notify our customers directly, to address and remedy the problem. CLICK HERE FOR FAQS ABOUT THE INCIDENT. [ Read more ... ]

Help EFF Research Web Browser Tracking: Via EFF.org Updates.

What fingerprints does your browser leave behind as you surf the web?

Traditionally, people assume they can prevent a website from identifying them by disabling cookies on their web browser. Unfortunately, this is not the whole story.

When you visit a website, you are allowing that site to access a lot of information about your computer's configuration. Combined, this information can create a kind of fingerprint — a signature that could be used to identify you and your computer. But how effective would this kind of online tracking be?

EFF is running an experiment to find out. Our new website Panopticlick will anonymously log the configuration and version information from your operating system, your browser, and your plug-ins, and compare it to our database of five million other configurations. Then, it will give you a uniqueness score — letting you see how easily identifiable you might be as you surf the web. [ Read more ... ]

Data breach notifications one step closer to law... again: Via Law & Disorder Section - Ars Technica.

Every time there's a major data breach in retail or government, there's a chorus of frustrated customers trying to find out whether their information was exposed to would-be identity thieves. The problem is that it's near impossible to find out this information unless the organization in question takes the initiative to notify customers with exposed data. This, quite frankly, happens very slowly. [ Read more ... ]

Introducing Google Social Search: I finally found my friend's New York blog!: Via Official Google Blog.

Your friends and contacts are a key part of your life online. Most people on the web today make social connections and publish web content in many different ways, including blogs, status updates and tweets. This translates to a public social web of content that has special relevance to each person. Unfortunately, that information isn't always very easy to find in one simple place. That's why today we're rolling out a new experiment on Google Labs called Google Social Search that helps you find more relevant public content from your broader social circle. It should be available for everyone to try by the end of the day, so be sure to check back. [ Read more ... ]

Senators introduce patriot act fixes to safeguard americans' rights: Via Office of US Senator Russ Feingold.

JUSTICE Act, Introduced on Constitution Day 2009, Would Fix Long Standing Problems with the PATRIOT Act and Other Surveillance Laws

Thursday, September 17, 2009

Washington, D.C. – U.S. Senators Russ Feingold (D-WI), Dick Durbin (D-IL), Jon Tester (D-MT), Tom Udall (D-NM), Jeff Bingaman (D-NM), Bernie Sanders (I-VT), Daniel Akaka (D-HI) and Ron Wyden (D-OR) have introduced legislation to fix problems with surveillance laws that threaten the rights and liberties of American citizens.  The Judicious Use of Surveillance Tools In Counterterrorism Efforts (JUSTICE) Act would reform the USA PATRIOT Act, the FISA Amendments Act and other surveillance authorities to protect Americans’ constitutional rights, while preserving the powers of our government to fight terrorism.  

The JUSTICE Act reforms include more effective checks on government searches of Americans’ personal records, the “sneak and peek” search provision of the PATRIOT Act, “John Doe” roving wiretaps and other overbroad authorities.  The bill will also reform the FISA Amendments Act, passed last year, by repealing the retroactive immunity provision, preventing “bulk collection” of the contents of Americans’ international communications, and prohibiting “reverse targeting” of innocent Americans.  And the bill enables better oversight of the use of National Security Letters (NSLs) after the Department of Justice Inspector General issued reports detailing the misuse and abuse of the NSLs.  The Senate Judiciary Committee will hold a hearing on Wednesday, September 23rd, on reauthorization of the USA PATRIOT Act.  [ Read more ... ]

Apps for America 2: The Data.gov Challenge: Via Sunlight Foundation Labs.

Apps for America 2: The Data.gov Challenge

What it Is

Apps for America is a special contest we're putting on this year to celebrate the release of Data.gov! We're doing it alongside Google, O'Reilly Media, and TechWeb and the winners will be announced at the Gov 2.0 Expo Showcase in Washington, DC at the end of the Summer.

Why we're doing it

Just as the federal government begins to provide data in Web developer-friendly formats, we're organizing Apps for America 2: The Data.gov Challenge to demonstrate that when government makes data available, it makes itself more accountable and creates more trust and opportunity in its actions. [ Read more ... ]

White House Launches Data.gov and Seeks Advice on Transparency: Via Threat Level.

The Obama administration launched its anticipated Data.gov web site today where federal agencies will publish raw data. The data is being made available to programmers to allow them to develop applications to make the data more accessible to the public.

The site’s catalog currently contains fewer than 100 datasets, but will grow as agencies translate more data into raw digital formats. The data is available in XML, Text/CSV, Keyhole Markup Language and Compressed Keyhole Markup Language, Feeds, XLS, or ESRI Shapefile formats. The site also provides links to widgets and data mining and extraction tools to help cull through data from specific agencies. [ Read more ... ]

ACLU Calls On Obama Administration To Release Bush-Era Prisoner Abuse Photos: Via ACLU online newsroom.

FOR IMMEDIATE RELEASE
CONTACT: (212) 549-2666; media@aclu.org

NEW YORK – In a letter sent to the Department of Defense today, the American Civil Liberties Union called on the Obama administration to release photographs depicting the abuse of prisoners by U.S. forces in Iraq and in Afghanistan. In September 2008, a unanimous three-judge panel of the U.S. Circuit Court of Appeals for the Second Circuit ordered the Bush administration to release the photos as part of an ACLU lawsuit seeking information on the abuse of prisoners held in U.S. custody overseas. The outgoing administration asked the full court to rehear the case, but the court has not issued a decision on whether or not it will do so. To date, the Obama administration has not expressed a position on the litigation.

"President Obama's recent directives committing to an unprecedented level of openness and accountability warrant immediate public disclosure of these images," said ACLU attorney Amrit Singh, who argued the case in court. [ Read more ... ]

House Hears Testimony On International Free Speech Issue: Via American Civil Liberties Union

FOR IMMEDIATE RELEASE
CONTACT: (202) 675-2312; media@dcaclu.org

WASHINGTON – The ACLU called on Congress today to take steps to prevent foreign countries from restricting the free speech rights of Americans inside the U.S. The House Judiciary Subcommittee on Commercial and Administrative Law heard testimony from a panel of experts on a phenomenon called “libel tourism.”

Libel tourism occurs when a foreign plaintiff sues an American author or publisher in a country where free speech protections do not match those afforded under the First Amendment. A party seeking libel damages may bring a claim in any jurisdiction where the allegedly libelous communication was published and then enforce the judgment inside the U.S. [ Read more ... ]

New CFP09 submission deadline: January 23 - Via CFP: Technology Policy '08:

In keeping with CFP traditions, the submission deadline has once again been extended. From Cindy Southworth and Jay Stanley's email today:

We have received many exciting proposals for CFP 2009, however there have been numerous requests for a few more days to submit proposals. We are happy to announce that we are extending the deadline to FRIDAY, JAN. 23rd.

So, if you've been thinking about sending something in ... please do! The submission page is here.

jon

PS: Also in keeping with CFP traditions, there have been delays in setting up the software, and the CFP09 blog isn't yet available. Stay tuned ...

(Read Original Article - Via CFP: Technology Policy '08.)

Ponemon Institute and TRUSTe Announce Results of Annual Most Trusted Companies for Privacy Survey: Via (MARKET WIRE via COMTEX

TRAVERSE CITY, MI and SAN FRANCISCO, CA, Dec 15, 2008 (MARKET WIRE via COMTEX) -- Privacy and information security research company Ponemon Institute along with TRUSTe, the most widely recognized Internet privacy trustmark, today announced the results of the Ponemon Institute's fifth annual survey of Most Trusted Companies for Privacy. The study asked 6,486 adult-aged U.S. consumers which companies they thought were most trustworthy and which did the best job safeguarding personal information. A total of 706 companies were named by consumers; 211 made the final list of most trusted companies.

American Express ranked as the Most Trusted Company for 2008 for Privacy, retaining its place from last year despite the current financial climate. eBay earned a ranking as the second most trusted company, while IBM, Amazon, and Johnson & Johnson rounded out the top five. [ Read more ... ]

Orizin Launches "World's Smallest" Active Asset RFID Tag: Via Tech-On! (Japan)

Orizin Technologies Pvt Ltd of Bangalore has launched what it claims is the world's smallest active RFID tag -- used to track assets over long-range. Active RFID tags have their own internal power source and are more effective in RF challenged environments.

The company has solved the size and pricing issues with the prevailing technology. The new tag has a read-range of 20m, and the dimensions are 26 x 23 x 7.3mm, making it what the company claims is the smallest available active RFID tag in the world. [ Read more ... ]

Microsoft Announces Plans for No-Cost Consumer Security Offering: New anti-malware solution will broaden PC protection and help improve Windows experience.: Via Microsoft Corporation

REDMOND, Wash. — Nov. 18, 2008 — To address the growing need for a PC security solution tailored to the demands of emerging markets, smaller PC form factors and rapid increases in the incidence of malware, Microsoft Corp. plans to offer a new consumer security offering focused on core anti-malware protection.

Code-named “Morro,” this streamlined solution will be available in the second half of 2009 and will provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs. As part of Microsoft’s move to focus on this simplified offering, the company also announced today that it will discontinue retail sales of its Windows Live OneCare subscription service effective June 30, 2009. [ Read more ... ]

It has nothing to do with Privacy, but a non-profit I work with, Sunflower Children, is having an event on Friday November 21st,2008. If you are in the city, I hope you can come.

Reserve your tickets online now for the Sunflower Children Poker Benefit on Friday, Nov 21 at Gotham Hall.

The 2nd Annual Sunflower Charity Poker Event hosted by Helena Houdova, Roberta Armani, Russell Simmons, Lane Carlson and MC for the evening the 2006 WSOP Champion and Highest Poker Stakes Winner in History, Jamie Gold will benefit Sunflower Children of the World Fund. The event will be held on November 21, 2008.

The event will include cocktails, hors d'oeuvres, live DJ and poker playing Celebrity Guest Players include: Olympic Gold Medalist Michael Phelps, Miss World 2006 Tatana Kucharova, Laura Bell Bundy, Poker Pro Lee Childs, actors Michael Kelly, "Changeling", Ben Bailey "Cash Cab", Ana Ortiz "Ugly Betty" Mark Indelicato "Ugly Betty," Malinda Williams "First Sunday" and David Zayas "Dexter".

All public proceeds will benefit Sunflower Children of the World Fund. [ Read more ... ]

EPC RFID Tags in Security Applications: Passport Cards, Enhanced Drivers Licenses, and Beyond - Via RSA Security Laboratories:

Citation: Citation: K. Koscher, A. Juels, T. Kohno, and V. Brajkovic. EPC RFID Tags in Security Applications: Passport Cards, Enhanced Drivers Licenses, and Beyond. 2008. Draft manuscript. In submission.

Abstract: EPC (Electronic Product Code) tags are industry-standard RFID devices poised to supplant optical barcodes in many applications. They are prevalent in case and pallet tracking, and also percolating into individual consumer items and border-crossing documents.



In this paper, we explore the systemic risks and challenges created by increasingly common use of EPC for security applications. As a central case study, we examine the recently issued United States Passport Card and Washington State "enhanced" drivers license (WA EDL), both of which incorporate Gen-2 EPC tags. We explore several issues: [ Read more ... ]

This doesn't have anything to do with privacy, but since I just finished the upgrade to my server I wanted to test one of the new function that I can now do. The software that I use to support Sunflower Children (the non-profit I work with) has a few new capabilities now that we are on a current version o PHP.

Instead of just running a banner on a remote site, we can now display a widget that will be dynamically updated as the donation campaign receives money. I am testing it here before inserting it in my sidebar and on the sites of others that support us. If you like the organiztion and would like to donate, please do. The widget is Live and all donations go directly to Sunflower Children. They of course do NOT keep your credit card number on file. It is just used to process the transaction and then forgotten. [ Read more ... ]

MIT Students' Response to MBTA Statements - Via EFF.org Updates:

Yesterday, the Massachusetts Bay Transportation Authority issued a statement to CNET that misrepresents the facts leading up to the MBTA's lawsuit against three MIT students. The statement said:

A week ago, the MBTA learned about the presentation to be made at the conference, and immediately contacted MIT. At a meeting last Tuesday involving all the parties, MIT staff and the students agreed to provide the MBTA with a copy of the presentation. After several days passed without getting any information from MIT, the MBTA had no choice but to seek assistance from a federal court judge on Friday. At 4:30 a.m. on Saturday, the presentation was finally provided to the MBTA. Staff is thoroughly reviewing the information to determine if there is any degree of substance to the claims being made by the students.

The MIT students would like to clarify a few facts: [ Read more ... ]

Hello Readers,

Well despite all the fun I had with upgrading my iBook(not my best day), I am upgrading the server that the Privacy Digest site runs on. I am increasing the RAM & Hard-drive. Getting a faster CPU and upgrading lots of the system software. In the near future I also have some site upgrades planned that required the new software that this upgrade is giving me. [ Read more ... ]

Hello Readers,

Well despite all the fun I had with upgrading my iBook(not my best day), I am upgrading the server that the Privacy Digest site runs on. I am increasing the RAM & Hard-drive. Getting a faster CPU and upgrading lots of the system software. In the near future I also have some site upgrades planned that required the new software that this upgrade is giving me. [ Read more ... ]

Happy Fourth of July everyone !! and Happy Birthday Privacy Digest !!

Besides being a popular Holiday, tomorrow(Friday) is also the 9th Anniversary of Privacy Digest. Nine years ago I split this content off from its original location as part of a blog I had on MacRonin.com and I gave it it's own domain. It had been becoming obvious that the issue was becoming more important and deserved a platform of it's own.

So in honor of the ideals that got the United States of America started, I choose the Fourth of July as the birthday for Privacy Digest. [ Read more ... ]

Bipartisan FISA Compromise Reached - Via Office of the House Democratic Majority Leader Steny Hoyer:

**Click here for text of the FISA Amendments Act**

WASHINGTON – Senate Intelligence Committee Chairman John “Jay” Rockefeller (WV),Senate Intelligence Committee Vice-Chair Kit Bond (MO), House Majority Leader Steny Hoyer (MD), and House Minority Whip Roy Blunt (MO) announced today that a bipartisan compromise has been agreed to that will modernize the Foreign Intelligence Surveillance Act.

The FISA Amendments Act, H.R. 6304, will increase the nation’s security by strengthening the ability of the intelligence community to conduct lawful surveillance of terrorists, as well as protect constitutional rights by requiring warrants before the government can surveil any American.

“This bipartisan bill balances the needs of our intelligence community with Americans’ civil liberties, and provides critical new oversight and accountability requirements,” said Hoyer. “It is the result of compromise, and like any compromise is not perfect, but I believe it strikes a sound balance. Furthermore, we have ensured that Congress can revisit these issues because the legislation will sunset at the end of 2012.” [ Read more ... ]

CDT Highlights Privacy and Security Impact of Tax Reporting Plan - Via Center for Democracy and Technology:

In testimony before the House Small Business Committee today, CDT expressed concern about the impact on privacy and data security of a proposal that would require banks to track credit card payments, and report the data to the Internal Revenue Service for tax enforcement purposes. CDT explained that the proposal would require increased private sector tracking of Social Security numbers of individual businesspeople; such tracking could lead to additional data collection from small businesses and others, and would set a dangerous precedent.

(Read Original Article - Via Center for Democracy and Technology.)

Verizon Business Releases Trailblazing Data-Breach Study Spanning 500 Forensic Investigations - Via Verizon Business News:

Key Findings Indicate 87 Percent of Breaches Avoidable through Reasonable Security Measures Businesses Urged to Be Proactive

June 11, 2008

BASKING RIDGE, N.J. – Nearly nine in 10 corporate data breaches could have been prevented had reasonable security measures been in place, according to a comprehensive report issued today by Verizon Business. The study also provides key recommendations to help businesses protect themselves and urges them to be proactive.

The “2008 Data Breach Investigations Report” spans four years and more than 500 forensic investigations involving 230 million records, and analyzes hundreds of corporate breaches including three of the five largest ones ever reported. This first-of-its-kind study, conducted by Verizon Business Security Solutions investigative experts, also found that 73 percent of breaches resulted from external sources versus 18 percent from insider threats, and most breaches resulted from a combination of events rather than a single hack or intrusion. [ Read more ... ]

ACLU Statement on Airport Body Scanning Machines - Via ACLU - Privacy:

FOR IMMEDIATE RELEASE
Contact: (202) 675-2312 or media@dcaclu.org

The following can be attributed to Barry Steinhardt, Director of the ACLU’s Technology and Liberty Project:

“The TSA’s announcement, as reported today by USA Today, that it will be expanding the use of whole body scanning machines to 10 airports, is a disappointing confirmation of our warnings against expansion of this virtual strip search. Body scanners produce graphic images of travelers’ bodies and are an assault on their essential dignity. The safeguards announced by the TSA do not convince us that the technology is acceptable, and we question the supposed voluntary nature of these scanners. Ultimately, we question whether the security value of these scanners is proportional to the cost to flyers’ dignity and privacy, and whether they are the right priority for TSA.”

A backgrounder on body scanners and other materials is available online at: www.aclu.org/bodyscanners

(Read Original Article - Via ACLU - Privacy.)

Congressional Investigation of ISP Data Collection Scheme Urged - Via Center for Democracy and Technology:

Fifteen of the nation's leading privacy and public interest groups today released a letter urging Congress to hold hearings on the growing practice of Internet Service Providers targeting ads to subscribers based on their personal Web activities. The letter urges the House Telecommunications Subcommittee leadership to investigate the plan of Charter Communications to capture all of the messages and activities of its Internet subscribers and share that data with a third-party firm, which plans to use the data to target those consumers with specific ads. The plan raises serious privacy and legal issues, the letter says.

# Letter to House Telecom Subcommittee [PDF] June 06, 2008
# Group Press Release June 06, 2008

(Read Original Article - Via Center for Democracy and Technology.)