Privacy Roundup #0003 • October 2006
October 2006 turned on the movement of personal data, as RFID, biometric passports, surveillance trojans and leaky call centres all pressed against the limits of consent.
1. US judges rule on warrantless surveillance
A US appeals court allowed the government to keep running its warrantless wiretapping programme while the case proceeded, despite a lower court declaring the practice unconstitutional. The decision left the National Security Agency free to continue monitoring Americans' communications during the appeal.
2. Airline passenger data talks stall
Negotiations between the European Union and the United States over sharing airline passenger records missed their deadline, leaving transatlantic flights in a legal grey area. Officials indicated that carriers would carry on handing data to American authorities despite the uncertainty.
3. Airline passenger data deal struck
The European Union and the United States agreed a fresh accord on passing airline passenger information to American agencies, replacing an earlier deal struck down by Europe's highest court. The interim arrangement settled how much detail airlines must surrender on every traveller.
4. O2 changes Ts&Cs to allow call data sharing
O2 amended its terms and conditions to permit sharing customer location, call timing, duration and cost with credit firms, other telecoms companies and debt collectors. The operator said the change supported account management and fraud prevention.
5. Arnie terminates RFID bill
California Governor Arnold Schwarzenegger vetoed a bill that would have required privacy safeguards on radio frequency identification chips in government documents. He argued the measure was premature and might hold back useful contactless technology.
6. IPS completes biometric passport move
The UK Identity and Passport Service finished switching to ePassports carrying facial biometric chips, which it billed as the most secure document it had ever issued. The change kept British travellers eligible for visa-free entry to the United States.
7. Swiss gov 'mulls' spyware to tap VoIP calls
Swiss authorities weighed deploying a surveillance trojan to listen in on internet telephone conversations that ordinary wiretaps could not reach. Legal experts questioned whether the tool was compatible with federal interception law.
8. Info guardian to investigate call centre data leaks
The UK Information Commissioner opened an inquiry into mobile firms' Indian call centres after a television programme showed criminals selling British banking details. Reporters found that account information changed hands for as little as eight pounds.
9. Airport to tag passengers
University College London researchers built RFID tags with a range of ten to twenty metres to track travellers as they moved through an airport. Trials were planned at Debrecen Airport in Hungary under an EU-funded scheme to manage passenger flow.
10. MySpace phishing scam targets music fans
Fraudsters sent emails dressed up as MySpace notifications to steer users towards bogus music stores. The fake shops were built to harvest credit card numbers from unsuspecting fans.
11. Spyware infection prompts McDonalds MP3 recall
McDonald's Japan recalled about ten thousand promotional MP3 players after discovering they shipped preloaded with QQpass spyware. The malware could lift web passwords and other sensitive data from Windows computers once the device was plugged in.
12. UK.gov may allow data sharing on 40 million bank accounts
The Department of Trade and Industry considered letting banks share details from forty million older accounts without asking the customers. The favoured option would have required changes to existing data protection law to allow the disclosure.
13. E-passport launched in Ireland
Ireland rolled out an e-passport carrying an embedded secure microchip just ahead of an American deadline. The move preserved visa-free travel to the United States for Irish citizens under the visa waiver programme.
14. EU mulls RFID privacy laws
The European Union began weighing legislation to address public unease about radio frequency identification tags. A consultation found that most respondents preferred government regulation over industry self-policing to guard against surveillance and misuse.
15. Canada's privacy chief hails Microsoft's Seven Laws of Identity
Ontario's Information and Privacy Commissioner endorsed Microsoft's Seven Laws of Identity as a basis for building privacy directly into software. She presented the framework as a way for people to manage their online identities more safely.
16. Sell your personal data and receive tax cuts
The leader of Bracknell Forest Borough Council floated a scheme to reward residents who let their smartcard data be sold to marketing firms. Those who agreed would receive a reduction on their council tax in return.
17. Microsoft keelhauls customers in WGA snafu
A server-side fault in Windows Genuine Advantage wrongly branded volume licence customers as software pirates. The blunder sharpened worries about the stricter validation checks that Microsoft planned for Windows Vista.
18. Flight disaster phishing scam lands in Brazil
Scammers exploited a Boeing 737 crash that killed 155 people by emailing Brazilian bank customers in Portuguese. The messages promised disaster photographs but instead carried malware aimed at stealing banking credentials.
19. Worm automates Google AdSense fraud
The KMeth worm spread through Yahoo! Messenger and pushed victims towards pages stuffed with costly AdSense adverts. By generating fraudulent clicks, the malware turned each infected machine into a source of advertising revenue for its operators.
20. Russian bookmaker hackers jailed for eight years
Three Russian men were each jailed for eight years over a denial-of-service extortion racket aimed at UK online gambling sites. The gang had squeezed roughly four million dollars from operators before they were caught.
Enjoyed this post?
Well, you could share the post with others, follow me with RSS Feeds and/or send me a comment via email.
Tags
Category:
Year: