Privacy Roundup #0035 • June 2009
June 2009 turned the spotlight on state surveillance, as Iran throttled the net during its election and China ordered censoring software onto every new PC, while Western firms tracked, leaked and reassured in equal measure.
1. Sears settles FTC charges over web tracking software
The Federal Trade Commission settled with Sears and Kmart over a research application that secretly logged consumers' online banking, prescription and email activity. The company agreed to destroy the harvested data and to disclose such tracking plainly in future.
2. EFF and ACLU plan appeal after spying lawsuits dismissed
A federal judge threw out dozens of lawsuits against telecoms accused of helping the government wiretap Americans, citing the retroactive immunity granted under the FISA Amendments Act. The EFF and ACLU announced they would appeal to the Ninth Circuit, calling the immunity law unconstitutional.
3. Aviva blames malware for US data breach
The American arm of insurance giant Aviva admitted that a virus infection may have exposed the names, addresses and social security numbers of around 550 policyholders. The firm reset employee logins, pulled the affected hardware and offered a year of free identity protection.
4. EFF launches TOSBack to track changing terms of service
The Electronic Frontier Foundation unveiled TOSBack, a tool that monitors and records changes to the terms of service of major sites such as Facebook, Google and eBay. The project aimed to make quiet policy revisions visible to ordinary users for the first time.
5. Microsoft launches Bing search engine
Microsoft formally launched Bing, its rebranded search engine, pitching it as a fresh challenger to Google. The debut renewed familiar questions about how much query data search firms keep and for how long.
6. China orders Green Dam filtering software onto every new PC
Beijing ordered that, from July, all new computers sold in China carry the Green Dam Youth Escort filtering program, prompting public anger. Critics warned that the software could transmit personal data and that users would have no way of knowing what it blocked.
7. Researchers find serious security flaws in Green Dam
Scholars at the University of Michigan reported that Green Dam contained programming errors so severe that any website could seize control of a machine running it. The flaws could let attackers steal data, send spam or recruit the computer into a botnet.
8. EFF warns that Green Dam is a spy in the home
The EFF cautioned that Green Dam's deep access to the computer amounted to government surveillance reaching into private machines. It warned the software could log messages, capture keystrokes and switch on webcams, and it urged manufacturers to refuse the mandate.
9. Facebook begins handing out vanity profile URLs
Facebook started letting members claim custom usernames for their profile addresses on a first-come, first-served basis. The land grab raised trademark and impersonation worries, as a chosen address could not later be changed or transferred.
10. LSE briefing dissects UK Interception Modernisation Programme
The London School of Economics published a briefing scrutinising the government's plan to vastly expand the storage of communications data. The proposal would log who contacted whom, which sites were visited and where emails were sent, stopping short only of message content.
11. Iranians turn to Twitter as election protests erupt
After the disputed presidential election, Iranians used Twitter and mobile video to organise protests and broadcast the crackdown to the world. The authorities blocked Facebook, Twitter and the BBC and briefly cut national internet access to install filters.
12. State Department asks Twitter to delay maintenance for Iran
A State Department official emailed Twitter requesting that it postpone scheduled maintenance so Iranian protesters could keep communicating. Twitter moved the upgrade to the small hours in Tehran, while insisting the government had no say over its decisions.
13. Dispute erupts over Nokia Siemens role in Iran spying
Reports claimed that Nokia Siemens Networks had supplied Iran with equipment capable of deep monitoring of communications. The company acknowledged selling a lawful interception system for voice calls but denied providing tools to inspect internet traffic.
14. Stolen laptop exposes data on 45,000 at Cornell
Cornell University warned more than 45,000 current and former students and staff that a stolen computer held their names and social security numbers. The unencrypted files had been left on a laptop in breach of university policy, and the school offered free credit monitoring.
15. Stolen Bord Gais laptop holds bank details of 75,000 customers
An unencrypted laptop taken in a burglary at the energy supplier's Dublin office held the names, addresses and bank account details of around 75,000 electricity customers. The firm had waited before warning those affected, and security experts condemned the failure to encrypt such sensitive records.
16. The Pirate Bay sold to Swedish software firm
The file-sharing site The Pirate Bay was sold to Global Gaming Factory for around 4.7 million pounds. The buyer promised a legitimate model in which copyright owners would be paid, although the future of the site's data and users remained uncertain.
17. Schneier examines the hidden cost of privacy
Bruce Schneier weighed the argument that privacy protection imposes hidden costs on society and business. He countered that the costs of surveillance and data collection are themselves routinely hidden, falling on individuals who never agreed to them.
18. Microsoft releases free Security Essentials anti-malware beta
Microsoft opened a public beta of Security Essentials, the free antivirus product codenamed Morro, to 75,000 testers. The move offered consumers protection without subscription fees, though it drew scrutiny of how much the company would learn about users' machines.
19. Survey finds managers switch off laptop encryption
A survey reported that half of business managers had disabled the encryption on their laptops, often in breach of company policy. The finding underlined how the human factor, rather than the technology, often undid efforts to keep lost or stolen devices safe.
20. Google Voice opens up across the United States
Google began sending invitations for Google Voice, its unified call and voicemail service, to people across the country. The service routed calls, transcribed voicemail and stored messages centrally, concentrating a great deal of personal communication in one place.
Enjoyed this post?
Well, you could share the post with others, follow me with RSS Feeds and/or send me a comment via email.
Tags
Category:
Year: