Invasion of Privacy Laws

Privacy laws are supposed to protect the rights of individual citizens. The advent of the information age has made privacy a bit of a challenge. Invasion of privacy is now much more common place as personal information on individuals is readily available and many organizations that collect certain bits of information on customers, employees, servants and officers don’t do enough to protect privacy.

Invasion of privacy laws are imperative because the loss of privacy can mean not only a small inconvenience but major loss of assets and/or opportunity. Loss of privacy can mean (among other things) identity theft, financial fraud or and inability to get a job.

Many first world and emerging technological countries must deal with this challenge. There are many invastion of privacy laws designed to protect common citizens:

United States, Privacy Act of 1974, designed to hold those that handle private information accountable for its protection.

* Health Information Privacy Accountability Act — Office for Civil Rights U.S. Department of Health and Human Services
* Financial Services Modernization Act (GLB), 15 U.S. Code §§ 6801-6810
* Final Rule on Privacy of Consumer Financial Information, 16 Code of Federal Regulations, Part 313
* Fair Credit Reporting Act (FCRA), 15 U.S. Code §§ 1681-1681u

Australia, Privacy Act of 1988, sets out principles in relation to the collection, use, disclosure, security and access to personal information.

Canada Privacy Law

Personal Information Protection and Electronic Documents Act governs the collection, use and disclosure of personal information in connection with commercial activities and personal information about employees of federal works, undertakings and businesses. Wiki

The rise of “intelligent” CCTV

I think its great that we have better technology in security. What is disconcerting are laws like the Patriot Act and FISA bill which take right from citizens for the sake of more security. With this increased technological power in security, there needs to be more balance, but it seems the rights of citizens (particularly privacy and civil liberties) are taking a back seat to all manor of political will. All this powered by the fear of terrorism after 9/11.

I’m not saying we should not be more cautious or more aware. I’m not saying that more security is not necessary. What I am saying is that Taking away liberties is not necessary. And even if you feel it is necessary to spy on all citizens indefinitely to “catch terrorist” shouldn’t there be checks and balances on the watchers. Who will watch the watchers? How will we ensure that their powers are not abused.

New Technologies:
Smart CCTV – There are now smart security cameras with pattern recognition that allow them to alarm when some one does something suspicious such as climb a fence, or put down a bag and walk away. That technology has been developed by companies like ObjectVideo Inc. Defense Advanced Research Products Agency (DARPA) hopes to take it a step further by creating systems that can learn everyday patterns and send alarm when things are outside of their known pattern, also known as anomaly detection.

http://govtsecurity.com/mag/fighting_terror_technology/

read more | digg story

What Privacy Policy?

Company security and marketing executives differ on how to handle customer data.

Companies are in the business of selling your personal information. You that little Privacy Statement that your credit card company send to you. If you read the fine print, they are usually telling you that they are about to send your personal information to their “partners” an/or third party organizations unless you send them a written document to opt out.

I got one from Dexonline once. The law seems to favor these corporations, because it can be difficult to get off of all these lists. Its like a Anti-Privacy Virus. Once one company has your data, they send you information to there third party partners (with your silence as permission) then the third party vendors attempt to sell you an item and do the same thing (with your sheep like compliance) and so on. Pretty soon your personal information is on 10 or 20 revolving marketing lists.

I’m not opposed to some solicitations, but US law is pretty flimsy on the privacy of individuals. The CAN-SPAM act is just no enough anymore. Consumer should have to sign-up not just opt-out in written form via mail. But what happens is that companies like Comcast, AT&T, Visa, Master Card and many, many others put their right to give out your information right in the USER Agreement (which nobody reads). Since there are few alternatives that protect your privacy, they don’t feel any pressure to side with your privacy. By law, they have to provide a method of opt-out prior to selling your information, but like I said, I don’t think its enough.

Local government privacy is even worse, I’ve been reluctant to write about it because I fear that I will make it easier to for more bad guys to do bad things just because they can.

read more | digg story

ECHELON of human underachievement

Knowledge is power. In the information age this is more and more true every minute of every day. I believe it is inevitable that we would have the super secret parts of government would begin to collude to monitor all telephone, data and fax communications. It seems equally inevitable that very powerful individuals will challenge that same system.

Human nature being what it is, such a system is guaranteed to be abused for the power and positioning a dominate minority. My panic and indignation on such things is slowly supplemented by an acceptance and humor of human behavior that is self centered, greedy and in constant state of fear, loathing and self gratification. The funny part is that the behavior continues even though it proves to implode over time. Again and again Rome rises only to crash on the shores of reality. Caesar conquers, assimilates and raises taxes then fades out.

It frustrated me because I know that humanity has the capacity to do better. Better for the planet, better for itself and better for every species. We are capable of doing great, great things but we choose to live in a state of fear, self gratification an loathing.

http://www.whatreallyhappened.com/RANCHO/POLITICS/ECHELON/echelon.html

ECHELON

Main article: ECHELON

NSA/CSS, in combination with the equivalent agencies in the United Kingdom (Government Communications Headquarters), Canada (Communications Security Establishment), Australia (Defence Signals Directorate), and New Zealand (Government Communications Security Bureau), otherwise known as the UKUSA group[16], is widely reported to be in command of the operation of the so-called ECHELON system. Its capabilities are suspected to include the ability to monitor a large proportion of the world’s transmitted civilian telephone, fax and data traffic, according to a December 16, 2005 article in the New York Times.[17]

Technically, almost all modern telephone, internet, fax and satellite communications are exploitable due to recent advances in technology and the ‘open air’ nature of much of the radio communications around the world. The NSA’s presumed collection operations have generated much criticism, possibly stemming from the assumption that the NSA/CSS represents an infringement of Americans’ privacy. However, the NSA’s United States Signals Intelligence Directive 18 (USSID 18) strictly prohibits the interception or collection of information about “…US persons, entities, corporations or organizations…” without explicit written legal permission from the Attorney General of the United States [18] The U.S. Supreme Court has ruled that intelligence agencies cannot conduct surveillance against American citizens. There are a few extreme circumstances where collecting on a U.S. entity is allowed without a USSID 18 waiver, such as with civilian distress signals, or sudden emergencies such as the September 11, 2001 attacks; however, the USA PATRIOT Act has significantly changed privacy legality.

There have been alleged violations of USSID 18 that occurred in violation of the NSA’s strict charter prohibiting such acts.[citation needed] In addition, ECHELON is considered with indignation by citizens of countries outside the UKUSA alliance, with numerous allegations that the United States government uses it for motives other than its national security, including political and industrial espionage.[19][20] Examples include the gear-less wind turbine technology designed by the German firm Enercon[21][22] and the speech technology developed by the Belgian firm Lernout & Hauspie. An article in the Baltimore Sun reported in 1995 that aerospace company Airbus lost a $6 billion contract with Saudi Arabia in 1994 after the NSA reported that Airbus officials had been bribing Saudi officials to secure the contract.[23][24] The chartered purpose of the NSA/CSS is solely to acquire significant foreign intelligence information pertaining to National Security or ongoing military intelligence operations.

In his book Firewall, Andy McNab speculates that the UKUSA agreement is designed to enable the NSA, GCHQ, and other equivalent organizations to gather intelligence on each other’s citizens. For example, the NSA cannot legally conduct surveillance on American citizens, but GCHQ might do it for them.

http://en.wikipedia.org/wiki/National_Security_Agency

Document 13: NAVSECGRU Instruction C5450.48A, Subj: Mission, Functions and Tasks of Naval Security Group Activity (NAVSECGRUACT) Sugar Grove, West Virginia, September 3, 1991

While NSA directs and manages U.S. SIGINT activities, almost all collection activity is actually carried out by the military service SIGINT units—including the Naval Security Group Command. The role of the unit at Sugar Grove in intercepting the international leased carrier (ILC) communications passing through INTELSAT satellites was first revealed in James Bamford’s The Puzzle Palace. (Note 12)

The regulation reveals that Sugar Grove is associated with what has become a highly controversial program in Europe, North America, Australia, and New Zealand. The program, codenamed ECHELON, has been described as a global surveillance network that intercepts and processes the world’s communications and distributes it among the primary partners in the decades-old UKUSA alliance—the United States, Canada, the United Kingdom, Australia, and New Zealand. (Note 13)

In reality, ECHELON is a more limited program, allowing the UKUSA allies to specify intelligence requirements and automatically receive relevant intercepts obtained by the UKUSA facilities which intercept satellite communications (but not the U.S. facilities that receive data from SIGINT satellites). It is also limited by both technological barriers (the inability to develop word-spotting software so as to allow for the automatic processing of intercepted conversations) and the limitations imposed on collection activities by the UKUSA allies—at least as regards the citizens of those countries. (Note 14) Thus, the NAVSECGRU instruction also specifies that one of the responsibilities of the commander of the Sugar Grove site is to “ensure the privacy of U.S. citizens are properly safeguarded pursuant to the provisions of USSID 18.”

http://www.gwu.edu/~nsarchiv/NSAEBB/NSAEBB24/nsa13.pdf

UK planning to monitor and record every phone call, web page, and email sent by citizens

The Home Office will create a database to store the details of every phone call made, every email sent and every web page visited by British citizens in the previous year under plans currently under discussion, it has emerged.

The Government wants to create the system to fight terrorism and crime. The police and security services believe it will make it easier to access important data as communications become more complex.

Telecoms firms and internet service providers (ISPs) have already been approached by the Home Office, which would be given customer records if the plans were realized.

Only a matter of time before the same happens in the U.S. It might already be underway by the NSA. Who knows.

more at Telegraph.co.uk

remove a name from mailing lists

Remove from Credit Card and Insurance Mailing Lists

The Fair Credit Reporting act of 1997 allows for consumers to stop unsolicted credit card & insurance offers. It puts more responsibility of customer privacy on the business that collected the sensitive data in the first place.

In order to use the strength of the law you must take action. Write or call the credit bureaus and request removal of your name and address from those lists. Here are the credit bureaus’ contact information:

Trans Union
P.O. Box 736
Springfield, PA 19064-0736
Telephone: (800) 680-7293

Experian (used to be TRW)
P.O. Box 949
Allen, TX 75013
Telephone: (800) 353-0809

Equifax
P.O. Box 105139
Atlanta, GA 30374-5139
Telephone: (800) 556-4711

Once you make the request they have 5 days to notify all national credit agencies. Your name will then be dropped from their mailing list for two years.

Remove your name from mailing lists permanently

To remove your name from mailing lists permanently ask the credit bureau to send you an “election form.”

To receive a credit report contact the following:

Experian (formerly TRW)
(800) 682-7654

Equifax
(800) 685-1111

Trans Union
(800) 916-8800

To Stop “Junk Mail”

Contact the Direct Marketing Association (DMA).

Mail Preference Service
PO Box 9008
Farmingdale NY 11735-9008

Telephone Preference Service (telemarketing)
PO Box 9014
Farmingdale NY 11735-9014

With a request (written) your name will by removed from their mailing lists.

I’m not sure there is a way to remove your name from all email mailing lists at once. But one thing you want to NOT do is put your email address on a website. If you want customers to get to your via email but don’t want the spam and scams that come with, use a contact form or something like this elamb.security(at)gmail(dot)com – this makes it so spam emails can’t automatically grab your email from the Internet, a common spammer tactic.

1 2