A Brief History of the Internet of Things, 09/24/2014, www.baselinemag.com
Over the last few years, the Internet of things has evolved from an intriguing concept into an increasingly sophisticated network of devices and machines.

The Internet of Things for Cars: What Will it Mean for Insurance?, 08/12/2014, quoted.thezebra.com
Imagine, for a moment, a world in which vending machines restock themselves. A world in which your wallet, via a Bluetooth signal, beeps at your phone if you leave it behind at a restaurant.

Your Interest in Privacy Will Ensure You’re Targeted By The NSA, 07/14/2014, www.makeuseof.com
Have you ever wondered if you’re on an NSA observation list? Turns out that if you’ve even thought about it (or online privacy in general), you’re probably more likely to be on one.

Internet of Things to Stress Enterprise Networks, 07/07/2014, www.eweek.com
The survey also revealed almost two-thirds of respondents (63 percent) believe the Internet of things to be a threat to network security. – See more at: http://www.eweek.com/small-business/internet-of-things-to-stress-enterprise-networks.html#sthash.ZCdKDmtV.dpuf”

Google reinstates ‘forgotten’ links after pressure, 07/04/2014, www.bbc.com
After widespread criticism, Google has begun reinstating some links it had earlier removed under the controversial “right to be forgotten” ruling.

Microsoft Joins The AllSeen Alliance Internet of Everything Open-Source Project, 07/04/2014, www.hiddenwires.co.uk
The Broadest Internet of Everything Project Adds the World’s Largest Software Company as a Premier Member. The AllSeen Alliance, the broadest Internet of Everything open-source project, today announced that Microsoft (Nasdaq “MSFT”) has joined the group’s multi-company effort as a Premier Member to make it easier for a broad range of everyday devices, objects and services to interoperate seamlessly and intelligently.

Why has Google cast me into oblivion?, 07/02/2014, www.bbcnews.com
This morning the BBC received the following notification from Google:
Notice of removal from Google Search: we regret to inform you that we are no longer able to show the following pages from your website in response to certain searches on European versions of Google

The Internet of Things at home: Why we should pay attention, 06/30/2014, www.computerworld.com
Some of the current consumer products could lead into important enterprise tools. An explanation, a slideshow and some data.

Massachusetts high court says accused criminal must decrypt computers for police, 06/25/2014, www.pogowasright.org
Police can order an accused criminal to decrypt his computer without violating his constitutional right against self-incrimination, Massachusetts’ top court said on Wednesday.

‘Get a warrant’ to search cellphones, Justices say, 06/25/2014, www.seattletimes.com
Officers are being briefed during roll calls, new procedures are in place, and prosecutors are considering the effect on potentially thousands of pending court cases after the Supreme Court’s ruling that restricts police searches of cellphones.

‘Bionic Pancreas’ Astonishes Diabetes Researchers, 06/16/2014, www.nbcnews.com
A “bionic pancreas” that uses a smart phone, glucose monitor and insulin pump to automatically control blood sugar levels helped more than two dozen people live free of finger pricks and other troublesome reminders of diabetes, researchers reported Sunday.

Preparing for the Internet of Things , 06/09/2014, www.zdnet.com
What are you doing to prepare for the Internet of Things in your company? How are you going to handle connectivity of the new internet-enabled “things”? How will you handle the new bandwidth requirements from network-hungry devices? Are you prepared for the amount of storage required to maintain those devices?

For Sale: Practically All the Details of Your Personal Life, 06/09/2014, www.securitybistro.com
When documents released by Edward Snowden showed that the National Security Agency (NSA) is collecting various types of data on ordinary American citizens, a lot of people were quick to voice their opinion that this is just wrong.

5,000 Years of History Shows that Mass Spying Is Always Aimed at Crushing Dissent , 06/07/2014, www.securitybistro.com
Spying has been around since the dawn of civilization. Keith Laidler – a PhD anthropologist, Fellow of the Royal Geographical Society and a past member of the Scientific Exploration Society – explains: Spying and surveillance are at least as old as civilization itself.

Hoofnagle & Urban Reexamine Alan Westin’s Privacy Classifications of Consumers , 06/07/2014, www.pogowasright.org
Homo economicus reliably makes an appearance in regulatory debates concerning information privacy. Under the still-dominant U.S. “notice and choice” approach to consumer information privacy, the rational consumer is expected to negotiate for privacy protection by reading privacy policies and selecting services consistent with her preferences

The Massive Challenge of Securing the Internet of Things, 05/12/2014, www.securityweek.com
If the buzz last year was all about software defined networking (SDN), this year’s buzz is about the Internet of Things – everyday devices that are IP-enabled, can communicate over the Internet and can transmit what may be very confidential and important data.

The Tangled Web of IoT Security, 05/06/2014, www.technewsworld.com
The Internet of Things, or IoT, consists of “uniquely identifiable objects and their virtual representations in an Internet-like structure,” according to Wikipedia.

Ten Key Take-Aways From the White House Big Data Report, 05/05/2014
On Thursday, the White House Big Data Working Group, led by senior presidential advisor John Podesta, released a 79-page report that outlines a number of key observations and recommendations for privacy in both the private sector and government.

Internet of Things (IoT) is transforming internet security, 04/21/2014
IoT means “potentially billions of devices will report data about themselves, making it possible to create new applications in areas as diverse as factory optimization, car maintenance, or simply keeping track of your stuff online” as reported in MIT Technology Review.

Retain locally, comply globally=, 04/17/2014, www.lexology.com
We used to talk about the “borderless” environment of the Internet. These days, that view is looking increasingly outmoded and utopian, in large part because of the intersection of law enforcement and privacy concerns.

DOJ and FTC clarify antitrust implications of cybersecurity information sharing=, 04/10/2014, www.lexology.com
On 10 April 2014, the Department of Justice (DOJ) and Federal Trade Commission (FTC) issued a joint policy statement on the antitrust implications of sharing cybersecurity information to help facilitate the flow of cyberintelligence throughout the private sector.

The Scoring of America: How Secret Consumer Scores Threaten Your Privacy and Your Future, 04/02/2014 www.pogowasright.org
This new report from Pam Dixon and Bob Gellman for the World Privacy Forum explores the issue of predictive scores that use information about your past to predict your future. How accurate are these predictions? What impact can they have on your life? What scores are predicting you?

Breaking: Documents Reveal Unregulated Use of Stingrays in California, 03/13/2014, www.pogowasright.org
Local law enforcement agencies across the Bay Area have so-called stingray devices, a powerful cellphone surveillance tool, and more are planning to acquire the technology, according to public records recently obtained by Sacramento News10.

State Supreme Court rules local cops wrong to use texts to get convictions, 02/28/2014, www.pogowasright.org
ppeals of two Longview drug convictions led to a far-reaching state Supreme Court decision Thursday that people have the right to privacy in sending and receiving text messages.

New Privacy Paper: Mass Surveillance as Privacy Pollution, 02/26/2014, www.pogowasright.org
ata collection in public (and in the home via public spaces) resembles an externality imposed on the person whose privacy is reduced involuntarily; it can also be seen as a market failure caused by an information asymmetry.

Got Malware? The FBI Is Willing to Pay For It, 02/06/2014, www.securityweek.com
The FBI has placed malware on its shopping list, and is turning to vendors to help the agency build a massive library of malicious software.

How a Family Tragedy Landed on a Retailer’s Mailing, 01/29/2014, online-wsj.com
When Mike Seay arrived home earlier this month and found his wife in the kitchen crying, he braced himself. The couple was still devastated by their daughter’s death in a car accident last February, and seeing his wife Shannon distraught, he prepared for the worst.

Keeping privates private: the legal landscape of revenge….=, 01/29/2014, www.lexology.com
Mark Zuckerberg famously stated that the purpose of Facebook is “to make the world more open and connected,” and indeed Facebook, other social media outlets and the Internet in general have brought worldwide openness and connection-through-sharing to levels unparalleled at any point in history.

Federal consumer bureau data-mining hundreds of millions of consumer credit card accounts, mortgages, 01/28/2014, www.phiprivacy.net
Officials at the Consumer Financial Protection Bureau are conducting a massive, NSA-esque data-mining project collecting account information on an estimated 991 million American credit card accounts.

Hulu hoops: standing & damages as threshold issues in privacy cases= , 01/22/2014, www.lexology.com
If A Tree Falls And No One Is Hurt By It, Can You Still Sue? Imagine you are in the mall, and you overhear an interaction between a clerk and another shopper.

How to Lose Your Data In 10 Days, 01/21/2014, www.privacyassociation.org
It’s no longer an “if” you’re the target of a data breach; it’s just a matter of “when.” Data loss incidents are becoming an unfortunate rite of passage.

The ‘Internet of Things’ will impact law and regulation in 2014, 01/16/2014, www.lexology.com
If 2013 was the year of “Big Data,” 2014 will be the year of the “Internet of Things.” The Internet of Things is the network of physical objects that contain embedded technology to communicate and sense or interact with people, things, and the external environment.

Judge: NSA phone program likely unconstitutional, 12/16/2013, www.politico.com
A federal judge ruled Monday that the National Security Agency program which collects information on nearly all telephone calls made to, from or within the United States is likely to be unconstitutional.
U.S. District Court Judge Richard Leon found that the program appears to run afoul of the Fourth Amendment prohibition on unreasonable searches and seizures. He also said the Justice Department had failed to demonstrate that collecting the so-called metadata had helped to head off terrorist attacks.
Related: Ruling (pdf).
Update: Orin Kerr finds Judge Leon’s analysis unpersuasive.

Plaintiffs Bar Hit Hard by Recent CMIA Decision, 10/24/2013, www.phiprivacy.net
Insurers providing privacy liability coverage were collectively breathing a sigh of relief last week given a decision from the California Court of Appeals.

Google Wins Lawsuit Dismissal, 10/09/2013, www.bloomberg.com
Google Inc. (GOOG) won dismissal of a lawsuit alleging it violated computer users’ rights by slipping electronic “cookies” into their Web browsers to facilitate placement of advertising.

Governor Brown signs AB-370 into law; site operators must disclose how they handle ‘do-not-trac’ requests, 09/27/2013, www.pogowasright.org
It’s been a good day for consumers in California. Governor Brown signed SB-46 into law, expanding business’s data breach notification obligations to consumers whose online account data has been breached.

FBI Drones Flew Since 2006, Audit Says, 09/27/2013, www.pogowasright.org
The FBI has been deploying unmanned aircraft for domestic surveillance for seven years, though the agency first acknowledged their use in July, the Justice Department’s inspector general reported Thursday.

EPIC – Foreign Intelligence Court Releases Controversial Opinion on Domestic Telephone Records Program, 09/21/2013, www.bespacific.com
“The Foreign Intelligence Surveillance Court (FISC) has released an Opinion, justifying the NSA’s telephone record collection program. In the Opinion, Judge Claire Eagan states that “there is no Fourth Amendment impediment to the collection” of all domestic call detail records.

EFF – Data Broker Acxiom Launches Transparency Tool, But Consumers Still Lack Control, 09/12/2013, www.bespacific.com
EFF: “Acxiom, a data broker that collects 1,500 data points per person on over 700 million consumers total and sells analysis of such information, is trying to ward off federal privacy regulations by flaunting transparency—a diluted term, in this case—around user data.

Threat to Privacy Found in Auto Insurance ‘Pay as You Drive’ Programs, 09/11/2013, www.pogowasright.org
Yes, those “pay as you drive” programs used by insurance companies to record your driving habits sometimes can be used to accurately infer your destination — a long-time concern of privacy advocates

The OECD Heralds the Arrival of the Privacy Profession, 09/09/2013, www.privacyassociation.org
For anyone following the field of privacy policymaking, the past two years have seen a flurry of activity unsurpassed in any other legal arena.

Fifth Circuit Court of Appeals reverses dismissal of negligence claims against Heartland Payment Systems, 09/04/2013, www.databreaches
It seems it isn’t all over for a lawsuit by nine financial institutions against Heartland Payment Systems following a mammoth breach disclosed in January 2009. The Fifth Circuit Court of Appeals reversed the district court’s dismissal of negligence claims and remanded.

Second Circuit Suggests That the Plain View Exception Should Be Applied More Narrowly to Digital Searches, 06/25/2013, www.volokh.com
As regular readers know, I am very interested in the scope of the plain view exception for computer searches. In physical searches, if the government comes across evidence unrelated to the search it is lawfully conducting, the government can seize that evidence as long as its incriminating nature is immediately apparent.

Verizon providing all call records to U.S. under court order, 06/24/2013, www.washingtonpost.com
The National Security Agency appears to be collecting the telephone records of tens of millions of American customers of Verizon, one of the nation’s largest phone companies, under a top-secret court order issued in April.

Commentary – Why Privacy Matters Even if You Have ‘Nothing to Hide’, 06/07/2013, www.bespacific.com
Most attempts to understand privacy do so by attempting to locate its essence—its core characteristics or the common denominator that links together the various things we classify under the rubric of “privacy.”

EFF – How Facebook Teams Up With Data Brokers to Show You Targeted Ads, 04/23/2013, www.bespacific.com
EFF: “Recently, we published a blog post that described how to opt out of seeing ads on Facebook targeted to you based on your offline activities. This post explained where these companies get their data, what information they share with Facebook, or what this means for your privacy.

California appellate court expands common law right of privacy, 04/15/2013, www.pogowasright.org
he Fourth District Court of Appeal for the State of California expanded the tort of “public disclosure of private facts” under that state’s common law right to privacy in a case involving a claim by an employee against her supervisor and employer. Ignat v. Yum! Brands, Inc. et al, No. G046434, (Cal. Ct. App. March 18, 2013).

Facebook Will Peer Into Your Grocery Bag to Sell an Ad, 04/11/2013, www.wired.com
Facebook has announced a new system that lets advertisers target you based on what groceries you buy, what car you drive, and what kind of phone you use. It’s just the latest example of an emerging pattern at the social network – follow the user all over the place to close more ad sales.

Will we care about online privacy in 20 years?, 04/09/2013, www.cnn.com
The launch of the Facebook Home app has reignited the privacy debate over whether the social networking site is becoming too integrated in our lives.

Secrets of FBI Smartphone Surveillance Tool Revealed in Court Fight, 03/29/2013, www.wired.com
The government’s use of a secret spy tool was on trial on Thursday in a showdown between an accused identity thief and more than a dozen federal lawyers and law enforcement agents who were fighting to ensure that evidence obtained via a location-tracking tool would be admissible in court.

The Dangers of Surveillance, 03/26/2013, www.pogowasright.org
From the Fourth Amendment to George Orwell’s Nineteen Eighty-Four, our law and literature are full of warnings about state scrutiny of our lives. These warnings are commonplace, but they are rarely very specific. Other than the vague threat of an Orwellian dystopia, as a society we don’t really know why surveillance is bad, and why we should be wary of it.

Why Does Privacy Matter? One Scholar’s Answer, 02/26/2013, www.pogowasright.org
… Privacy should have a deeper purpose than the one ascribed to it by those who treat it as a currency to be traded for innovation, which in many circumstances seems to actually mean corporate interests. To protect our privacy, we need a better understanding of its purpose and why it is valuable.

FTC issues mobile privacy recommendations and announces 800,000 settlement with popular app developer=, 02/01/2013, www.lexology.com
Today the FTC issued a report this report offering several suggestions for the major participants in the mobile ecosystem on ways to improve mobile privacy disclosures.

FTC issues staff report with recommendations for improving mobile privacy practices=, 02/01/2013, www.lexology,com
Today the Staff of Federal Trade Commission (FTC) issued a report titled Mobile Privacy Disclosures: Building Trust Through Transparency that makes recommendations for best practices in safeguarding user privacy on mobile devices. The report is aimed at mobile platform providers, app developers, third-party advertisers and analytics companies, and app industry trade associations. The goal of the report is to help these entities improve the manner in which they inform consumers about the safety of their data.

Data Privacy Day: a day to recognize data protection and security awareness=, 01/28/2013, www.lexology.com
Today’s digital world has enabled us to enjoy and take advantage of all that the internet and digital communications have to offer, however, in our progressively connected society, the benefits also come with risks.

President signs amendment to Video Privacy Protection Act, ushering in a new era for widespread sharing of viewing histories=, 01/16/2013, www.lexology.com

Federal Judge Finds National Security Letters Unconstitutional, Bans Them,, 01/15/2013, www.pogowasright.org
This almost calls for animated graphics with fireworks. All right, nothing really calls for animated graphics, but this is HUGE. Kim Zetter reports

United, Delta and OpenTable receive warning over inaccessible privacy policies, 10/30/2012, www.slashgear.com
he state of California has warned OpenTable, United Continental, and Delta Air Lines over their inaccessible privacy policies for mobile users, according to a source familiar with the issue. Reportedly, the companies were notified via a letter from the California Attorney General that they have 30 days to make their privacy policies “readily accessible.”

FTC publishes guidelines for facial recognition, 10/22/2012, www.pogowasright.org
Finally, there are at least two scenarios in which companies should obtain consumers’ affirmative express consent before collecting or using biometric data from facial images.

Seattle Police Want More Drones, Even While Two Sit Unused, 10/17/2012, www.slashdot.org
“The Seattle Police Department is seeking to buy more unmanned aerial vehicles (a.k.a. drones) even as the two it currently owns site warehoused until the city develops a policy for their use, documents released as part of the EFF and MuckRock’s Drone Census show. More frightening than the $150,000 price tag?

A Behavioural Understanding of Privacy and its Implications for Privacy Law”:http://www.bespacific.com/mt/archives/031216.html, 09/14/2012, www.bespacific.com
This article draws upon social interaction theory (the work of Irwin Altman) to develop a theory of the right to privacy, which reflects the way that privacy is experienced. This theory states that the right to privacy is a right to respect for barriers, and that an invasion of privacy occurs when a privacy barrier is penetrated.

A Technology-Centered Approach to Quantitative Privacy, 08/14/2012, www.ssrn.com
Our analysis and proposal draw upon insights from information privacy law. Although information privacy law and Fourth Amendment jurisprudence share a fundamental interest in protecting privacy interests, these conversations have been treated as theoretically and practically discrete.

Email Privacy Pioneer Launches Silent Circle To Protect Mobile, Internet Calls, 08/14/2012, www.pogowasright.org
An Internet privacy veteran and inventor of a popular email encryption scheme is launching a suite of new products next month that will allow people to scramble their mobile phone calls, e-mails, text messages and Internet voice and video calls.

How Exactly Websites Track And Stalk You With Their Ads, 08/03/2012, www.makuseof.com
Last year, our very own Danny Stieben wrote an article about DuckDuckGo, one of the newest search engines to break through in popularity–some people even prefer it over Google. DuckDuckGo’s success hinges on the notion that it prioritizes user privacy, and this idea of user privacy has become a hot topic in recent years.

California Starts Up a Privacy Enforcement Unit, 07/19/2012, www.wired.com
Watch out, Silicon Valley, there’s a new startup in town and its gunning for you. California Attorney General Kamala Harris announced Thursday she’s created a unit intended to actually enforce federal and state privacy laws.

PrivacyScore: Find Out How Websites Use Your Information”:http://www.makeuseof.com/dir/privacyscore-find-websites-information/, www.makeuseof.com
Are you concerned about how websites use your personal details and information? If you want to find out the privacy risk of sharing your information on different websites, try Privacy Score.

Future of Data Breach Class Actions After ‘Anderson’, 04/11/2012, www.databreaches.net
In October 2011, the U.S. Court of Appeals for the First Circuit issued its decision in Anderson v. Hannaford, where it denied the defendant grocery chain’s motion to dismiss an action arising from a breach of customers’ personal information—a rare significant victory for plaintiffs alleging mitigation damages.

With GPS Data Out, Feds Eye Warrantless Cell Phone Surveillance, 03/31/2012, www.wired.com
Prosectors are shifting their focus to warrantless cell-tower locational tracking of suspects in the wake of a Supreme Court ruling that law enforcement should acquire probable-cause warrants from judges to affix GPS devices to vehicles and monitor their every move, according to court records.

Constitutional Showdown Voided: Feds Decrypt Laptop Without Defendant’s Help, 02/29/2012, www.wired.com
Colorado federal authorities have decrypted a laptop seized from a bank-fraud defendant, mooting a judge’s order that the defendant unlock the hard drive so the government could use its contents as evidence against her.

FTC Releases Top Complaint Categories for 2011, 02/28/2012, www.bespacific.com
The Federal Trade Commission today released its list of top consumer complaints received by the agency in 2011. For the 12th year in a row, identity theft complaints topped the list. Of more than 1.8 million complaints filed in 2011, 279,156 or 15 percent, were identity theft complaints.

Data Collection Arms Race Feeds Privacy Fears, 02/21/2012, www.pogowasright.org
Revelations last week that Google Inc, Twitter and other popular Internet companies have been taking liberties with customer data have prompted criticism from privacy advocates and lawmakers, along with apologies from the companies.

Woman who pleaded Fifth in password case now citing Fourth, 02/12/2012, www.zdnet.com
A woman who argued that providing a password to authorities was a violation of her Fifth Amendment rights has filed an appeal in her case and is now also citing the Fourth Amendment.

PII 2.0: Privacy and New Approach to Personal Information, 02/08/2012, news.bna.com
There is no uniform definition of “personally identifiable information,” or PII, in the United States, according to Paul M. Schwartz, professor of Law at the University of California, Berkeley School of Law, and Daniel J. Solove, the John Marshall Harlan Research Professor of Law at George Washington University Law School.

Department of Justice Misdirection on Cloud Computing and Privacy, 01/25/2012, www.pogowasright.org
Does using cloud computing services based in the United States create a risk of US law enforcement access to people’s data?

EPIC: Supreme Court Upholds Fourth Amendment in GPS Tracking Case, 01/23/2012, www.bespacific-com
“Today the Supreme Court unanimously held in U.S. v. Jones that the warrantless use of a GPS tracking device by the police violated the Fourth Amendment.

Governmental Tracking of Cell Phones and Vehicles: The Confluence of Privacy, Technology, and Law, 12/16/2011, www.docuticker.com
This report will briefly survey Fourth Amendment law as it pertains to the government’s tracking programs. It will then summarize federal electronic surveillance statutes and the case law surrounding cell phone location tracking.

FTC-Facebook Settlement Reflects Broader Privacy Shift, Attorneys Say, 12/09/2011 news.bna.com
The Federal Trade Commission’s recent agreement with Facebook Inc. reflects a larger shift toward new privacy standards for U.S. firms, attorneys told BNA.

January is Data Privacy Month: Free Webinars and Easy Ways to Increase Awareness, 12/07/2011, www.educause.edu
You know the importance of protecting personal identities and the effects social media can have on privacy, but does everyone on your campus? During the month of January, EDUCAUSE is expanding on Data Privacy Day to provide an entire month’s worth of activities and resources to help raise data privacy awareness.

LinkedIn Beats Referrer URL Privacy Class Action on Article III Standing Grounds–Low v. LinkedIn, 11/14/2011, www.pogowasright.org
Low brought a putative class action against LinkedIn, complaining about the fact that LinkedIn “allows transmission of users’ personally identifiable browsing history and other personal information to third parties, including advertisers, marketing companies, data brokers, and web tracking companies . . . ”

The Drone Threat to Privacy, 11/14/2011, www.pogowasright.org
Technology, as Supreme Court Justice Antonin Scalia wrote in a 2001 Supreme Court opinion, has the power “to shrink the realm of guaranteed privacy.”

Law Firm Technology Survey 2011, 11/01/2011, www.law.com
It’s been some time since the economy wasn’t the dominant theme in our yearly survey. But while the struggling recovery must still be reckoned with, feedback from the 82 law firm technology chiefs who responded this year—and follow-up interviews with nearly a dozen of them—reveal that the top focus has moved from dollars to data.

First Circuit: Hannaford Breach Class Action / Tort Claims OK; Mitigation Costs Are Damages, 10/24/2011, www.bna.com
The U.S. Court of Appeals for the First Circuit Oct. 20 reinstated state law tort claims for a class of Hannaford Brothers Co. customers whose financial data were compromised in a massive breach involving some 4.2 million payment card accounts (Anderson v. Hannaford Bros. Co., 1st Cir., Nos. 10-2384, 10-2450, 10/20/11).

Mass. Court Says Constitution Protects Filming On-Duty Police, 08/28/2011, www.slashdot.com
Even in a country and a world where copyright can be claimed as an excuse to prevent you from taking a photo of a giant sculpture in a public, tax-paid park, and openly recording visiting police on your own property can be construed as illegal wiretapping, it sometimes seems like the overreach of officialdom against people taking photos or shooting video knows no bounds.

Damages From Hannaford Bros. Data Breach Dominate 1st Circuit Debate, 09/13/2011, www.databreaches.net
A debate about the damages available to some to 4.2 million customers of the Hannaford Brothers Co. supermarket company whose financial information was compromised during a data breach dominated an oral argument at the 1st U.S. Circuit Court of Appeals.

Chris Hoofnagle discusses online privacy, 08/21/2011, www.pogowasright.org
Despite widening criticism of online tracking, marketers are going to greater lengths than ever to ensure they can monitor online behavior even when consumers take steps to opt out.

Face-matching with Facebook profiles: How it was done , 08/04/2011, news.cnet.com
LAS VEGAS—Facebook’s online privacy woes are well-known. But here’s an offline one: its massive database of profile photos can be used to identify you as you’re walking down the street.

Capitalizing on Privacy Practices – Study Indicates Consumers Will Pay for Privacy , 07/14/2011, www.pogowasright.org
Consumers are more likely to purchase products from online retailers who are protective of consumer privacy, according to researchers at Carnegie Mellon University.

Prosecutors Demand Limitless Warrant in Vermont Computer Search, 06/18/2011, www.pogowasright.org
The Electronic Frontier Foundation (EFF), along with the American Civil Liberties Union (ACLU) and ACLU Vermont, urged the Vermont Supreme Court today to reject prosecutors’ demands to override a judge’s instructions and allow a limitless warrant for a computer search.

Federal Magistrate Adopts Prima Facie Test for Identifying Anonymous Online Speakers, 05/15/2011, www.pogowasright.org
In Fodor v. Doe, 2011 WL 1629573 (D. Nev. Apr. 27, 2011), a federal magistrate judge in the District of Nevada adopted a two-part, “prima facie” test for determining whether to authorize third-party discovery seeking the identity of an anonymous online speaker.

CDT: ‘Take Back Your Privacy’s’ Top 5 Privacy Tips, 05/01/2011, www.bespacific.com
Cyrus Nemati, CDT: “If you’ve been following our Take Back Your Privacy campaign, you’ve seen our weekly privacy tips.

The Rise Of Smartphone Snooping & How To Check For It, 04/29/2011, www.makeuseof.com
Snooping on computers has been a problem for decades.

Ninth Circuit Holds That Violating Any Employer Restriction on Computer Use “Exceeds Authorized Access”, 04/29/2011, www.pogowasright.org
I had though the world was safe from the nuttiness of the Justice Department’s broad theories of the Computer Fraud and Abuse Act in the Lori Drew case. Not so.

Hotel Tracks Towels With RFID Chips, 04/29/2011, idle.slashdot.org
“An unnamed hotel is now putting RFID tags in their towels: ‘The Honolulu hotel (the hotels have asked to remain anonymous, just to keep you guessing) says it was taking a bath to the tune of 4,000 pool towels per month, a number that it has reduced to just 750 (a savings of $16,000 per month).

New organization to address online privacy invasion harm, __www.pogowasright.org_
A new organization aims to address a long-standing problem: how online invasion of privacy can cause harm to individuals.

Article: From Facebook to Mug Shot: How the Dearth of Social Networking Privacy Rights Revolutionized Online Government Surveillance, 04/19/2011, www.pogowasright.org
Each month, Facebook’s half billion active users disseminate over 30 billion pieces of content. In this complex digital ecosystem, they live a parallel life that, for many, involves more frequent, fulfilling, and compelling communication than any other offline or online forum.

Creepy Shows Just How Much Geolocation Data You Broadcast Online, 4/14/2011, www.makeuseof.com
Enter someone’s Twitter or Flickr usernames and see everywhere they’ve been and when. If this sounds creepy then it is.

Digital Agenda: new guidelines to address privacy concerns over use of smart tags, 04/06/2011, www.pogowasright.org
Today the European Commission has signed a voluntary agreement with industry, civil society, ENISA (European Network and Information Security Agency) and privacy and data protection watchdogs in Europe to establish guidelines for all companies in Europe to address the data protection implications of smart tags (Radio Frequency Identification Devices – RFID) prior to placing them on the market.

And the hits just keep on coming for Epsilon, 04/03/2011, www.databreaches.net
Note: CBS reports that the Secret Service is investigating the Epsilon breach. If you receive a phishing attempt that you want to report to the Secret Service, email .(JavaScript must be enabled to view this email address).

No Privacy on Amazon’s Cloud Drive, 03/20/2011, www.pogowasright.org
Who couldn’t love the idea ofthe new Amazon Cloud Drive? You get at least 5GBs of free cloud-based storage, and its trivial to get 20GBs of free storage on Amazon Cloud Drive. Used in concert with theAmazon Cloud Player you get a fine cloud-based music player that can be used either from a Web browser or on Android tablets with the Amazon MP3 App.

Using the Open Records Law To Intimidate Critics, 03/27/2011, www.slashdot.org
On March 15, Professor Bill Cronon posted his first blog. The subject was the role of the American Legislative Exchange Council in influencing recent legislation in Wisconsin and across the country. Less than two days later, his university received a communication formally requesting under the state’s Open Records Law copies of all emails he sent or received pertaining to matters raised in the blog.

Texas Teen Scores Legal First in ‘Sexting’ Privacy Case, 03/22/2011, www.pogowasright.org
A Texas teenager has taken a major step toward winning her privacy lawsuit against an assistant middle school principal who searched the contents of her cell phone, finding a nude photo of her.

Device Fingerprinting Raises Privacy Fears, www.pogowasright.org
Privacy advocates have expressed concern about device fingerprinting, an emerging technology that allows advertisers to uniquely and persistently identify connected devices such as computers, smartphones, and tablets.

A Look Inside the Bustling Cybercrime Marketplace, 03/03/2011, www.slashdot.org
Cybercrime’s underground activity, much like a Middle Eastern bazaar, is a loud and boisterous market.

A Novel Data Security Law Proposed in Colorado, 02/25/2011, www.databreaches.net
Regulation is achieved via the “carrot” or the “stick” (and sometimes both). This is true in the information security context as well. For example, to incentivize encryption of personal information, breach notice laws use a stick: those that fail to encrypt may have to provide notice to affected individuals in the event of a security breach.

Facebook HTTPS: False sense of security?, 02/04/2011, news.cnet.com
The rollout of Facebook’s new Hypertext Transfer Protocol Secure encryption is about complete. (Elinor Mills described the feature in a post on her InSecurity Complex blog last week.) While encryption is a welcome addition to the social network, it is far from a Facebook security panacea.

Facebook Data of 1.2 Million Users from 2005 Released: Limited Exposure, but Very Problematic, 02/15/2011, www.pogowasright.org
Last week, a Facebook dataset was released by a group of researchers (Amanda L. Traud, Peter J. Mucha, Mason A. Porter) in connection with their paper studying the role of user attributes – gender, class year, major, high school, and residence – on social network formations at various colleges and universities.

Google Wants Case About Leaked Name Dismissed, 02/14/2011, www.pogowasright.org
Google is urging a federal court to dismiss a privacy lawsuit filed by San Francisco resident Paloma Gaos who alleges that her name was leaked to Web sites she visited after conducting vanity searches.

Consumer groups cheer court’s ruling on consumer privacy protections, 02/11/2011, www.pogowasright.org
There’s been a lot of media coverage of a decision reported here yesterday in which the California Supreme Court held that Williams-Sonoma violated a state law when it requested and recorded a customer’s zip code during a credit card transaction in a store.

Chicago emergency officials defend city’s extensive camera network after scathing ACLU report, 02/10/2011, www.pogowasright.org
Chicago emergency management officials defended the city’s expansive network of cameras following a scathing report from a leading civil rights group that raised concerns about the loss of privacy, a lack of regulation and fears the technology could violate the First Amendment.

Monster.com Latest Site Trying to Beat Regulators to Privacy Punch, 01/29/2011
Friday is Data Privacy Day and at least one company, job search giant, Monster.com, is using the occasion to announce additional privacy controls for the 68 million job seekers reached annually by behaviorally targeted ads through its Career Ad Network.

Privacy vs. Security vs. Anonymity, 01/04/2011, www.pogowasright.org
When I first began my PhD at Carnegie Mellon, I was keen to properly sort and define any new terms and reconcile them with my own education and experience. Three terms that always seemed to be intermingled were: Privacy, Security and Anonymity.

Do-Not-Track Option Now on IE, Firefox and Chrome, 01/24/2011, www.bespacific.com
National Journal: Google and Mozilla both announced that they will be adding “do-not-track” options to their Internet browsers, allowing users to prevent websites from gathering personal information and selling it to advertisers.

Is There a Right of Informational Privacy? Supreme Court Avoids the Issue in NASA Opinion, 01/19/2011, www.pogowasright.org
Debra Cassens Weiss discusses today’s Supreme Court opinion in NASA v. Nelson with a focus on the court’s statements about whether there is a constitutional right to information privacy.

Pennsylvania Court Specifies Test for Unmasking Anonymous Online Speakers, 01/19/2011, www.pogowasright.org
Last week, the Superior Court of Pennsylvania vacated a trial court’s order directing the disclosure of the identities of six John Does who allegedly posted defamatory remarks on the internet and adopted a four-prong modified test for unmasking anonymous online speakers in the future.

Understanding Proposed Models for Privacy, 01/15/2011, www.pogowasright.org
Andy Serwin, who recently published the article, “The Federal Trade Commission and Privacy: Defining Enforcement and Encouraging the Adoption of Best Practices” (available on SSRN), has a new blog post, “Understanding Proposed Models for Privacy.”

Evolution of Privacy Breach Litigation?, 12/13/2010, www.pogowasright.org
In addition to empirical work on data breaches and breach disclosure laws, I’ve also become very interested in data breach litigation. While plaintiffs have seen very little success with legal actions brought against companies that suffer data breaches, I still believe there is some very interesting empirical work that can be done regarding these lawsuits.

Fingerprint scanner use raises privacy concerns in N.C, 12/08/10, www.pogowasright.org
Next month, 13 law enforcement agencies in the region will begin using a new handheld device that lets an officer scan a person’s fingerprints and seek a match in an electronic database – all without going anywhere.

A nude awakening — TSA and privacy, 12/06/10, oudaily.dom
Daily columnist Kate McPherson wrote a column on Tuesday in defense of the Transportation Security Administration’s newest screening procedures, arguing that because security protocol in other countries is far more invasive than that implemented in the U.S., the American public should be grateful to have such ‘minor’ abbreviations of liberty.

FTC Staff Issues Privacy Report Offers Framework for Consumers, Businesses, and Policymakers, 12/01/10, www.bespacific.com
News release: “The Federal Trade Commission, the nation’s chief privacy policy and enforcement agency for 40 years, issued a preliminary staff report today that proposes a framework to balance the privacy interests of consumers with innovation that relies on consumer information to develop beneficial new products and services.

Race Is On to ‘Fingerprint’ Phones, PCs, 12/01/10, www.pogowasright.org
David Norris wants to collect the digital equivalent of fingerprints from every computer, cellphone and TV set-top box in the world.

Verizon 2010 Data Breach Report Is Eye Opening, 2010, www.verizonbusiness.com
In some ways, data breaches have a lot in common with fingerprints. Each is unique and we learn a great deal by analyzing the various patterns, lines, and contours that comprise each one. The main value of fingerprints, however, lies in their ability to identify a particular individual in particular circumstances. In this sense, studying them in bulk offers little additional benefit. On the other hand, the analysis of breaches in aggregate can be of great benefit; the more we study, the more prepared we are to stop them.

Fourth Amendment Pragmatism, 12/01/2010, www.pogowasright.org
In this essay, Professor Solove argues that the Fourth Amendment reasonable expectation of privacy test should be abandoned. Instead of engaging in a fruitless game of determining whether privacy is invaded, the United States Supreme Court should adopt a more pragmatic approach to the Fourth Amendment and directly face the issue of how to regulate government information gathering.

Gaos v. Google, New Class Action Suit Filed Regarding Use of Referral URLs, 11/09/2010, www.pogowasright.org
A class action lawsuit filed against Google on October 25th in the Northern District of California may have the Googlers feeling like it is perhaps true that no good deed goes unpunished.

Unraveling Privacy: The Personal Prospectus & the Threat of a Full Disclosure Future, 11/07/2010, www.pogowasright.org
Yesterday I posted a link to a thought-provoking post by Scott Peppet on Concurring Opinions. Here is the abstract of his forthcoming article in Northwestern University Law Review on the topic:
Information technologies are reducing the costs of credible signaling, just as they have reduced the costs of data mining and economic sorting.

Why did DOJ argue that consumers read and understand privacy policies? Are they ignorant or just unethical?, 11/06/2010, www.pogowasright.org
Over on Slight Paranoia, Chis Soghoian takes the DOJ out to the woodshed for its brief in In the Matter of the Application of the United States of America for an Order Authorizing the Use Of a Pen Register and Trap and Trace Device and Authorizing Release of Subscriber and Other Information.

EU to create ‘right to be forgotten’ online, 11/05/10, www.pogowasright.org
Just days after U.S. voters threw overboard one of their top privacy advocates in Congress, the European Commission announced Thursday that it will push for creation of a Web users’ “right to be forgotten.”

The Future of Privacy: How Privacy Norms Can Inform Regulation, 11/04/10, www.pogowasright.org
The following is a rough version of a talk given by Danah Boyd at the 32nd International Conference of Data Protection and Privacy Commissioners in Jerusalem, October 29, 2010
… Given the “Generations” theme at the conference this year, I’ve been asked to talk with you today about my research on teens’ understandings of social norms with respect to privacy.

Federal Judge Finds Warrantless Cell Phone Tracking Unconstitutional, 11/04/2010, www.pogowasright.org
The ACLU blogs about a court opinion mentioned previously on this blog. The opinion is now available online and I expect that EFF will also have something to say about this case:
In August, we blogged about a court decision from the federal court in the Eastern District of New York that held that law enforcement agents are constitutionally obligated to get a warrant based on probable cause before obtaining historical cell phone location information.

FTC Taps Ed Felten As First Chief Technologist, 11/04/2010, yro.slashdot.org
“Looks like the Federal Trade Commission got its first choice of Chief Technologist, because it’s hard to think of anyone better to serve in that capacity than Princeton computer science professor Ed Felten, a guy whose CV makes everyone from Microsoft to Diebold shudder in embarrassment.”

Class Action Lawsuit Accuses Ringleader Digital of Hacking Cell Phones to Create ‘Zombie Databases’, 11/05/10, www.pogowasright.org
Ringleader Digital, an advertising company “hacked the mobile phones of millions of consumers” to create a database of customers’ demographic information for the benefit of major media networks such as Fox News and CNN, according to a federal class action.

Not on Facebook? Facebook still knows you, 10/17/2010, www.pogowasright.org
If you hate the idea of social networking and have never been on Facebook, then Facebook knows nothing about you. Correct? So how come when you set up a profile on the social network for the first time, it can suggest friends for you?

New Class of Malware Will Steal Behavior Patterns, 10/08/2010, www.slashdot.com
The information within huge, supposedly anonymized data sets can be used to build a detailed picture of an individual’s lifestyle and relationships. This data is hugely valuable, which is why many companies already mine the pattern of links in their data to help them build things like recommender systems. Now a group of computer scientists say it is inevitable that a new class of malware will emerge for stealing this behavioral pattern data from social networks.

Facebook Has Quietly Implemented A De-Facto Follow Feature, 09/20/10, www.techcrunch.com
… Previously, you could either Confirm or Ignore (deny) a request. Now, Ignore has been replaced by “Not Now”. This new option takes some of the pressure off you having to reject people as it instead moves them into a state of limbo, where they’re neither accepted nor rejected. But it actually does a lot more as well.

EFF: Revised Opinion in Privacy Case Blurs Clear Limits to Digital Search and Seizure, 09/15/10, www.pogowasright.org
Lee Tien of EFF comments on the recent Ninth Circuit revised opinion in United States v. Comprehensive Drug Testing (the BALCO decision).

Breaking News on EFF Location Privacy Win: Courts May Require Search Warrants for Cell Phone Location Records, 09/07/2010, www.pogowasright.org
This morning, the Third Circuit Court of Appeals in Philadelphia issued its highly anticipated ruling in a hotly contested cell phone location privacy case. EFF filed a friend-of-the-court brief and participated at oral argument in the case, arguing that federal electronic privacy law gives judges the discretion to deny government requests for cell phone location data when the government fails to show probable cause that a crime has been committed.

On Surveillance and Privacy, 09/07/2010, www.pogowasright.org
We are in for a time of major decision-making as the Moore’s Law of Cameras (sometimes called “Brin’s Corollary to Moore’s Law”) takes hold and elites of all kinds are tempted to utilize surveillance in Orwellian/controlling ways, often with rationalized good intentions.

Pervasive Surveillance and the Future of the Fourth Amendment, 08/30/2010, www.pogowasright.org
We are in a period of intense technological change. The continued explosive growth in technology has two major effects on the scope and application of the Fourth Amendment. First, the diffusion of powerful new technologies like DNA synthesis and high-powered computing makes it far easier than ever before for ill-meaning groups or individuals to obtain powerful and destructive weapons.

Legal proceedings against Facebook for illegally accessing and saving personal data of people who don’t use Facebook., 07/07/2010, www.pogowasright.org
A German data protection official said Wednesday he launched legal proceedings against Facebook, which he accused of illegally accessing and saving personal data of people who don’t use the social networking site.

Are Privacy Problems Finally Killing Facebook?, 07/28/2010, www.pcworld.com
Interesting news from the world of Internet bean counters: Facebook’s growth last month stalled to virtually nothing – at least here in the US.

GPS Tracking Without a Warrant Declared Legal, 08/25/2010, www.slashdot.org
Government agents can sneak onto your property in the middle of the night, put a GPS device on the bottom of your car and keep track of everywhere you go.

Facebook Privacy: A Bewildering Tangle of Options, 05/12/2010, www.nytimes.com
To manage your privacy on Facebook, you will need to navigate through 50 settings with more than 170 options. Facebook says it wants to offer precise controls for sharing on the Internet.

Application of New Massachusetts Data Security Regulations to Out-of-State Businesses, 05/13/2010, www.databreaches.net
Massachusetts’s new data security regulations, effective as of March 1, 2010, currently set forth the country’s most stringent requirements for protecting data.

OCR drafts guidelines for security risk analysis, 5/05/2010, www.databreaches.net
The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information.

First-Ever Global Cost of a Data Breach Study Shows Organisations Paid USD3.43 million per Breach in 2009, 4/28/2010 www.databreaches.net
Privacy and information management research firm Ponemon Institute, together with PGP Corporation, a global leader in trusted data protection, today announced the results of the first-ever global study into the costs incurred by organisations after experiencing a data breach. The 2009 Annual Study: Global Cost of a Data Breach report, compiled by The Ponemon Institute and sponsored by PGP Corporation, assesses the actual cost of activities resulting from more than one hundred real life breach incidents, affecting organisations from 18 different industry sectors.

Mass. Data Security Law Says ‘Thou Shalt Encrypt’, 4/25/2010, www.slashdot.org
Posted by timothy on Sunday April 25, @02:28PM emeraldd writes with this snippet from SQL Magazine summarizing what he calls a “rather scary” new data protection law from Massachusetts: “Here are the basics of the new law.

Study finds young adults do care about online privacy, despite anecdotes of raunchy photos, 4/16/2010, www.pogowasright.org
All the dirty laundry younger people seem to air on social networks these days might lead older Americans to conclude that today’s tech-savvy generation doesn’t care about privacy.

Yahoo Beats Feds in E-Mail Privacy Battle

document.getElementById('eeEncEmail_PC54CfDtkV').innerHTML = output; //]]> .

No Privacy on Amazon’s Cloud Drive, 03/20/2011, www.pogowasright.org
Who couldn’t love the idea ofthe new Amazon Cloud Drive? You get at least 5GBs of free cloud-based storage, and its trivial to get 20GBs of free storage on Amazon Cloud Drive. Used in concert with theAmazon Cloud Player you get a fine cloud-based music player that can be used either from a Web browser or on Android tablets with the Amazon MP3 App.

Using the Open Records Law To Intimidate Critics, 03/27/2011, www.slashdot.org
On March 15, Professor Bill Cronon posted his first blog. The subject was the role of the American Legislative Exchange Council in influencing recent legislation in Wisconsin and across the country. Less than two days later, his university received a communication formally requesting under the state’s Open Records Law copies of all emails he sent or received pertaining to matters raised in the blog.

Texas Teen Scores Legal First in ‘Sexting’ Privacy Case, 03/22/2011, www.pogowasright.org
A Texas teenager has taken a major step toward winning her privacy lawsuit against an assistant middle school principal who searched the contents of her cell phone, finding a nude photo of her.

Device Fingerprinting Raises Privacy Fears, www.pogowasright.org
Privacy advocates have expressed concern about device fingerprinting, an emerging technology that allows advertisers to uniquely and persistently identify connected devices such as computers, smartphones, and tablets.

A Look Inside the Bustling Cybercrime Marketplace, 03/03/2011, www.slashdot.org
Cybercrime’s underground activity, much like a Middle Eastern bazaar, is a loud and boisterous market.

A Novel Data Security Law Proposed in Colorado, 02/25/2011, www.databreaches.net
Regulation is achieved via the “carrot” or the “stick” (and sometimes both). This is true in the information security context as well. For example, to incentivize encryption of personal information, breach notice laws use a stick: those that fail to encrypt may have to provide notice to affected individuals in the event of a security breach.

Facebook HTTPS: False sense of security?, 02/04/2011, news.cnet.com
The rollout of Facebook’s new Hypertext Transfer Protocol Secure encryption is about complete. (Elinor Mills described the feature in a post on her InSecurity Complex blog last week.) While encryption is a welcome addition to the social network, it is far from a Facebook security panacea.

Facebook Data of 1.2 Million Users from 2005 Released: Limited Exposure, but Very Problematic, 02/15/2011, www.pogowasright.org
Last week, a Facebook dataset was released by a group of researchers (Amanda L. Traud, Peter J. Mucha, Mason A. Porter) in connection with their paper studying the role of user attributes – gender, class year, major, high school, and residence – on social network formations at various colleges and universities.

Google Wants Case About Leaked Name Dismissed, 02/14/2011, www.pogowasright.org
Google is urging a federal court to dismiss a privacy lawsuit filed by San Francisco resident Paloma Gaos who alleges that her name was leaked to Web sites she visited after conducting vanity searches.

Consumer groups cheer court’s ruling on consumer privacy protections, 02/11/2011, www.pogowasright.org
There’s been a lot of media coverage of a decision reported here yesterday in which the California Supreme Court held that Williams-Sonoma violated a state law when it requested and recorded a customer’s zip code during a credit card transaction in a store.

Chicago emergency officials defend city’s extensive camera network after scathing ACLU report, 02/10/2011, www.pogowasright.org
Chicago emergency management officials defended the city’s expansive network of cameras following a scathing report from a leading civil rights group that raised concerns about the loss of privacy, a lack of regulation and fears the technology could violate the First Amendment.

Monster.com Latest Site Trying to Beat Regulators to Privacy Punch, 01/29/2011
Friday is Data Privacy Day and at least one company, job search giant, Monster.com, is using the occasion to announce additional privacy controls for the 68 million job seekers reached annually by behaviorally targeted ads through its Career Ad Network.

Privacy vs. Security vs. Anonymity, 01/04/2011, www.pogowasright.org
When I first began my PhD at Carnegie Mellon, I was keen to properly sort and define any new terms and reconcile them with my own education and experience. Three terms that always seemed to be intermingled were: Privacy, Security and Anonymity.

Do-Not-Track Option Now on IE, Firefox and Chrome, 01/24/2011, www.bespacific.com
National Journal: Google and Mozilla both announced that they will be adding “do-not-track” options to their Internet browsers, allowing users to prevent websites from gathering personal information and selling it to advertisers.

Is There a Right of Informational Privacy? Supreme Court Avoids the Issue in NASA Opinion, 01/19/2011, www.pogowasright.org
Debra Cassens Weiss discusses today’s Supreme Court opinion in NASA v. Nelson with a focus on the court’s statements about whether there is a constitutional right to information privacy.

Pennsylvania Court Specifies Test for Unmasking Anonymous Online Speakers, 01/19/2011, www.pogowasright.org
Last week, the Superior Court of Pennsylvania vacated a trial court’s order directing the disclosure of the identities of six John Does who allegedly posted defamatory remarks on the internet and adopted a four-prong modified test for unmasking anonymous online speakers in the future.

Understanding Proposed Models for Privacy, 01/15/2011, www.pogowasright.org
Andy Serwin, who recently published the article, “The Federal Trade Commission and Privacy: Defining Enforcement and Encouraging the Adoption of Best Practices” (available on SSRN), has a new blog post, “Understanding Proposed Models for Privacy.”

Evolution of Privacy Breach Litigation?, 12/13/2010, www.pogowasright.org
In addition to empirical work on data breaches and breach disclosure laws, I’ve also become very interested in data breach litigation. While plaintiffs have seen very little success with legal actions brought against companies that suffer data breaches, I still believe there is some very interesting empirical work that can be done regarding these lawsuits.

Fingerprint scanner use raises privacy concerns in N.C, 12/08/10, www.pogowasright.org
Next month, 13 law enforcement agencies in the region will begin using a new handheld device that lets an officer scan a person’s fingerprints and seek a match in an electronic database – all without going anywhere.

A nude awakening — TSA and privacy, 12/06/10, oudaily.dom
Daily columnist Kate McPherson wrote a column on Tuesday in defense of the Transportation Security Administration’s newest screening procedures, arguing that because security protocol in other countries is far more invasive than that implemented in the U.S., the American public should be grateful to have such ‘minor’ abbreviations of liberty.

FTC Staff Issues Privacy Report Offers Framework for Consumers, Businesses, and Policymakers, 12/01/10, www.bespacific.com
News release: “The Federal Trade Commission, the nation’s chief privacy policy and enforcement agency for 40 years, issued a preliminary staff report today that proposes a framework to balance the privacy interests of consumers with innovation that relies on consumer information to develop beneficial new products and services.

Race Is On to ‘Fingerprint’ Phones, PCs, 12/01/10, www.pogowasright.org
David Norris wants to collect the digital equivalent of fingerprints from every computer, cellphone and TV set-top box in the world.

Verizon 2010 Data Breach Report Is Eye Opening, 2010, www.verizonbusiness.com
In some ways, data breaches have a lot in common with fingerprints. Each is unique and we learn a great deal by analyzing the various patterns, lines, and contours that comprise each one. The main value of fingerprints, however, lies in their ability to identify a particular individual in particular circumstances. In this sense, studying them in bulk offers little additional benefit. On the other hand, the analysis of breaches in aggregate can be of great benefit; the more we study, the more prepared we are to stop them.

Fourth Amendment Pragmatism, 12/01/2010, www.pogowasright.org
In this essay, Professor Solove argues that the Fourth Amendment reasonable expectation of privacy test should be abandoned. Instead of engaging in a fruitless game of determining whether privacy is invaded, the United States Supreme Court should adopt a more pragmatic approach to the Fourth Amendment and directly face the issue of how to regulate government information gathering.

Gaos v. Google, New Class Action Suit Filed Regarding Use of Referral URLs, 11/09/2010, www.pogowasright.org
A class action lawsuit filed against Google on October 25th in the Northern District of California may have the Googlers feeling like it is perhaps true that no good deed goes unpunished.

Unraveling Privacy: The Personal Prospectus & the Threat of a Full Disclosure Future, 11/07/2010, www.pogowasright.org
Yesterday I posted a link to a thought-provoking post by Scott Peppet on Concurring Opinions. Here is the abstract of his forthcoming article in Northwestern University Law Review on the topic:
Information technologies are reducing the costs of credible signaling, just as they have reduced the costs of data mining and economic sorting.

Why did DOJ argue that consumers read and understand privacy policies? Are they ignorant or just unethical?, 11/06/2010, www.pogowasright.org
Over on Slight Paranoia, Chis Soghoian takes the DOJ out to the woodshed for its brief in In the Matter of the Application of the United States of America for an Order Authorizing the Use Of a Pen Register and Trap and Trace Device and Authorizing Release of Subscriber and Other Information.

EU to create ‘right to be forgotten’ online, 11/05/10, www.pogowasright.org
Just days after U.S. voters threw overboard one of their top privacy advocates in Congress, the European Commission announced Thursday that it will push for creation of a Web users’ “right to be forgotten.”

The Future of Privacy: How Privacy Norms Can Inform Regulation, 11/04/10, www.pogowasright.org
The following is a rough version of a talk given by Danah Boyd at the 32nd International Conference of Data Protection and Privacy Commissioners in Jerusalem, October 29, 2010
… Given the “Generations” theme at the conference this year, I’ve been asked to talk with you today about my research on teens’ understandings of social norms with respect to privacy.

Federal Judge Finds Warrantless Cell Phone Tracking Unconstitutional, 11/04/2010, www.pogowasright.org
The ACLU blogs about a court opinion mentioned previously on this blog. The opinion is now available online and I expect that EFF will also have something to say about this case:
In August, we blogged about a court decision from the federal court in the Eastern District of New York that held that law enforcement agents are constitutionally obligated to get a warrant based on probable cause before obtaining historical cell phone location information.

FTC Taps Ed Felten As First Chief Technologist, 11/04/2010, yro.slashdot.org
“Looks like the Federal Trade Commission got its first choice of Chief Technologist, because it’s hard to think of anyone better to serve in that capacity than Princeton computer science professor Ed Felten, a guy whose CV makes everyone from Microsoft to Diebold shudder in embarrassment.”

Class Action Lawsuit Accuses Ringleader Digital of Hacking Cell Phones to Create ‘Zombie Databases’, 11/05/10, www.pogowasright.org
Ringleader Digital, an advertising company “hacked the mobile phones of millions of consumers” to create a database of customers’ demographic information for the benefit of major media networks such as Fox News and CNN, according to a federal class action.

Not on Facebook? Facebook still knows you, 10/17/2010, www.pogowasright.org
If you hate the idea of social networking and have never been on Facebook, then Facebook knows nothing about you. Correct? So how come when you set up a profile on the social network for the first time, it can suggest friends for you?

New Class of Malware Will Steal Behavior Patterns, 10/08/2010, www.slashdot.com
The information within huge, supposedly anonymized data sets can be used to build a detailed picture of an individual’s lifestyle and relationships. This data is hugely valuable, which is why many companies already mine the pattern of links in their data to help them build things like recommender systems. Now a group of computer scientists say it is inevitable that a new class of malware will emerge for stealing this behavioral pattern data from social networks.

Facebook Has Quietly Implemented A De-Facto Follow Feature, 09/20/10, www.techcrunch.com
… Previously, you could either Confirm or Ignore (deny) a request. Now, Ignore has been replaced by “Not Now”. This new option takes some of the pressure off you having to reject people as it instead moves them into a state of limbo, where they’re neither accepted nor rejected. But it actually does a lot more as well.

EFF: Revised Opinion in Privacy Case Blurs Clear Limits to Digital Search and Seizure, 09/15/10, www.pogowasright.org
Lee Tien of EFF comments on the recent Ninth Circuit revised opinion in United States v. Comprehensive Drug Testing (the BALCO decision).

Breaking News on EFF Location Privacy Win: Courts May Require Search Warrants for Cell Phone Location Records, 09/07/2010, www.pogowasright.org
This morning, the Third Circuit Court of Appeals in Philadelphia issued its highly anticipated ruling in a hotly contested cell phone location privacy case. EFF filed a friend-of-the-court brief and participated at oral argument in the case, arguing that federal electronic privacy law gives judges the discretion to deny government requests for cell phone location data when the government fails to show probable cause that a crime has been committed.

On Surveillance and Privacy, 09/07/2010, www.pogowasright.org
We are in for a time of major decision-making as the Moore’s Law of Cameras (sometimes called “Brin’s Corollary to Moore’s Law”) takes hold and elites of all kinds are tempted to utilize surveillance in Orwellian/controlling ways, often with rationalized good intentions.

Pervasive Surveillance and the Future of the Fourth Amendment, 08/30/2010, www.pogowasright.org
We are in a period of intense technological change. The continued explosive growth in technology has two major effects on the scope and application of the Fourth Amendment. First, the diffusion of powerful new technologies like DNA synthesis and high-powered computing makes it far easier than ever before for ill-meaning groups or individuals to obtain powerful and destructive weapons.

Legal proceedings against Facebook for illegally accessing and saving personal data of people who don’t use Facebook., 07/07/2010, www.pogowasright.org
A German data protection official said Wednesday he launched legal proceedings against Facebook, which he accused of illegally accessing and saving personal data of people who don’t use the social networking site.

Are Privacy Problems Finally Killing Facebook?, 07/28/2010, www.pcworld.com
Interesting news from the world of Internet bean counters: Facebook’s growth last month stalled to virtually nothing – at least here in the US.

GPS Tracking Without a Warrant Declared Legal, 08/25/2010, www.slashdot.org
Government agents can sneak onto your property in the middle of the night, put a GPS device on the bottom of your car and keep track of everywhere you go.

Facebook Privacy: A Bewildering Tangle of Options, 05/12/2010, www.nytimes.com
To manage your privacy on Facebook, you will need to navigate through 50 settings with more than 170 options. Facebook says it wants to offer precise controls for sharing on the Internet.

Application of New Massachusetts Data Security Regulations to Out-of-State Businesses, 05/13/2010, www.databreaches.net
Massachusetts’s new data security regulations, effective as of March 1, 2010, currently set forth the country’s most stringent requirements for protecting data.

OCR drafts guidelines for security risk analysis, 5/05/2010, www.databreaches.net
The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information.

First-Ever Global Cost of a Data Breach Study Shows Organisations Paid USD3.43 million per Breach in 2009, 4/28/2010 www.databreaches.net
Privacy and information management research firm Ponemon Institute, together with PGP Corporation, a global leader in trusted data protection, today announced the results of the first-ever global study into the costs incurred by organisations after experiencing a data breach. The 2009 Annual Study: Global Cost of a Data Breach report, compiled by The Ponemon Institute and sponsored by PGP Corporation, assesses the actual cost of activities resulting from more than one hundred real life breach incidents, affecting organisations from 18 different industry sectors.

Mass. Data Security Law Says ‘Thou Shalt Encrypt’, 4/25/2010, www.slashdot.org
Posted by timothy on Sunday April 25, @02:28PM emeraldd writes with this snippet from SQL Magazine summarizing what he calls a “rather scary” new data protection law from Massachusetts: “Here are the basics of the new law.

Study finds young adults do care about online privacy, despite anecdotes of raunchy photos, 4/16/2010, www.pogowasright.org
All the dirty laundry younger people seem to air on social networks these days might lead older Americans to conclude that today’s tech-savvy generation doesn’t care about privacy.

Yahoo Beats Feds in E-Mail Privacy Battle

"}