Slashdot

An anonymous reader sends along Chris Soghoian's blog entry revealing that Sprint Nextel provided law enforcement agencies with its customers' GPS location information over 8 million times between September 2008 and October 2009. The data point comes from a closed industry conference that Soghoian attended, at which Paul Taylor, Electronic Surveillance Manager at Sprint Nextel, said: "[M]y major concern is the volume of requests. We have a lot of things that are automated but that's just scratching the surface. One of the things, like with our GPS tool. We turned it on the web interface for law enforcement about one year ago last month, and we just passed 8 million requests. So there is no way on earth my team could have handled 8 million requests from law enforcement, just for GPS alone. So the tool has just really caught on fire with law enforcement. They also love that it is extremely inexpensive to operate and easy, so, just the sheer volume of requests they anticipate us automating other features, and I just don't know how we'll handle the millions and millions of requests that are going to come in." Soghoian's post details the laws around disclosure of wiretap and other interception data — one of which the Department of Justice has been violating since 2004 — and calls for more disclosure of the levels of all forms of surveillance.

An anonymous reader writes "The European Commission analysis of ACTA's Internet chapter has leaked, indicating that the US is seeking to push laws that extend beyond the WIPO Internet treaties and beyond current European Union law. The document contains detailed comments on the US secret copyright treaty proposal, confirming the desire to promote a 'three-strikes and you're out' policy, a Global DMCA, harmonized contributory copyright infringement rules, and the establishment of an international notice-and-takedown policy."

An anonymous reader recommends a piece up at Augmented Planet that makes a couple of points about privacy in the realm of geotagging and augmented reality that haven't been discussed much. First, once you geotag and upload, say, a photo to the Net you can lose ownership over the data and especially its metadata. Second, data on the Net is long-lived and might be put together in ways you wouldn't like, long after it was created. "If you geotag a picture with your new 50" plasma TV in the background and upload it to the Web, congratulations you have just told everyone where you live and what you have of value. The web has a long memory — geotag something today and in six months it is still on the Web. When you tweet from the beach in Barbados telling your friends you are away for 2 weeks, that picture of your 50" plasma will still be out there along with its location. It's easy to track down someone's home address if you have their real name." The submitter adds, "I never really cared about my online privacy too much. This article made me think seriously about privacy for the first time. No mean feat."

theodp writes "Back in the day, anonymous character assassination was confined to permanent marker scrawl in bathroom stalls. But now, thanks to sites like the student-run CollegeACB.com (ACB=Anonymous Confession Board), which can get hundreds of thousands of hits on a good day, TIME reports that anonymous slander is going viral on campus. Even the most elite universities — normally the land of the politically correct — have been struggling with the problem of anonymous gossip sites and their very un-PC posts, which an Amherst dean likens to 'the worst of junior high.' If he thinks things are bad now, wait until the kids start getting creative with Google Sidewiki."

An anonymous reader points out a blog post reporting that on Monday The EU Council is set to give US intelligence services full access to SWIFT banking data, despite a unanimous call by the European Parliament not to do so. "The move of SWIFT the data server to Switzerland would be an excellent opportunity to stop the nearly unlimited access of US authorities on EU bank transactions. But EU justice and interior ministers are apparently keen [on agreeing to] a deal as soon as possible, on 30 November. Why 30 November? Because one day later, on 1 December 2009, the EU’s Lisbon Treaty will be in force and would allow the European Parliament to play a major role in the negotiations of the deal with the US. A deal one day before will be a slap in the face to democracy in the EU. ... [W]hile the US will be able to access EU banking data, no access to US banking data by EU [authorities] is being foreseen."

angry tapir writes "India plans to set up a centralized system to monitor communications on mobile phones, landlines and the Internet in the country, a minister has told the Rajya Sabha, the upper house of Parliament. Indian laws allow the interception and monitoring of communications under certain conditions, including to counter terrorism. A pilot of the new Centralized Monitoring System (CMS) is to be started by June next year, subject to clearances by other government agencies."

angry tapir writes "Milan prosecutors have sought prison sentences ranging from six months to one year for four Google executives accused of violating Italy's privacy laws over the posting of a video showing the bullying of a handicapped teenage boy. The prosecutor's request was backed up by a request by lawyers representing the Milan city council for €300,000 (US$452,000) in moral and material damages. The case concerns the posting on Google Video of a three-minute mobile-phone video showing a handicapped boy being tormented by his classmates in a Turin school."

schwit1 writes "The Obama administration is seeking to reverse a federal appeals court decision that dramatically narrows the government’s search-and-seizure powers in the digital age. Solicitor General Elena Kagan and Justice Department officials are asking the 9th US Circuit Court of Appeals to reconsider its August ruling that federal prosecutors went too far when seizing 104 professional baseball players’ drug results when they had a warrant for just 10. Meet the new boss, same as the old boss."

accido writes "As reported by The LA Times, Google has now decided to expand its marketing and data collection to include what you watch on your Tivo. The data collected would help Google, who sells TV ads, show who watches which commercials and who skips right over them. The article outlines how this could be bad for networks that cash in whether you watch the ad or not. Does this mean fewer commercials for viewers? Not likely, but one can hope."

An anonymous reader writes "Wikileaks is preparing to release 500,000 intercepted pager messages from a 24-hour period encompassing the September 11 terrorist attacks. The messages show emergency services springing into action and computer systems sending automated messages as buildings collapse. Wikileaks implies this data came from an organised collection effort."

newscloud writes "Writer Evan Ratliff tells how he managed to hide from crowdsourced searchers for 27 days. The first person to find him and photograph him would claim a $5,000 prize. In addition to hiding out as a roadie with indy band 'The Hermit Thrushes' for a week, Ratliff donned a variety of increasingly impressive disguises. It's an interesting read on how to disappear in the digital age: 'August 13, 6:40 PM: I'm driving East out of San Francisco on I-80, fleeing my life under the cover of dusk. Having come to the interstate by a circuitous route, full of quick turns and double backs, I'm reasonably sure that no one is following me. I keep checking the rearview mirror anyway. From this point on, there's no such thing as sure. Being too sure will get me caught. About 25 minutes later, as the California Department of Transportation database will record, my green 1999 Honda Civic, California plates 4MUN509, passes through the tollbooth on the far side of the Carquinez Bridge, setting off the FasTrak toll device, and continues east toward Lake Tahoe. What the digital trail will not reflect is that a few miles past the bridge I pull off the road, detach the FasTrak, and stuff it into the duffle bag in my trunk, where its signal can't be detected. There will be no digital record that at 4 AM I hit Primm, Nevada, a sad little gambling town about 40 minutes from Vegas, where $15 cash gets me a room with a view of a gravel pile...' Spoiler alert: We previously discussed the denouement of the contest."

sopssa sends in a TechCrunch story that begins "Several federal and regional government officials in Germany are trying to put a ban on Google Analytics, the search giant's free software product that allows website owners and publishers to get detailed statistics about the number, whereabouts, and search behavior of their visitors (and much more)." Here's Google's translation of the article from Zeit Online (original in German). A German lawyer cited there says that penalties for websites that uses Google Analytics could amount to €50,000 (about $75,000). Reader sopssa adds, "The amount of data Google collects from everywhere on the Internet is indeed huge, and website owners should be using a local open source alternative to keep visitor data private."

superglaze writes "UK mobile broadband providers currently have no way of telling which subscribers are file-sharing which copyrighted content, ZDNet UK reports. This represents something of a problem for new laws that have been proposed to crack down on unlawful file-sharing. According to the article, databases (tracking IP address mappings) could be built to make it possible to identify what specific users are downloading, but the industry is loathe to fund this sort of project itself. Also, as an analyst points out in the piece, users of prepaid phone cards are mostly anonymous in the UK, which creates another challenge for the government's plans. And if that isn't enough, connection-sharing apps like JoikuBoost would make identification pretty much impossible anyway."

Sockatume writes "The UK's Human Genetics Commission has published its report on the collection of DNA by the Police forces in England and Wales. Currently, Police collect DNA from every suspect in a case which could lead to a criminal record, and retain that material, which the European Court of Human Rights has ruled illegal. The government plans to keep all DNA samples for suspects from England, Wales and Northern Ireland for up to six years, except for DNA from individuals arrested during terrorism-related investigations, which will be retained forever. The report states that the police frequently performed arrests solely to collect DNA, that certain demographics (such as young, black men) were 'very highly over-represented,' that there was 'very little concrete evidence' that the DNA database had any actual use in investigating crime, and that the database contained material from individuals arrested in Scotland and Northern Ireland, outside its remit. Of the 4.5m individuals in the database, a fifth have never received any convictions or cautions from the Police. The report recommends that an independent advisory body oversee the database, and that laws be passed to limit the uses of the database, while tracking those with access to it, and making misuse of the information a criminal offence."

No. 24601 writes "A Quebec woman on long-term sick leave, due to a diagnosis of depression, lost her health benefits after her insurance provider found photos of her on Facebook smiling and looking cheerful at parties and out on the beach. Besides all the obvious questions, how did the insurance company access her locked Facebook profile?"

After the report last week that Brazil's e-voting machines had withstood the scrutiny of a team of invited hackers, reader ateu writes with news that a hacker has shown that the Linux-based voting machines aren't perfectly safe; he was able to eavesdrop on them (translated from Portuguese) by means of Van Eck phreaking.

Bourdain writes with news out of the University of Arkansas, where researchers are looking for ways to combat counterfeit RFID tags. Passive tags typically wait for a reader to transmit a signal of the appropriate strength and frequency before sending their own transmission. The scientists found that the amount of power required to trigger this varies quite a bit from one tag to the next, especially when many different frequencies are sampled. This and other physical characteristics give the tag its own "fingerprint" that is independent of the signal information stored in its memory, which the researchers say will facilitate the detection of cloned tags.

CWmike writes "Microsoft has denied that it has built a backdoor into Windows 7, a concern that surfaced yesterday after a senior National Security Agency (NSA) official testified before Congress that the agency had worked on the operating system. 'Microsoft has not and will not put "backdoors" into Windows,' a company spokeswoman said, reacting to a Computerworld story Wednesday. On Monday, Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security that the agency had partnered with the developer during the creation of Windows 7 'to enhance Microsoft's operating system security guide.' Thursday's categorical denial by Microsoft was accompanied by further explanation of exactly how the NSA participated in the making of Windows 7. 'The work being discussed here is purely in conjunction with our Security Compliance Management Toolkit,' said the spokeswoman. The company rolled out the Windows 7 version of the toolkit late last month, shortly after it officially launched the operating system."

Presto Vivace writes "Brian Krebs of the Washington Post reports on a study jointly released Tuesday by the Ontario Information and Privacy Commissioner and the Future of Privacy Forum. It seems that in the process of collecting all that feedback about energy use, utility companies will inevitably collect a great deal of information about us. From the article: 'Instead of measuring energy use at the end of each billing period, smart meters will provide this information at much shorter intervals, the report notes. Even if electricity use is not recorded minute by minute, or at the appliance level, information may be gleaned from ongoing monitoring of electricity consumption such as the approximate number of occupants, when they are present, as well as when they are awake or asleep. For many, this will resonate as a "sanctity of the home" issue, where such intimate details of daily life should not be accessible.'"

DesScorp writes "Over the past few years, the City of Chicago has installed video cameras all over the city. Now the Wall Street Journal reports that the city has not only installed its own cameras for law enforcement purposes, but with the aid of IBM, has built a network that possibly links thousands of video surveillance cameras all over Chicago. Possibly, because the city refuses to confirm just how many cameras are in the network. Critics say that Chicago is becoming the city of Big Brother. 'The city links the 1,500 cameras that police have placed in trouble spots with thousands more—police won't say how many—that have been installed by other government agencies and the private sector in city buses, businesses, public schools, subway stations, housing projects and elsewhere. Even home owners can contribute camera feeds. Rajiv Shah, an adjunct professor at the University of Illinois at Chicago who has studied the issue, estimates that 15,000 cameras have been connected in what the city calls Operation Virtual Shield, its fiber-optic video-network loop.' There are so many camera feeds coming in that police and officials can't monitor them all, but when alerted to a situation, can zoom in on the area affected. The ACLU has requested a total number of video feeds and cameras, but as of yet, this information has not been supplied."