WW – First Secure Biometric Authentication Service Debuts on the Internet

Pay By Touch, a vendor of integrated biometric authentication, personalized marketing and payment solutions, has announced the debut of TrueMe™, the first secure, on-demand biometric authentication service on the Internet. “TrueMe gives PC users a fast, easy and secure way to identify themselves, interact and transact on the Web using their fingerprints. By sliding a finger on a TrueMe-certified finger sensor, users can securely access their Web-based accounts with no need to remember IDs, passwords or account numbers.” The debut of TrueMe is a milestone in Pay By Touch’s growth and expansion into new markets. Already, more than three million Americans have enrolled in Pay By Touch’s biometric payment network through 2,400 retail locations across 44 states. [Source] [Details]

CA – Provinces Prepare to Share Web-Based Criminal Profiles

Federal, provincial and territorial justice ministers meeting at this week’s conference in Newfoundland discussed using the Web to publish information on high risk offenders, a spokesperson for the Department of Justice Canada confirmed Tuesday. A spokesperson for the Minister of the Attorney General’s office in Ontario also said that it expects the topic of such a Web site will be raised at the meeting but declined further comment: “We’re going to defer commenting on it until it is raised at that meeting,” said Brendan Crawley, senior coordinator, media relation communications branch for the Attorney General’s Office. [Source] [Source]

CA – Cabinet Filled with Census Files Sold at Edmonton Auction

Personal files of some of this year's census workers turned up in a filing cabinet at an Edmonton auction, Global TV reported last week. The files on about 75 workers from across the Prairies included their names, social insurance numbers and earnings, according to the report. Statistics Canada acknowledged it goofed. Global said the statistics agency intends to apologize to every person listed in the files. The federal office of the privacy commissioner is investigating the breach. [Source]

CA – Ontario Ministry to Automate Information Management Processes

The Ontario Ministry of Environment (OME) hopes to alleviate the high demand of FOI requests with the implementation of tracking and case management applications. The OME announced it had chosen Ottawa-based Privasoft in an effort to improve response rates with citizens. Privasoft is set to assist Ontario in managing infrastructures as well as ATIP requests more efficiently by automating processes and standard tasks with their web-based solutions. “Privasoft’s tracking and case management application … allow us to streamline our FOI processes and continuously improve our performance, resulting in a higher FOI response rate,” said an FOI Project Manager of Information Management and Access Branch at OME. Documents can now be stored electronically in a clean and streamlined process, eliminating the need to go through boxes of files manually. “It will also increase efficiency and will speed up the request process as documents are all available in electronic form,” said a Privasoft spokesperson, “And it also ensures that legislation is applied consistently as no sensitive information is released to requestors and different requestors receive the same kind of information.” [Source]

CA – Survey: Internet Use Growing Despite Privacy Dangers

Privacy and security concerns do not seem to be keeping Canadians off the Internet. Industry Canada's latest report on The Digital Economy in Canada provides results from the 2005 Canadian Internet Use Survey. Highlights from the survey of 30,000 Canadians older than age 18 show a growing use of the Internet, as well as significant variations in access and use among different groups and high levels of concern about privacy and security. Despite the high levels of access and use, reported concerns about security and privacy were significant. The survey shows almost three-quarters of respondents said they were either concerned or very concerned about privacy and security. [Source]

AU – Survey Reveals Telemarketing Presents Biggest Obstacle to Privacy

73% of Australians polled during the first part of a privacy review indicated they view telemarketing intrusions as their biggest concern when protecting their privacy. The survey also revealed that Australians are seeking stronger privacy protections for their personal, financial and employment info. [Source]

UK – Study: Embedded Chips Not Getting Under Shoppers' Skin

Most people still think paying for their shopping with a chip embedded under their skin is a step too far. According to Institute of Grocery Distribution research only one in 10 teenagers would be interested, while one in 20 adults would also be open to the idea. There was significantly greater interest in other biometric payment methods - such as iris recognition and fingerprinting - with 20% of teenagers and 17% of adults saying they would like to use these. [Source] [Source] [Source]

US – NASCIO: “Keeping Citizen Trust: What Can a State CIO Do to Protect Privacy?”

NASCIO has released its latest Research Brief entitled “Keeping Citizen Trust: What Can a State CIO Do to Protect Privacy?” From the NASCIO Security and Privacy Committee, this Research Brief examines how privacy in the state government context has evolved as a defining issue in response to rapidly changing technological advances and the complexities of a fast-paced world. “Privacy is a particularly daunting challenge for state governments, because citizens have an expectation of openness and transparency. Yet, at the same time, states must foster citizens’ trust by ensuring that their private information remains that way,” said the NASCIO Security and Privacy Committee Co-Chair. “This brief starts us down the path of understanding how technology has changed the nature of privacy issues and how they can be effectively addressed.” The brief also explores some initial areas in which a state CIO may encounter privacy issues, including in the context of IT governance, enterprise architecture, policy, security and business processes, and offers some potential ways of addressing those issues. [Source]

EU – European E-Voting Machines Cracked By Dutch Group

The voting computers used to cast 90% of the votes in Netherlands were cracked by a Dutch Group called “Wij vertrouwen stemcomputers niet” (We do not trust voting computers). In a live public show on 4 October 2006 on Dutch television, the group proved how the control program of such an ES3B voting machine could be replaced easily in less than 5 minutes. The demonstration was followed by a public report that explains how the program works, how the software was created and how they can gain complete control over the election results. It is almost impossible for election monitors or voters to detect any change. Moreover, it also shows how the group discovered that radio emanations from an unmodified ES3B can be received at several meters distance and be used to tell who votes what. [“We do not trust voting computers” Foundation] [Nedap/Groenendaal ES3B - voting computer a security analysis] [Dutch citizens group cracks Nedap’s voting computer] [E-voting machines successfully hacked] [Dutch citizens group cracks Nedap’s voting computer] [Computer Chaos Club demands prohibition of voting computers in Germany] [Security Analysis of the Diebold AccuVote-TS Voting Machines]

EU – SWIFT Found in Breach of Belgian Laws

A report issued by the Belgian Government on the SWIFT case of transfer of financial transaction data to the U.S. Government, concluded that SWIFT breached the Belgian law in a number of respects, including the failure of SWIFT, in transferring data to the US Treasury should to observe fundamental principles of European law such as “the principle of proportionality, the limited retention period, the principle of transborder protection level.” The commission reckoned SWIFT had tried to provide certain guarantees through its negotiations with the U.S. Treasury, but considered these attempts were inappropriate. It also stated that SWIFT should have notified Privacy Commissioners and not only G-10 banks. [Source] [Belgian Prime Minister condemns SWIFT data transfers to U.S. as ‘illegal’] [European lawmakers criticize Swift and ECB on bank data] [Finance chiefs blame 9/11 for EU bank snoop affair] [Central Bank boss says he had no power over SWIFT transfers] [EU privacy chief slams central bank over SWIFT claims] [Swift comes out fighting over data privacy controversy]

EU – Swiss Privacy Regime "Too Lax" For Schengen: Baeriswyl

Switzerland must do more to protect citizens from privacy abuses before joining a European database monitoring the cross-border movement of people, a watchdog warns. Other European countries have far stricter safeguards against possible violations by the Schengen Information System (SIS), according to the Swiss Data Protection Commission. A new version of the system - SIS II - will also contain biometric data to counter terrorism, restrict the movement of known troublemakers (such as football hooligans) and keep tabs on people under criminal investigation. But Bruno Baeriswyl, president of the Swiss Data Protection Commission, believes Switzerland does not have adequate measures in place to stop this information from being used for the wrong purposes. [Source]

WW – Study: Disclosed Breaches Affect Stock Prices for Up to a Year

According to findings from a joint study between an Australian analyst company and a US research company, disclosure of data security breaches can have a significant impact on share prices of publicly traded companies. The study looked at six companies that acknowledged data security breaches. The stock prices of those companies fell an average of 5% within the first month following the disclosure and remained between 2.4 and 8.5 % below for the eight months following. It took the stocks nearly one year to return to their original levels. [Source]

UK – Study: Net Crime ‘Big Fear’ for Britons

The Get Safe Online study released by the UK government found 21% of respondents felt most at risk from net crime, while 16% worried most about being burgled. A BBC investigation into net-based attacks on Windows PCs found they could happen as much as every 15 minutes. At least every hour, an unprotected PC set up as a honeypot logged a malicious attack that could render it unusable or make it access other machines. [Source]

US – U.S. Court Asked to Shut Down Spamhaus.Org Domain

A U.S. court has been asked to shut down the Spamhaus Project, a volunteer-run antispam service, for ignoring a US$11.7 million judgment against it. The proposed order follows a Sept. 13 ruling in which Spamhaus was required to pay damages and stop listing an e-mail marketing company called E360Insight in its database of known spammers. Spamhaus, based in London, has said that it ignored the judgment because it cannot be enforced in the UK. [Coverage] [Proposed court order]

WW – New Service Lets Users Blacklist Phishing Sites

A new service for fighting e-mail fraud seeks to tap the wisdom of the Internet community: Anyone will be able to submit suspected scams for others to vote up or down. Freedom Networks LLC's OpenDNS, which provides free directory services necessary to translate a website's domain name into its actual numeric Internet address, developed the system to help block its users from so-called phishing sites. [Source] [Phishtank]

CA – FINTRAC Report: Canada a Cash Conduit for Terrorists

Terrorist groups funneled an estimated $256 million through Canada this past year, the federal anti-money laundering agency said in a report to Parliament this week. The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) said it had detected up to 34 suspected terrorist-financing networks operating in the country. The quarter of a billion in blood money they allegedly moved in the year ending March 31 was up from last year's total of $180 million and the $70 million detected in 2004. An additional $4.75 billion was laundered by crime groups in Canada during the same period, an increase from $2 billion in 2005, the report said. [Source] [Canada to bolster anti-money laundering efforts]

UK – UK Government Starts Wider Credit Data Sharing Talks

The UK Department of Trade and Industry (DTI) said it had started consultation on whether banks should share data on millions of accounts opened more than eight years ago. Lenders currently share lending history through credit reference agencies, but data on accounts opened before 1998 are not provided by all banks. The DTI said this means that lenders do not share data, other than instances of default, on about 40 million accounts, including about 33 million current account data. Although data is currently shared on 350 million accounts, the historical current account data is seen as important as these accounts are not often changed and are used to sell a lot of other products. "The government takes people's rights to privacy very seriously and wants to strike the right balance between individual rights and the wider public interest," the DTI statement said. It said the consultation will close in January. [Source]

US – Supreme Court Ignores Appeal in DNA Database Case

The U.S. Supreme Court this week chose not to hear the appeal of a Washington, DC resident who argued that the collection of his DNA for a federal database violated the 4^th Amendment. EPIC filed an amicus brief in support of Lamar Johnson’s petition and emphasized 3 particular flaws within the DNA collection program. 1^st, the DNA profile stored in CODIS contains more information than the unique identifier the government claims. 2^nd, the DNA database allows for partial profile searching that implicates relatives of profiled individuals. 3^rd, the retention of the blood sample from which the DNA profile is generated presents an opportunity for future privacy violations. [EPIC’s Page on Johnson v. Quander]

UK – Thousands of UK Computer Users Fall Victim to Data Theft

British law enforcement agents are trying to contact thousands of UK computer users who have fallen victim to a massive personal data heist. The Metropolitan Police said this week that a computer seized in the U.S. had been found to contain personal information from around 2,300 PCs based in Britain. This included e-mail addresses, passwords, credit card numbers, and details of online transactions. [Source]

KR – South Korea to Offer Safer Alternative to Citizen Registration Numbers

South Korean citizens will be able to apply for Internet Personal Identification Numbers, or i-PINs, to use in place of the citizen registration numbers that had been used to verify online identities. Criminals have managed to obtain databases containing the citizen registration numbers, placing people at risk for identity fraud. The numbers reveal individuals' genders, and dates of birth. The new i-PIN numbers will not reveal such data, and users may cancel numbers and apply for new ones if they believe theirs have been compromised. More than one million South Korean citizens were victims of identity fraud as a result of the lax security surrounding the citizen registration number databases. [Source]

US – NIST Publishes Ontology of (U.S.) Identity Credentials

NIST has released a Draft of the Special Publication 800-103, An Ontology of Identity Credentials, Part 1: Background and Formulation. The document provides a broad range of identity credentials and supporting documents insofar as they pertain to identity credential issuance. Priority is given to examples of primary and secondary identity credentials issued within the U.S.. Part 2 of this document will provide an Extensible Markup Language (XML) schemas, as a framework for retention and exchange of identity credential information. Comments on the draft are sought by Wednesday, November 15th, 2006. [Source]

US – Woman's Identity Stolen from Marriage License on County Web Site

A Florida woman discovered that her marriage license was viewable on the Orange County controller's web site after someone applied for a loan in her name. The license revealed the woman's name, date of birth and SSN, as well as those of her husband. The Orange County comptroller is reportedly paying a vendor US$500,000 to black out all SSNs on the web site by January 2008. [Source]

WW – Microsoft to Step Up Anti-Piracy Stance With Windows VISTA

Microsoft this week said its forthcoming Windows Vista will take much harsher steps to curtail counterfeiting than previous versions of its operating system, including crippling the usefulness of computers found to be running unlicensed copies of the new software. Microsoft said that people running a version of Windows Vista that it believes is illegal would initially be denied access to some of the most anticipated Vista features. [Source] [Source] [Microsoft is not trying to block access says Kaspersky]

WW – New Report Raises Questions About Privacy, Future of Internet

A detailed survey of technology thinkers and stakeholders predicts that the Internet of 2020 will be more widespread, low-cost, and contribute to a flattening of social hierarchies. However, the respondents also express concerns about interoperability, government regulations, commercial interests, and the loss of privacy. A significant 42% of survey participants are pessimistic about human ability to control the technology in the future. They predict that dangers and dependencies will grow beyond our ability to stay in charge of technology. The survey was conducted by the Pew Internet and American Life Project.[PEW Report: The Future of the Internet II]

WW – Internet Privacy ‘Sacrificed’ by ICANN: Geist

Michael Geist argues that the internet oversight body has sacrificed the issue of privacy for a shot at independence. At stake is the information on tens of millions of domain name registrants is contained in the “WHOIS database”, which is readily available to anyone with internet access. Pre-dating ICANN, the database identifies the name, address and other personal information of domain name registrants. Privacy groups, including European data protection commissioners, have expressed misgivings about the mandatory collection and disclosure of this personal information. [Source] [ICANN debate]

WW – World’s Largest Banks Join to Stamp Out Child Porn

The world’s biggest banks are joining an international effort to crack down on child pornography on the Internet by taking action to cut off its sources of financing. For banks, it is a fight on two fronts by ensuring they do not provide start-up capital for illicit Web sites and stopping customers using debit and credit cards to pay for pornographic images. [Source]

UK – UK Documentary on Data Breaches at Indian Call Centers Leads to Investigation

The Information Commissioner’s Office is investigating the security of UK consumers’ financial records at Indian call centers as a result of an UK documentary. Deputy Information Commissioner David Smith said that the investigation will center on criminal efforts to obtain UK citizens’ financial data from call centers used by mobile phone companies. The Data Protection Act requires companies that outsource information to ensure that the call centers have adequate security to protect customer records. [Source] [India’s outsourcing business want details of illegal data sale]

AU – Privacy Survey: Australians Approve of Outsourcing Only With Their Consent

A poll, commissioned by the Financial Services Union, has found that Australians strongly favor the opportunity to give their consent before companies send their personal information offshore. 91% of respondents said that their information should be sent offshore only after they gave their permission. Sentiment was strong for using banks that kept personal financial records in Australia. [Source]

WW – Report: Phishing More Than Doubles in First Half of 2006

Websense, a San Diego-based maker of Web filtering and security software, released a report that indicates cyber attacks have become more covert, organized and motivated by financial gain. The report found that phishing attacks increased nearly 60% in the first half of 2006, with 17,877 reports in January compared to 28,571 reported in June. [Source]

US – Symantec Offers Web Shopping Shield

Symantec has announced the availability of Norton Confidential, a new product designed to protect consumers as they do business online. According to the company, Norton Confidential includes technologies to shield against data-thieving phishing Web sites and eavesdropping malicious software such as keystroke loggers and screen scrapers. [Source] [Symantec touts 'Security 2.0']

US – Survey: Too Much Information on Social Networking Sites

Corporate computing firm CA has found in a study that nearly 75% of users of social networking sites revealed personal identifying information despite the fact that 57% also said they were worried about becoming cybercrime victims. The survey of more than 2,000 adults found that 46% of the users with access to a work computer accessed the social networking sites from their workplace. [Source]

AU – Australian Law Reform Commission: Privacy Laws Need Simplification

The Australian Law Reform Commission has concluded that the country’s privacy legislation is a patchwork of federal, state and territory laws. The result of this outdated privacy regime is that personal information is inadequately protected and businesses are faced with layers of time-consuming and costly regulations. In preparation for changes in privacy law the group will recommend, the commission members will now consult with stakeholders, including the public, as well as professional, interest and business groups. [Source]

US – HP Investigators Charged with ID Theft

Three private investigators who obtained confidential telephone records as part of HP’s boardroom spying probe pleaded not guilty this week to identity theft and other felony charges. The three of them are among five people criminally charged last week for their roles in the spying scandal at the computer and printer giant. [Source] [Source]

US – EFF Sues FBI for Records of Electronic Surveillance Programs

The EFF is suing the US government for records concerning electronic-surveillance tools such as one that appears to be a successor to the FBI’s abandoned Carnivore program. The EFF said the FBI failed to respond in time to its FOIA request for records on the DCS-3000 and Red Hook programs. [Source]

US – ID Theft Class Action Against Acxiom Dismissed

A federal judge in Arkansas has thrown out a class action lawsuit against Acxiom, which exposed massive amounts of Americans' personal information in a high-profile Internet security snafu three years ago. Even though a spammer had downloaded more than one billion records from the company, U.S. District Judge William Wilson ruled that there was no evidence that Acxiom's purloined database had been used to send junk e-mail or postal mail. [Source]

RFID

CA – Canadian Companies Launch RFID Public Policy Forum

The newly formed GS1 Canada Public Policy Forum will serve as an umbrella organization for 7 working groups. Comprised of major companies, including GS1 Canada, Wal-Mart Canada and Shoppers Drug Mart, the group will make recommendations to foster the technology’s use and adoption. The Forum’s chairwoman, Eileen MacDonald, Senior Vice President of GS1 Canada, said industry leaders formed the group after tests have shown that the technology is an asset to supply-chain management. [Source]

WW – Four-Year Project to Look at Data Protection

The National Science Foundation has funded a 4-year project to examine the data protection issues related to storing data in RFID smart tags. Researchers from the University of Massachusetts, Johns Hopkins University and RSA Laboratories will study ways to prevent unauthorized access to the data on the tiny tags. The new research will examine ways of ensuring that such RFID is protected against illegal use and that smart tags will be rendered unreadable by unauthorized parties. One research professor explained: "We want to make it tougher for unauthorized readers to communicate with smart tags, and we want to do a better job of preserving people's privacy." [Source]

US – E-Passport’s First Deployment

The international adoption of RFID technology for passports appears poised to meet two critical deadlines later this month, as the Homeland Security Department deploys document readers, and foreign governments adopt compatible IT. Though the global acceptance of RFID technology is moving ahead quickly, with the EU adopting similar rules in August, the process faces two challenges. The first is concern by privacy advocates that the e-passports likely will make the border-crossing process less convenient and secure. The second is the risk that some countries could fail to launch e-passport programs in time to preserve their citizens’ current privilege of entering the U.S. without a visa. [Source]

US – Years Before RFID Baggage Tracking Takes Off

According to findings released by ABI Research, the market for RFID baggage tagging will be worth $11.8 million this year. It will grow at a compounded annual growth rate of 18.49% through 2011, when the market value will reach $27.5 million. While RFID-enabled baggage track-and-trace has received quite a bit of press, these figures indicate that in fact the market opportunity is quite small. Even with the decent growth projected by ABI, the numbers are not significant enough to represent a material contribution to the overall RFID market in the near- to medium-term. [Source]

US – Survey: Marketers Need To Address Security Breach Response

A new CMO Council report, “Secure the Trust of Your Brand: How Security and IT Integrity Influence Corporate Brands,” found that only 29% of marketers said their companies have a crisis plan in the event of a security breach. The author of the study said that without a crisis plan and other security measures in place, companies run the risk of losing hundreds of millions of dollars in market value. This lack of preparedness also poses a risk to the company’s reputation and brand trust. [Source]

US – U.S. Commerce Department Hacked Again

A Commerce Department bureau was the target of a successful attempt to access employees' user accounts on its computer network. The attack, which was discovered in July and recently came to public attention, specifically focused on the Department's Bureau of Industry and Security, which is responsible for such areas as export control and treaty compliance. Chinese hackers were able to gain access to its computers and install rootkits and other malware. [Source] [Source]

UK – Home Office Minister Says “ID Cards Will Now Be Implemented Rapidly”

Home Office Minister Liam Byrne confirmed that ID cards will be implemented rapidly, starting with biometric cards for foreign nationals in 2008. These will prove eligibility to work and provide the vast majority of legitimate employers with a simple, secure means of checking entitlement to work. Fingerprinting of visa applicants will be expanded to cover all visa-issuing posts by April 2008, protecting our borders from those seeking to enter the UK illegally and abuse free public services. An Identity Management Action Plan will also be produced by the end of the year and a series of detailed plans on how other government departments will benefit from using ID cards will be commissioned. Home Office Minister Liam Byrne said: “The way we prove our identity is changing. By requiring a standard secure way for people to prove their identity when accessing services, it will be much harder for people here illegally to carry out their daily business. “Illegal working will become far more difficult as the National Identity Scheme is rolled out. Any employer would be able to check a person’s unique reference number against registered information about their identity to find out whether someone is eligible to work in the UK. “ID cards will give us a powerful tool to combat identity fraud which underpins organized crime, terrorism and abuse of the immigration system. ID cards will also help transform the delivery of public services to the citizen, making interactions swifter, more reliable and more secure and helping to reduce costs by eliminating wasteful duplication of effort.” [Source]

EU – New Interim Deal on EU Passenger Travel Data

Seeking to balance the U.S. fight against terrorism with European demands for privacy, EU and American negotiators reached a deal late last week on disclosing extensive personal information about travelers flying from the 25-nation bloc to the U.S., including passenger names, addresses, e-mail accounts, phone numbers, travel itineraries, meals served on board, and credit-card details. A previous agreement expired last month, creating a dilemma for the airlines. Civil liberties advocates argue that the U.S. fight against terrorism is violating basic rights in Europe. After months of negotiations and a final, nine-hour videoconference, the U.S. won approval of its demand that U.S. intelligence and law enforcement agencies be allowed to share and study the European information more easily to track down terrorists. The new deal will be formally approved by the Justice Ministers across EU that meet this week. The agreement will be in force until the end of July 2007, but new negotiations for a permanent deal will probably begin in November. [Source] [Source] [Source] [Source] [Source]

CA – TTC to Deploy Video Surveillance on City Buses and Streetcars

March Networks, a leading provider of digital video surveillance solutions, announced that the Toronto Transit Commission (TTC) has selected them for mobile video surveillance on its city buses and streetcars. Toronto City Council has approved funding for the project that will begin with deployment on 100 vehicles. The remainder of the funding will be a part of the 2007 budget process, with City Council and the TTC considering this project to be a priority. The entire fleet of TTC buses and streetcars totals more than 1750 vehicles. [Source]

US – FTC Plans Tougher Telemarketing Rules

The FTC is considering changes to the Telemarketing Sales Rule (TSR) related to proposals that would prohibit the use of prerecorded messages answered by consumers or create new restrictions on those calls. The FTC denied a petition that sought to allow telemarketers to deliver prerecorded messages to consumers with whom the company has an existing business relationship. Instead, the FTC is proposing a new amendment that would prevent telemarketers from delivering prerecorded messages when consumers answer – except under the call-abandonment safe harbor or after a consumer has consented, in writing, to receive those calls. [Source]

US – President Bush Asserts Authority to Alter DHS Privacy Reports

Congress approved a bill that stated that only the privacy officer could change, delay or prohibit the Department of Homeland Security’s (DHS) mandatory annual privacy report. President Bush signed the bill. However Bush attached a signing statement to the department’s 2007 spending bill that stated he will interpret that section “in a manner consistent with the President’s constitutional authority to supervise the unitary executive branch.” DHS issued its last privacy report in February 2005. [Source]

US – Treasury Dept IG: IRS Needs To Pay More Attention to Privacy

The Internal Revenue Service (IRS) has some shortfalls to make up when it comes to protecting the privacy of 130 million taxpayers, according to a Treasury Department Inspector General’s report. The report indicates that the agency has completed privacy impact assessments in less than half of its computer systems. Recommendations include improvements in conducting and documenting the privacy assessments and a review of employee privacy training. [Source]

US – FTC to Hold Hearings on Consumer Protection Implications of Technology

Dave Morgan, the chairman of Tacoda, is urging companies to “pay attention and get involved” in the Federal Trade Commission’s (FTC) upcoming hearings 6-9 November on “Protecting Consumers in The Next Tech-ade.” The FTC is gathering experts in technology, industry leaders, scholars and analysts to give testimony on the direction of consumer technology in the next decade and the need for consumer protection online. Morgan is one of the experts who will be testifying, according to this column. [Source] [FTC Website: Protecting Consumers in the Next Tech-Ade ]

US – Senator Clinton Introduces Privacy Bill

Sen. Hillary Rodham Clinton (D-NY) has introduced a privacy bill, S 3713, the “Privacy Rights and Oversight for Electronic and Commercial Transactions Act of 2006” (PROTECT Act). Senator Clinton’s bill calls for a comprehensive privacy agenda: a Privacy Bill of Rights that secures the interests of consumers; stronger medical privacy protections; and clear rules for new intelligence techniques to make sure the public knows its rights and the government’s limits. [Source]

US – Court Rules Marine Had Reasonable Expectation of Privacy in Work Email

The U.S. Court of Military Appeals has ruled that a service member had a protected privacy interest in e-mail messages she transmitted over a government computer network, notwithstanding a logon message advising that her use of the government's network was subject to monitoring. The court noted that the defendant alone possessed the password to her e-mail account, and the network's logon warning mentioned only "monitoring," not searching through e-mail messages for law enforcement purposes. [Source]

--------