Thursday, August 28, 2008

New oversight, stiffer penalties approved for snooping into patient records

When reading this headline of the Los Angeles Times I felt torn. On one hand, it's good to know there appears to be a lot of effort being made by the Legislature to crack down on those that snoop in others medical records. Yet, because there is this attention that can only mean one thing: this is a problem that has become an epidemic - all too common and all too easy.

Before I get to the article, let me first provide information to those that feel they might have been a victim of medical idenitity theft - even if its just a suspicion that someone snooped in your records. It happens to be that the World Privacy Forum has a whole section dedicated to this very problem and what to do about it. Check it out here.

Now to the Los Angeles Times article on what's being done in Sacramento about this:

...the state Senate approved a measure that would require hospitals to draft a plan to safeguard patient information and set up a new state Office of Health Information Integrity with power to review plans and violations and assess fines of up to $250,000 against people who violate patient privacy. A companion bill, which the Senate has yet to act on, would allow fines of up to $250,000 against healthcare providers in case of breaches.

... person at UCLA viewed confidential patient information more than 900 times. Monica Wagner, a deputy director of the state Department of Public Health, said 30 snooping cases have been reported statewide in the last two years, and more are believed to be occurring but go unreported.


The Jones bill, which is supported by the California Hospital Assn., would hold individual employees accountable for rogue behavior in cases in which hospitals have done everything possible to keep records private.

Alquist's measure, SB 541, would increase fines against individuals and health facilities for serious medical errors from the current maximum of $50,000 to a limit of $125,000.

Click here to read more.

Wednesday, August 27, 2008

Bill that would turn pharmacists into drug marketers brought back from dead in last minute legislative maneuver

AB 10 - a bill nearly identical to one ALREADY defeated in the legislature by consumer rights groups during this session - is being brought to a last minute Senate floor vote as early as this week at the behest of drug store chains and a drug marketing company seeking to bypass proper legislative review.

AB 10 would change California's Confidentiality of Medical Information Act to allow pharmacists to deliver paid advertising for drugs that are alternatives to the medication prescribed by the patient's physician at the very moment the pharmacist is dispensing the prescribed drug.

CFC’s opposition to this bill is primarily due to the increasingly intrusive direct marketing techniques used to promote pharmaceutical drugs to consumers - but there are privacy implications to consider here too. For one, the bill requires that consumer’s opt-out if they prefer to not be marketed to by their pharmacist, when it just as easily could have been opt-in - the WRONG precedent to set.

The Privacy Rights Forum points out other potential privacy related problems with the bill in its original opposition letter to AB 1587:

"...the bill does not consider the issue that consumers tend to be confused about the confidentiality of their communications in this kind of blurred advertising context. If consumers, thinking that their communications with their pharmacist are protected under HIPAA (which they are) then take the step to call the phone numbers and use the web sites in the advertising their pharmacist gave them, then those communications from the consumer are not covered under HIPAA. Pharmaceutical companies will be able to use all consumer information they acquire for direct to consumer marketing."

"...the opt-out language in this bill is onerous for consumers. There is no clear, strong prohibition on the marketing use of opt-out infomration by any companies contacted for opt-out purposes."

"...Fourth, the sponsorship disclosures are inadequate. All paid advertising disclosure should also include a very prominent disclosure next to any advertising contact information that informs consumers that any information they give through calling the phone numbers or giving information to the advertiser's web site will not be covered under HIPPA. Consumers need to clearly know that their coommunications with advertisers are not protected under HIPAA."

Click here to tell your Senator to oppose this bill.

Just to add a bit more, these ads would be written and paid for by third parties, including drug companies, but would be presented by the pharmacist to the patient as health information sheets. The effect of the ads would be to suggest to a patient a course of treatment that is different from the treatment prescribed by the patient's physician. Consumers hold pharmacists in high regard in large part because they are neutral experts on pharmaceutical drugs.

By turning pharmacist into drug marketing agents, AB 10 would abuse this trusted patient-pharmacist relationship. We shouldn't change the law to allow pharmacists to make subtle recommendations that call into question the physician's prescribed course of treatment.

Monday, August 25, 2008

Va. privacy advocate gets partial win in SSN postings case

Some great news to report! BJ Ostergren, otherwise known as the Virginia Watchdog, "who challenged a Virginia law against posting Social Security numbers on the Internet won a partial victory Friday when a federal judge ruled her Internet postings are protected by the Constitution." While this is a victory, it falls just short of the "whole enchilada", as the judge did not overturn the law that inspired this case (which bans the public from publishing the same information that the government was posting)

You can read my initial post on the details of this case here.

I'm sure I'll post more on this victory in the coming days, but for now, let's get to the decision.

The AP Reports:

On her site, Ostergren has posted public documents — primarily land records — containing the Social Security numbers of prominent people and court officials. Her purpose is to demonstrate that government has failed to protect individuals' privacy. She claimed in her lawsuit that government can't publish the information and then punish citizens for distributing it.

Payne agreed, saying Ostergren's activities were protected by the First Amendment.

"It is difficult to imagine a more archetypal instance of the press informing the public of government operations through government records than Ostergren's posting of public records to demonstrate the lack of care being taken by the government to protect the private information of individuals," Payne wrote.


Kent Willis, executive director of the American Civil Liberties Union in Virginia, said the judge recognized the new law as censorship. The ACLU represents Ostergren in the lawsuit.

"In the end, it appears this law was passed not for the purpose of protecting Social Security numbers but to silence a critic of the state's failure to protect such numbers from identity thieves," Willis said.

Click here to read more.

How RFID Tags Could Be Used to Track Unsuspecting People

Questions and concerns surrounding RFID technology, and what degree it could undermine the individuals right to privacy are complicated and largely "yet to be determined". At CFC, we believe that before we jump head first into the full fledged implementation of any technology that raises the kinds of questions this article will examine we should take a step back and do the kind of thorough review of the pros and cons first.

Then, based on what we find, put in place common sense regulations and safeguards...using the Constitution and our right to privacy as the most important factors in formulating public policy...rather than factors like so called "consumer convenience" and corporate profit.

With that said, this article in Scientific American by Katherine Albrecht is about as thorough an examination of RFID technology and the variety of possible ways in which it can be used for purposes that would literally put an end to the right to privacy as we know it today as you'll find anywhere.

Put it this way, do you think big business, the military industrial complex, and the government, with literally billions of dollars at stake, and an unimagined ability to monitor and control the public at large, will feel an obligation to protect your privacy? Of course not.

This leaves us only one recourse, establish rules and regulations NOW, before it's too late.

Albrecht writes:

The new licenses come equipped with radio-frequency identification (RFID) tags that can be read right through a wallet, pocket or purse from as far away as 30 feet. Each tag incorporates a tiny microchip encoded with a unique identification number. As the bearer approaches a border station, radio energy broadcast by a reader device is picked up by an antenna connected to the chip, causing it to emit the ID number. By the time the license holder reaches the border agent, the number has already been fed into a Homeland Security database, and the traveler’s photograph and other details are displayed on the agent’s screen.


In 2007 British security consultant Adam Laurie cracked the encryption code on a U.K. passport and “skimmed,” or remotely read, its personal information—while it was still sealed in its mailing envelope. Around the same time, German security consultant Lukas Grunwald copied the data from a German passport’s embedded chip and encoded it into a different RFID tag to create a forged document that could fool an electronic passport reader. Investigators at Charles University in Prague, finding similar vulnerabilities in Czech e-passports, wrote that it was “a bit surprising to meet an implementation that actually encourages rather than eliminates [security] attacks.”

Yet these demonstrated security problems have not slowed the adoption of RFID. On the contrary, the technology is being deployed for domestic ID cards around the world. Malaysia has issued some 25 million contactless national identity cards. Qatar is issuing one that stores the cardholder’s fingerprint in addition to personal information. And in what industry observers are calling the single largest RFID project in the world, the Chinese government is spending $6 billion to roll out RFID-based national IDs to nearly one billion citizens and residents.

There is an important difference, however, between other nations’ RFID-based ID cards and Homeland Security’s new driver’s licenses. Most countries’ contactless national IDs and e-passports have adopted an RFID tag that meets an industry standard known as ISO 14443, which was developed specifically for identification and payment cards and has a degree of security and privacy protection built in. In contrast, U.S. border cards use an RFID standard known as EPCglobal Gen 2, a technology that was designed to track products in warehouses, where the goal is not security but maximum ease of readability.


If the idea that corporations might want to use RFID tags to spy on individuals sounds far-fetched, it is worth considering an IBM patent filed in 2001 and granted in 2006. The patent describes exactly how the cards can be used for tracking and profiling even if access to official databases is unavailable or strictly limited. Entitled “Identification and Tracking of Persons Using RFID-Tagged Items in Store Environments,” it chillingly details RFID’s potential for surveillance in a world where networked RFID readers called “person tracking units” would be incorporated virtually everywhere people go—in “shopping malls, airports, train stations, bus stations, elevators, trains, airplanes, restrooms, sports arenas, libraries, theaters, [and] mu­­se­­ums”—to closely monitor people’s movements.

According to the patent, here is how it would work in a retail environment: an “RFID tag scanner located [in the desired tracking location]... scans the RFID tags on [a] person.... As that person moves around the store, different RFID tag scanners located throughout the store can pick up radio signals from the RFID tags carried on that person and the movement of that person is tracked based on these detections....The person tracking unit may keep records of different locations where the person has visited, as well as the visitation times.”

The fact that no personal data are stored in the RFID tag does not present a problem, IBM explains, because “the personal information will be obtained when the person uses his or her credit card, bank card, shopper card or the like.” The link between the unique RFID number of the tag and a person’s identity needs to be made only once for the card to serve as a proxy for the person thereafter. Although IBM envisioned tracking people via miniature tags in consumer goods, with today’s RFID border cards there is no need to wait for such individual product tags to become widespread. Washington’s new driver’s licenses would be ideally suited to the in-store tracking application, because they can already be read by Gen 2 inventory scanners in use today at stores such as Wal-Mart, Dillard’s and American Apparel.


If RFID tags can enable an amusement park to capture detailed, personalized videos of thousands of people a day, imagine what a determined government could do—not to mention marketers or criminals. That is why my colleagues in the privacy community and I have so firmly opposed the use of RFID in government-issued identity documents or individual consumer items. As far back as 2003, my organization, CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering)—along with the Privacy Rights Clearinghouse, the Electronic Privacy Information Center, the Electronic Frontier Foundation, the American Civil Liberties Union, and 40 other leading privacy and civil liberties advocates and organizations—recognized this threat and issued a position paper that condemned the tracking of human beings with RFID as inappropriate.

In response to these concerns, dozens of U.S. states have introduced RFID consumer-protection bills—which have all been either killed or gutted by heavy opposition from lobbyists for the RFID industry. When the New Hampshire Senate voted on a bill that would have imposed tough regulations on RFID in 2006, a last-minute floor amendment replaced it with a two-year study instead. (I was appointed by the governor to serve on the resulting commission.) That same year a California bill that would have prohibited the use of RFID in government-issued documents passed both houses of the legislature, only to be vetoed by Governor Arnold Schwarzenegger.

On the federal level, no high-profile consumer-protection bills related to RFID have been passed. Instead, in 2005, the Senate Republican High Tech Task Force praised RFID applications as “exciting new technologies” with “tremendous promise for our economy” and vowed to protect RFID from regulation or legislation.

CFC has been actively supporting a host of California bills designed to regulate the use of RFID technology. As Ms. Albrecht points out, the most far reaching of these was vetoed two years ago by the Governor, and in an effort to appease him this year, some of the bills have been greatly watered down or abandoned altogether.

Nonetheless, progress is being made on this issue in the golden state, with the help of legislators like Senator Joe Simitian, and organizations like the ACLU, the Privacy Rights Clearinghouse, and many others. I posted on the latest news coming from the Legislature on the RFID regulation bills still alive in the legislature last week (One update to that post to mention: SB 29 has passed the Senate by a vote of 27 to 8, and now moves on to the Governor's desk).

Click here to read the rest of article in Scientific American.

Friday, August 22, 2008

New Guidelines Would Give F.B.I. Broader Powers

Is it me or does it seem like as we near the end of this 8 year nightmare the effort being made by the White House to cement and expand their power, weaken the constitution, and install a kind of police state is operating on overdrive?

I try here to stick as best I can to consumer related privacy issues - in particular those that meet at the intersection of civil liberties and technology - but it's getting more and more difficult to discuss much else than the latest government attempts to imprison, monitor, record, and wiretap American citizens.

Just some of these so called "counterterrorism" programs the administration has been looking to formalize and expand was the recent executive order ratifying new roles for intelligence agencies, the authorization of greater sharing of intelligence information with the local police, and expansion of record keeping of American citizens that cross the border.

And here's the latest mind bender to report. This time it's the FBI (hard to tell all these agencies apart when it comes to the issue of privacy these days) that's looking to broaden their power to assault yours and mine...with a little help from none other than our "Justice" Department. Sigh...

The New York Times reports:

A Justice Department plan would loosen restrictions on the Federal Bureau of Investigation to allow agents to open a national security or criminal investigation against someone without any clear basis for suspicion...The plan, which could be made public next month, has already generated intense interest and speculation. Little is known about its precise language, but civil liberties advocates say they fear it could give the government even broader license to open terrorism investigations.


The senators said the new guidelines would allow the F.B.I. to open an investigation of an American, conduct surveillance, pry into private records and take other investigative steps “without any basis for suspicion.” The plan “might permit an innocent American to be subjected to such intrusive surveillance based in part on race, ethnicity, national origin, religion, or on protected First Amendment activities,” the letter said. It was signed by Russ Feingold of Wisconsin, Richard J. Durbin of Illinois, Edward M. Kennedy of Massachusetts and Sheldon Whitehouse of Rhode Island.


In 2002, John Ashcroft, then the attorney general, allowed F.B.I. agents to visit public sites like mosques or monitor Web sites in the course of national security investigations. The next year, Mr. Bush issued guidelines allowing officials to use ethnicity or race in “narrow” circumstances to detect a terrorist threat.

The Democratic senators said the draft plan appeared to allow the F.B.I. to go even further in collecting information on Americans connected to “foreign intelligence” without any factual predicate. They also said there appeared to be few constraints on how the information would be shared with other agencies.

Michael German, a lawyer with the American Civil Liberties Union and a former F.B.I. agent, said the plan appeared to open the door still further to the use of data-mining profiles in tracking terrorism. “This seems to be based on the idea that the government can take a bunch of data and create a profile that can be used to identify future bad guys,” he said. “But that has not been demonstrated to be true anywhere else.”

And there we are. Right back to my post from yesterday, in which I said (and I apologize for repeating myself but it applies again here):

Every time I hear about the latest program designed to whittle away at our right to privacy and the liberty that it affords us - and how its somehow "necessary to save us from terrorists and illegal immigrants" - I wonder if I'm the only one who remembers that our government had ALL THE INFORMATION NECESSARY to prevent 9/11...but they just happened to fail miserably in doing so? No amount of wiretapping, monitoring, surveillance, or recording and storing of our personal data would have changed what happened on that fateful day...the only change such actions bring us is a country that is no longer free...which kind of defeats the purpose doesn't it?

Thursday, August 21, 2008

Citizens' U.S. Border Crossings Tracked - Data From Checkpoints To Be Kept for 15 Years

I felt guilty not posting this rather disturbing story yesterday regarding the latest gross infringement on our right to privacy by the federal government. Of course, the government is going to it's ace in the hole: the program is all about keeping us safe from those drug-running Mexicans and wanna be terrorists! Ha!

The Washington Post reported on Wednesday the latest doozie coming from the Department of Homeland Security - the keystone cops of national security: A database that tracks every American citizen’s border crossings and catalogs the data for as long as 15 years, with essentially little or no privacy protections to prevent abuse.

The Washingto Post reports:

The federal government has been using its system of border checkpoints to greatly expand a database on travelers entering the country by collecting information on all U.S. citizens crossing by land, compiling data that will be stored for 15 years and may be used in criminal and intelligence investigations.

Officials say the Border Crossing Information system, disclosed last month by the Department of Homeland Security in a Federal Register notice, is part of a broader effort to guard against terrorist threats. It also reflects the growing number of government systems containing personal information on Americans that can be shared for a broad range of law enforcement and intelligence purposes, some of which are exempt from some Privacy Act protections.


The volume of people entering the country by land prevented compiling such a database until recently. But the advent of machine-readable identification documents, which the government mandates eventually for everyone crossing the border, has made gathering the information more feasible. By June, all travelers crossing land borders will need to present a machine-readable document, such as a passport or a driver's license with a radio frequency identification chip.


Critics say the moves exemplify efforts by the Bush administration in its final months to cement an unprecedented expansion of data gathering for national security and intelligence purposes..."People expect to be checked when they enter the country and for the government to determine if they're admissible or not," said Greg Nojeim, senior counsel at the Center for Democracy & Technology. "What they don't expect is for the government to keep a record for 15 years of their comings into the country...This database is, in a sense, worse than a watch list," he said. "At least in the watch-list scenario, there's some reason why the name got on the list. Here, the only thing a person does to come to the attention of DHS is to lawfully cross the border. The theory of this data collection is: Track everyone -- just in case."


DHS and other agencies are amassing more and more data that they subject to sophisticated analysis. A customs document issued last month stated that the agency does not perform data mining on border crossings to glean relationships and patterns that could signify a terrorist or law enforcement threat. But the Federal Register notice states that information may be shared with federal, state and local governments to test "new technology and systems designed to enhance border security or identify other violations of law." And the Homeland Security Act establishing the department calls for the development of data-mining tools to further the department's objectives.

That raises concerns, privacy advocates say, that analyses can be undertaken that could implicate innocent people if appropriate safeguards are not used.


Because of privacy concerns, Washington state earlier this year opted for the queries-only approach. The Canadian government made the same decision. "There was absolutely no way they should have the entire database," said Ann Cavoukian, Ontario's privacy commissioner, who learned about the Canadian government's decision in April. "Once you have data in a database you don't need, it lends itself to unauthorized use," she said. "You have no idea of the data creep."

Every time I hear about the latest program designed to whittle away at our right to privacy and the liberty that it affords us - and how its somehow "necessary to save us from terrorists and illegal immigrants" - I wonder if I'm the only one who remembers that our government had ALL THE INFORMATION NECESSARY to prevent 9/11...but they just happened to fail miserably in doing so?

No amount of wiretapping, monitoring, surveillance, or recording and storing of our personal data would have changed what happened on that fateful day...the only change such actions bring us is a country that is no longer free...which kind of defeats the purpose doesn't it?

Two RFID Regulation Bills Close in On Governor Schwarzenegger's Desk

CFC and a host of other privacy protection organizations have been working hard for two years now in support of Senator Joe Simitian's landmark RFID regulation bills - SB 28, SB 29, SB 30, and SB 31. In the end, it appears out of the four bills, two, in amended form, have a shot at winning approval in the legislature and being signed by the Governor, and two, for all intents and purposes, are dead.

The Bad News...

1. SB 28 - in its original form it would have prohibited the state government from using RFID in driver's licenses for a period of three years.

Bill Status: The bill was considered unequivocally "Dead on Arrival" - with no chance of earning the Governor's signature - and recently morphed into a completely different piece of legislation dealing with the prohibition of texting while driving a motor vehicle.

2. SB 30 - the gold standard for RFID reform legislation - would have created interim privacy safeguards for any existing RFID-enabled government ID's, such as those used by students in the state college system.

Bill Status: The Governor has promised a veto of the bill and it is unlikely that it will be brought up for a floor vote in the Assembly.

The Good News...

1. SB 29 - what began as a bill that would have imposed a three-year moratorium on the use of RFID technology in public school ID cards has unfortunately been substantially modified. In its current form, SB 29 will allow RFID for attendance/tracking purposes at school if parents give their expressed and informed consent. It does not contain requirements for encryption nor does it require school districts to tell parents how the technology works and what parents should do to prevent risk.

It goes without saying that these amendments are a disappointment for privacy advocates. CFC believes that proper encryption technologies are a critical component to any RFID regulatory efforts, and we are concerned that without these standards this bill could possibly stunt more aggressive action in other states - as California is looked to as a leader on privacy issues (among others). In defense of the legislation however, is that the bill in its original form very likely would have been vetoed by the Governor. At least in this case, parents' will have an opportunity to "opt-in" and give consent rather than RFID being thrust upon them with no choice in the matter.

In the end, CFC will support this less than perfect bill.

A statement from the ACLU, who also remained in support, but withrew their sponsorship read:

The notice and affirmative parental consent are integral first steps toward protecting students' privacy and security. And, they would ensure that parents have the opportunity to consent to the use of RFID chips on their children. However, we believe that it is critical for privacy and security that any RFID devices issued to students include basic substantive protections to ensure that personal information on RFID tags is not read at a distance by unauthorized individuals who could use such information to track or otherwise harm schoolchildren.

People – especially children – should be afforded the basic protections of (1) restricting the personal information in the RFID chip to a unique number, and (2) requiring that the device be fitted with a shield device to minimize unauthorized reading and misuse of the data.

Bill Status: SB 29 passed off the Assembly Floor, and is on its way back to the Senate Floor on Concurrence. The vote was 44 to 31 - a blow to the hordes of industry lobbyists working the gate and the halls in opposition.

2. SB 31 - would make it illegal to "skim" or surreptitiously read data from an RFID document without the knowledge and consent of the ID holder.

Bill Status: is awaiting amendments on the Assembly Floor. As this measure has the support of all sides now (including the formerly American Electronics Association who opposed the bill ) it has the best chance of being signed into law of all the RFID measures this year.

Tuesday, August 19, 2008

Google Privacy Practices Worse Than ISP Snooping, AT&T Charges

I want to continue to follow up on the whole "Google is horrible on privacy issues" story. Because let's face it, how goes Google, is going to have a major impact on how goes a lot of things when it comes to industry privacy practices and policies.

While I take anything AT&T claims with a big grain of salt, I did notice this article in Wired magazine in which they trash Google's privacy practices.

Ryan Singel writes:

Online advertising networks -- particularly Google's -- are more dangerous than the fledgling plans and dreams of ISPs to install eavesdropping equipment inside their internet pipes to serve tailored ads to their customers, AT&T says.

At least that's what the company told Congress in a letter early this week, responding to four prominent House lawmakers who are bird-dogging ISPs about their online profiling practices. Those lawmakers asked 33 internet companies on Aug. 1 to explain some of their monitoring practices, Most have replied.


AT&T rightly points out that Google can know almost as much a snooping ISP could -- which, is the case for users who install Google's toolbar and don't know to opt out of Google's Web History program. And if Google does combine its third-party cookie information, with user's search histories, with Gmail summaries, and with Google Analytics data, among other data sources, they would be a proper domestic intelligence agency.


AT&T goes on to say then that because of Google's singular ability to gather online data that online advertising networks are substantially similar to ISPs monitoring their customers. Google and Yahoo are perhaps the only two online empires that AT&T could realistically point towards to make that argument.


But the argument is also just wrong. You pay your ISP to carry your traffic to and fro. It can see everything you do online, unless you take extreme measures. It could know where you bank, the contents of your emails and chats, what sites you shop at, what you search about --regardless of search engine -- and everything you read or watch online.

Your ISP does not need to be peering into your traffic to decide whether to show you ads for hemorrhoid cream or sports bobble heads.

Stay tuned, as the House Energy and Commerce Committee that has been taking on ISPs that want to or have watched what their customers do online in order to serve them targeted ads appears to be nearing an online privacy omnibus bill. In addition, this month's unprecedented decision by the FCC to punish Comcast for its secret and deceptive interference with file sharing traffic also bodes well for privacy advocates.

Friday, August 15, 2008

Judge hears arguments in privacy advocate’s (i.e. BJ Ostergren - The Virginia Watchdog) lawsuit!

I've got a little breaking news on BJ Ostergren's lawsuit against the Virginia government to report today. She sent me an AP article published today detailing the status of the case (now waiting for Judge's decision).

For those that need some refreshing, BJ Ostergren is the Virginia-based privacy advocate who has been fighting to stop county and state governments from posting public records containing Social Security numbers (among MANY other private pieces of information) on their Web sites.

With the help of the ACLU, she has been doing battle (as in sue the government) against an amendment to a Virginia law that bars individuals from disseminating any of those SSN numbers, even if they obtain them legally from public records.

In recent years, Ms. Ostergren has chronicled dozens of cases in which local governments have inadvertently exposed Social Security numbers and other personal data through their Web sites. As part of her strategy to highlight the seriousness of the issue, she started posting the Social Security numbers of public figures that she accessed via government sites on her Web site. You know, people like Jeb Bush and Colin Powell for instance. As one might surmise, this didn't make "the government" too happy.

Before I get to the article, I want to briefly touch upon what makes this trial so critical to our understanding of both what constitutes an individuals right to privacy and what in turn, constitutes a "public record".

I would argue that our constitutional right to privacy has been so distorted, diluted and subverted by Big Government and Big Business that it functions less and less as a tool to protect the rights of the public from those in power, and more and more about protecting those in power from the public.

Similarly, the concept of open government, and what should and should not be of “public record”, has also been distorted and subverted to such a degree that often times - rather than serving to educate the people on the important issues facing the country or giving us the tools to hold those in power accountable - it instead serves to violate our privacy.

It happens to be, that the case of Ms. Ostergren is a prime example of the disparity in how the principles of privacy and open government apply to us common folks versus those walking the halls of government and the corporate board rooms. Think about it. Government websites are posting the most private of information about people under the auspices that they are “public records” – including social security and bank account numbers.

A woman (Ostergren) begins demanding this private information be removed from government websites. The government refused so she started posting the private information of major political officials on her website, information she gleaned from the very government websites she was trying to reform. Rather than oblige, the government wrote a law making it illegal for a citizen to post the very same information they were.

So the government is arguing that they won’t black out our social security numbers on court records that they post because those qualify as “public records” - and are somehow important for the public to have access to - yet they outlaw anyone posting the same info about them? The old adage "Do as I say, not as I do" comes immediately to mind.

Black is white, white is black. If this isn't an example of the subversion of both the principle of privacy AND open government I don’t know what is.

The Associated Press Reports:

A federal judge said Thursday that it won’t be easy deciding whether a new Virginia law barring individuals from posting Social Security numbers on the Internet is unconstitutional.


The law targeted by Ostergren took effect July 1, the same day as another law requiring court clerks to post all land records online. Some of those records contain Social Security numbers, and the General Assembly hasn’t funded an initiative to block out those numbers.


Ostergren claims in her lawsuit that the government can’t publish Social Security numbers and then punish citizens for distributing the same documents. Attorneys for the state argue that Social Security numbers are not constitutionally protected speech and that the law is a reasonable attempt to prevent identity theft.

Payne at times sounded sympathetic to both sides as he questioned the lawyers on what he described as an area of law that “hasn’t become mature.”


Payne described the statute that Ostergren is challenging as a “stopgap measure” to combat identity theft until a more comprehensive remedy can be developed. But Rebecca Glenberg, an American Civil Liberties Union attorney representing Ostergren, said if solving the problem is really a priority the government should make sure the numbers don’t appear on its own Web sites rather than go after her client.

“The scale on which she makes these numbers available is minuscule compared to the scale on which the government makes them available,” Glenberg said.

Once we recognize the real purpose that these two diverging, and often oppositional principles of open government and privacy are meant to serve - such as the strengthening of our democracy and protection of liberty - the challenge then becomes how to balance the need for each, as both are fundamental principles that our nation was founded upon.

I found the following conclusion by Seton Hall Law School professor Daniel Solove to be especially salient in regards to this topic:

"It is my thesis that both transparency and privacy can be balanced through limitations on the access and use of personal information in public records. Of course, we must rethink what information belongs in public records. But we must also regulate the uses of our digital biographies. Government is not doing enough to protect against the uses of the information that it routinely pumps into the public domain."

And Privacy Rights Clearinghouse hits the nail on the head with this:

"Government agencies and courts must ask themselves what public policy objectives they are accomplishing by making records available on the Internet, particularly those containing personal information. Would there be a way to limit the amount of personally identifiable information posted on the Net without undermining the public policy purpose of making records accessible on the agency's website?"

Click here to read the rest of the article.

Thursday, August 14, 2008

GPS-based car insurance faces security concerns

As I have written about here in the past, a broad coalition of organizations, from consumer rights groups like the Consumer Federation of California (us) and Consumer Watchdog, to privacy rights groups like the ACLU, Privacy Rights Clearinghouse, and the Electronic Frontier Foundation, are opposed to Assembly Bill 2800 (Huffman).

This so called "Pay as You Go" law would requires insurance companies to base the auto insurance rates charged in California primarily on a motorist’s 1) driving safety record, 2) annual miles driven and 3) years of driving experience.

There are a number of reasons why our coalition opposes this kind of policy-making - most notably related to privacy and economic justice. Before I get to the privacy aspects, here's a bit more on why this a bad bill.

AB 2800 would create an unfair system of insurance discrimination in which similarly situated policy holders would pay different prices. Under AB 2800, an insured who participates in an insurance company’s optional “green” plan would pay a lower insurance rate than a similarly situated policy holder who drove an identical number of miles but who did not participate in the same insurance company’s “green” plan. If every other factor about the policy holders is the same, the fact that one is not a participant in a program would unfairly result in a higher premium under AB 2800.

Now to the privacy aspect of the bill, and how it relates to the article I'm going to post today. AB 2800 would allow insurance companies to require drivers to use technological devices in their cars, or pay a higher rate if they refuse. The mileage program is nominally “voluntary,” but its permissive language would result in mandatory GPS monitoring, since a driver would be forced to pay more if he or she did not participate. There is no language in the bill limiting the information that an insurer may collect from a GPS device.

This raises significant privacy concerns regarding collection of data on consumers’ driving habits, destinations and other information that is not germane to the objective of verifying the total miles driven.

Now I point you to exhibit A - an article in Computing, a UK web magazine.

Angelica Mari reports:

The adoption of GPS technology for underwriting processes in the automotive industry may present potential security concerns. While wrong use of data could have an adverse effect in ways that might not have been foreseen, such as affecting house prices, the same ambiguity can also be found in the automobile insurance space.


But despite its apparent attractions, management of the technology represents a challenge to businesses, said Martha Bennett, research director for financial services at analyst Datamonitor. "The question is, how do insurers ‘draw the line’ when the driver switches off the system – do they switch it off legitimately because they are on their lunch hour, or do they do it deliberately because they are about to commit a crime?”


In such schemes, GPS-based systems are used to assess premiums to be paid by insurance companies depending on whether cars run on accident-prone areas, but there is also the potential risk of privacy invasion.

Other points of debate include the right for police or government agencies to ask for such data and how long the data should be kept if they ask for GPS records from insurer, because there is reason to believe a vehicle has been used for a crime,” said Bennett.

I suspect this debate over using GTS monitoring to determine insurance rates is in its early stages, and apparently the UK, as with California, are examples of what's to come. What's interesting about these two, is the UK is notoriously bad on privacy rights issues and California is notoriously good. We'll see how this issue plays out in each, and how that might influence future debate in other states and nations.

Wednesday, August 13, 2008

China, the Surveillance State, and Us

As I've been watching the Olympics, and learning more about the incredibly invasive surveillance methods utilized by China's government, I got to thinking about a couple things. One, in what way are American and other nation's corporations facilitating, supplying, or enhancing these state of the art surveillance and monitoring technologies? And two, what role might these technologies - that can monitor, track, and censor nearly everyone at all times - play in our country someday?

Once I started digging, I was increasingly dismayed by what I found. As the answer to both questions were not what I wanted to find. As in, yes, American corporations are profiting off an assortment of human rights eviscerating and privacy violating technologies being utilized in China. And yes, our government, and corporations, most certainly are using China as a testing ground for which surveillance systems oppress the public and stifle dissent most effectively.

Rather than continue to pontificate on these enormously important issues, let me direct you to two outstanding articles by experts that know far more than I.

First, here's a few clips from Naomi Klein's recent expose of how China is using the Olympics - not to create a more open society - but rather to create a more oppressive one.

Klein writes:

Much of the Chinese government’s lavish spending on cameras and other surveillance gear has taken place under the banner of “Olympic Security.” But how much is really needed to secure a sporting event? The price tag has been put at a staggering $12-billion — to put that in perspective, Salt Lake City, which hosted the Winter Olympics just five months after September 11, spent $315 million to secure the games. Athens spent around $1.5-billion in 2004. Many human rights groups have pointed out that China’s security upgrade is reaching far beyond Beijing: there are now 660 designated “safe cities” across the country, municipalities that have been singled out to receive new surveillance cameras and other spy gear. And of course all the equipment purchased in the name of Olympics safety — iris scanners, “anti-riot robots” and facial recognition software — will stay in China after the games are long gone, free to be directed at striking workers and rural protesters.


There is a bitter irony here. When Beijing was awarded the games seven years ago, the theory was that international scrutiny would force China’s government to grant more rights and freedom to its people. Instead, the Olympics have opened up a backdoor for the regime to massively upgrade its systems of population control and repression. And remember when Western companies used to claim that by doing business in China, they were actually spreading freedom and democracy? We are now seeing the reverse: investment in surveillance and censorship gear is helping Beijing to actively repress a new generation of activists before it has the chance to network into a mass movement.


It’s easy to see the dangers of a high tech surveillance state in far off China, since the consequences for people like Jun are so severe. It’s harder to see the dangers when these same technologies creep into every day life closer to home-networked cameras on U.S. city streets, “fast lane” biometric cards at airports, dragnet surveillance of email and phone calls. But for the global homeland security sector, China is more than a market; it is also a showroom. In Beijing, where state power is absolute and civil liberties non-existent, American-made surveillance technologies can be taken to absolute limits.

Click here to read the rest of Klein's rather disturbing article. But unfortunately, her article only scratched the surface of the kinds of specific new technologies China is using, and where they specifically are coming from.

For that, I found a great piece by Dmitri Vitaliev, who works extensively in the human rights and independent media, entitled Corporate Complicity With the Great Firewall. As you will notice, it's not a stretch at all to believe that these very same technologies would be welcomed additions to our own surveillance state here in America.

Vitaliev writes:

A recent (non-intrusive) scan through the website of the Chinese Ministry of Public Security revealed a number of documents listing an inventory of various security technologies. One spreadsheet details software and hardware implemented for network surveillance, packet scanning and user detection. A closer inspection reveals that the Chinese internet infrastructure employs a huge array of security products, procured from companies all around the world.


Security China 2000, the largest national security exhibition, attended by the world’s most renowned IT corporations, marked a beginning of Chinese endeavours to create the world’s most sophisticated surveillance infrastructure. It was sponsored by the Chinese Public Security Bureau, the ministry in charge of policing the internet. The meeting was attended by US-based Lucent, Sun Microsystems and Cisco, European wireless giants Nokia and Ericsson, and Canada’s Nortel Networks, among many others. The main event was China’s Golden Shield Project - an ambitious plan to link China’s national and internet surveillance networks, public record databases, CCTV cameras, speech and face recognition databases, smart cards, credit records and a myriad of regional and national ministries. Their mission was to make the network “see, hear and think” in the continuing effort to solidify state control.


An enthusiastic business partner of the Chinese state apparatus has been Cisco. Notorious for its several appearances before the US House of Representatives to explain their role in supplying virtually the entire hardware on which the Golden Shield Project operates, as well as multiple systems to assist Chinese ministries responsible for catching political and social dissidents and censoring the internet. In 1997, Cisco won the contract to supply internet “firewall boxes” and, by 2006, they supplied 60% of the Chinese market for routers, switches and other sophisticated networking gear. Its estimated annual revenue from China is $500m.

In 2003, Cisco’s “Policenet” software was rolled out as the backbone of the Chinese state security system. This software, in conjunction with Intel’s fingerprint technology, is compatible with the Chinese surveillance systems and allows a policeman stopping a person on the street to scan that person’s ID card and access instantly the individual’s past political and social behaviour, family history and recent internet activity.


It is futile to argue whether western corporations are directly responsible for the uses to which China puts their technologies. Following basic free-trade principles, products are most likely sold “as is” to (rather than customised for) the Chinese government or third-party resellers. However, just as in the arms trade, these practices have led to the creation of a hostile digital environment, inhabited by Da Ge (pinyin for Big Brother). Whenever we pause to discuss or protest China’s decision to filter websites or jail Yahoo email account holders, we must bear in mind that the technology that has made this possible was built in our own backyard.

So, as we revel in the beauty, passion, and grace displayed by Olympic athletes, as well as the joy, respect, and adulation of people around the world for this event, we should also remember that just outside of our television screen's view, Big Brother is watching...and we're supplying him with the tools to do big business and the US government contemplates how we can become just as "all seeing" as China.

Tuesday, August 12, 2008

Measure seeks restrictions on laptop searches

I want to follow up on yesterday's post regarding the government's recent assertion that they have the right to confiscate and then access anyone's laptop for any reason they deem necessary. It appears the first legislative attempt to restrict such searches is underway in Congress.

HS Today Reports:

In response to growing concerns about the search and seizure of laptops and other electronic devices by the US Department of Homeland Security (DHS) at border checkpoints, a New York congressman has introduced a bill to require the
department to establish a "reasonable suspicion" of a crime before examining electronic data, the bill's sponsor said in an editorial Friday.


The legislation also would require government agents to search any electronic devices in private. Once a laptop or any electronic data were seized, DHS would have to protect the data, to keep the data for only a limited time, to restrict the sharing of the data, and to respect a traveler's right to the return of electronic devices or data.


Critics like the American Civil Liberties Union have objected to a number of recent limitations on the Fourth Amendment to the US Constitution, which protects US citizens from unreasonable search and seizure, including the use of data under the reauthorization of the Federal Intelligence Surveillance Act (FISA) (PL 110-261), signed by President Bush on July 10.

Click here to read more.

Monday, August 11, 2008

Department of Homeland Security Wants Your Laptop Info

Michael Chertoff - our failed Homeland Security chief - has made a rather extraordinary claim this week that should have all American's concerned. Chertoff actually said that border agents have the right, for any reason they deem appropriate, to look into or even seize your laptop computer and all that it contains within. But that's not all, he also argued against creating a legal standard for searching Americans' electronics since it would "just lead to too much litigation."

So for those following this ominous turn of events, for ANY reason, YOUR laptop and everything you have stored on it, can be taken from you by the government...the same government responsible for Abu Graihb, Rendition, Guantanamo, warrantless wiretapping, military tribunals, the Patriot Act, and the evisceration of Habeus Corpus.

Senator Russ Feingold, the ONLY US Senator to vote against the Patriot Act, and the most consistent and committed privacy champion we have in Congress today, has already come out with a blistering critique of Chertoff's assertions.

Wired Magazine Reports:

Democratic Sen. Russ Feingold opposes border agents searching through Americans' laptops without cause, and he doesn't like how Homeland Security Chief Michael Chertoff articulated the government's current policy...


Feingold, an outspoken civil libertarian -- the only senator to vote against the Patriot Act -- begs to differ.

Secretary Chertoff's description of the newly published DHS policy on laptop searches was not just misleading – it was flat-out wrong. In an interview with, the Secretary stated that "[w]e only do [laptop searches] when we put you into secondary [screening] and we only put you into secondary [screening] ... when there is a reason to suspect something."

But the actual policy that DHS published says the exact opposite. It does not even mention secondary screening, let alone limit laptop searches to those cases, and it expressly states that Americans' laptops may be searched "absent individualized suspicion."

Secretary Chertoff's blatant mischaracterization of the DHS policy contradicts his claim to be engaging in greater "openness and transparency" on this important issue. His statements make it clearer than ever that as we work to protect our national security, Congress must also act to protect law-abiding Americans against highly intrusive searches.

The bad news is that the 9th U.S. Circuit Court of Appeals, considered the most liberal of the appeals circuit, ruled in May that border agents did not need any reason to look through a laptop, reversing a lower court that decided that laptops were closer to extensions of ourselves than the modern analogue of a suitcase.

I also came across a doctor's post on this recent pronouncement by the DHS, in particular how it might conflict with HIPAA (the Health Insurance Portability and Accountability Act) - the law that governs the privacy of your medical information.

Perhaps Health and Human Services (HHS) can take on DHS in defense of our medical privacy?

Here's a few clips from that post:

It (HIPAA) is very, very detailed, and requires quite a bit from your doctor. You've signed a form at the office of every provider you've visited that notifies you of your privacy rights. I cannot discuss your care in a hospital elevator. I can't send you an email regarding your health without making it very clear that any information in the email cannot be considered secure. I cannot disclose your health information to anyone else except under very specific and limited circumstances. HIPAA has radically changed the way we do things with health information (sometimes for the better, sometimes not).

Moving on to Homeland Security---DHS agents may, for any reason or none at all, seize my laptop and demand any security or encryption codes. My laptop not infrequently contains information covered by HIPAA (known as PHI, or Protected Health Information). Because of that, my laptop is secured via HIPAA-compliant security measures. Under the new DHS guidelines, I can be required to hand over my laptop and help officers access the information without any suspicion of wrong-doing. We have a little problem here...

HIPAA is often wrongly invoked. For instance, when I call another doctor's office to get information on a shared patient, the secretary will sometimes ask me for a HIPAA form signed by the patient before they give me the information. This is an incorrect application of HIPAA. The law is not designed to impede the treatment of patients.


Now, running my office and taking care of patients is about as far as my knowledge goes. What happens when an armed government agent asks me to turn over protected health information? HIPAA has a few clauses that are ambiguous to me as a doctor, specifically "Public Interest and Benefit Activities". The big get-out-of-jail free card is this one:

Required by Law. Covered entities may use and disclose protected health information without individual authorization as required by law (including by statute, regulation, or court orders).


It's time for HHS and DHS to get together and make a few clarifications for us, before we all have to further enrich our lawyers. Better yet, perhaps the ACLU could get together with other groups of converging interests and fight DHS on this one.

Clearly this is an issue that should be of utmost importance to privacy advocates, as it represents a gross and dangerous infringement on our most fundamental of constitutional protections. In other words, this is a MUST WIN battle in the long term war over what constitutes privacy in America today.

Click here to

Thursday, August 7, 2008

Metal theft bill amended to protect privacy

Here's a piece of legislation in California that had slipped under my radar. Thankfully, its because of improvements related to the privacy protection of consumers that it caught my eye. The bill is designed to crack down on metal theft - which is a widespread problem according to bill supporters - and recently cleared a key Senate committee after the author amended the measure to increase privacy protection for scrap sellers.

Now, I'm the last person that would ever claim to be a metal expert, or a metal theft expert for that matter. But, according to the article, $6 million in metal was stolen statewide in 2006. These stolen products range from copper wire on farm pumps to parts of a hospital's radiation machine and cemetery urns, affecting the emotional and physical health as well safety of people using 911, night lights at parks and farms' wind machines.

Many supporters of the bill - including law enforcement - blame much of the problem on drug addicts stealing metal to make quick sales for cash to buy more drugs.

Okay, so what does this have to do with privacy you probably are asking (and I am too)?

Let's go to the article in the Visalia Times Delta for the answer:

The Senate Public Safety Committee passed Assembly Bill 844 after it was amended to restrict the release of a thumbprint that scrap dealers must obtain from sellers of metals such as copper, stainless steel and aluminum other than beverage containers.

...its primary opponent, the American Civil Liberties Union, continued to oppose the measure even while conceding that the amendments were an improvement. "We object to government having business collect the fingerprints of their customers," said ACLU lobbyist Tiffany Mok.

The amendment requires a court-ordered warrant before a dealer must release a seller's thumb print.


Right now, dealers are supposed to keep a written record of sales or purchases that include place and date of sale, name, driver's license number and state, license plate number and state, plus description of the junk metal. AB 844 would add a thumbprint to records dealers must keep and require them to pay most sellers by check or delay cash payment for three days to allow for possible theft reports.

I'm not going to pretend to be an expert on this, but as I've said before, here, and to the press, that I am always a bit skeptical when the failed and ever expanding "war on drugs" (and sometimes crime, or both) is used as an argument to rationalize the continued assault on the individuals right to privacy.

Click here for the full article.

Wednesday, August 6, 2008

Prescription Data Used To Assess Consumers

And here I thought that the defeat of SB 1096 in the California Assembly was a landmark victory for the right to keep ones prescription medical records private! While it did represent a critical victory over drug marketers, pharmaceutical companies and retailers, the bad news is that health and life insurance companies have recently developed a "powerful new tool" to access consumer prescription drug records.

By accessing peoples' health "credit reports" - drawn from databases containing prescription drug records on more than 200 million Americans - these companies say they can better determine whether to cover individual consumers.

The Washington Post Reports:

Collecting and analyzing personal health information in commercial databases is a fledgling industry, but one poised to take off as the nation enters the age of electronic medical records. While lawmakers debate how best to oversee the shift to computerized records, some insurers have already begun testing systems that tap into not only prescription drug information, but also data about patients held by clinical and pathological laboratories.


But the practice also illustrates how electronic data gathered for one purpose can be used and marketed for another -- often without consumers' knowledge, privacy advocates say. And they argue that although consumers sign consent forms, they effectively have to authorize the data release if they want insurance.

"As health care moves into the digital age, there are more and more companies holding vast amounts of patients' health information," said Joy Pritts, research professor at Georgetown University's Health Policy Institute. "Most people don't even know these organizations exist. Unfortunately the federal health privacy rule does not cover many of them. . . . The lack of transparency with how all of this works is disturbing."

Ingenix and Milliman create the profiles by plumbing rich databases of prescription drug histories kept by pharmacy benefit managers (PBMs), which help insurers process drug claims. Ingenix, for instance, has servers in the PBM data centers, updating the drug files as frequently as once a day...


Ingenix and Milliman officials stress that they provide data only with the patient's consent, as required by the Health Insurance Portability and Accountability Act (HIPAA), a 1996 law that governs personal health records information. But HIPAA does not give the Department of Health and Human Services the ability to directly investigate or hold accountable entities, such as pharmacy benefit managers or companies such as Ingenix and Milliman, who are not covered by HIPAA.

A health privacy proposal pending in Congress would expand federal officials' ability to regulate such "downstream" organizations, audit their activities and impose civil fines. The bill also includes a prohibition on the sale of electronic medical records.

Tim Sparapani, senior legislative counsel at the American Civil Liberties Union, said that the products that Ingenix and Milliman are marketing represent the "commodification" of electronic medical records by third parties. "We've got to stop these practices before the marketplace is fully developed and patients lose all control over their medical information," he said.

The fight over control of ones private prescription records appears to be just getting started, and the more health records become electronic, the more parties will compete to sell more comprehensive patient information to insurers, further driving down prices, and the cycle continues.

Let's hope Bob Gellman's privacy protection tool (an independent privacy consultant in Washington) that requires users to consent before specific data, such as prescription histories, can be released, becomes the industry standard. But as he states, "To work, the tool must be independent of all who hold the data."

Click here to read the complete article.

Tuesday, August 5, 2008

Lawmakers Seek Data On Targeted Online Ads

Here's some good news, the House Energy and Commerce Committee is expanding its inquiry into potential privacy violations of online advertising that is targeted based on consumers' Web-surfing activities.

The lawmakers have written to 33 telecommunications businesses to learn whether, how and when Internet companies might have engaged in such practices. Their aim in part is to determine whether existing laws sufficiently protect consumers' privacy in online behavioral advertising or whether new legislation is needed.

The Washington Post reports:

A key issue for some of the lawmakers is whether consumers are given sufficiently clear notice about what information is collected, how it is used to target ads and whether consumers have control over the use of the data.

Some, like Rep. Edward J. Markey (D-Mass.), chairman of the panel's telecommunications subcommittee, said at a hearing on the subject last month that consumers "deserve one clear, conspicuous" notice about the data collection and should not be sent targeted ads unless they give their consent -- what he termed "meaningful opt-in consent."

I'll be very interested to see what they uncover. I would not at all be surprised if the data gathering techniques used by industry are far more invasive than initially thought.