Yesterday the Wall Street Journal ran a piece detailing the extensive program of data sweeping and data mining that is presently being conducted by the NSA:

According to current and former intelligence officials, the spy agency now monitors huge volumes of records of domestic emails and Internet searches as well as bank transfers, credit-card transactions, travel and telephone records. The NSA receives this so-called “transactional” data from other agencies or private companies, and its sophisticated software programs analyze the various transactions for suspicious patterns

Naturally, this sort of practice runs smack-dab against a variety of privacy concerns, not least among them the 4th Amendment, which serves to protect Americans from unreasonable search and seizure and requires particularization - which is intended to curtail broad information dragnets.

Others have commented on the creeping totalitarianism inherent in this program as well as the nature of the “surveillance society” - two very important issues. And largely these are solid positions and concerns. It’s not chicken-little scare mongering. The programs are here. Now.

Read the rest of this entry »

Data security is a hot topic in privacy circles. We have already accepted that corporations and other big institutions collect data about us. But do they keep it safe? Not always. Brad Edelman, a privacy researcher at the Harvard Business School shows a glaring vulnerability in Sears’ data protection scheme:

Sears offers no security whatsoever to prevent a ManageMyHome user from retrieving another person’s purchase history by entering that person’s name, phone number, and address.

Which is not OK. They have since fixed it, but the incident does highlight issues regarding the ways that companies do protect the large amounts of data that they collect from you. Granted, Sears has been scrimping on IT, but what is to say that this is not the case elsewhere? Last June, Privacy International rated Google as bottom-ranked in terms of data protection and privacy, which myself and others found surprising. And some found outrageous.

So is this really a big deal?
Read the rest of this entry »

From Gadling:

Scandinavian airline SAS has introduced finger-print check-in on a domestic flight from Stockholm to Gotenburg in Sweden. Its purpose at the moment is to make sure that the person who checks-in luggage is the same as the person boarding the flight, a sure advantage for airport /on-flight security.

While they point out that this is not new on a domestic level, they note that eventually they would like to make this an international system of identification. I am not sure how widespread it would be, but it brings up a couple of different issues.

Read the rest of this entry »