Month: March 2020

Harvard’s Elizabeth Renieris: Privacy Is an Inalienable Right

By Jeff Benson

Last of two parts. (First part here.)

Worldwide, individuals remain at the whim of unfair data practices, says Elizabeth Renieris, a data protection lawyer and fellow at Harvard’s Berkman Klein Center for Internet and Society.

She now discusses how to rebalance the scales toward individuals.

Many technologists talk about data ownership as enabling digital privacy. Yet, you’ve written that they’re at odds. Why?

The way I think about privacy and data protection, though there is a difference, is through the lens of fundamental rights that are inalienable, which means they’re non-transferrable. So, you can never waive those rights.

The problem with most data-ownership models, and monetization in particular, is that the type of ownership that allows you to monetize something is typically a property-style framework. So, something akin to personal (or movable) property, or sometimes intellectual property.

Those things are monetizable because they’re transferrable, because they allow you to dispose of and do things with that data as property that you could not necessarily do under other legal frameworks.

So, there’s a direct tension between the inalienability and non-transferability of human rights and the alienability and transferability of property.

Continue reading “Harvard’s Elizabeth Renieris: Privacy Is an Inalienable Right”

Smaller Healthcare Practices Become New Hacking Targets

By Tony Edwards

Healthcare data breaches often bring to mind large institutions — hospitals, insurers, HMOs — but small practices are becoming a growing target for hackers.

Hacking/IT incidents topped the 2018 list of causes of healthcare facility breaches in 2018, according to HIPPA Journal, with email being the method of choice for accessing information.

Nearly 600 breaches from the last two years affecting 500 or more individuals are under investigation by the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services.

Federal HIPAA regulations require practices to report breaches to the OCR, though many such fail to do so, experts tell Digital Privacy News.

“For incidents involving between 1 and 499 patients, the facility-practice is required to ‘log’ the breach and submit the logs within the first 60 days of the new year,” said Debi Carr of DK Carr & Associates, a Florida consultancy.

“For incidents involving 500 or more, it becomes immediately reportable unless [the practice] can prove that patient information was not viewed, acquired, or misused.”

Continue reading “Smaller Healthcare Practices Become New Hacking Targets”

Coronavirus Aid Programs Risk Upending Privacy, Credit Scores

By Joanne Cleaver

Natural disasters inflict chaos on personal finances and credit, whether the disaster is a tiny and devastating virus or a huge and calamitous hurricane.

The repercussions on credit scores, credit histories and the effort to control your financial information can last for months, if not years.

The privacy fallout from the economic impact of COVID-19 will very likely replicate on a national scale the headaches that trailed in the wake of Hurricane Katrina, expects Jude Boudreaux.

Boudreaux, a senior financial planner and partner with the Planning Center, a personal financial-planning firm in Moline, IL, has lived and worked his entire life in Louisiana.

Now, as in the wake of the hurricane, financial institutions “recognized that this was a major situation outside our control,” he said of the widespread effects on consumer financial data of the upheaval. “There’s a precedent for it.”

Continue reading “Coronavirus Aid Programs Risk Upending Privacy, Credit Scores”

Privacy Advocates Mum on Broad Jussie Smollett Warrants

By Matthew Scott

First of two parts.

Two recent sweeping orders from an Illinois judge in the special investigation of former “Empire” actor Jussie Smollett could threaten the digital rights of all Americans, but few privacy advocates would discuss them with Digital Privacy News.

Cook County Circuit Court Judge Michael Toomin in December ordered Google to turn over a year’s worth of digital data and documents from the email accounts of Smollett and his manager, Frank Gatson.

The directives were part of special prosecutor Dan Webb’s probe into a faked hate crime Smollett allegedly orchestrated in Chicago last year to boost his career.

The charges were dropped in March 2019. Smollett, 37, has maintained his innocence.

Toomin’s warrants were exhaustive. They included deleted messages and drafts in the two’s accounts, documents in their Google Drive cloud accounts, and their Google Voice texts.

Other Google data ordered turned over included Smollett’s and Gatson’s call logs, contacts, images, photographs, search and web-browsing histories, and GPS location data.

Toomin mandated Google to provide the data from November 2018 to November 2019.

Continue reading “Privacy Advocates Mum on Broad Jussie Smollett Warrants”

Q&A: Harvard’s Elizabeth Renieris

Data Ownership Is Dangerous

By Jeff Benson

First of two parts.

American computer scientist Jaron Lanier invented virtual reality. Now he and a growing list of technologists, from Andrew Yang to blockchain-obsessed idealists, want to forge a future in which people can profit from their data.

Elizabeth Renieris thinks that’s a dangerous idea. 

A lawyer and fellow at Harvard University’s Berkman Klein Center for Internet and Society, Renieris is among the foremost experts on cross-border data protection laws and digital privacy.

In an interview with Digital Privacy News, she explained why data commodification won’t work.

Continue reading “Q&A: Harvard’s Elizabeth Renieris”

Data Brokers Wreak Havoc on Consumers

By Michael Datcher

About three years ago, Peter Lorca (not his real name) figured his old misdemeanor criminal conviction was hurting his job prospects. He then went to a Texas courthouse and paid fees to have his record expunged.

But the old conviction remained tied to Lorca because PeopleFinders.com and other online data brokers published the expunged information.

Lorca now is the lead plaintiff in a federal class-action lawsuit against PeopleFinders and other websites owned by Confi-Chek Inc., a data-broker holding company in Sacramento, Calif.

Continue reading “Data Brokers Wreak Havoc on Consumers”

COVID-19 Brings Ed Tech, Data Fears to Home Computers

By Samantha Cleaver

All students in Seminole County, in central Florida, will check in to school Monday from home.

They will log in, many on their own computers and devices, to the district’s portal and participate in lessons, complete assignments and practice skills.

Students will do regular learning activities, Tim Harper, the district’s chief technology officer, told Digital Privacy News.

But, he said, “It’s a big shift for a lot of people who have never experienced online learning.”

Across the country, more than 55.1 million students now are learning from home because of COVID-19 closings. At the start of school each day, students log into online platforms and access software.

As school, and its technology, come home, concerns about the type of data that will be collected and how it will be used for accountability are being debated.

Many states already have canceled high-stakes tests for the school year. These drills often are connected to grade advancement and school-accountability decisions.

Without those measurements, however, the question is whether schools will be collecting online learning data to hold students accountable during the coronavirus closings.

Continue reading “COVID-19 Brings Ed Tech, Data Fears to Home Computers”

ACLU Sues DHS Over Facial Technology

By DPN Staff

The American Civil Liberties Union and its New York branch have sued the Department of Homeland Security and three federal agencies in the organization’s ongoing battle for the ethical development and use of facial recognition technology.

Also named in the March legal action were three DHS agencies: U.S. Customs and Border Protection, Transportation Security Administration and Immigration and Customs Enforcement. 

The lawsuit followed a U.S. Freedom of Information Act (FOIA) request for data on the use of facial recognition technology at airports nationwide. 

Continue reading “ACLU Sues DHS Over Facial Technology”

Tracking Anti-Trackers

By DPN Staff

Reading an article on The Independent about Facebook “tracking you across the internet” will expose you to more than 100 trackers.

The report addressed Facebook tracking your online activity.

“The site has long been known to watch people as they navigate around the rest of the internet, in the hope of learning more about them,” The Independent reports.

A Magnusson Institute test using popular tools such as Ghostery showed that an unprotected reader who actually visited the Independent’s page would be — in turn — exposed to over one hundred trackers.

Continue reading “Tracking Anti-Trackers”

Daily Digest (3/30)

Microsoft Quits AnyVision, Facial-Recognition Investments

Microsoft Corp. will no longer invest in facial-recognition companies after the fallout from its support of controversial Israeli startup AnyVision.

Microsoft, based in Redmond, WA, said it would sell its minority stake and implement a new investment policy for such companies.

Money from Microsoft’s venture fund was part of $74 million in financing AnyVision raised last June.

The Israeli company had come under fire for allegedly surveilling Palestinians in the West Bank.

Former U.S. Attorney General Eric Holder led an audit financed by Microsoft that found AnyVision’s technology in use at the border between the West Bank and Israel but not for surveillance.

Source:
www. marketwatch.com/press-release/anyvision-closes-74-million-series-a-with-new-participation-from-m12-and-dfj-growth-2019-06-18

Zoom App Sends Data to Facebook

In an app analysis by Motherboard (Vice), the Zoom iOS App sends information to Facebook about your use of the app — even if you do not have a Facebook account.

According to the analysis: “The Zoom app notifies Facebook when the user opens the app, details on the user’s device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements.”

This is in addition to privacy issues with Zoom that have been pointed out by the Electronic Frontier Foundation, in particular, how an “administrator” has access to such information as the location of any participants, as well as access to any recordings by administrators.

(Update: After Motherboard’s coverage, Zoom announced on Friday that it had removed this backdoor)

Sources:
www. vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account
www. eff.org/deeplinks/2020/03/what-you-should-know-about-online-tools-during-covid-19-crisis

Advertisers Request Delay of CA Privacy Act

The Association of National Advertisers has asked California Attorney General Xavier Becerra for a “brief” delay in implementing of the California Consumer Privacy Act (CCPA), for another six months until next year. Their argument is that “COVID-19 has substantially encumbered businesses’ ability to operationalize the draft rules.”

Source:
www. ana.net/getfile/29876