A 2010 price list for Harris Corporation wireless surveillance products was included in contract documentation for the purchase of multiple KingFish Dual Mode wireless measurement systems that went to Maricopa County, Arizona.
Tag Archive for Privacy
Corporate
Google Advertising Based on Environmental Conditions Patent
This document describes a system for allowing advertisers to target on-line advertisements based on environmental factors of end users. When determining what ads to serve to end users, the environmental factors can be used independently or in combination with matching of keywords associated with the advertisements and keywords in user search queries. A web browser or search engine located at the user’s site may obtain information on the environment (e.g., temperature, humidity, light, sound, air composition) from sensors. Advertisers may specify that the ads are shown to users whose environmental conditions meet certain criteria. For example, advertisements for air conditioners can be sent to users located at regions having temperatures above a first threshold, while advertisements for winter overcoats can be sent to users located at regions having temperatures below a second threshold.
Department of Homeland Security
DHS Testimony on Social Networking and Media Monitoring
Social media are web-based and mobile technologies that turn communication into an interactive dialogue in a variety of online fora. It may be appropriate for the government, including DHS, to use social media for a variety of reasons. The President has challenged his Administration to use technology and tools to create a more efficient, effective, and transparent government1. DHS recognizes that the use of social media by government actors must occur with appropriate privacy, civil rights, and civil liberties protections; whether DHS is disclosing its informationand press releases via social media platforms like Twitter and Facebook, reviewing news feeds for situational awareness, or researching identified, discrete targets for legitimate investigatory purposes. Accordingly, DHS has created Department-wide standards designed to protect privacy, civil rights, and civil liberties in each category of its use.
News
Do You Like Online Privacy? You May Be a Child Pornographer
The government says anyone who opposes federal plans to make electronic surveillance easier for police and spies is siding with child pornographers. It’s the first salvo in a battle that will resume Tuesday when the government reintroduces legislation that would expand online monitoring powers. The issue pits the desire of intelligence and law-enforcement officials to have easier access to information about Internet users against the individual’s right to privacy.
News
Do You Like Online Privacy? You May Be a Terrorist
A flyer designed by the FBI and the Department of Justice to promote suspicious activity reporting in internet cafes lists basic tools used for online privacy as potential signs of terrorist activity. The document, part of a program called “Communities Against Terrorism”, lists the use of “anonymizers, portals, or other means to shield IP address” as a sign that a person could be engaged in or supporting terrorist activity. The use of encryption is also listed as a suspicious activity along with steganography, the practice of using “software to hide encrypted data in digital photos” or other media. In fact, the flyer recommends that anyone “overly concerned about privacy” or attempting to “shield the screen from view of others” should be considered suspicious and potentially engaged in terrorist activities.
Germany
Max Planck Institute Brandenburg License Plate Scanning, Access to Telecommunications Data and Mobile Phone Localization Study
A report and presentation compiled by researchers at the Max Planck Institute for Foreign and International Criminal Law regarding controversial police powers recently introduced in the German state of Brandenburg including automated license plate searches, mobile phone localization and access to telecommunications data.
Corporate
Amazon Location Tracking and Future Destination Prediction Patent
Mobile device users may be tracked either via mobile-signal triangulation or via Global Positioning Satellite information. A mobile device user’s recent movements may be analyzed to determine trails or traffic patterns for device user among various locations. Mobile device trail information, either for an individual user or aggregated for multiple users, may be analyzed to determine a next destination for the user. Electronic advertising content, such as advertisements, coupons and/or other communications, associated with the next destination may be sent to an electronic device likely to be viewed by the mobile device user. Additionally, the identity of the mobile device user may be known and the advertisements or coupons may be tailored according to demographic information regarding the mobile device user. In addition, destinations may be recommended to mobile device users based on the recent locations the users have visited.
Corporate
Carrier IQ Cellular Phone Intelligence Software Training Materials
A presentation included in a collection of materials related to Trevor Eckhart’s research into the “mobile service intelligence” software produced by Carrier IQ. The document was specifically mentioned in a cease and desist order that the company sent to Eckhart demanding that he remove their “confidential training materials” and take down his analysis of the company’s software. Though the company later withdrew the legal complaint, this presentation remains unavailable from its original location and is only available via a number of mirrors at file-hosting sites.
Corporate
Facebook Law Enforcement Subpoena/Data Request Guidelines
A series of documents comprised of all publicly available versions of Facebook’s subpoena and legal compliance guides produced for law enforcement information requests. This site previously published the Facebook law enforcement guides from 2007-2010, which included a 2008 version of the manual that was originally published by Cryptome. The guides were referenced by privacy scholars and others in the media, yet Facebook would not even confirm to Reuters the authenticity of the documents. With two more editions provided by the latest #AntiSec leak (including a second expanded copy from 2010 and a shorter version from 2006), there are now 6 separate versions available from 2006-2010. All but one of the guides are labeled with version numbers documenting the evolution of the Facebook process for supplying user information to law enforcement.
Corporate
Microsoft MSN Online Services Subpoena/Legal Compliance Guide
A subpoena/legal compliance guide for Microsoft’s MSN Online Services, including Hotmail accounts, that was last revised April 2005.
Corporate
Blizzard Entertainment World of Warcraft Law Enforcement Subpoena Guides
Multiple versions of the subpoena/legal compliance guides issued by Blizzard Entertainment, makers of World of Warcraft, for law enforcement information requests. Two versions from 2008 and 2009 are included.
Corporate
AOL Information Request/Subpoena Guidelines October 2010
A subpoena compliance guide for AOL Inc. describing data retention practices and subpoena guidelines from October 2010.
Government Accountability Office
GAO Report: DHS Data Mining Systems Do Not Ensure Protection of Privacy
As part of a systematic evaluation framework, agency policies should ensure organizational competence, evaluations of a system’s effectiveness and privacy protections, executive review, and appropriate transparency throughout the system’s life cycle. While DHS and three of its component agencies—U.S. Customs and Border Protection, U.S. Immigration and Customs Enforcement, and the U.S. Citizenship and Immigration Services—have established policies that address most of these key policy elements, the policies are not comprehensive. For example, DHS policies do not fully ensure executive review and transparency, and the component agencies’ policies do not sufficiently require evaluating system effectiveness. DHS’s Chief Information Officer reported that the agency is planning to improve its executive review process by conducting more intensive reviews of IT investments, including the data-mining systems reviewed in this report. Until such reforms are in place, DHS and its component agencies may not be able to ensure that critical data mining systems used in support of counterterrorism are both effective and that they protect personal privacy.
News
One Step Closer to Fusion Center Transparency
The recent ten-year anniversary of the September 11 attacks brought a deluge of news regarding the transformation of the United States in the wake of the most devastating terrorist attacks in the country’s history. Many reports focused on debating the efficacy, or lack thereof, of policies implemented over the decade since the attacks occurred. One set of particularly revealing reports from the Center for Investigative Journalism discussed suspicious activity reporting at the Mall of America and the transformation of Homeland Security following September 11. Some publications discussed the waste inherent in the Department of Homeland Security (DHS) and its various grant programs. In addition to these critical evaluations of security policy, a number of public relations pieces from the national network of fusion centers appeared in local publications around the country. A local television station in Michigan covered the state’s local fusion center, having “unprecedented access” to walk around inside without cameras. Another piece from Tennessee discussed the Tennessee Bureau of Investigation’s fusion center, ending with appeals for viewers to report suspicious activity and “say something” if they “see something”. Articles from other states including Arkansas and Alabama, sometimes written by Homeland Security officials, emphasized the important work of their local fusion centers and the continued need for funding and support.
Department of Homeland Security
DHS Terrorist Watchlist Service Privacy Impact Assessment
The Department of Homeland Security (DHS) currently uses the Terrorist Screening Database (TSDB), a consolidated database maintained by the Department of Justice Federal Bureau of Investigation Terrorist Screening Center (TSC) of identifying information about those known or reasonably suspected of being involved in terrorist activity in order to facilitate DHS mission-related functions, such counterterrorism, law enforcement, border security, and inspection activities. DHS and TSC are improving the current method of transmitting TSDB data from TSC to DHS. Through a new service called the “DHS Watchlist Service” (WLS), TSC and DHS will automate and simplify the current manual process. TSC remains the authoritative source of watchlist data and will provide DHS with near real-time synchronization of the TSDB. DHS will ensure that each DHS component system receives only those TSDB records which they are authorized to use under the WLS Memorandum of Understanding and authorized under existing regulations and privacy compliance documentation between TSC and DHS (WLS MOU) and any amendments or modifications thereto. DHS conducted this privacy impact assessment (PIA) because the WLS will maintain a synchronized copy of the TSDB, which contains personally identifiable information (PII), and disseminate it to authorized DHS components.
News
A Look Inside “Little Guantanamo”: Communication Management Units and Terrorist Inmate Surveillance
Several restricted intelligence reports from the Counter-Terrorism Unit of the Federal Bureau of Prisons obtained by Public Intelligence detail the incredible levels of surveillance conducted on inmates convicted of terrorism offenses. In particular, the reports detail inmates stored in secretive units known as “Communication Management Units” (CMU) which have been widely criticized by the ACLU and other human rights groups for placing severe restrictions on the activities, as well as visitation and communication rights of inmates housed in the facilities.
Federal Bureau of Prisons
(U//FOUO/LES) Federal Bureau of Prisons Counter-Terrorism Unit Inmate Spying Reports
The following documents contain analysis of the monitoring of communications made by inmates convicted of offenses related to domestic and international terrorism. Many of the inmates are housed at the Communications Management Units in Terre Haute, Indiana (THA CMU) or Marion, Illinois (MAR CMU). These secretive units have been described by inmates as “Little Guantanamo” due to their unusual construction and treatment of detainees, severely restricting access to the public and media. For background information, see the June 25, 2009 Democracy Now interview with Andrew Stepanian, an animal rights activist imprisoned at one of the Communications Management Units.
Corporate
TransUnion Corporation Sale of Consumer Credit Information Privacy Litigation Decision 2002
Defendant Trans Union is one of three major consumer reporting agencies in the United States. Its core business is assembling and evaluating consumer credit information, including credit and payment patterns on consumers for the purpose of selling consumer reports to third parties. Typical buyers of such information are firms considering extending credit to a particular consumer. The information provided by Trans Union is used to determine if the consumer is a good credit risk. Trans Union maintains a computer data base called “CRONUS,” that contains consumer credit information it uses to generate credit reports. The data base includes the credit activity of every credit-active individual in the United States. Trans Union receives the information from credit grantors such as banks, mortgage companies, credit unions, auto dealers and collection agencies. Trans Union also receives information on student loans and child support.
Corporate
Confidential Facebook Law Enforcement Subpoena Guides 2007-2010
Four versions of the confidential law enforcement guide to requesting information from Facebook.
Corporate
Google Log Retention Policy FAQ
When users search on Google, we collect information about the search, such as the query itself, IP addresses and cookie information. (More info on this is available here.) We had previously kept the logs data for as long as it was useful. When we implement this policy change, we will continue to keep server log data so that we can improve Google’s services and protect them from security and other abuses, but we will anonymize our server logs after 18-24 months, unless legally required to retain the data for longer.