As the U.S. invests billions of dollars to convert from paper-based medical records to electronic ones, has the time come to offer everyone a unique health-care identification number?
Proponents say universal patient identifiers, or UPIs, deserve a serious look because they are the most efficient way to connect patients to their medical data. They say UPIs not only facilitate information sharing among doctors and guard against needless medical errors, but may also offer a safety advantage in that health records would never again need to be stored alongside financial data like Social Security numbers. UPIs, they say, would both improve care and lower costs.
Privacy activists aren’t buying it. They say that information from medical records already is routinely collected and sold for commercial gain without patient consent and that a health-care ID system would only encourage more of the same. The result, they say, will be more patients losing trust in the system and hiding things from their doctors, resulting in a deterioration in care. They agree that it’s crucial to move medical records into the digital age. But they say it can be done without resorting to universal health IDs.
Read more…
Canadian law enforcement officials have never been hindered by having to abide by the country’s current privacy laws, say documents revealed Wednesday, yet Ottawa remains adamant police need more online surveillance powers.
Vancouver-based advocacy group OpenMedia.ca published details of an internal Canadian Association of Chiefs of Police (CACP) email message to its members who represent more than 90% of the country’s police community. The message, OpenMedia says, asks CACP members to provide examples, even those with “confidential operational information,” of investigations thwarted by Canada’s privacy legislation.
The goal of the call for case studies would appear to be to justify the federal government’s proposed lawful access legislation. Originally included as part of the omnibus crime bill Prime Minister Stephen Harper vowed to pass if elected while campaigning last spring, the law would expand police powers to demand personal customer data from Internet service providers, who would in turn be required to make costly investments in surveillance technology.
Ottawa plans to reintroduce the legislation soon, following multiple unsuccessful attempts over the past decade. The proposed laws – C-50, C-51 and C-52 – have garnered widespread opposition from Members of Parliament, federal and provincial privacy commissioners as well as leading academics.
Opponents say the new laws would allow police to obtain personal information on a suspect whenever they wished without first obtaining a warrant, while current laws only allow police to bypass a warrant in emergency situations.
Read more…
Everything you type on your PC, whether it’s a Web address, your credit card information, user names and passwords – everything – is fair game for key loggers, the hacker-jerks who want to steal your identity and make your life miserable.
Rather than wasting your time reading the rest of this column, hie thee to www.keyscrambler.com and download the free version of KeyScrambler for Windows PCs. If you’re impressed, fork over either $30 or $45 for more powerful versions.
KeyScrambler is simple to use. Once it’s installed, you don’t have to worry about it. As you type in a Web address, user name, password or any other sensitive bit of information, KeyScrambler encrypts it – you can actually watch it generate nonsense character in a little window at the top of your Web browser. I installed it on both Internet Explorer and Firefox, and in both cases, it worked just fine.
Those nonsense characters are all a hacker can see, and that won’t do him a bit of good. Your password, for example, comes out as c&b% (or some such combination).
Unlike some commercial programs that protect against the key logging programs they know about, KeyScrambler protects against any key-logging program because it encrypts everything that’s typed into a browser window or other sensitive fill-in-the-blanks
Read more…
Columbia University researchers have found a new class of computer security flaws involving printers that could impact millions of businesses, consumers, and government agencies.
The researchers say that certain Hewlett-Packard (HP) LaserJet printers can be remotely controlled over the Internet, enabling computer hackers to steal personal information, attack normally secure networks, and cause physical damage to hardware.
HP’s Keith Moore says the initial research suggests the likelihood that the vulnerability can be exploited in the real world is low.
However, the Columbia researchers claim the security vulnerability is so fundamental that it could affect tens of millions of printers and other hardware that use flawed firmware.
The firmware flaw runs embedded systems such as computer printers, which increasingly include functions that make them operate more like computers.
Read more…
That company-issued cellphone, laptop or tablet could be keeping tabs on you away from the office.
More employers nationally are adopting technology to monitor their employees’ productivity, efficiency and even whereabouts, with the scrutiny going beyond merely placing GPS units in company vehicles.
“Too much snooping is going on,” said George Barrett, a civil rights attorney in Nashville. “Big Brother has arrived.”
Some states have passed laws requiring employers to notify employees of surveillance, but Tennessee is not among them, said Elizabeth A. Alexander, a partner in Lieff Cabraser Heimann and Bernstein’s local office.
“The law hasn’t been fully developed on the issue of how far employers can go,” she said.
Read more…
Do you watch the Supreme Court hearings on CPAC? No? Well I do.
I find it rather peculiar that the same Conservatives who were so concerned with the removal of the gun registration law are not at all concerned about warrantless wiretapping (intercept).
Warrantless means no judicial warrant obtained from a Judge, meaning no accountability to the Solicitor General through the checks and balances of recording and review. The authorization to establish and conduct a warrantless wiretap (Criminal Code s.184.4) can now be granted by a peace officer. (The definition of peace officer is not defined in the sections language and has a very wide range in the Criminal Code).
The argument by the Crown in the appeal that concerns warrantless emergency wiretaps (Criminal Code s.184.4 – Supreme Court Challenge -18 Nov 2011) was the need by peace officers to be able to initiate a warrantless wiretap if a threat to persons or property transpired and the threat level does not allow for Judicial authorization in a timely manner. The Crown used an example of an abduction where victims and suspects phones may be tapped without consent, warrant and notification.
Some would say this is an acceptable in an emergency situation – a valid argument if the law was defined in its language to indicate clear parameter in which the peace officer can authorize and conduct an emergency warrantless wire tap. The length of time the warrantless intercept can be in place, judicial review requirements, reporting procedures to the solicitor general, and the collection, distribution and deletion of data should be mentioned. But that language is just not there.
Read more…
At first glance, technology is making all our lives simpler. Dig a little deeper, and complications erupt. Constant communication brings unwanted stress. Some education experts deem excessive computer use by students addictive and damaging. And in the world of public safety, the idea of Big Brother is more than a literary reference.
The Supreme Court of the United States already has heard evidence on the use by police of global positioning system devices, but no decision has been made. As it stands, police can secretly attach such a device on a suspect’s vehicle, then sit back and track its every move. It has been effective, no doubt, but it should require more oversight.
Local police agencies want us to believe they only use the tactic in certain circumstances and only with probably cause that crime has been, or will be committed. It is not a case of them simply tossing a tracking device on a car on a whim. That should make us all feel better, but it doesn’t.
We don’t argue that the GPS tactic gives police a leg up on tricky investigations, but then so do phone taps. Remember those? When landline telephone communications were the most technologically advanced and convenient forms of real-time conver-sations? The Supreme Court ruled in 1967 that such “electronic eavesdropping without procedural safeguards” was illegal under the Fourth Amendment.
Read more…
A private investigator retained by Tottenham Hotspur who obtained West Ham vice-chairman Karren Brady’s telephone records at the height of the Olympic Stadium bidding process has been arrested on suspicion of fraud offences.
Howard Hill, a former partner at accountancy firm PKF, was arrested on Wednesday in Cheshire and taken into custody. Police searched a residential address and removed documents.
PKF and Hill, a senior corporate investigator, were engaged by Tottenham to carry out unspecified investigations at the culmination of the bidding process for the stadium, which was won by West Ham. Hill resigned from the company in December.
West Ham called in the police after an exposé appeared in the Sunday Times revealing that a director of the Olympic Park Legacy Company had undertaken paid consultancy work for the club.
The story referred to information gleaned from private telephone records, and in a civil action brought by West Ham last November PKF admitted that it did have copies of Brady’s records.
Read more…
Hope you’re not shy, because there’s a good chance you’re being watched by the U.S. Department of Homeland Security. According to a government document, the DHS has been monitoring social media as well as select blogs and message boards for more than a year.
The “privacy compliance review” obtained by Reuters comes from last November, but apparently this surveillance has been ongoing since at least June 2010. According to the document, it’s designed to “collect information used in providing situational awareness and establishing a common operating picture” with “data published via social media sites [used] solely to provide more accurate situational awareness, a more complete common operating pictures, and more timely information for decision makers.” In other words, the DHS is using the Internet to find out what’s happening, same as everyone else, but it certainly sounds more disturbing.
The review explains that all information monitored is “publicly available,” with whatever’s harvested kept “for no more than five years.” Among the sites monitored are Facebook and MySpace, as well as “more than a dozen” sites that monitor Twitter activity and aggregate tweets and conversations on the micro-blogging service. Photo and video sharing sites are also present, with YouTube, Flickr and — even more surprisingly — Hulu all being monitored. Perhaps that last one’s just an excuse to catch up on episodes of House.
Outside of social media, websites monitored include the New York Times Lede Blog, the Drudge Report and Huffington Post, as well as two Wired blogs: Threat Level and Danger Room. WikiLeaks, Cryptome, JihadWatch and Informed Comment also make appearances on the list. The report sounds more worrisome in abstract than the details actually suggest; the idea of “big brother watching” is unsettling, but we already knew the government was doing this sort of thing, so is it really a surprise to learn it’s also paying attention to other parts of the publicly-available Internet, too?
Read more…
Capitalizing on one of the fastest-growing trends in law enforcement, a private California-based company has compiled a database bulging with more than 550 million license-plate records on both innocent and criminal drivers that can be searched by police.
The technology has raised alarms among civil libertarians, who say it threatens the privacy of drivers. It’s also evidence that 21st-century technology may be evolving too quickly for the courts and public opinion to keep up. The U.S. Supreme Court is only now addressing whether investigators can secretly attach a GPS monitoring device to cars without a warrant.
A ruling in that case has yet to be handed down, but a telling exchange occurred during oral arguments. Chief Justice John Roberts asked lawyers for the government if even he and other members of the court could feasibly be tracked by GPS without a warrant. Yes, came the answer.
Meanwhile, police around the country have been affixing high-tech scanners to the exterior of their patrol cars, snapping a picture of every passing license plate and automatically comparing them to databases of outstanding warrants, stolen cars and wanted bank robbers.
The units work by sounding an in-car alert if the scanner comes across a license plate of interest to police, whereas before, patrol officers generally needed some reason to take an interest in the vehicle, like a traffic violation.
Read more…
Former Lower Merion School District student Paige Robbins on Wednesday morning withdrew her lawsuit that alleged a district laptop’s camera took photos of her undressed without her knowledge.
Robbins and her parents said after a hearing at U.S. District Court in Philadelphia they plan no further legal action against the district. Their son, Blake, won a $175,000 settlement in 2010 after he was photographed by his school laptop at home.
“I just wanted to make sure there were no (laptop) pictures of me that would ever be seen again,” Paige Robbins, 19, said.
“This is the end of it,” said Holly Robbins, her mother. “We were never doing this for the money. We wanted to find out if there were any pictures still being held by the school district.”
U.S. District Court Judge John Padova granted Robbins’ request at a hearing originally called to discuss Robbins attorney Mary Elizabeth Bogan’s motion to be relieved as counsel, citing irreconcilable differences.
Read more…
To help prevent breaches, mobile devices should be encrypted even if storage of sensitive information on them is prohibited, says security expert Melodi Mosley Gates.
“Even with the best of intentions, and the most technically enforced policy, a ban for putting sensitive information on mobile devices is probably not going to be 100 percent effective,” the attorney contends. That’s because all mobile devices enable users to enter data and to receive e-mails that may, in some cases, contain sensitive information.
As a result, her advice is to “have a policy in place that minimizes the amount of sensitive information that can land on mobile devices and still encrypt mobile devices.” Although this approach “may feel like a belt and suspenders,” it’s the best way to minimize the risk of data breaches involving tablets, smart phones, laptops and other mobile devices, which can easily be lost or stolen, Gates says.
In an in-depth interview, Gates offers other practical insights on encryption, including:
•Consider conducting a small-scale encryption pilot that involves representatives of various departments. This can help overcome outdated perceptions about the practicality of encryption.
•Identify sensitive information that needs to be encrypted by using a two-pronged approach: Survey staff members to map their business processes and identify how they use data, and implement a data loss prevention application to scan all computers and pinpoint where sensitive data resides. Taking this approach, she says, also will help “build awareness for why it’s important to keep track of this sensitive data and where it lives.”
Read more…
