31/01/2008

Security fears over flood alert

Environment officials are asking for access to thousands of ex-directory phone numbers so that they can alert people when their homes are in danger of being flooded. However, following lapses in data security, with the government criticised over missing computer disks containing details on millions of child benefit claimants, there may be nervousness about allowing the Environment Agency access to numbers. Nearly half of households with a landline in the UK now have an ex-directory number. The government's information commissioner, Richard Thomas, will make the decision whether to allow the agency, which is overseeing the UK's floods strategy, the right to have them.

Author : Jo Revill
Source : The Observer,

31/01/2008

Biometrics - Labour Government are still clueless about the technology

Several eminent academics who do actually know about information security, cryptography, software engineering etc.. have written a letter, published by one of the signatories Dr. Ian Brown on his Blogzilla blog. Biometrics are not a panacea for data loss:

Author :
Source : SpyBlog

31/01/2008

MIA in Iowa - personal data on 3m UK driving test candidates

Prestige contract goes Pearson shaped A Hard drive containing personal details of three million candidates for the UK driving theory test has gone missing from a "secure facility" in, perplexingly, Iowa, Transport Secretary Ruth Kelly has told the House of Commons. The hard drive went missing in May, but 'only' includes name, address, phone number and email - no financial data. So by recent UK standards this is a minor issue. But what was it all about? The data concerns candidates who took their theory test between September 2004 and April 2007, and was being held by a contractor working for the Driving Standards Agency. Now, here's a puzzle. Pearson VUE a part of the Pearson Group, "the largest testing company and education publisher in the world", began a seven year contract with the DSA to administer and process the test in September 2004. But the company being mentioned in relation to the data loss is named as Pearson Driving Assessments Ltd. A company of this name does exist, certainly, and reports that earlier this evening mentioned Pearson VUE seem mysteriously to have switched over to Pearson Driving Assessments Ltd instead.

Author : John Lettice
Source : The Register

31/01/2008

Transport Dept. IT: 23 years late, £100m over-budget

The Liberal Democrats have got their calculator out again and added up all the cost over-runs and delays at the myriad IT projects at the Department for Transport. Taken together, all the DfT's various IT projects are 23 years late and more than £100m over budget. This sounds bad until you realise that one project, the Shared Services Programme, is £92m over budget. The scheme - to provide central services for several transport departments - was originally to cost £31m but now has an estimated cost of £123m. But at least it's not late yet - the project is due for completion in April 2009. Even more disturbingly this is the department which the National Audit Office told us on 16 January wasa shining example of government good practice.

Author : John Oates
Source : The Register

31/01/2008

eID Large Scale Pilot - S.T.O.R.K. (PDF)

The European e-Identity Conference - EEMA

Author :
Source :

31/01/2008

How to delete your DNA profile

A cut-out-and-keep reference guide It's a little known fact that it's possible to have your DNA profile removed from the National DNA Database (NDNAD). While the Police have processes to gather and retain DNA samples - they don't yet have a procedure to delete the DNA of innocent members of the public. It's complicated - but for now, this is what you should do. Over four million profiles have been added to NDNAD since 1995. Last year, 115 profiles were deleted and 667,737 added. In the last five years, 634 DNA profiles have been removed from the database, while 2,649,937 profiles were added. In other words, the number of DNA profiles removed is around 0.02 per cent of the number of profiles added in the period - where we have the information.

Author : David Mery
Source : The Register

31/01/2008

Primarolo admits ignorance over data losses by nine NHS trusts

· Minister does not know exactly what is missing · Opposition parties allege culture of carelessness Ministers faced embarrassment over more mislaid data yesterday when they were forced to admit that they did not have details on what information had been lost by nine NHS trusts. The loss of data potentially covering tens of thousands of patients' records has been disclosed to the Department of Health by the trusts and to the information commissioner. Ministers will be worried that the loss will further undermine confidence in the department's plans for a new computer database of all NHS patients' records.

Author : Patrick Wintour
Source : The Guardian

31/01/2008

Running queries on the HMRC database fiasco

When it comes to talking about last week's data loss by the HMRC, I was told not to use precious words outlining my feelings of rage and bafflement that a government body can be so cavalier with so much data because, presumably, we all feel the same. So I will simply note, for the record, that my gob has been totally smacked by this debacle. What I will do is to take a look at the technical elements of this case from the database/data perspective.

Author : Mark Whitehorn
Source : The Register

30/01/2008

UK gov issued 250k snoop licences in nine months

The regulator for Britain's snoopers has released a report covering the last nine months of 2006, painting a panglossian picture of a period which saw a quarter of a million intercepts. From 11 April to 31 December 2006 there were 253,557 requests for communication data. In the same period there were only 1,088 errors - mostly due to incorrectly-written phone numbers. The Interception of Communications Commissioner Sir Paul Kennedy said he saw no reason to change the current law, and indeed had only met one person while doing his job who has a different opinion. There has been some debate as to if intercepted information should be permitted as court evidence.

Author : John Oates
Source : The Register

31/01/2008

Is Technocracy Dead?

What do fighter jets, ID cards, the sale of a department of the Ministry of Defence and measles have in common? The answer is they have all been involved in scandalously poorly run, and in one case quite possibly corrupt, government deals and schemes. And while they may seem to have nothing to do with UK democracy, the level of trust the public has in government, and its' competence, certainly does. Given that this is the government who struggle to send computer discs through the mail, it is no surprise that public trust ebbs by the day. The question is, if the government wants to run the UK as a board runs a company, why do they not have the necessary standards and expertise to cope with the demands this brings? In perhaps the most egregious case of realpolitik to emerge under New Labour, Britain's biggest ever arms deal was shown to have been secured via slush funds and bribes. The Serious Fraud Office investigation was blocked by the government, who then lost a High Court challenge by anti-corruption campaigners to keep the affair out of the courts. To add insult to injury, one of the world's biggest IT projects- the NHS National Programme for IT, which will connect GPs to hospitals- has been beset by problems and is not trusted by the majority of the medical profession. Another medical-related disaster has been the surge in cases of measles in some London boroughs, partly as a result of the bad computer system installed in 10 out of 31 boroughs just two years ago. In the words of Dr. Mike Fitzpatrick, It's true that at the moment in the whole of the north Thames area the authorities have only a very vague idea of the level of [vaccination] because of the problems with the computer system. This has put tens of thousands of people at risk of catching the disease, which can lead to permanent disability.

Author : Ben Rymer
Source : UKWatch/Unlock Democracy

30/01/2008

Microsoft seeks patent for office 'spy' software

Microsoft is developing Big Brother-style software capable of remotely monitoring a worker's productivity, physical wellbeing and competence. The Times has seen a patent application filed by the company for a computer system that links workers to their computers via wireless sensors that measure their metabolism. The system would allow managers to monitor employees' performance by measuring their heart rate, body temperature, movement, facial expression and blood pressure. Unions said they fear that employees could be dismissed on the basis of a computer's assessment of their physiological state.

Author : Alexi Mostrous and David Brown
Source : The Times

30/01/2008

UK shamed in world privacy league

We beat China though! Go team! Former world power and current CCTV capital of the universe the UK has been fingered as the worst place in Europe if you fancy a little bit of privacy. The legions of shopping centre cyclopses, together with teeth-gnashing government incompetence on data, and the funny-if-it-weren't-so-scary ID card wheeze mean that Blighty is only narrowly beaten by China in a league of shame of surveillance societies. The list has been released today by London-based pressure group Privacy International (which got into some entertaining handbags earlier in 2007 with Google's PR droids). It produced a privacy index based on a series of categories on either side of the privacy equation: we scored a middling three out of five on democratic safeguards, but a bottom-of-the-barrel one out of five on ID cards and biometrics, for example. The US administration didn't fare much better than the UK. It too made it into the highly un-coveted "endemic surveillance societies" club, along with the fun-loving governments of China, Russia, Malaysia, Singapore, Taiwan and Thailand.

Author : Chris Williams
Source : The Register

29/01/2008

UK ranked 'worst in Europe' at protecting private data

The UK has Europe's worst record for protecting private information, according to a new report. London-based watchdog Privacy International (PI) conducted a survey of 47 countries and placed Britain at the bottom of the pile because of its ID card plans and lack of government accountability. Deeming the UK "an endemic surveillance society" alongside Russia, the US, Singapore and China, the poll ranked the country as a whole as well as its individual nations.

Author :
Source : QAS

29/01/2008

What Jack Straw forgot to mention

Liberty and the state: Does the justice minister need to be reminded what Labour has done to the British constitution? What a very strange cove the justice minister is. He cannot possibly believe what he has written. Here are some of the things that he failed to mention in his account of how Labour has "deepened and extended civil liberties for all". Perhaps he would like to comment on this list. And perhaps others would like to add to/correct the list, a version of which I keep in my wallet to remind myself what Labour has done to the British constitution and to the liberty of the ordinary person.

Author : Henry Porter
Source : The Guardian

29/01/2008

Bruce Schneier Blazes Through Your Questions

Last week, we solicited your questions for Internet security guru Bruce Schneier. He responded in force, taking on nearly every question, and his answers are extraordinarily interesting, providing mandatory reading for anyone who uses a computer. He also plainly thinks like an economist: search below for “crime pays" to see his sober assessment of why it's better to earn a living as a security expert than as a computer criminal.

Author : Stephen J. Dubner
Source : New York Times

31/01/2008

Nine NHS trusts lose patient data

Nine NHS trusts in England have admitted losing patient records in a fresh case of wholesale data loss by government services, it has emerged. Hundreds of thousands of adults and children are thought to be affected by the breaches, which emerged as part of a government-wide data security review. The Department of Health says patients have been told and there is no evidence data has fallen into the wrong hands. It follows losses of millions of child benefit claimant and driver details.

Author :
Source : BBC

31/01/2008

Data loss crisis spreads to the NHS

The data crisis has taken a new twist, as nine NHS trusts admitted losing personal information of patients. Hundreds of thousands of patients could be affected, according to a newspaper report. The news comes in the wake of the loss of 25 million child benefit claimants' details on two discs belonging to HM Revenue and Customs, as well as three million motorists' details in Iowa. The Department of Health says that patients have been informed and there is no evidence that sensitive data has fallen in to the wrong hands. While the DoH has said that the data losses were being dealt with individually by the relevant trusts and that it therefore did not have details of how many patients' records were lost, one trust - City and Hackney Primary Care Trust, in east London - has reportedly lost the details of 160,000 children, according to a story in the Sunday Mirror. The other trusts involved are Maidstone and Tunbridge Wells, East and North Hertfordshire, Sutton and Merton PCT, Sefton Merseyside PCT, Mid-Essex Care Trust, Bolton Royal Hospital, Norfolk and Norwich and Gloucester Partnership Foundation Trust.

Author : Tom Chivers
Source : The Daily Telegraph

31/01/2008

Ending the surveillance invasion

Liberty and the state: The state can no longer rely on the misplaced belief that privacy must be sacrificed for security Liberty's policy department usually writes for audiences in parliament and Whitehall. If there's a golden rule for effective engagement it's this: avoid hyperbole. It undermines your message and alienates the audience. So, when writing on privacy issues, all talk of "Big Brother", "Orwellian", and "1984" has definitely been discouraged. Earlier this year it struck me that perhaps I had been erring on the side of caution when I was asked to speak at an event organised by the parliamentary IT forum. The title? "Big Brother Britain." Liberty has long battled against the "nothing to hide, nothing to fear" fallacy that presumes only criminals place any premium on their privacy. If any good is to come out of the HMRC lost disc fiasco it is possibly that people will not continue to take such a complacent approach to their private information in future. Opinion polls certainly seem to indicate an increasingly critical public turning against such privacy relevant subjects as the compulsory identity card scheme. The early years of this century were marked by an understandable, if misplaced, belief that privacy was an expendable luxury to be sacrificed in the name of security. It seems the state can no longer rely on this reservoir of goodwill.

Author : Gareth Crossman
Source : The Guardian

31/01/2008

Family doctors to shun national database of patients' records

· More than half would seek specific consent · Security fears dominate concerns, poll shows Nearly two-thirds of family doctors are poised to boycott the government's scheme to put the medical records of 50 million NHS patients on a national electronic database, a Guardian poll reveals today. With suspicion rife across the profession that sensitive personal data could be stolen by hackers and blackmailers, the poll found 59% of GPs in England are unwilling to upload any record without the patient's specific consent. Three-quarters of family doctors said medical records would become less secure when they are put on a database that will eventually be used by NHS and social services staff throughout England. Half thought the records would be vulnerable to hackers and unauthorised access by officials outside the NHS. A quarter feared bribery or blackmail of people with access to the records and 21% suspected that social services staff would not adhere to the confidentiality rules.

Author : John Carvel
Source : The Guardian

31/01/2008

Benefit data lapse 'disturbing'

The Conservatives have described reports of a new government data security lapse as "disturbing". An ex-contractor at the Department for Work and Pensions had two discs with thousands of benefit claimants' details for more than a year, it has emerged. The unencrypted discs revealed the type of benefits paid, but a DWP spokesman said they did not contain bank details. The woman told the News of the World she forgot to return them after she stopped working for the DWP a year ago. It comes as the search for two missing child benefit discs containing the personal details of 25 million people continues. The fact that it hasn't been copy protected is further evidence of a cavalier attitude towards data protection in government departments - Chris Grayling - Shadow work and pensions secretary The DWP discs in the latest incident contained names, addresses, dates of birth and National Insurance numbers. They were part of a project aimed at encouraging people to switch from a giro to a credit transfer system. It is believed there could be up to 9,000 names on each disc.

Author :
Source : BBC

31/01/2008

IT pro admits stealing 8.4M consumer records

A senior database administrator for a consumer reporting agency in Florida has admitted stealing more than 8.4 million account records and selling them to a data broker. He netted $580,000 over five years from the scheme. William Gary Sullivan, a DBA for Fidelity National Information Services, faces up to 10 years in federal prison and $500,000 in fines, although prosecutors agreed to recommend a more lenient sentence in exchange for his guilty plea. He's also required to surrender all remaining proceeds and pay restitution to his victims.

Author : Dan Goodin
Source : Channel Register

31/01/2008

Facebook vetting 'could be illegal'

Facebook vetting 'could be illegal' Employers who trawl social networking sites such as Facebook to dig up information about potential employees could be breaking the law, an internet expert has warned. Facebook is the second fastest growing online brand in Britain The rapid rise of sites such as Facebook, MySpace, and Bebo, where users often post extensive personal information, photos and sometimes candid details of their personal exploits, has led to rumours companies, colleges and universities use them to help vet applicants. John Carr, chairman of the UK Children's Charities' Coalition on Internet Safety, said using the information to research applicants was "possibly illegal, but certainly unethical". He said: "There's a basic law of data protection that if you are processing data, you are only allowed to use it for the purpose for which it was intended. "It's a bit like reading somebody's diary. If you are not part of that person's circle, to look at their stuff and then go to use it to make important decisions on their life, just seems wrong and possibly illegal."

Author : Ben Farmer
Source : The Daily Telegraph

31/01/2008

The policing of the artist

Liberty and the state: Powers to take DNA samples are one part of a new assault on rights Here's a tale for our times. Over the last three years, it has been possible to catch the "Chewing Gum Man" at work somewhere in London, crouched on a pavement. From the distance, he could be homeless or a drunk - his coat is spattered with paint - but as you near, you see that he is painting in enamels, with great delicacy, a picture on the discarded gum that litters urban pavements. When he moves on, the picture will catch passing eyes - particularly children's - for months to come. Each picture tells a story as recounted by a passer-by: this was the place where someone was knocked down or had their first kiss. The pictures are small signs of personal connection, a humanising of an anonymous urban environment; he doesn't want payment, it's a gift of recognition in the city's commercialised and often violent public space.

Author : Madeleine Bunting
Source : The Guardian

29/01/2008

IT pro admits stealing 8.4M consumer records

A senior database administrator for a consumer reporting agency in Florida has admitted stealing more than 8.4 million account records and selling them to a data broker. He netted $580,000 over five years from the scheme. William Gary Sullivan, a DBA for Fidelity National Information Services, faces up to 10 years in federal prison and $500,000 in fines, although prosecutors agreed to recommend a more lenient sentence in exchange for his guilty plea. He's also required to surrender all remaining proceeds and pay restitution to his victims.

Author : Dan Goodin
Source : Channel Register

31/01/2008

Data protection won't help once all the data is gone

Last week's loss of confidential child benefit records has been a wake-up call to 25 million people about the reality of the government's handling of our personal information. But few realise the extent of what lies ahead. The Identity Cards Act, which slipped, barely noted, on to the statute books in 2006, is the jewel in the crown of a wholesale and well-advanced government commitment to "share" data about each of us between departments on an unprecedented scale. Already some 265 government departments are data-sharing. Electronic identity management in the UK is deeply entrenched in government policy, and yet no one can guarantee that such a data-sharing system can be secure. All we can do is hand over our information, cross our fingers, and hope that it won't happen to us.

Author : Christina Zaba
Source : The Guardian

31/01/2008

Do you want Lloyds or HSBC? Account details for sale online

It took just 19 hours from first contact with the anonymous Russian fraudster until he collected my $240 (£116.50) payment from a local "drop". I had sent a wire transfer to his frozen Siberian home town in exchange for details that would, in theory, grant access to more than £10,000 from the bank account of an unsuspecting British Halifax customer. He offered a choice of British accounts held at Lloyds TSB or HSBC and for more money, the balances could have been fatter - anything up to £35,000, the fraudster promised. For a fee of 1% of the balance he promised the name, branch, account number, sort code and internet login. The encounter with the anonymous Russian in an internet chatroom was one of scores like it going on at the time. In a separate private message, another vendor promised: "I will give you HSBC full info with 26k Pounds...for $500...When can you wire money?" The account I had chosen could be almost cleared out in one day without hitting its transfer limit and alerting the account holder or bank, I was told.

Author : Robert Booth
Source : The Guardian

29/01/2008

Websites sell secret bank data and PINs

Security breaches that are allowing the financial details of tens of thousands of Britons to be sold on the internet are to be investigated by the country's information watchdog. Without paying a single penny, The Times downloaded banking information belonging to 32 people, including a High Court deputy judge and a managing director. The private account numbers, PINs and security codes were offered as tasters by illegal hacking sites in the hope that purchases would follow. Richard Thomas, the Information Commissioner, will begin an investigation into the security breach today and Scotland Yard is also investigating. Experts said that the findings suggested that more personal data than ever before was going astray. The Times found: More than 100 websites trafficking British bank details A fraudster offering to sell 30,000 British credit card numbers for less than £1 each A British e-passport for sale, although the Government insists that they are unhackable.

Author : Alexi Mostrous and Dominic Kennedy
Source : The Times

31/01/2008

A mass movement is needed to tackle the state's snoopers

Ministers will quickly lose their shame over the missing 25 million files and continue to stockpile our most personal secrets There's no time to crow over the government's loss of 25 million people's details; no time to rejoice at the obvious mortification of Gordon Brown, Alistair Darling, his sidekick, Andy Burnham, Jacqui Smith and Harriet Harman. These people will not be deterred by the calamity of last week. They are shameless. In a month or two they will bounce back. The ID card scheme will be relaunched and Jacqui Smith will continue with her plans to demand 53 pieces of information from people before they travel abroad. The Children's Index, the Children's Assessment Framework, the National Health database, the ever-expanding police DNA database will all continue to scoop up information. Why? Because the control of the masses is coded in the deepest part of Labour's being.

Author : Henry Porter
Source : The Observer

31/01/2008

Data crisis hits Scotland as papers go missing

The crisis over the security of personal information spread to Scotland last night when it emerged that confidential documents had gone missing in transit to Glasgow. The office of Alex Salmond, Scotland's First Minister, was forced to admit that a package containing printed pension benefit statements dispatched from the Scottish Public Pensions Agency to NHS Greater Glasgow cannot be accounted for. The package was sent by the SPPA on 26 October, as one of 162 packages going to 14 separate addresses throughout Scotland, by Fed Ex, the Scottish Executive's official courier.

Author : Jamie Doward
Source : The Observer

29/01/2008

ID sales sites start loss leader marketing programme

Journalists find thousands of IDs online The Information Commissioners' in-tray got a little bigger today as it confirmed it would be investigating a series of ID trading sites unearthed by journalists. The Times screamed today that "the financial details of tens of thousands of Britons" were being sold on the internet. The paper detailed how it had been able to download banking information for 32 people, including account numbers, PINS, and security codes, "without spending a single penny". The data, including that of a deputy judge, was apparently offered as a free taster by the ID traders.

Author : Joe Fay
Source : The Register

31/01/2008

Six more data discs 'are missing'

HM Revenue and Customs has confirmed that a further six data discs have gone missing in transit between its offices in Preston and London. The discs, which were reported missing on 30 October, contained recorded conversations between a member of staff and a customer making a complaint. Police are still searching for two computer discs containing the details of 25m Child Benefit claimants.

Author :
Source : BBC

29/01/2008

UK's families put on fraud alert

Two computer discs holding the personal details of all families in the UK with a child under 16 have gone missing. The Child Benefit data on them includes name, address, date of birth, National Insurance number and, where relevant, bank details of 25 million people. Chancellor Alistair Darling said there was no evidence the data had gone to criminals - but urged people to monitor bank accounts "for unusual activity". The Conservatives described the incident as a "catastrophic" failure.

Author :
Source : BBC

31/01/2008

Children must give prints for passports

Children over the age of six will have their fingerprints taken when applying for a passport to comply with new EU regulations. The European Commission says youngsters must be fingerprinted for all new EU passports and national ID cards even those issued in the UK. Until now, the Government has insisted that only children over the age of 11 applying for biometric passports which are due to be introduced in 2009 have to be fingerprinted. Revealed: The sinister truth about what they do with our children's fingerprints But under the proposals, revealed in a report by the Commission, children as young as six could be forced to attend special identity centres.

Author : Jason Lewis
Source : The Daily Mail

31/01/2008

Most doctors plan to dodge health database

The majority of family doctors have said they will shun a government plan to stuff a database full of all our medical records. According to a poll conducted by the Guardian, 59 per cent of GPs said they would not put records on the so-called spine without the consent of a patient, and fully three-quarters say records will be less secure once they are made available to NHS and social service staff on the central database. Fear that the records might be accessed by unscrupulous or unauthorised people were at the heart of GP's caution. The poll found 21 per cent had concerns that social services staff would not follow the rules of doctor-patient confidentiality, and a quarter said they were worried about bribery or blackmail of people with access to record

Author : Lucy Sherriff
Source : The Register

31/01/2008

[EU wants to fight terrorism with more passenger data

Airlines could have to provide more data on passengers to countries under new laws proposed by the European Union. European officials want law enforcement authorities in member states to receive Passenger Name Record (PNR) information, which will include names, passport numbers, addresses, credit card details, e-mail addresses and phone numbers. The proposal is one of a raft of measures aimed at combating terrorism, and means airlines flying both to and from EU member states will need to provide countries with the information. They currently have to communicate Advanced Passenger Information, which is used for fighting illegal immigration. An EU spokesperson said, "The added value of the PNR is that it helps identify unknown people and develop risk indicators."

Author : Rebecca Thomson
Source : Computer Weekly

29/01/2008

Schoolkid chipping trial 'a success'

A big brother for every pupil A school in Doncaster is piloting a monitoring system designed to keep tabs on pupils by tracking radio chips in their uniforms. According to the Doncaster Free Press, Hungerhill School is testing RFID tracking and data collection on 10 pupils within the school. It's been developed by local company Darnbro Ltd, which says it is ready to launch the product into the £300m school uniform market. Boss Trevor Darnborough said: "The Department for Education and Skills is keen to promote use of electronic registration in schools because of its benefits in efficiently monitoring pupils' attendance and the speedy retrieval and analysis of data.

Author : Chris Williams
Source : The Register

29/01/2008

Police demand doctors report gun victims

Police chiefs want doctors to break medical confidentiality and report patients they treat who have suffered knife or gun shot wounds, the Guardian has learned. The proposals are set to be handed to ministers by police chiefs as part of an intensified new response to tackling youth gang and gun crime. The proposals have caused concern among doctors and civil rights activists, who argue that confidentiality is the cornerstone of the doctor-patient relationship.

Author : Vikram Dodd
Source : The Guardian

31/01/2008

Each DNA swab brings us closer to a police state

The move to widen the UK genetic database is yet another example of a relentless desire to monitor every aspect of our everyday lives An elderly lady called a BBC Wales radio phone-in programme on which I was a guest last week to say that she wouldn't mind in the slightest if she was stopped and ordered to submit to a DNA test when her dog fouled the pavement. 'Everyone should give their DNA to the police,' she said before the discussion was cut short. There wasn't time to talk about the sinister absurdity of sanctioning a law that compels old ladies to offer up a mouth swab, whether they want to or not. No time to state that the Home Office and police are engaged on a programme to introduce mass DNA testing by stealth. No time to wonder at the complete absence of parliamentary debate on this crucial issue of liberty. No time to ask whether we can truly trust the police; or to consider what the relatively new science of genetics may be used for in the future; or to wonder at the alarming disappearance of the liberal reflex in British political life.

Author : Henry Porter
Source : The Observer

31/01/2008

Lib Dems attack policy on children's DNA records

The Liberal Democrats today condemned the policy of holding children's DNA profiles "often without parental consent", as government figures showed almost 150,000 under-16s were on the national database. The Lib Dem shadow home affairs spokesman, Nick Clegg, described the policy as "disturbing". "Thousands of these children will have been found guilty of no crime, yet samples of their DNA will remain on file for life. "The disturbing and illiberal policy of adding a child's most personal information to a massive government computer system, simply on the grounds of an accusation, must stop immediately."

Author : Hélène Mulholland
Source : The Guardian

25/10/2007

The International Campaign Against Mass Surveillance (ICAMS)

Global security and the "war on terror" now dominate the global political agenda. Driven largely by the United States, a growing web of anti-terrorism and security measures are being adopted by nations around the world. This new "security" paradigm is being used to roll back freedom and increase police powers in order to exercise increasing control over individuals and populations. Under the public's radar screen, a registration and surveillance infrastructure of global reach is quietly being constructed. It includes the convergence of national and international databases, the creation of data profiles for whole populations, the creation of a global ID system, the global surveillance of movement, and the global surveillance of electronic communications. The International Campaign Against Mass Surveillance (ICAMS) has launched a petition to demand that international organizations and national governments stop participating in the construction of this system.

Author :
Source : The International Campaign Against Mass Surveillance (ICAMS)

25/10/2007

Cops and Home Office plot uber-CCTV network

Tracking all of the people, all of the time You know in the movies or on the telly, where the sinister (Bourne) or perhaps heroic (Spooks) government agents are thinking about a problem somewhere? The person in charge often barks something like "Is there any CCTV?" Some kind of minion - perhaps dressed and coiffured like a tramp to indicate technical competence - quickly rattles away on a keyboard. And then, within seconds, bingo - the boss is looking at live images of a given street, often with sufficient resolution to identify faces.

Author : Lewis Page
Source : The Register

25/10/2007

PDF - NATIONAL CCTV STRATEGY - The Home Office

"The United Kingdom is generally recognised as a leading user of Closed Circuit Television (CCTV) for community safety and crime investigation purposes. We regularly see examples of where it has been used to make our streets safer, reduce the fear of crime and detect serious offences. The use of CCTV in the support of terrorist investigations in the UK has led to considerable worldwide interest, with many countries now following us in developing CCTV infrastructures"

Author :
Source : The Home Office

25/10/2007

Scientists Use the "Dark Web" to Snag Extremists and Terrorists Online

Terrorists and extremists have set up shop on the Internet, using it to recruit new members, spread propaganda and plan attacks across the world. The size and scope of these dark corners of the Web are vast and disturbing. But in a non-descript building in Tucson, a team of computational scientists is using the cutting-edge technology and novel new approaches to track their moves online, providing an invaluable tool in the global war on terror. Funded by the National Science Foundation and other federal agencies, Hsinchun Chen and his Artificial Intelligence Lab at the University of Arizona have created the Dark Web project, which aims to systematically collect and analyze all terrorist-generated content on the Web.

Author :
Source : National Science Foundation

25/10/2007

A Face Is Exposed for AOL Searcher No. 4417749

Buried in a list of 20 million Web search queries collected by AOL and recently released on the Internet is user No. 4417749. The number was assigned by the company to protect the searcher's anonymity, but it was not much of a shield. Thelma Arnold's identity was betrayed by AOL records of her Web searches, like ones for her dog, Dudley, who clearly has a problem. No. 4417749 conducted hundreds of searches over a three-month period on topics ranging from "numb fingers" to "60 single men" to "dog that urinates on everything." And search by search, click by click, the identity of AOL user No. 4417749 became easier to discern. There are queries for "landscapers in Lilburn, Ga," several people with the last name Arnold and "homes sold in shadow lake subdivision gwinnett county georgia." It did not take much investigating to follow that data trail to Thelma Arnold, a 62-year-old widow who lives in Lilburn, Ga., frequently researches her friends' medical ailments and loves her three dogs. "Those are my searches," she said, after a reporter read part of the list to her. AOL removed the search data from its site over the weekend and apologized for its release, saying it was an unauthorized move by a team that had hoped it would benefit academic researchers.

Author : Michael Barbaro and Tom Zeller Jr.
Source : The New York Times

25/10/2007

Lesson From Tor Hack: Anonymity and Privacy Aren't the Same

As the name implies, Alcoholics Anonymous meetings are anonymous. You don't have to sign anything, show ID or even reveal your real name. But the meetings are not private. Anyone is free to attend. And anyone is free to recognize you: by your face, by your voice, by the stories you tell. Anonymity is not the same as privacy. That's obvious and uninteresting, but many of us seem to forget it when we're on a computer. We think "it's secure," and forget that secure can mean many different things. Tor is a free tool that allows people to use the internet anonymously. Basically, by joining Tor you join a network of computers around the world that pass internet traffic randomly amongst each other before sending it out to wherever it is going. Imagine a tight huddle of people passing letters around. Once in a while a letter leaves the huddle, sent off to some destination. If you can't see what's going on inside the huddle, you can't tell who sent what letter based on watching letters leave the huddle. I've left out a lot of details, but that's basically how Tor works. It's called "onion routing," and it was first developed at the Naval Research Laboratory. The communications between Tor nodes are encrypted in a layered protocol -- hence the onion analogy -- but the traffic that leaves the Tor network is in the clear. It has to be.

Author : Bruce Schneier
Source : Wired

25/10/2007

Tens of thousands of CCTV cameras, yet 80% of crime unsolved

Most CCTV cameras are 'illegal', watchdog claims London has 10,000 crime-fighting CCTV cameras which cost £200 million, figures show today. But an analysis of the publicly funded spy network, which is owned and controlled by local authorities and Transport for London, has cast doubt on its ability to help solve crime. A comparison of the number of cameras in each London borough with the proportion of crimes solved there found that police are no more likely to catch offenders in areas with hundreds of cameras than in those with hardly any. In fact, four out of five of the boroughs with the most cameras have a record of solving crime that is below average. The figures were obtained by the Liberal Democrats on the London Assembly using the Freedom of Information Act.

Author : Justin Davenport
Source : Evening Standard

25/10/2007

Learning to live with Big Brother

The second article in our series looks at the new technologies for collecting personal information, and the dangers of abuse It used to be easy to tell whether you were in a free country or a dictatorship. In an old-time police state, the goons are everywhere, both in person and through a web of informers that penetrates every workplace, community and family. They glean whatever they can about your political views, if you are careless enough to express them in public, and your personal foibles. What they fail to pick up in the café or canteen, they learn by reading your letters or tapping your phone. The knowledge thus amassed is then stored on millions of yellowing pieces of paper, typed or handwritten; from an old-time dictator's viewpoint, exclusive access to these files is at least as powerful an instrument of fear as any torture chamber. Only when a regime falls will the files either be destroyed, or thrown open so people can see which of their friends was an informer. These days, data about people's whereabouts, purchases, behaviour and personal lives are gathered, stored and shared on a scale that no dictator of the old school ever thought possible. Most of the time, there is nothing obviously malign about this. Governments say they need to gather data to ward off terrorism or protect public health; corporations say they do it to deliver goods and services more efficiently. But the ubiquity of electronic data-gathering and processing-and above all, its acceptance by the public-is still astonishing, even compared with a decade ago. Nor is it confined to one region or political system.

Author :
Source : The Economist

25/10/2007

Spying On Your Ex-Girlfriend Not Quite What Homeland Security's Database Is For

Every time we hear of yet another plan for the government to set up yet another database of information about people, we wonder about how it will be misused. Supporters always talk about how helpful such databases are (which is debatable), but rarely are willing to take into account how such systems are going to be abused -- and they're always abused. The latest such case involves an employee at the Department of Commerce who used a Department of Homeland Security database to track an ex-girlfriend. This wasn't just a one-off thing either. He apparently used the database 163 times to check up on her. Then he threatened to have the woman deported and her family killed. So, as the government continues to push the boundaries in trying to collect more and more data on everyone, it's at least worth asking if the potential for abuses is taken into consideration and how they're dealt with (if they're dealt with at all).

Author :
Source : TechDirt

25/10/2007

Surveillance Works Both Ways

Surveilling the surveillers. It's an idea that Number 6, the nameless hero of the classic British TV show The Prisoner, would have loved. In an attempt to establish equity in the world of surveillance, participants at the Computers, Freedom and Privacy conference in Seattle this week took to the streets to ferret out surveillance cameras and turn the tables on offensive eyes taking their picture. Following wearable computing guru Steve Mann into a downtown Seattle shopping mall, about two dozen conference attendees, some of them armed with handheld cameras, snapped photos of smoked-glass ceiling domes in Nordstrom and Gap stores, which may or may not have contained cameras. Companies have been known to install empty camera domes to save money while giving the impression of surveillance. The idea of surveillance that's powerful even if it's not actually present was in line with the theme of this year's CFP conference -- the Panopticon. The Panopticon, a model prison envisioned by philosopher Jeremy Bentham, would feature guard towers using mirrors that allowed the guards to see the prisoners without being seen themselves. This would leave the inmates uncertain as to when they were actually being watched.

Author : Kim Zetter
Source : Wired

25/10/2007

Sneaky White Hats Pull Surveillance Cam Switcheroo

If you've seen a Hollywood caper movie in the last 20 years you know the old video-camera-spoofing trick. That's where the criminal mastermind taps into a surveillance camera system and substitutes his own video stream, leaving hapless security guards watching an endless loop of absolutely-nothing-happening while the bank robber empties the vault. Now white-hat hackers have demonstrated a technique that neatly replicates that old standby. Amir Azam and Adrian Pastor, researchers at London-based security firm ProCheckUp, discovered that they can redirect what video file is played back by an AXIS 2100 surveillance camera, a common industrial security camera that boasts a web interface, allowing guards to monitor a building from anywhere in the world.

Author : Ryan Singel
Source : Wired

25/10/2007

Junta hunts dissidents on UN computers

Burma's ruling junta is attempting to seize United Nations computers containing information on opposition activists in the latest stage of its brutal crackdown on pro-democracy demonstrations, The Times has learnt. UN staff were thrown into panic over the weekend after Burmese police and diplomats entered its offices in Rangoon and demanded hard drives from its computers. The discs contain information that could help the dictatorship to identify key members of the opposition movement, many of whom have gone underground. UN staff spent much of the weekend deleting information.

Author : Shwedagon Pagoda/Kenneth Denby
Source : The Times

25/10/2007

Lib Dems demand end to 'surveillance society'

The "surveillance society" must be rolled back, Liberal Democrats said today. The party called for the immediate abandonment of the government's ID card scheme, better regulation of CCTV and for DNA samples taken from people who have not been charged or convicted to be destroyed. Debating surveillance and information at the Liberal Democrat conference in Brighton, MPs and delegates condemned the government's attempts to recede liberty in the name of security. Backing the motion, justice spokesman David Heath argued the government appeared to be realising the Orwellian nightmare. He borrowed from Benjamin Franklin to argue those who sacrifice liberty for security, deserve neither.

Author :
Source : Politics.co.uk

25/10/2007

UK 2017: under surveillance

It is a chilling, dystopian account of what Britain will look like 10 years from now: a world in which Fortress Britain uses fleets of tiny spy-planes to watch its citizens, of Minority Report-style pre-emptive justice, of an underclass trapped in sink-estate ghettos under constant state surveillance, of worker drones forced to take on the lifestyle and values of the mega-corporation they work for, and of the super-rich hiding out in gated communities constantly monitored by cameras and private security guards. This Orwellian vision of the future was compiled on the orders of the UK's information commissioner - the independent watchdog meant to guard against government and private companies invading the privacy of British citizens and exploiting the masses of information currently held on each and every one of us - by the Surveillance Studies Network, a group of academics.

Author : Neil Mackay
Source : Sunday Herald

25/10/2007

PDF - Full Report - "A Report on the Surveillance Society"

For the Information Commissioner by the Surveillance Studies Network

Author :
Source :

25/10/2007

UK police can now force you to reveal decryption keys

Refuseniks face jail time Users of encryption technology can no longer refuse to reveal keys to UK authorities after amendments to the powers of the state to intercept communications took effect on Monday (Oct 1). The Regulation of Investigatory Powers Act (RIPA) has had a clause activated which allows a person to be compelled to reveal a decryption key. Refusal can earn someone a five-year jail term. Part III of RIPA was in the original Act but was not activated. The Home Office said last year that it had not implemented the provision because encryption had not been as popular as quickly as it had predicted. It launched a consultation which culminated in Part III being made active on 1st October.

Author :
Source : OUT-LAW.COM/The Register

25/10/2007

Big Brother Britain: Government and councils to spy on ALL our phones

Officials from the top of Government to lowly council officers will be given unprecedented powers to access details of every phone call in Britain under laws coming into force tomorrow. The new rules compel phone companies to retain information, however private, about all landline and mobile calls, and make them available to some 795 public bodies and quangos. The move, enacted by the personal decree of Home Secretary Jacqui Smith, will give police and security services a right they have long demanded: to delve at will into the phone records of British citizens and businesses.

Author : Jason Lewis
Source : RINF

25/10/2007

Alarm at US right to highly personal data

Highly sensitive information about the religious beliefs, political opinions and even the sex life of Britons travelling to the United States is to be made available to US authorities when the European Commission agrees to a new system of checking passengers. The EC is in the final stages of agreeing a new Passenger Name Record system with the US which will allow American officials to access detailed biographical information about passengers entering international airports. The information sharing system with the US Department of Homeland Security, which updates the previous three-year-old system, is designed to tackle terrorism but civil liberty groups warn it will have serious consequences for European passengers. And it has emerged that both the European parliament and the European data protection supervisor are alarmed at the plan.

Author : Jamie Doward
Source : The Observer

25/10/2007

British the most spied-on people in western world

British people are now more spied upon by their political leaders than any other population in the free world, according to an official report. The linkage of databases and surveillance systems mean people are now having their movements tracked, habits profiled and photograph taken hundreds of times a day. The findings, in a report compiled on behalf of Richard Thomas, the information commissioner, raised concerns that Britain is "waking up in a surveillance society". Thomas said: "Many of these schemes are public sector driven, and the individual has no choice over whether or not to take part. People are being scrutinised and having their lives tracked, and are not even aware of it." "They don't know, for instance, that a record is kept of every internet site they visit. They don't realise that when identity cards come in, there will be a record of their movements and every time they have engaged with any public service."

Author : Lois Rogers
Source : The Sunday Times

25/10/2007

DHS Ends Criticized Data-Mining Program

The Homeland Security Department scrapped an ambitious anti-terrorism data-mining tool after investigators found it was tested with information about real people without required privacy safeguards. The department has spent $42 million since 2003 developing the software tool known as ADVISE, the Analysis, Dissemination, Visualization, Insight and Semantic Enhancement program, at the Lawrence Livermore and Pacific Northwest national laboratories. It was intended for wide use by DHS components, including immigration, customs, border protection, biological defense and its intelligence office. Pilot tests of the program were quietly suspended in March after Congress' Government Accountability Office warned that "the ADVISE tool could misidentify or erroneously associate an individual with undesirable activity such as fraud, crime or terrorism."

Author : Michael J. Sniffen
Source : AP/SFGate

25/10/2007

Judge Strikes Down Parts Of Patriot Act

A federal judge struck down parts of the revised USA Patriot Act as unconstitutional Thursday, saying courts must be allowed to supervise cases where the government orders Internet providers to turn over records without telling customers. U.S. District Judge Victor Marrero said the government orders must be subject to meaningful judicial review and that the recently rewritten Patriot Act "offends the fundamental constitutional principles of checks and balances and separation of powers."

Author :
Source : CBS/AP

25/10/2007

London council to use lie detectors to finger benefit cheats

Calling call centres is stressful already Lambeth Council has done a deal with KPMG Capita* to use voice recognition software to finger cheats contacting call centres to sort out benefits. Everyone contacting the centre will be told they are being scanned and will then be asked 19 questions."Voice Risk Analysis" will then finger voices it considers suspicious. The pilot is being paid for by the Department of Work and Pensions. The technology supposedly works by detecting "micro-tremors" which, we are told, indicate not only stress but also "when stress is generated by an attempt to deceive".

Author : John Oates
Source : The Register

25/10/2007

High Tech Helpers or Big Brother Surveillance Tools?

CityWatcher.com, a provider of surveillance equipment, attracted little notice itself - until a year ago, when two of its employees had glass-encapsulated microchips with miniature antennas embedded in their forearms. The chipping of two workers with RFIDs - radio frequency identification tags as long as two grains of rice, as thick as a toothpick - was merely a way of restricting access to vaults that held sensitive data and images for police departments, a layer of security beyond key cards and clearance codes, the company said.

Author :
Source : The Chief Engineer

25/10/2007

Surveillance Society: Proposal for a universal DNA database

A civil liberties storm erupted yesterday after a senior judge called for the genetic details of every person in Britain, and all visitors to the country, to be added to the national DNA database... A civil liberties storm erupted yesterday after a senior judge called for the genetic details of every person in Britain, and all visitors to the country, to be added to the national DNA database. Critics warned that the "chilling" move would infringe privacy, be hugely impractical and have only a marginal impact on crime.