A judge in California ruled that the use of a keystroke logger, which is a device or program that records what you type on your keyboard, does not violate federal wiretap laws.

This case involved an employer installing a physical device between his secretary’s computer and keyboard that monitored and recorded what she typed.

Privacy advocates have argued that since keystroke logging facilitates covertly monitoring and recording information and conversations, cases should be prosecuted using the same laws that protect the public from telephone wiretaps. However, the wiretap laws offer very specific protection. In this case the best the prosecution could offer was that the computer being monitored was used to compose emails. Email can be protected under the wiretap laws but only as they travel over data networks. After they are stored, snooping is not protected under wiretap laws.

More information on this story can be found at SecurityFocus.com and more on keystroke loggers can be found at Wikipedia.org

Phishing, according to webopedia.com is “the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.” If the user takes the bait and assumes the email is legitimate, they are directed to a website where they are asked, under false pretenses, to reveal personal information like credit card numbers or account passwords.

Previously, all know phishing scams required the user to buy into the original fraudulent email and click on a link and then type in their information. However, a phishing scam that doesn’t require anything from a user other than opening an email has emerged. The email triggers a script that compromises the users computer so that the next time they attempt visit certain online banking sites they are re-directed to imposter websites that steal their personal information.

Fortunately, this attack only targets insecurely configured or out-of-date versions of Microsoft’s Outlook email program, but more sophisticated attacks are likely on the way. This is another example of why you need to keep your software up-to-date as well as consider unique vulnerabilities your particular email client or web browser may have. Personally, I would avoid Microsoft Outlook as well as Internet Explorer in favor of alternatives like Thunderbird and Firefox from mozilla.org.

Read more about this attack at silicon.com.

Officials from six countries, including the U.S. Secret Service, worked together to arrest 28 suspects from an ID theft ring accused of stealing, among other things, more than 1.7 million credit card numbers. The thieves are noted to have gone after confidential information from both individuals and companies. This is third in a series of worldwide investigations resulting in multiple arrests for identity theft.

Enforcement measures like these are encouraging, and should help to deter identity theft, but the sheer magnitude of information thieves can steal emphasizes the need to keep a close watch on information you want to keep private.

Read more at C|Net.

Spyware, a common problem for computer users, refers to covertly installed applications that monitor and record your computer usage habits. Spyware is not only invasive, but it can slow your computer down and cause it to crash. Fortunately, new legislation has been passed that adds large fines to punishments companies convicted of installing spyware can receive. However, it is easy to question the effectiveness of stricter laws, as the companies responsible for spyware might simply relocate to avoid possible fines. Helping consumers avoid spyware may be a more effective strategy, and to that end computer-maker Dell has partnered with getnetwise.org, a non-profit group aimed at helping educate consumers and help them avoid spyware. Other getnetwise.org members include AOL and Microsoft. Read more at CNN and MSNBC.

The Patriot Act, passed shortly after 9/11, was designed in part to make it easier for the government to monitor suspected terrorists. However, it had been under a great deal of scrutiny by critics who think it gives the government too much power to gather information. One of those criticisms involved the ability to secretly search information ISPs (Internet service providers) and phone companies have about their customers. The American Civil Liberties Union sued, claiming that these expanded privileges violate the Forth Amendment. Yesterday a U.S. District Judge agreed, ruling the powers unconstitutional.

Read more here [CNN].

The problems with disclosing even small amounts of personal information are becoming more obvious. Electronic databases make the aggregation of small, otherwise innocuous pieces of personal information inevitable, and they can combine to form remarkably complete pictures of you that include your name, address and even detailed spending habits. Combine this with powerful search engines like Google and even your credit card number can quickly be looked-up, which is discomforting at the least.

More can be found here [Yahoo News]