RFID is a super hot topic right now. The potential market is huge. Many chip makers, including Texas Instruments, Intel, AMD, Motorola, etc., are convinced that RFID will become the most prevalent “electronic-based intelligence” technology of the 21st century. RFID will link machines, goods and people, helping companies gauge consumer preferences. RFID has raised a lot of concerns about compromising consumer privacy. Some people even set up a website to raise the public’s awareness on this topic. There is a also new book “Spychips: How Major Corporations and Government Plan to Track Your Every Move with RFID” by Katherine Albrecht and Liz McIntyre that was recently published by Nelson Current.
Missouri governor Matt Blunt, signed an insurance audit bill HB 388 on July 12, 2005 that requires the Missouri Department of Insurance to modify the consumer complaint form to include a provision in which consumers can authorize the public release of their file. The bill took effect in September 2005. Of the 377 complaints filed with the department during the first month, 334 consumers chose to not authorize the release of any information. That’s an overwhelmingly 90 percent of the insurance consumers who choose to keep personal information confidential. The new law allows consumers who file a complaint with the state about their insurance company to prevent disclosure of their personal information, including healthcare details. Prior to the new law, Missouri
The Chicago Bulls requested NBA player Eddy Curry to provide his DNA sample for testing his genetic makeup before signing a one-year $5M contract with the Bulls. Curry’s lawyer Alan Milstein says this is an invasion to Curry’s privacy and the implication could go beyond the sports world. “Hand that information to an employer,” he said, “and imagine the implications. If the NBA were to get away with it, what about everyone else in this country looking for a job.” Read the whole story.
The Senate Judiciary Committee has approved a bill that would force suspects arrested or detained by federal authorities to provide samples of their DNA that would be recorded in a central database. This is a step to expand government collection of personal data, and maybe another step in expanding government intrusion. Currently, only people convicted of crimes must provide a DNA sample. Privacy advocates, including Jim Harper, director of Information Policy Studies at the Cato Institute, oppose the expansion of the FBI-run national DNA registry. Harper is a keynote speaker at the IAPP Privacy Academy 2005 Oct. 26-28 in Las Vegas.
North Carolina Governor Mike Easley signed into law Senate Bill 1048, “The Identity Theft Protection Act of 2005” on September 21, 2005. Under this bill, businesses are prohibited from using Social Security numbers to identify customers. The measure requires businesses not to print Social Security numbers on documents, such as health insurance cards. The bill also restricts businesses from selling or displaying SSNs to a third party without an individual
Security company Aladdin’s eSafe Content Security Response Team (CSRT) found that 15 percent of spyware threats succeed in copying a user’s passwords, usernames, hashes of an administrator’s passwords, instant messaging usage, email addresses and other sensitive information. The two-month analysis of top 2,000 known spyware threats shows that there is a growing amount of spyware specifically designed for identity theft. These spyware poses tremendous threats to both personal and commercial privacy, with potentially dangerous effects for large organizations in need of protecting proprietary information. Read a full article of this story.
For Windows users, please download ALL of the following three antispyware tools and run them once a WEEK on your personal computer. All these three tools are free for personal use:
Spybot Search and Destroy
Microsoft Windows AntiSpyware
IBM’s Sovereign Information Integration (SII) technology: double encryption to achieve privacy-minded securityFriday, September 16th, 2005
Information sharing and integration are essential elements of today’s marketplace. Current information integration approaches are based on the assumption that all of the information in each database can be revealed to the other databases. This is a potential privacy concern in many applications, such as applications that involve medical information and national security. IBM Almaden Research Center’s Sovereign Information Integration (SII) technology allows companies to share and integrate data while complying with privacy policies and laws. The SSI technology employs an innovative double-encryption technique in which each party encrypts its own data and then sends it to the other party to encrypt again. Double-encrypted data can be compared without violating disclosure rules because nonmatching values are protected by the other party’s encryption and would be unreadable by either party. SII is the functional component of IBM’s Hippocratic Database, which ties into health care applications to let users indicate who should have access to certain patient data.
The Identity Theft Resource Center reports 102 data breaches in the U.S. since Jan. 1, 2005, potentially affecting more than 56.2 million individuals. Most of the incidents could have been prevented with safe data handling practices, for example, sending postcards with Social Security numbers on them or requiring students to place name and SSN on rosters that are passed through classrooms or placed on papers or tests. See a most updated list of 2005 Disclosures of U.S. Data Incidents (PDF). An interesting observation is that a lot of these incidents happened in universities.