Tag Archives: privacy

Another bug: Photos of nearly 7 million Facebook users exposed

Four years and counting since I deleted my FB account. You couldn’t pay me to go back to it.

From Hollywood Reporter: Facebook’s privacy controls have broken down yet again, this time through a software flaw affecting nearly 7 million users who had photos exposed to a much wider audience than intended.

The bug disclosed Friday gave hundreds of apps unauthorized access to photos that could in theory include images that would embarrass some of the affected users. They also included photos people may have uploaded but hadn’t yet posted, perhaps because they had changed their mind.

It’s not yet known whether anyone actually saw the photos, but the revelation of the now-fixed problem served as another reminder of just how much data Facebook has on its 2.27 billion users, as well has how frequently these slipups are recurring.

The bug is the latest in a series of privacy lapses that continue to crop up, despite Facebook’s repeated pledges to batten down its hatches and do a better job preventing unauthorized access to the pictures, thoughts and other personal information its users intend so share only with friends and family.

In general, when people grant permission for a third-party app to access their photos, they are sharing all the photos on their Facebook page, regardless of privacy settings meant to limit a photo to small circles such as family. The bug potentially gave developers access to even more photos, such as those shared on separate Marketplace and Facebook Stories features, as well as photos that weren’t actually posted.

Facebook said the users’ photos may have been exposed for 12 days in September. The company said the bug has been fixed.

The company declined to say how many of the affected users are from Europe, where stricter privacy laws took effect in May and could subject companies to fines. Facebook said it has notified the Irish Data Protection Commission of the breach.

The problem comes in a year fraught with privacy scandals and other problems for the world’s biggest social network.

Revelations that the data-mining firm Cambridge Analytica improperly accessed data from as many as 87 million users led to congressional hearings and changes in what sorts of data Facebook lets outside developers access. In June, a bug affecting privacy settings led some users to post publicly by default regardless of their previous settings. This bug affected as many as 14 million users over several days in May.

With each breakdown, Facebook risks losing credibility with both its audience and the advertisers whose spending generates most of the company’s revenue.

“It’s like they keep getting these chinks in the armor that is causing this trust deficit,” said Michael Priem, CEO of Modern Impact, which places ads for a variety of major brands.

Although Facebook doesn’t appear to be losing a lot of users, Priem said some advertisers have been seeing data indicating that people are spending less time on the social network. That’s raising concerns about whether the privacy breakdowns and problems with misinformation being spread on the services are taking a toll.

Read the whole story here.

DCG

Better than Drudge Report. Check out Whatfinger News, the Internet’s conservative frontpage founded by ex-military!

Please follow and like us:
error0
 

Would you register your home surveillance cameras with the local police department?

Renton, a city south of Seattle, has asked citizens and businesses to register their surveillance cameras with the police department so they can get access to thousands of private cameras installed throughout the city.

From the MyNorthwest.com story: “It’s called the Camera Registration Program. Since it launched Thursday, more than 40 homeowners and business owners have already signed up.”

I understand citizens wanting to do this – catch the bad guys. Yet I would be hesitant to participate in this program.

The police promise your privacy will not be comprised. More from the MyNorthwest.com story:

“Sgt. Christy Mathews told KIRO 7 the partnership was the idea of the department’s Community Programs Division. According to Mathews, surveillance images are typically obtained by officers and detectives knocking on doors, asking business owners and homeowners if a surveillance camera might have captured a particular incident.

Now, the locations of homes and businesses that register with the Camera Registration Program appear as blue dots on a satellite map of Renton. Mathews said other police agencies have databases of available cameras on printed pages, but not on a computer-generated map. She believes Renton PD’s is the first.

The Camera Registration Program is volunteer-only and does not allow police officers to see images in real time.

It simply lets investigators know a camera is in the area and that its owner is willing to cooperate with police officers. Those officers can then “log in from their cars and see there are three houses in this area, and the suspect fled this way, so maybe these three cameras will show something,” Mathews explained.”


What if for some reason you don’t want to turn over your camera data (i.e., you’re doing something embarrassing or your child may be implicated in a crime; or maybe you are coming back from the gun range and unloading your car and now authorities may inquire about safe gun storage)?

Will the police obtain a warrant and compel your turn over camera data?

As with most things related to government and high tech, I would not trust anyone with my personal data AT ALL.

DCG

Better than Drudge Report. Check out Whatfinger News, the Internet’s conservative frontpage founded by ex-military!

Please follow and like us:
error0
 

Smile! You are being watched by your cable TV

cable box

Cheryl K. Chumley reports for The Washington Times, June 17, 2013, the cable TV companies have acquired a new technology that enables them to peer directly into television watchers’ homes and monitor viewing habits and reactions to product advertisements.

The technology would come via infrared cameras and microphones embedded in digital video recorders (DVRs) or cable boxes, which will enable the cable companies to watch and analyze viewers’ reaction (what they do and say) to televised ads. The cable companies then use the data collected to target specific advertisements to the particular household.

Rep. Mike Capuano (D-MA) and Rep. Walter Jones (R-NC) have introduced a bill, the We Are Watching You Act, to prohibit the technology on boxes and collection of information without consumer permission. The bill would also require companies that do use the data to show “we are watching you” messages on the screen and to explain just what kinds of information is being captured and for what reasons.

The two Congressmen explain in a press release that “A patent application filed with the US Patent and Trademark Office by Verizon notes the technology could detect a range of viewer activities. According to the patent application, the set-top device will be able to distinguish ‘ambient action … of eating, exercising, laughing, reading, sleeping, talking, humming, cleaning’ and more.”

Congressman Capuano stated: “This may sound preposterous but it is neither a joke nor an exaggeration. These DVRs would essentially observe consumers as they watch television as a way to super-target ads. It is an incredible invasion of privacy. Given what we have recently learned about the access that the government has to the phone numbers we call, the emails we send and the websites we visit, it is important for consumers to decide for themselves whether they want this technology. Think about what you do in the privacy of your own home and then think about how you would feel sharing that information with your cable company, their advertisers and your government.”

For his part, Congressman Jones stated: “Allowing this type of technology to be installed in the homes of individuals without their consent would be an egregious invasion of privacy. When the government has an unfortunate history of secretly collecting private citizens’ information from technology providers, we must ensure that safeguards are in place to protect Americans’ rights.”

Current law is silent on these devices. The We Are Watching You Act will require both an opt-in for consumers and an on-screen warning whenever the device is recording information about consumers.

~Eowyn

Please follow and like us:
error0
 

New York Police Confiscating Firearms from People Taking Anti-anxiety Medication

Yep folks inch by inch they are coming. Is anyone else besides me tired of playing by the rules? You know we’re the good guys and we don’t cheat.

Frankly I am so sick and friggen tired of it. They just trample EVERYTHING that is decent and right that is in this world. They lie, cheat , beat , and yes even kill for their agenda. How bout we start drawing a line in the sand and say you better not cross this or I’m gonna bop you UPSIDE the head. I’m sorry but

the marquis de queensbury rules simply don’t apply anymore.

I forget who said it But it went something like this.
“All that is necessary for evil to triumph is for good men to do nothing”  
This story grabs me by my gut and makes me want to hurl. HIPPA, Dr. Patient ——privacy, civil rights. Where is the outrage.?—————–

Government increases “onerous activity” to confiscate legal firearms.

Infowars.com
April 9, 2013

handgun

The New York State Police are suspending the handgun permits of people in the state who are prescribed anti-anxiety medication, according to Jim Tresmond of the Tresmond Law Firm in Hamburg, New York. Tresmond Law specializes in firearm litigation.
“We are representing a client right now who is impacted by this onerous activity of the government,” Tresmond told WBEN, a news talk radio station in Buffalo, New York.
“We were flummoxed by this whole matter,” the attorney said. “The HIPPA act is supposed to prevent this kind of thing from happening. It’s a gross invasion of our privacy rights.”
The Health Insurance Portability and Accountability Act Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information, according to the Department of Health and Human Services.
Tresmond said the New York State Police are responsible for taking action against legal firearms owners. “Based on information the county received from the New York State Police, they’ve suspended the permits. The State Police instigates the proceedings.”
Section 9.46 of the NY SAFE Act of 2013 authorizes therapists, doctors, nurses and social workers to report patients they determine may engage in conduct that may result in harm to self or others. If a determination is made that the person in question poses a threat, the provision permits the government to confiscate firearms. The provision is a direct violation of the Fourth Amendment and the legal standard of probable cause.
Experts said many mental health providers will likely ignore the provision.
NY SAFE was passed by the New York State Legislature on January 15, 2013, and was signed into law by Governor Andrew Cuomo the same day.
This article was posted: Tuesday, April 9, 2013 at 4:52 pm
~Steve~                   H/T  INFOWARS
 

Please follow and like us:
error0
 

The magical mind reader

[youtube=https://www.youtube.com/watch?v=F7pYHN9iC9I&feature=player_embedded]
Scary, uh?
H/t my ol’ friend Sol
~Eowyn

Please follow and like us:
error0
 

Beware of hospitals asking for your palm print

Some hospitals are now asking their patients to scan their palms, ostensibly to compile a biometric data base to prevent identity theft.
Don’t do it! Nor is the palm scan mandatory; it’s purely optional. But they won’t volunteer that information unless you ask.

palm print scan

Natasha Singer reports for the New York Times, Nov. 10, 2012, that she was told they needed to scan her palm “for her file” when she recently visited a doctor’s office at New York University Langone Medical Center.
Singer balked. As she explains: “As a reporter who has been covering the growing business of data collection, I know the potential drawbacks — like customer profiling — of giving out my personal details. But the idea of submitting to an infrared scan at a medical center that would take a copy of the unique vein patterns in my palm seemed fraught.”

Despite her reservations, Singer still complied. Next, they wanted to take her photo. Only then did an office manager appeared and explained that the scans and pictures were optional. But by then, Singer’s palm print was already in their system.
Consumer advocates are sounding the warning that more and more institutions are employing biometric data “to improve convenience,” but we are paying for that convenience with the loss of our privacy.
Fingerprints, facial dimensions and vein patterns are unique, and should be treated as carefully as genetic samples. So collecting such information for expediency could actually increase the risks of serious identity theft. Yet companies and institutions that compile such data often fail to adequately explain the risks to consumers.
Pam Dixon, the executive director of the San Diego-based advocacy group World Privacy Forum explains: “Let’s say someone makes a fake ID and goes in and has their photo and their palm print taken as you. What are you going to do when you go in? Hospitals that are doing this are leaping over profound security issues that they are actually introducing into their systems.”
N.Y.U.’s system, called PatientSecure and marketed by HT Systems of Tampa, has already scanned more than 250,000 patients. In the United States, over five million patients have had the scans, said Charles Yanak, a spokesman for Fujitsu Frontech North America, a division of Fujitsu, the Japanese company that developed the vein palm identification technology.
Yet, unless patients at N.Y.U. seem uncomfortable with the process, medical registration staff members don’t inform them that they can opt out of photos and scans. Neither does N.Y.U. have formal consent, which raises red flags for privacy advocates. “If they are not informing patients it is optional,” said Joel Reidenberg, a professor at Fordham University Law School with an expertise in data privacy, “then effectively it is coerced consent.”
He noted that N.Y.U. medical center has had recent incidents in which computers or USB drives containing unencrypted patient data have been lost or stolen, suggesting that the center’s collection of biometric data might increase patients’ risk of identity theft.
At her request, N.Y.U. medical center did delete Singer’s palm print.
Here’s what to do if a hospital, doctor’s office, or some other institution wants to scan your palm, take your photo, or obtain some other biometric information from you:

  • Calmly ask if what they’re asking is mandatory (required) or optional.
  • If it’s optional, say “No.”
  • If mandatory, ask to see a written statement of that policy and where in law does it say the institution has the right to your information.

~Eowyn

Please follow and like us:
error0
 

Change your LinkedIn password, now!

LinkedIn is a professional social networking website.
Do you have a LinkedIn account? If you do, change your account password ASAP!
Some POS Russian hacker group hacked into LinkedIn and obtained–and may have already decrypted–at least 6.5 million LinkedIn passwords.

Matthew J. Schwartz reports for InformationWeek, June 6, 2012, that nearly 6.5 million LinkedIn password hashes–encrypted using SHA1, but not salted–had been posted to a Russian hacking forum on Monday, together with a request to help decrypt them.

Hackers have already reported breaking 163,267 of the passwords, reported Norwegian news outlet Dagen IT.
LinkedIn confirmed that it’s investigating the potential password breach. “Our team is currently looking into reports of stolen passwords. Stay tuned for more,” read a Wednesday tweet from LinkedIn News.
What should LinkedIn users do? Mikko Hypponen, chief research officer at F-Secure, has the following advice:
1. Change your LinkedIn password — now!
2. Then prepare for scam emails about Linkedin password changes, linking to phishing sites.
Read the rest of this Information Week article here.
~Eowyn
Please follow and like us:
error0
 

Gubbermint Stoopidity of the Worst Kind


This is unbelievable.
Then again, maybe not.
Via naplesnews.com (highlights are mine):
Jeff Lytle: It’s an emergency — but you can’t tell anyone?
Staff Reports
Sunday, November 6, 2011
This is a column that could write itself.
Yet there are so many different ways it could start.
I could say “If you are looking for a law that fights rather then furthers the public interest, this is it.”
Or “Suppose you’re having lunch at a restaurant and you have a heart attack.”
Or “Thank goodness public servants in medicine and politics are trying to right a wrong.”
Here’s the deal.
Former NCH Healthcare System CEO Ed Morton brought up something that I could not comprehend at an emergency health care forum the other day. He said Florida privacy laws are so convoluted that they can block a cardiac patient’s access to a potentially lifesaving automatic external defibrillator (AED) nearby.
Surely I misunderstood his comment about 911 dispatchers not being allowed to alert third parties such as an office or dining room with AEDs to an emergency in their midst.
Morton pointed me toward Florida Rep. Kathleen Passidomo, R-Naples, who confirmed what he said and walked me through a legal thicket that has vexed lawmakers for five or six years.
It goes like this: 911 operators can tell callers — usually not heart patients themselves — whether they can find an AED nearby, but the 911 operators are not allowed to call people and places with AEDs for fear of disclosing your medical information to a stranger.

Now, chances are you would want that information out there.
And, chances are the person making the 911 call about you would prefer to stay by your side rather than race off to grab the AED with the electrified chest paddles.
So, heart patients are left to wait for the ambulance to arrive. It’s OK for those people to know about your health because they, like law enforcement agencies, are official first-responders.
Passidomo says she learned of the problem from Kate Kerwin, fitness director at Quail Creek Country Club, who said “This is very disturbing.”
“We purchased six AED units over 10 years ago to respond to an emergency. If the emergency occurs in one of our buildings we are able to respond quickly because the staff has initiated the call to 911. If, however, the emergency happens on one of our golf courses, the member of the golf foursome has probably called into 911. The staff may not even be aware that an emergency exists. The response time of EMS is quick, but getting them out onto the golf course takes time and that is where the staff can get there faster — taking the AED to the victim with a golf cart.
“We are talking safety issues which don’t only relate to Collier County but to the entire state.
“What can you do help make this right?”
Mr. Emergency Medicine in the county, Dr. Robert Tober, says it’s all too true.
“As a result, for example, an emergency medical department cannot call the front guard office at a condominium and notify them of a cardiac arrest on the fifth floor,” he says, even if the condo has voluntarily registered with a statewide AED informational network. 
You will find the rest of the article here.
I guess the lesson to be learned here is, if you have a heart condition, you might just want to stay off golf courses in Florida.
Like I said – unbelievable.
-Dave
(h/t: boortz.com)

Please follow and like us:
error0
 

Big Brother on Facebook – Facial Recognition on all those photos of yourself

[youtube=https://www.youtube.com/watch?v=tAyzMEnnXho]
~LTG

Note:

This YouTube video has been removed. In its place, here are excerpts from “Why Facebook’s Facial Recognition is Creepy,” by Sarah Jacobsson Purewal, PCWorld, Jun 8, 2011:

Facebook is officially getting super-creepy. Facebook announced Tuesday that it will be implementing facial recognition technology for all users in the next few weeks, semi-automating the photo-tagging process.

Sure, you can “opt-out” of the service, but it’s a pretty weak consolation. After all, opting out won’t keep Facebook from gathering data and recognizing your face–it’ll just keep people from tagging you automatically.

The new facial recognition technology […] is basically Facebook’s way of creating a huge, photo-searchable database of its users. And yes, it’s terrifying.

[…] Facial recognition technology will ultimately culminate in the ability to search for people using just a picture. And that will be the end of privacy as we know it–imagine, a world in which someone can simply take a photo of you on the street, in a crowd, or with a telephoto lens, and discover everything about you on the internet.

~Eowyn

Please follow and like us:
error0
 

So Much for Doctor/Patient Confidentiality – 20,000 Patient Records

Patient Data Posted Online in Huge Breach of Privacy

By
Published: September 8, 2011

A medical privacy breach at Stanford University’s hospital in Palo Alto, Calif., led to the public posting of medical records for 20,000 emergency room patients, including names and diagnosis codes, on a commercial Web site for nearly a year, the hospital has confirmed….
….The spreadsheet contained names, diagnosis codes, account numbers, admission and discharge dates, and billing charges for patients seen at Stanford Hospital’s emergency room   Full Story
~LTG
 

Please follow and like us:
error0