![[logo] US EPA](http://www.epa.gov/epafiles/images/logo_epaseal.gif){kind=logo}
Privacy in the News
The views represented in these articles do not necessarily represent the views of the editor, the Privacy Act Program, or the U.S. Environmental Protection Agency. 
Eight indicted for $9 million hack
Computerworld - November 10, 2009
A grand jury in Atlanta has indicted eight people related to hacking into a computer network operated by credit-card processing vendor RBS WorldPlay and stealing $9 million."Hundreds of Facebook groups 'hijacked'
Computerworld - November 10, 2009
"An anonymous group calling itself 'Control Your Info' has taken over hundreds of Facebook groups to highlight what it claims is a major security weakness on the social networking site."Criminals stay ahead of data breach laws, experts warn
Government Computer News - November 6, 2009
"The Senate Judiciary Committee on Thursday approved two personal data security bills that would establish federal standards for protecting data and reporting its loss. But security experts say that threats to personal data are evolving faster than our responses to them."NARA admits violating internal policy on personal info
Federal Computer Week - November 6, 2009
"The National Archives and Records Administration violated its information security policies by returning failed hard drives from systems containing personally identifiable information of current government employees and military veterans back to vendors."Bank IT Worker Charged in $1.1 Million Fraud
Information Week - November 2, 2009
"A computer technician has been indicted for stealing the identities of 150 Bank of New York employees, as well as for grand larceny and money laundering."Probe of Homeland Security privacy office sought
Washington Post - October 27, 2009
"In a letter sent Friday to the House Homeland Security Committee, 21 organizations and seven people belonging to the Privacy Coalition say the department's chief privacy officer has seen its role as enabling, rather than curbing, government surveillance and intelligence programs."Stolen fingers: The case against biometric identity theft protection
ComputerWorld - October 27, 2009
"If a credit card number can be stolen, then the sequence of numbers that make up a fingerprint can be stolen just as easily...[I]n the years to come, news reports about fingerprint, palm print and retinal eye scan thefts will be just as common as credit card number thefts are today."Online Data Present A Privacy Minefield
NPR - October 26, 2009
"NextMark CEO Joe Pych says this information comes from us...Even medical data. Federal law prohibits doctors and hospitals from selling health records, but if people voluntarily answer questions on an online health survey, that information is fair game."Trust the Cloud? Americans Say No Way
PC World - October 24, 2009
"Misuse of personal information has 65% of respondents very or extremely concerned, the survey says, followed closely by fear of someone stealing credit card information (cited by 64%). That's on a par with respondents' concerns about national security and fighting terrorism, which also found 64% very or extremely concerned."DHS information-sharing initiative stalls due to privacy concerns
NextGov - October 23, 2009
"To start the flow of funding, the Homeland Security secretary must certify that the project -- designed to give intelligence and law enforcement agencies access to DHS immigration information -- complies with applicable laws, including privacy and civil liberties standards."E-Health Records Put Patient Privacy At Risk
InformationWeek - October 20, 2009
"Healthcare providers aren't adequately protecting patient privacy in implementing e-health records, according to a recent survey of healthcare IT managers. Some 80% of healthcare organizations have experienced at least one incident of lost or stolen health information in the past year."'La difference' is stark in EU, U.S. privacy laws
MSNBC - October 19, 2009
"The reason that privacy laws in Europe and the U.S. are so different springs from a basic divergence in attitude: Europeans reserve their deepest distrust for corporations, while Americans are far more concerned about their government invading their privacy."When 2+2 Equals a Privacy Question
New York Times - October 17, 2009
"While Netflix and some health care concerns say they have been able to offer study data to researchers stripped of specific personal details like your name, phone number and e-mail address, in some cases researchers may be able to re-identify you by correlating anonymous information with the digital trail that you've left on blogs, chat rooms and Twitter."Feds nix welfare data use in hiring
Chicago Tribune - October 14, 2009
"The data-sharing proposal...raises questions about the privacy of the personal financial information and other data that qualifies 1.2 million Indiana adults and children for food stamps, Medicaid and other welfare benefits."The Fallacy of Identity Theft
Wall Street Journal - October 13, 2009
"The real victims of fraud problem are retailers who have to absorb the 'vast majority' of the losses and fees associated with fraud, according to forthcoming data from LexisNexis Risk Solutions, which provides technology for retailers."6 Ways We Gave Up Our Privacy
CSO Security and Risk - October 12, 2009
"Privacy has long been seen as a basic, sacred right. But in the Web 2.0 world, where the average user is addicted to Google apps, GPS devices, their BlackBerry or iPhone, and such social networking sites as Facebook and Twitter, that right is slowly and willingly being chipped away. In fact, some security experts believe it's gone already."FBI delves into DMV photos in search for fugitives
ABC News - October 12, 2009
"In its search for fugitives, the FBI has begun using facial-recognition technology on millions of motorists, comparing driver's license photos with pictures of convicts in a high-tech analysis of chin widths and nose sizes."Lack of eHealth standards, privacy concerns costing lives
ComputerWorld - October 2, 2009
"Hundreds of billions of gigabytes of health information are being collected in EMRs, and three-quarters (76%) of more than 700 health-care executives recently surveyed by PricewaterhouseCoopers LLP agree that mining that information will be their organization's greatest asset over the next five years..."Probe Targets Archives' Handling of Data on 70 Million Vets
Wired - October 1, 2009
"The inspector general of the National Archives and Records Administration is investigating a potential data breach affecting tens of millions of records about U.S. military veterans...The issue involves a defective hard drive the agency sent back to its vendor for repair and recycling without first destroying the data."Shocker: Informed Consumers Want Privacy, Not Tailored Ads
DSL Reports - September 30, 2009
"[A] new study from the Universities of Pennsylvania and California, Berkeley finds that once consumers are educated on the width and depth of today's online privacy practices, they overwhelmingly oppose this kind of tracking."Panel to vote on data privacy measure
NextGov - September 29, 2009
"The House Energy and Commerce Committee is slated to vote Wednesday on legislation that would require strong security policies from firms that collect and store individuals' sensitive information and provide for nationwide notification in the event of a data breach."Senators seek end to telecom's immunity for spying program
ComputerWorld - September 29, 2009
"The new legislation, supported by Sens. Christopher Dodd of Connecticut, Patrick Leahy of Vermont, Russ Feingold of Wisconsin and Jeff Merkley of Oregon, would repeal telecom immunity provisions in the Foreign Intelligence Surveillance Act (FISA) Amendments Act, passed by Congress in July 2008."Cloud Computing Gains Momentum but Security and Privacy Issues Persist
Government Technology - September 25, 2009
"In all arrangements, the clients' data wind up in someone else's hands somewhere along the way. For government, citizens' data is sacred, as is data involving internal business processes. Even when a third-party provider is reputable, it's understandable to experience a tinge of anxiety."Corporations can claim personal privacy interest
Reporters Committee for Freedom of the Press - September 25, 2009
"At issue was FOIA's Exemption 7(C), the law enforcement exemption, which prevents the release of records compiled for law enforcement purposes that could be considered an unwarranted invasion of personal privacy."Newly Declassified Files Detail Massive FBI Data-Mining Project
Wired - September 23, 2009
"A fast-growing FBI data-mining system billed as a tool for hunting terrorists is being used in hacker and domestic criminal investigations, and now contains tens of thousands of records from private corporate databases, including car-rental companies, large hotel chains and at least one national department store..."White House Defends Archiving Comments from Facebook, MySpace, YouTube, Twitter Sites
CNSNews - September 22, 2009
"The Obama administration said that archiving citizen postings on White House social networking sites, such as Facebook and MySpace, is just a matter of following the law and dismissed any assertions that there might be something "sinister" about collecting such information."Federal panel okays EHR security, privacy standards
Government Health IT - September 15, 2009
"The Health IT Standards Committee today endorsed a set of security and privacy standards for electronic health record systems that it said would get progressively tougher without holding back wider health information sharing."Is personal eMail subject to open-records law?
eSchool News - September 14, 2009
"The court has agreed to hear a case that will determine whether the public's right to know what its government is doing extends to reading personal eMails of teachers sent while at work--and legal experts say the employees in question, and all public school employees in general, might not have a reasonable expectation of privacy."Does DNA database unfairly brand the innocent?
San Francisco Chronicle - September 13, 2009
"[A]bout 800,000 innocent people are on the database, raising fears of 'discrimination, breach of genetic privacy, stigmatization - there's a whole host of issues here.'"Identity theft 101: what is insurance fraud?
Washington Examiner - September 8, 2009
"Identity theft involving insurance fraud occurs when an identity thief obtains insurance by using personally identifiable information belonging to an identity theft victim."Records management and privacy: Conflict or convergence?
SC Magazine - September 8, 2009
"What does privacy have to do with records management? A lot. On the surface, though records management and privacy appear to diverge, in reality they are both concerned with the proper and compliant management of information (and records)."Congress weighs landmark change in Web ad privacy
ABC News - September 7, 2009
"While Congress has waded into Internet privacy issues before, this measure could break new ground, as the first major attempt to regulate a nascent but fast-growing industry that represents the future of advertising."Obama yields on most White House visitor logs
MSNBC - September 4, 2009
"The White House called the release of information "voluntary," continuing to argue the Bush administration's position that full disclosure is not required by the Freedom of Information Act."AHIMA Slams Privacy Rules
ARMA Washington Policy Brief - September 2009
"New privacy protection laws included in the American Recovery and Reinvestment Act of 2009 (ARRA) make even a brief unauthorized look at medical records a federal offense that can mean large monetary fines both for individuals and healthcare facilities, argues the American Health Information Management Association (AHIMA)."Privacy Advocates Push for New Legislation
New York Times - September 1, 2009
"Privacy advocates, with their best chance in years to get new legislation limiting Internet targeting passed in Washington, are skipping their summer vacation this year."Technology ownership, data privacy control critical aspects of EMR adoption
Orthopedics Today - September 1, 2009
"While many hospitals and physicians are now exploring the features and functionality of electronic medical record (EMR) systems more intently, those versed in the pros and cons of EMR adoption recommend that those looking into these systems consider the equally important issues of privacy, ownership and control of EMR data."Identity theft 101: what is impersonation or character id theft?
Washington Examiner - August 31, 2009
"Impersonation or character id theft occurs when a criminal poses as another person to aid, abet or commit a crime or to elude law enforcement. Victims of this type of identity theft may be arrested or left with a criminal record or arrest warrant resulting from criminal actions of an identity thief."Privacy Office approves laptop searches without suspicion at U.S. borders
ComputerWorld - August 31, 2009
"Travelers arriving at U.S. borders may soon be confronted with their laptops, PDAs, and other digital devices being searched, copied and even held by customs agents -- all without need to show suspicion for cause."Identity theft 101: what is government benefits fraud?
Washington Examiner - August 27, 2009
"A Social Security Number (SSN), Social Security Card or Medicare Card is required to apply for government benefits. Consequently,this type of identity fraud is related to Government Identification Fraud, which includes the use of a victim's SSN and the forgery of related identification cards."Business Leaders Must Take Control of the Privacy Discussion
Advertising Age - August 19, 2009
"The digital environment not only collects more and more private data, but it also offers marketing many tools for evaluation and promotion online and offline. But it raises concerns whether privacy needs more protection."Amid Privacy Concerns, White House Shuts Down Health-Care Tip Line
Washington Post - August 18, 2009
"Following complaints from Republicans, the White House has shut down a two-week-old e-mail tip line launched to take reports from citizens of 'disinformation about health insurance reform.'"DOJ indicts 3 in largest identity theft prosecution in US history
Jurist - August 18, 2009
"Albert Gonzales and two unidentified Russian hackers are accused of stealing more than 130 million credit and debit card numbers by hacking into computer systems of companies including credit card payment processor Heartland Payment Systems, convenience store chain 7-Eleven, and supermarket chain Hannaford Brothers."Obama's cookies may not go down so easy
San Francisco Chronicle - August 14, 2009
"The OMB wants to use ... multisession cookies 'for use as persistent identifiers, which track users over multiple visits with the intent of remembering data, settings, or preferences unique to that visitor for purposes beyond what is needed for web analytics.'"Automated System Backfires On Social Security Administration
InformationWeek - August 12, 2009
"The government is permitted by law to withhold benefits to fugitive felons, but the Social Security Administration had put into place an automated system that withheld payments and suspended benefits of anyone whose name matched those in a number of databases of outstanding warrants."Did Arlington National Cemetery break the law?
Salon.Com - August 11, 2009
"Arlington National Cemetery this summer mailed to a Florida contractor two computer servers containing the personal data -- including Social Security numbers -- of thousands of deceased soldiers."U.S. Web-Tracking Plan Stirs Privacy Fears
Washington Post - August 11, 2009
"Some privacy groups say the proposal amounts to a 'massive' and unexplained shift in government policy. In a statement Monday, American Civil Liberties Union spokesman Michael Macleod-Ball said the move could 'allow the mass collection of personal information of every user of a federal government website.'"Identity theft 101: what is employment fraud?
Washington Examiner - August 10, 2009
"Employment fraud involving identity theft occurs when a person, an identity thief, obtains employment by using a stolen or synthesized (made up) social security number (SSN)."You Deleted Your Cookies? Think Again
Wired - August 10, 2009
"More than half of the internet's top websites use a little known capability of Adobe's Flash plug-in to track users and store information about them, but only four of them mention the so-called Flash Cookies in their privacy policies, UC Berkeley researchers reported Monday."And You Thought a Prescription Was Private
New York Times - August 8, 2009
"Like many other people, Ms. Krinsk thought that her prescription information was private. But in fact, prescriptions ...are a commodity bought and sold in a murky marketplace, often without the patients' knowledge or permission."Identity theft 101: what is non-financial identity fraud?
Washington Examiner - August 6, 2009
"Non-financial identity fraud is distinguished from financial identity fraud because the identity theft crime does not involve obtaining money or credit from an existing or new financial account."Identity theft 101: What is medical ID theft?
Washington Examiner - August 3, 2009
"Medical identity theft occurs when an identity thief uses the personal identifiers such as a social security number of a victim to obtain medical care, services, products, insurance benefits or insurance."Marketing Groups Release Comprehensive Privacy Principles
ARMA Washington Policy Brief - August 2009
"A group of the nation's largest media and marketing trade associations released self-regulatory principles to protect consumer privacy in ad-supported interactive media that requires advertisers and websites to clearly inform consumers about data collection practices and enable them to exercise control over that information."CDT Wants US Gov't to Detail Computer Monitoring Program
PC World - July 28, 2009
"U.S. President Barack Obama's administration needs to answer several questions about the privacy implications of a new version of a computer intrusion detection system that can reportedly read e-mail, a privacy and civil rights advocacy group said."Use of tracking cookies on government sites sparks privacy concern
ComputerWorld - July 28, 2009
"If the plan is adopted, it would mark a departure from a policy first put in place in 2000 and updated in 2003 that prohibits government sites from using persistent cookies "or any other means" such as Web beacons to track visitor activity, unless agency heads authorize thier use."Panel wants privacy protection for electronic medical records
Federal Computer Week - July 24, 2009
"A federal advisory panel on patient privacy wants encryption, strong access controls and audits to protecting patients' medical records under the program advanced by the economic stimulus law, according to the co-chair of the group."-
Identity theft 101: what is new account fraud?
Washington Examiner - July 23, 2009
"New account fraud occurs when an identity thief commits identity theft by opening new financial accounts by using the name and social security number of the victim." This Article Will Self-destruct: Tool To Make Online Personal Data Vanish
Science Daily - July 22, 2009
"The University of Washington has developed a way to make such information expire. After a set time period, electronic communications such as e-mail, Facebook posts and chat messages would automatically self-destruct, becoming irretrievable from all Web sites, inboxes, outboxes, backup sites and home computers."Amazon Fail 2.0: Bookseller's Big Brother removes Orwell's Big Brother from Kindles everywhere
OUPBlog - July 21, 2009
"In a move worthy of George Orwell's Big Brother, Amazon.com sent its thought police into Kindles everywhere to erase copies of "1984" and "Animal Farm."Identity theft 101: what is existing account fraud?
Washington Examiner - July 21, 2009
"The most recognized type of identity theft is "existing account" fraud. This type of identity fraud occurs when an identity thief misuses an existing credit, debit, bank, credit union, trading, retirement or other account of a victim."Study finds widespread privacy failings in online social networks
PhysOrg - July 21, 2009
"Some 90% of sites, for example, needlessly required a full name or date of birth for permission to join. 80% failed to use standard encryption protocols to protect sensitive user data from hackers. And 71% reserved the right to share user data with third parties in their privacy policies."Identity theft 101: what is an identity thief?
Washington Examiner - July 19, 2009
"An identity thief is a person who steals, trades or uses the personally identifiable information (PII) or business identifiable information (BII) of victims to commit identity theft. BII such as a business name and employer identification number can also be misused to commit identity fraud similar to how PII is used."Identity theft 101: what is ID theft?
Washington Examiner - July 18, 2009
"Identity theft occurs when a person, an identity thief, uses the identity of another person for his or her own benefit. Benefits may be financial or non-financial. Identity theft is often confused with credit card fraud and bank account fraud, although these types of fraud can meet the statutory definition of identity theft."Biometric card idea stirs questions, doubts
NextGov - July 13, 2009
"Requiring all U.S. employers to verify the identity and immigration status of their workers using biometrics - such as fingerprints or iris scans -- is technically feasible but raises logistical challenges and privacy concerns, according to industry officials, immigration experts and civil liberties advocates."Privacy rather than banking secrecy at stake in Miami
Financial Times - July 13, 2009
"Judge Alan Gold must certainly be enjoying his moment in the sun in Miami. After all, the federal judge is presiding over the landmark civil case launched by the US Internal Revenue Service to force UBS to reveal the names of some 52,000 unidentified US taxpayers it suspects of holding undeclared offshore accounts with the big Swiss bank."State Privacy Rules Reduce Electronic Medical Sharing By 24 Percent, Warns Management Insights
Science Daily - July 13, 2009
"States that have passed privacy laws restricting the ability of hospitals to disclose patient information have seen the sharing of electronic medical records suffer by more than 24%, according to the Management Insights feature in the July issue of Management Science."Chips in official IDs raise privacy fears
San Jose Mercury News - July 11, 2009
"Embedding identity documents — passports, drivers licenses, and the like — with RFID chips is a no-brainer to government officials. Increasingly, they are promoting it as a 21st century application of technology that will help speed border crossings, safeguard credentials against counterfeiters, and keep terrorists from sneaking into the country."Social Security numbers fall out of favor as personal identifiers
NextGov - July 7, 2009
"Government and industry should stop using Social Security numbers as a primary method for verifying identity, according to the author of a recent study that showed how easily thieves can use a combination of personal information and computer software programs to figure out the nine digits."FTC Rule on Identity Theft Draws Strong Criticism From Bar Groups
LAW.COM - July 1, 2009
"The New York State Bar Association Monday became the latest bar group to protest new Federal Trade Commission rules requiring lawyers to become involved in preventing identity theft, calling the move unauthorized, unnecessary and destructive to the attorney-client relationship."High court won't touch privacy law
Nashua (NH) Telegraph - June 30, 2009
"New Hampshire survived the strongest legal test to a law making doctors' prescription-writing habits confidential. The U.S. Supreme Court on Monday announced it refused to hear the appeal of two data-mining companies that analyze and sell prescription dispensing information."New Privacy Law Getting Closer
PC World - June 30, 2009
"Comprehensive legislation to protect consumers' privacy is closer to becoming a reality in the U.S. Congress than it's been in several years, officials with the Center for Democracy and Technology said Tuesday."Homeland Security to kill domestic satellite spying program
CBS News - June 23, 2009
"Homeland Security Secretary Janet Napolitano plans to kill a program begun by the Bush administration that would use U.S. spy satellites for domestic security and law enforcement, a government official said Monday."Congress Mulls Online Privacy Law
Forbes - June 18, 2009
"Online giants like Google and Yahoo! like to brag that they allow privacy-conscious users to easily opt out with just a single mouse click from the data collection systems used to target ads at them. But how many people actually take advantage of the option?"Court Stiffs Veterans Caught in Privacy Breach
Wired - June 18, 2009
"Veterans suffering anxiety and paranoia following the theft of a government hard drive containing the medical histories and Social Security numbers of 198,000 of their brethren cannot recover financial damages, a federal appeals court says."FTC Testifies on Efforts to Combat Identity Theft
7th Space - June 18, 2009
"The FTC's testimony recommended that, to help prevent identity theft, Congress should establish data security standards across the private sector requiring all organizations that hold sensitive consumer data to take reasonable measures to safeguard it, and to notify consumers when the security of their information has been breached."Sensitive information protection remains tough
Federal Computer Week - June 15, 2009
"The government's ability to share sensitive but unclassified information data securely has become central to coordinating counterterrorism efforts, in part because many local officials don't have the security clearances needed to make use of classified information."U.S. Court Weighs E-mail Privacy, Again
Information Week - June 12, 2009
"In a replay of a court decision from two years ago, civil liberties groups are again trying to persuade the U.S. Court of Appeals for the Sixth Circuit that e-mail messages deserve the same privacy protection as telephone calls."Electronic Health Records and Privacy Law
LAW.COM - June 9, 2009
"Health information of a particularly sensitive nature, such as records concerning an individual's treatment for mental illness, drug addiction or alcohol abuse, creates uniquely complicated legal and practical problems with respect to interoperable EHR technology."Information Security: Employee Errors Put Data at Risk
Government Technology - June 8, 2009
"If you work in IT, recent goings-on in the security realm could be enough to make you throw your arms up in despair and kiss the safety of your data goodbye. Reports make it seem downright hopeless."Hidden Camera Case Turns on Expectation of Privacy in Workplace
LAW.COM - June 5, 2009
"Does the mere attempt to videotape an individual qualify as an invasion of privacy or must there be an actual intrusion -- such as the taping of an innocent person changing clothes -- for liability to come into play?"Deep Packet Inspection Here to Stay, Say Computers, Freedom and Privacy Conference Experts
BroadbandCensus.COM - June 4, 2009
"The problems with so-called "deep packet inspection" are too big to ignore, a panel of broadband experts said on the third and final day of the Computers, Freedom and Privacy conference at George Washington University here."Privacy: does it actually exist?
Gerson Lehrman Group - June 4, 2009
"Being part of a global network, interconnected with each other, that not only provides us with Internet but also with Telephony and other services inevitably causes the risk of information leakage. Privacy related information in particular is very prone to leakage."The Obama Administration's Silence on Privacy
New York Times - June 2, 2009
"Peter Swire, an Ohio State law professor who served on the Obama transition team, offered one reason it might be difficult for the administration to find its voice on privacy. There is a split...between the typical view of privacy among technology experts and the emerging view of people brought up in the social networking, Web 2.0 world."