|
|
Spyware and Privacy News
Archive
January - December 2003
Welcome to our Spyware and Privacy News Archives section. Here
you will find links to additional information and up to date news
and editorial articles about regarding-line privacy. This section
is a supplement to our other sections which have lots of great
information about privacy, legal rights, and unethical advertising
practices. We hope that you will enjoy checking out the remainder
of our site to find out how more information about scammers and
advertisers are collecting data on consumers and stealing web
traffic and how web site owners can protect themselves. Since
many legal cases take months or years to complete the stories
are picked up and continued in other months as the case develops
and progresses.
(Update: Newsbytes.com has been taken over by the Washington
Post Company. The links to articles that were in the Newsbytes
archives are no longer active. Many of the articles are still
available on line through other news sources. Please feel free
to search google for additional links to articles originally appearing
on Newsbytes.
November 2003
Spyware Targeted at Congressional Hearing
By John P. Mello Jr.
TechNewsWorld
November 20, 2003
A bill to take the "spy" out of spyware got a public
hearing before a Congressional subcommittee Wednesday.
"You're starting to see some very sophisticated capabilities
built into these things," Ken Sokol, senior product manager
at Clearswift, told TechNewsWorld. "Some spyware will sit
there and monitor what you're doing at your computer or steal
sensitive information about you or your customers."
Until now, spyware has been seen as primarily a consumer problem,
but Clearswift issued a white paper on the eve of the Congressional
hearing suggesting the malware will create serious trouble for
businesses, too.
"[Programs that] have been marketed and sold as corporate
security devices and parental control software for kids are
finding their way into the hands of hackers and criminals [who
aim to] remotely [take] control of a victim's PC to facilitate
industrial espionage," Clearswift Threatlab manager Pete
Simpson said in a statement.
http://www.technewsworld.com/perl/story/32206.html
Please contact your representative
to support this new legislation
Senate OKs more weapons vs. ID theft
By JESSE J. HOLLAND
ASSOCIATED PRESS WRITER
Wednesday, November 5, 2003 · Last updated 2:54 p.m.
PT
WASHINGTON -- Consumers moved a step closer to new identity
theft protections, including e-mailed annual credit reports
and blacked-out credit card numbers on receipts, under legislation
approved Wednesday by the Senate.
But opponents still can derail a bill that also pre-empts tougher
state privacy laws that prevent businesses from sharing their
customers' financial information with other companies.
http://seattlepi.nwsource.com/national/
The Web: Privacy fears hamper e-commerce
CHICAGO, Nov. 5, (UPI)
Consumer concerns over information privacy are stalling the
growth of e-commerce and, if not addressed properly by companies
and regulators, could continue to stifle that sector for years
to come. A chilling new technological phenomenon called "financial
profiling" is emerging, and threatening the privacy of
all Americans, said Larson, whose company is located in Dublin,
Calif. Such conduct could include a credit card company tracking
the books you bought online at Amazon.com, or the locations
of the places where you have traveled on business or on holiday,
he said. Larson said he wants to give consumers the right to
"opt out" of financial list-sharing agreements between
companies that are giving big businesses the ability, with powerful
databases, to track every consumer purchase, and create a financial
profile of that individual.
http://www.washtimes.com/upi-breaking/20031105-013530-5926r.htm
October 2003
Victoria's Secret to pay up for poor panty privacy
Wednesday 22nd October 2003
From The RegisterBy: Ashlee Vance
New York Attorney General Eliot Sptizer has sorted through Victoria
Secret's dirty undies and is set to doll out a $50,000 fine
to the company for online privacy violations.
http://www.it-analysis.com/article.php?articleid=11354
Senators Want JetBlue Probe
By Ryan Singel
02:00 AM Oct. 18, 2003 PT
Three powerful U.S. senators are pressuring the Pentagon to
reveal more about its role in the JetBlue privacy scandal, pointedly
asking whether a key privacy law was violated when a defense
contractor acquired 4.9 million passenger itineraries from the
upstart airline for a security study without giving notice to
the passengers.
http://www.wired.com/news/privacy/0,1848,60885,00.html
They're watching you
Oct 16th 2003
From The Economist print edition
The internet is eroding privacy. It also allows unprecedented
price discrimination. Are the two related?
“ON THE internet, nobody knows you're a dog,” ran
the caption of a cartoon in the New Yorker in 1993, showing
one grinning pooch at the keyboard and another looking on. In
fact, plenty of people know not only that you're a dog, but
lots of other things about you, including your favourite brand
of dogfood. The internet and associated technologies have had
a devastating impact on privacy. The effect, argues Andrew Odlyzko
of the University of Minnesota in a new paper*, will be to usher
in an unprecedented level of price discrimination.
http://www.economist.com/finance/displayStory.cfm?story_id=2137947
Spam Masquerades as Admin Alerts
By Brian McWilliams
11:19 AM Oct. 15, 2002 PT
A new breed of pop-up ads is appearing mysteriously on Microsoft
Windows users' computers. The so-called "Messenger spams"
have security experts and system administrators scratching their
heads -- and recipients fuming.
Some of the ads, which hit Windows systems through backdoor
networking ports and not by e-mail or Web browsing, appear to
have been generated by Direct Advertiser, a $700 software program
developed by Florida-based DirectAdvertiser.com.
http://www.wired.com/news/technology/0,1282,55795,00.html
Court to Hear Case on Web Porn
By Charles Lane
Source: Washington Post
Date: October 15, 2003
Law to Protect Children Is Stalled by First Amendment Issues
The Supreme Court announced yesterday that it will decide whether
a 1998 law designed to shield children from Internet pornography
violates the First Amendment, propelling a six-year-old legal
battle over free speech in cyberspace into what might be a conclusive
phase.
The Child Online Protection Act (COPA), passed by Congress and
signed by President Bill Clinton, makes it a crime for a commercial
Web site to put material that is "harmful to minors"
where children younger than 17 can gain access to it, unless
the site has made a good faith effort to screen out all but
adult users.
COPA has never taken effect, however, because
opponents led by the American Civil Liberties Union (ACLU) challenged
it in court, winning judicial orders that blocked its enforcement
on the ground that it would force Web publishers to give up
some of their constitutional rights to communicate adult material
to adults.
http://www.crime-research.org/eng/news/2003/10/Mess1501.html
Cloaking Device Made for Spammers
By Brian McWilliams
02:00 AM Oct. 09, 2003 PT
Call them spackers -- they're the new breed of computer crackers
who earn a living in cahoots with spammers.
The latest innovations developed by such mercenary hackers on
behalf of the junk e-mail profession are techniques that enable
spammers -- or scam artists for that matter -- to create websites
that are essentially untraceable.
http://www.wired.com/news/privacy/0,1848,60747,00.html
September 2003
Fliers File Suit Against JetBlue
Associated Press Page 1 of 1
09:50 AM Sep. 23, 2003 PT
A group of passengers has sued JetBlue Airways for passing their
personal information to a Defense Department contractor.
The suit, filed Monday, follows JetBlue's acknowledgment last
week that, in violation of its own privacy policy, it had given
information from about 5 million passenger records to Torch
Concepts of Huntsville, Ala.
http://www.wired.com/news/privacy/0,1848,60551,00.html
Army Admits Using JetBlue Data
By Ryan Singel and Noah Shachtman | Also by this reporter Page
1 of 1
02:00 AM Sep. 23, 2003 PT
Millions of JetBlue passenger records were used in a military
effort whose methods closely resemble those employed in the
notorious Terrorism Information Awareness überdatabase
program, the Army confirmed Monday.
Last week, defense contractor Torch Concepts came under heavy
scrutiny after Wired News revealed that the company had crunched
fliers' private data without their knowledge.
http://www.wired.com/news/privacy/0,1848,60540,00.html
Blackmailed by Pop-Up Advertising
By Brian McWilliams
02:00 AM Sep. 22, 2003 PT
Windows computer users are fuming over a new breed of pop-up
ads with a dubious sales pitch: Buy our software, and protect
yourself from pop-ups like this one!
The gray pop-ups, known as Messenger spams, are sent using special
software that taps into a Windows feature designed to enable
administrators to send messages to users on a network. Not to
be confused with the MSN Messenger chat program, the Messenger
service is enabled by default on Windows 2000, NT and XP systems,
and can be exploited to blast out tens of thousands of pop-up
ads per hour.
http://www.wired.com/news/privacy/0,1848,60509,00.html
JetBlue 'Fesses Up, Quietly
By Ryan Singel
02:00 AM Sep. 19, 2003 PT
JetBlue Airways began sending out apologetic e-mails Thursday
to customers who are infuriated that the airline gave 5 million
passenger records to a defense contractor investigating national
security issues.
The form letter, provided by JetBlue to Wired News, confirmed
a Wired News story that JetBlue turned over the names, addresses
and phone numbers of its customers in September 2002 in response
to an "exceptional request from the Department of Defense
to assist their contractor, Torch Concepts, with a project regarding
military base security."
http://www.wired.com/news/politics/0,1283,60502,00.html
JetBlue Shared Passenger Data
By Ryan Singel
02:00 AM Sep. 18, 2003 PT
JetBlue Airways confirmed on Thursday that in September 2002,
it provided 5 million passenger itineraries to a defense contractor
for proof-of-concept testing of a Pentagon project unrelated
to airline security -- with help from the Transportation Security
Administration.
http://www.wired.com/news/privacy/0,1848,60489,00.html
Junk-Fax Firm Disguising Rebirth
By Ryan Singel
02:00 AM Sep. 15, 2003 PT
Under pressure from federal regulators, million-dollar lawsuits
and actions by the California's attorney general, Fax.com may
soon be closing its doors. But the junk-fax company plans to
continue operations under a different corporate name, in an
apparent attempt to escape its legal troubles and obscure its
past.
http://www.wired.com/news/privacy/0,1848,60406,00.html
August 2003
Acquitted Man Says Virus Put Pornography on Computer
By JOHN SCHWARTZ, New York Times
August 11, 2003
One evening late in 2001, Julian Green's 7-year-old daughter
came upstairs from the computer room of their home in the resort
town of Torquay, in western England, and said, "The home
page has changed, and it's something not very nice." When
Mr. Green checked the machine, he found that the family PC seemed
almost possessed. The Internet home page had somehow been switched
so that the computer displayed a child pornography site when
the browser software started up. Even if he turned the machine
off, it would turn itself back on and dial the Internet on its
own. But Mr. Green's problems were only beginning. Last October,
local police knocked on his door, searched his home and seized
his computer. They found no sign of pornography in his home
but discovered 172 images of child pornography on the computer's
hard drive. They arrested Mr. Green.
http://www.tuscaloosanews.com/apps/pbcs.dll/article?
Swollen Orders Show Spam's Allure
By Brian McWilliams | Also by this reporter Page 1 of 2 next
»
02:00 AM Aug. 06, 2003 PT
MANCHESTER, New Hampshire -- A security flaw at a website operated
by the purveyors of penis-enlargement pills has provided the
world with a depressing answer to the question: Who in their
right mind would buy something from a spammer?
An order log left exposed at one of Amazing Internet Products'
websites revealed that, over a four-week period, some 6,000
people responded to e-mail ads and placed orders for the company's
Pinacle herbal supplement. Most customers ordered two bottles
of the pills at a price of $50 per bottle.
http://www.wired.com/news/privacy/0,1848,59907,00.html
July 2003
Bono Introduces Spyware Legislation
July 30, 2003
By Roy Mark
U.S. Rep. Mary Bono (R.-Calif.) has introduced legislation requiring
companies using "spyware" to inform computer users
of their intent to install the invasive software and to obtain
permission before loading it onto a computer. Spyware allows
companies and individuals to monitor Internet activities and
sometimes makes it possible to gather personally identifiable
information.
Bono said H.R. 2929, the Safeguard Against Privacy Invasions
Act (SPI), makes users aware of the technology before they install
it on their computers. "The SPI Act helps consumers make
more informed decisions about the types of tracking devices
they are loading onto their PCs," Bono said. The bill is
co-sponsored by Representative Edolphus Towns (D-10-NY), who
said this legislation has important implications for the privacy
of Internet users.
http://dc.internet.com/news/article.php/2242311
Please contact your representative
to support this new legislation
http://www.marybono.com/Feedback/Feedback.cfm :: Mary Bono
http://www.cnn.com/ALLPOLITICS/CA/bios/H/413.html
:: Edolphus Towns
P2P companies may face new scrutiny
Last modified: July 25, 2003, 3:44 PM PDT
By Lisa M. Bowman
Staff Writer, CNET News.com
A bill introduced Thursday in Congress would require file-swapping
companies to get parental permission before allowing minors
to use their services.
The bill, called the Protecting Children from Peer-to-Peer Pornography
(P4) Act and sponsored by Reps. Joe Pitts, R-Pa., and Chris
John, D-La., would require the Federal Trade Commission to regulate
peer-to-peer networks and take steps to ensure that children
aren't accidentally coming across porn.
The bill's sponsors said as many as 40 percent of all files
traded on the networks are porn.
"Our legislation gives parents the tools they need to protect
their children from pornography and threats to privacy posed
by peer-to-peer file-trading networks," Pitts said in a
statement. "By working together to protect children, we
are building a broad and bipartisan coalition."
http://news.com.com/2100-1025-5055426.html?tag=nl
Cnet
July 1, 2003
Court says Gator-style ads are legal
A federal court has ruled that pop-up ads for rivals of U-Haul
International, placed atop the moving company's own site by
a third-party software application, are legal.
The summary decision, handed down last week, was a blow to U-Haul
in its lawsuit to bar software maker WhenU.com from delivering
competitors' ads to visitors to U-Haul's site. The judge granted
WhenU's motion to dismiss charges of trademark infringement,
unfair competition and copyright infringement.
A full opinion from the Eastern District Court of Virginia is
expected in coming weeks, along with decisions related to other
claims such as a violation of the Virginia Business Conspiracy
Act, according to the order, filed last Tuesday.
Both WhenU and Gator have argued that their ad-sales and delivery
tactics are legal because consumers agree to receive the ads
when they download and install their software. Also, they've
argued, it comes down to consumers owning their own desktops,
which are inherently built to support many applications with
multiple windows.
news.com.com/2100-1024_3-1022791.html
June 2003
Whose Data Is That, Anyway?
02:00 AM Jun. 19, 2003 PT
Despite regulators' efforts to seek common ground, consumer
advocates and businesses appear to be sharply divided on where
policy makers should set limits on collecting personal information.
That split was evident at a Wednesday hearing, organized by
the U.S. Federal Trade Commission, which focused on the costs
and benefits of collecting consumer data for everything from
credit bureau reports to supermarket saver cards to online transactions.
The FTC said it plans to use input from the meeting and a public
comment period to shape policy and enforcement priorities for
cases involving questionable data collection practices.
http://www.wired.com/news/business/0,1367,59301,00.html
Calif. Law Fights Identity Theft
06:09 PM Jun. 23, 2003 PT
SAN FRANCISCO -- A new California law will require companies
for the first time to notify their customers if their computerized
personal information, including credit card details, has been
stolen.
The law, the first of its kind in the United States, will go
into effect next Tuesday and is aimed at preventing identity
theft, which experts say is on the rise.
http://www.wired.com/news/privacy/0,1848,59376,00.html
May 2003
U.S. Charges 135 With Net Crimes
Reuters Page 1 of 1
12:50 PM May. 16, 2003 PT
WASHINGTON -- Attorney General John Ashcroft said Friday 135
people have been charged and more than $17 million seized in
a crackdown on investment swindles, identity theft and other
forms of Internet fraud and abuse.
U.S. law-enforcement officers arrested 50 suspects this week
in an effort to combat the fast-growing online crime that now
accounts for more than half of all fraud complaints, Ashcroft
said.
http://www.wired.com/news/technology/0,1282,58875,00.html
Privacy Backers Size Up New Chief
By Michelle Delio
02:00 AM May. 05, 2003 PT
An excellent choice or a "devilishly clever" diversionary
tactic? The jury is still out over the appointment last week
of Nuala O'Connor Kelly as the chief privacy officer of the
Department of Homeland Security.
O'Connor Kelly, a 34-year-old lawyer who describes herself as
"truly a geek at heart," is best known in privacy-activist
circles as part of the team that Internet advertising firm DoubleClick
hauled in to clean house when the company was being besieged
by complaints about its privacy policies -- or lack thereof.
http://www.wired.com/news/privacy/0,1848,58586,00.html
April 2003
AprilFeds Target Net Auction Scams
Wired News Report
12:27 PM Apr. 30, 2003 PT
Federal and state fraud fighters are cracking down on Internet
auction scams that fleeced thousands of consumers out of money
and merchandise.
The Federal Trade Commission is set to announce that it has
joined with 33 state and local law enforcement agencies to target
auction con artists with 57 actions ranging from criminal prosecutions
to warning letters.
http://www.wired.com/news/business/0,1367,58681,00.html
Frequent Fliers Fear Privacy Loss
By Ryan Singel
02:00 AM Apr. 18, 2003 PT
Frequent fliers might forfeit more than future flights on their
favored carrier if any of the country's beleaguered airlines
go out of business. They could also lose control over their
personal information.
The airline industry has been reeling from business losses related
to the Iraq war, the slowdown in the economy, the Sept. 11 terrorist
attacks and the recent SARS outbreak.
http://www.wired.com/news/privacy/0,1848,58470,00.html
Concern Grows About ID Theft
By Manny Frishberg
02:00 AM Apr. 17, 2003 PT
SEATTLE -- While the words "identity theft" did not
appear on the official agenda, the topic was a popular discussion
theme at a meeting this week of states' attorneys general.
The meeting, which focused on developments in Internet law,
drew an influential list of attendees, including attorneys general,
politicians and federal agency leaders, many of whom used the
forum to harp on the need for more effective protections against
identity theft.
http://www.wired.com/news/business/0,1367,58512,00.html
Voicemail Hackers Phone It In
By Michelle Delio
02:00 AM Apr. 17, 2003 PT
Voicemail passwords are being transformed into all-access backstage
passes that allow malicious hackers to exploit voicemail systems,
racking up huge charges on their unlucky victims' phone bills.
Hackers are exploiting a combination of automated operator services
from AT&T, voicemail services from SBC Communications and
consumers who haven't changed their default voicemail passwords.
http://www.wired.com/news/privacy/0,1848,58517,00.html
Techs Tangle With Privacy Regs
By Michelle Delio
02:00 AM Apr. 15, 2003 PT
April 15 is a national day of angst in the United States. But
for many this year, the government-provoked pain arrived one
day early.
The Health Insurance Portability and Accountability Act, a broad
and complex set of federal privacy rules, went into effect Monday.
HIPAA regulations are intended to give people more control over
how their medical information is used. They affect anyone who
works with or has access to medical information, from huge scientific
research centers and big city hospitals to rural one-physician
practices or any business that offers health insurance to employees.
http://www.wired.com/news/privacy/0,1848,58468,00.html
Internet Fraud Spikes Sharply
12:26 PM Apr. 09, 2003 PT
WASHINGTON -- Fraud on the Internet rose sharply in 2002, with
the FBI reporting more than 48,000 complaints referred to prosecutors
-- triple the number of the year before.
By far the most common complaint was auction fraud, followed
by nondelivery of promised merchandise, credit-card fraud and
fake investments, according to the report Wednesday from Internet
Fraud Complaint Center, run by the FBI and the National White
Collar Crime Center based in Richmond, Virginia.
http://www.wired.com/news/culture/0,1284,58409,00.html
Traveling? Take Big Brother Along
By Michelle Delio | Also by this reporter Page 1 of 1
02:00 AM Apr. 04, 2003 PT
NEW YORK -- It provoked protests from privacy advocates and
high-flying executives. People boycotted and bad-mouthed it.
People from all corners hate the idea of the passenger-profiling
system called Computer Assisted Passenger Pre-Screening II program,
better known as CAPPS II.
http://www.wired.com/news/privacy/0,1848,58344,00.html
File-Trading Hoax Snares Victims
By Katie Dean | Also by this reporter Page 1 of 1
02:00 AM Apr. 03, 2003 PT
An executive who claimed to have developed a file-trading service
that intentionally flouted copyright protection laws revealed
Wednesday that he made the whole thing up for a laugh -- and
to sell a book.
The Honest Thief was announced in February as a new service
from PGR BV, a Dutch Internet services company. Pieter Plass,
founder of PGR BV and president of CBB, a Dutch construction
company, said he cooked up the lie as a joke and publicity stunt.
http://www.wired.com/news/digiwood/0,1412,58319,00.html
March 2003
Congress cracks down on P2P porn
Last modified: March 12, 2003, 5:30 PM PST
By Declan McCullagh
Staff Writer, CNET News.com
The U.S. Congress is targeting peer-to-peer networks again--and
this time politicians aren't fretting over music and software
piracy. Searching for words such as "preteen," "underage"
and "incest" on the Kazaa network resulted in a slew
of images that qualify as child pornography, the General Accounting
Office said in a 37-page report, one of two obtained by CNET
News.com. The second report, prepared by staff from the House
Government Reform Committee, concluded that current blocking
technology has "no, or limited, ability to block access
to pornography via file-sharing programs."
http://news.com.com/2100-1028_3-992371.html?tag=st_rn
Big Brother Is Watching You Shop
08:34 AM Mar. 30, 2003 PT
WASHINGTON -- The U.S. government has discovered a powerful
resource in its war against terrorism -- credit-card records,
hotel bills, grocery lists and other records detailing the private
lives of its citizens.
Government investigators are turning to commercial databases
to track down and isolate possible hijackers and suicide bombers
before they strike, raising fear among privacy advocates that
long-standing protections against government snooping may be
eroded.
http://www.wired.com/news/privacy/0,1848,58285,00.html
Who's Watching the Watch Lists?
By Joanna Glasner
02:00 AM Mar. 25, 2003 PT
SCOTTSDALE, Arizona -- The head of the venture capital firm
formed by the CIA to identify technologies for improving national
security said he opposes government agencies' growing reliance
on watch lists.
Speaking Monday at the PC Forum technology conference in Scottsdale,
Arizona, Gilman Louie, CEO of the CIA-backed In-Q-Tel, said
he believes agencies should not rely merely on automated filtering
tools to identify potential terrorists based on characteristics
like travel patterns or citizenship status. One reason is the
difficulty in removing your name from a list once the information
has been shared with multiple parties.
http://www.wired.com/news/privacy/0,1848,58191,00.html
Who's Winning Privacy Tug of War?
By Michelle Delio
02:00 AM Mar. 17, 2003 PT
WASHINGTON -- If you opt to protect your privacy, you'll regret
it. That's what some businesses apparently would like consumers
to think.
Privacy is set to become even more of a key issue for businesses
and government over the next few months, as some firms fight
to retain what they believe is a key provision of the Fair Credit
Reporting Act, a federal law that restricts who can access credit
information and how it can be used.
http://www.wired.com/news/privacy/0,1848,58064,00.html
'Honest, We're the Good Guys'
By Michelle Delio | Also by this reporter Page 1 of 1
02:00 AM Mar. 14, 2003 PT
WASHINGTON -- American businesses feel a little like a rope
that's being used in a tug of war between privacy and patriotism.
Their customers want the personal information that businesses
collect to be kept private, but the government wants access
to some of that data for use in various homeland security plans.
http://www.wired.com/news/privacy/0,1848,58041,00.html
Porn 'Filter' Uses Peer Pressure
By Joanna Glasner
02:00 AM Mar. 10, 2003 PT
Frustrated with the shortcomings of conventional software designed
to block out pornographic websites, Brandon Cotter is urging
moralistic Web surfers to take matters into their own hands.
http://www.wired.com/news/business/0,1367,57962,00.html
Court Nixes Child Net Porn Law
Associated Press Page 1 of 1
08:54 AM Mar. 07, 2003 PT
PHILADELPHIA -- A federal appeals court has ruled that a law
meant to safeguard children against Internet pornography is
riddled with problems that make it "constitutionally infirm."
A three-judge panel of the 3rd U.S. Circuit Court of Appeals
ruled Thursday that the Child Online Protection Act restricted
free speech by barring website operators from posting information
inappropriate for minors unless they limited the site to adults.
The ruling upheld an injunction blocking the government from
enforcing the law.
http://www.wired.com/news/privacy/0,1848,57956,00.html
The Perils of Online Job Sites
By Kendra Mayfield
02:00 AM Mar. 06, 2003 PT
Online résumé sites are one of the few recession-proof
businesses still thriving on the Internet.
But job seekers who post their résumés online
may be handing their personal data over to marketers and identity
thieves instead of legitimate employers, according to a report
released recently by the Privacy Rights Clearinghouse.
http://www.wired.com/news/privacy/0,1848,57923,00.html
The Perils of Online Job Sites
By Kendra Mayfield
02:00 AM Mar. 06, 2003 PT
Online résumé sites are one of the few recession-proof
businesses still thriving on the Internet.
But job seekers who post their résumés online
may be handing their personal data over to marketers and identity
thieves instead of legitimate employers, according to a report
released recently by the Privacy Rights Clearinghouse.
http://www.wired.com/news/business/0,1367,57923,00.html
Hackers Access University's Database
March 2003
Story Highlights: "Computer hackers have obtained the names
and Social Security numbers of about 59,000 current and former
students, faculty members and staff at the University of Texas
at Austin in one of the largest cases of potential identity
theft ever reported..." "Authorities do not know whether
the information has been put to illegal uses such as obtaining
credit cards or withdrawing money from financial accounts..."
More on this story at:
http://www.newsfactor.com/perl/story/20930.html
Make the Desktop a More Secure Place
March 2003
Story Highlights: "The hardware firewall that stands between
the enterprise and the savaging hordes on the Internet fulfills
an obvious need. But companies need internal firewalls, both
to protect against the accidentally induced virus or worm and
against the depredations of rogue or disgruntled employees..."
"Although it's possible and in some cases desirable to
install hardware firewalls between parts of a large enterprise,
placing personal-firewall software on employee workstations
is a great alternative solution that's easy to implement..."
More on this story at:
http://www.newsfactor.com/perl/story/20931.html
Two Suspects Arrested in Web Bank Theft
March 2003
Story Highlights: "Two men were arrested for allegedly
hacking into bank accounts through the Internet and stealing
$136,000..." "Police suspect 35-year-old Ko Hakata,
a former computer software developer who is now unemployed,
and Goro Nakahashi, a 27-year-old businessman, robbed the unidentified
bank's accounts from a computer at a Tokyo cafe September 18..."
More on this story at:
http://www.cnn.com/2003/TECH/internet/03/06/internet.theft.ap/index.html
Nigerian Scam Continues To Thrive
March 2003
Story Highlights: "Two new flavors of the age-old Nigerian
e-mail scam are making the rounds, and at least one of them
appears to be gaining traction..." "Hundreds of victims
have recently fallen for a variation that plays upon people's
misunderstanding about how bank cashier's checks work..."
More on this story at:
http://www.msnbc.com/news/881169.asp?0cv=TA01
February 2003
Credit Card Cos. Watch Own Backs
By Michelle Delio
02:00 AM Feb. 27, 2003 PT
The credit card industry focuses too much on reducing its own
fraud costs and not enough on protecting consumers.
That's the central claim in a new report from research firm
Gartner that slams credit card companies for failing to notify
consumers when credit card records are compromised by malicious
hackers.
http://www.wired.com/news/privacy/0,1848,57823,00.html
Chipping Away at Workers' Privacy
By Joanna Glasner
02:00 AM Feb. 26, 2003 PT
At a casino in Atlantic City, an infrared sensor system keeps
a computer log that tracks each time an employee fails to wash
up after using the bathroom.
At a state college in Massachusetts, a secretary learns that
a camera installed to deter after-hours intruders has in fact
captured her changing clothes in her own office during the day.
http://www.wired.com/news/privacy/0,1848,57774,00.html
State Law Blocks Out Kiddie Porn
By Michelle Delio
02:00 AM Feb. 26, 2003 PT
A law that blocks Pennsylvania Internet users from logging on
to child-pornography sites has sparked a debate over whether
the strategy is a viable method for dealing with the Internet's
darkest side.
Proponents of the law believe that shutting off access will
eliminate the demand for such material, thereby putting website
operators out of business.
http://www.wired.com/news/technology/0,1282,57804,00.html
Suit Over Gator's Pop-Up Ads Settled
NEW YORK, Feb. 8, 2003
(Photo: AP)
(CBS) The nation's largest news publishers have settled a dispute
over an Internet advertising practice in which unauthorized,
third-party ads pop up on nytimes.com and other news sites.
Terence Ross, the lead attorney for the publishers, on Friday
declined to release terms of the settlement reached this week.
The parent companies of The New York Times, USA Today, The Wall
Street Journal and The Washington Post and the digital arms
of Knight Ridder and Conde Nast were among news outlets that
sued Gator Corp. in June over its pop-up ads.
http://www.cbsnews.com/stories/2003/02/08/tech/main539931.shtml
Lawsuit over pop-up ads settled
Friday, February 7, 2003 Posted: 3:34 PM EST (2034 GMT)
NEW YORK (AP) -- The nation's largest news publishers have settled
a dispute over an Internet advertising practice in which unauthorized,
third-party ads pop up on nytimes.com and other news sites.
Terence Ross, the lead attorney for the publishers, on Friday
declined to release terms of the settlement reached this week.
The parent companies of The New York Times, USA Today, The Wall
Street Journal and The Washington Post and the digital arms
of Knight Ridder and Conde Nast were among news outlets that
sued Gator Corp. in June over its pop-up ads.
U.S. District Judge Claude Hilton in Alexandria, Virginia, had
granted a preliminary injunction ordering Gator to stop delivering
pop-up ads at the sites run by those companies. Trial was to
begin last month.
http://www.cnn.com/2003/TECH/internet/02/07/ad.tussle.ap/
8 Million Credit Accounts Exposed
FBI to Investigate Hacking of Database
Feb 2003
A hacker broke into a computer database containing roughly 8
million Visa, MasterCard and American Express credit card numbers
earlier this month, prompting an FBI investigation into one
of the largest intrusions of its kind.
All three card companies said that the potentially compromised
numbers are being closely monitored, and that so far there is
no evidence that any have been used for fraudulent purchases.
The big three card issuers said the intruder cracked the computer
security of a firm that processes credit card transactions for
merchants, but they declined to name the company or provide
any other details.
But consumer fraud experts criticized the firms for not automatically
informing all consumers that their accounts might have been
compromised. Although credit card issuers generally do a good
job of protecting against fraudulent purchases, the experts
said, such security breaches can lead to a larger problem of
identity theft that might not be apparent until months later.
http://www.washingtonpost.com/wp-dyn/articles/
Man Convicted of Hacking Into Bloomberg L.P.
By Patricia Hurtado
STAFF WRITER
February 27, 2003
A computer technician from Kazakhstan was convicted yesterday
of hacking into Bloomberg L.P.'s computer system and attempting
a cyber-shakedown of then-CEO Michael Bloomberg by demanding
a $200,000 payoff. After deliberating for less than six hours,
the jury in U.S. District Court in Manhattan found Oleg Zezev,
29, guilty of all four charges: conspiracy, attempted extortion,
sending threatening electronic messages and computer intrusion.
http://www.nynewsday.com/news/local/manhattan/
ACLU Admits Another Privacy Gaffe
Names, E-Mail Addresses of Hundreds Sent Over Internet
Feb 2003
Protecting personal information on the digital frontier remains
a tough task, even for the most ardent privacy activists.
That's the lesson the American Civil Liberties Union learned
this week after sending out an e-mail newsletter that inadvertently
contained the names and e-mail addresses of the hundreds of
groups and individuals who received it. The gaffe, on Monday
afternoon, came just weeks after the group was chided by New
York State Attorney General Eliot L. Spitzer for exposing the
names, phone numbers and other details of about 91 people who
bought merchandise in 2001 from an ACLU site online. The group
apologized, paid a $10,000 fine and agreed to implement changes
to prevent similar mishaps.
ACLU spokeswoman Emily Whitfield said that Monday's e-mail was
sent out to nearly 900 people whose names were gathered over
the telephone and on the Web. When ACLU officials realized the
mistake, they sent out a recall letter that repeated the error.
Whitfield said the information did not come from membership
rolls.
http://www.washingtonpost.com/wp-dyn/articles/
Antispam Tools Multiplying Like Spam
By John Fontana
February 24, 2003
As spam continues to roll over corporate networks in ever-larger
quantities, the cavalry of vendors offering defenses continues
to grow as well. No fewer than five vendors are shipping or
are about to release new products designed to keep spam from
polluting corporate e-mail systems...
See the Full Story:
http://www.newsfactor.com/perl/story/20832.html
CNN: Hacker Accesses 2.2 Million Credit Cards
From Fred Katayama
Tuesday, February 18, 2003
Story Highlights: "A hacker has gained access to as many
as 2.2 million Visa and MasterCard accounts..." "The
hacker breached the security system of a company that processes
credit card transactions on behalf of merchants..."
More on this story at:
http://www.cnn.com/2003/TECH/02/17/
PCWorld: Possible Password Flaw Found in Windows XP
Ryan B. Patrick, ITWorldCanada.com
Tuesday, February 18, 2003
Story Highlights: "A security flaw recently revealed in
Microsoft's Windows XP could enable unauthorized users to access
password-protected PCs..."
"Using the Windows 2000 CD, anonymous users can apparently
boot up a computer with the Windows XP OS and call up the troubleshooting
program Windows 2000 Recovery Console..."
More on this story at:
http://www.pcworld.com/news/article/
Fairfax I.T.: Viruses and Hoaxes
By George Skarbek
February 11 2003
Story Highlights: "Have you received an email about an
impending virus from someone that you know, similar to the one
below?..." "The virus (called jdbgmgr.exe) is not
detected by Norton or McAfee antivirus systems. It sits quietly
for 14 days before damaging the system. It is sent automatically
by messenger and the address book, whether or not you send emails
to your contacts. Here's how to check for the virus and get
rid of it..."
More on this story at:
http://www.smh.com.au/articles/2003/02/
CNN: Famous Hacker Kevin Mitnick Gets Hacked
Tuesday, February 11, 2003
Story Highlights: "The world's best-known computer hacker
suffered the indignity of having someone break into his new
security consulting company's Web site..."
"But Kevin Mitnick shrugged it off as 'quite amusing,'
not serious enough for him to call the FBI..."
More on this story at:
http://www.cnn.com/2003/TECH/internet/02/11/
CNN: FBI Seeks Hacker of eBay Users' Info
Friday, February 7, 2003
Story Highlights: "Users of the Internet auction site complained
to the FBI they received fraudulent e-mails during the past
week that appeared to come from eBay..."
"The e-mails told recipients their accounts were suspended
until they verified some personal information -- including their
credit card number and mother's maiden name..."
More on this story at:
http://www.cnn.com/2003/TECH/internet/
Suit Over Gator's Pop-Up Ads Settled
NEW YORK, Feb. 8, 2003
(AP)
(CBS) The nation's largest news publishers have settled
a dispute over an Internet advertising practice in which unauthorized,
third-party ads pop up on nytimes.com and other news sites.
Terence Ross, the lead attorney for the publishers, on Friday
declined to release terms of the settlement reached this week.
The parent companies of The New York Times, USA Today, The Wall
Street Journal and The Washington Post and the digital arms
of Knight Ridder and Conde Nast were among news outlets that
sued Gator Corp. in June over its pop-up ads.
Gator, which claims 30 million active users and 500 advertisers,
has contended its pop-up windows are no different than what
happens when a user runs instant messaging, e-mail or other
programs in separate windows while surfing a Web site.
Gator still faces lawsuits from United Parcel Service, which
said unauthorized pop-ups have included ads for rival FedEx
Corp., and from Six Continents Hotels, which operates Holiday
Inn and Crowne Plaza and complains that Gator directed visitors
to deals from Marriott and other competitors.
http://www.cbsnews.com/stories/2003/02/08/tech/main539931.shtml
Xupiter Mongers Deal Spam, Scams
By Michelle Delio
02:00 AM Feb. 05, 2003 PT
What could the most evil thing on the Internet and the Dalai
Lama possibly have in common?
The Xupiter toolbar that is plaguing so many Internet users
is the work of the father and son team of Saeid and Daniel Yomtobian.
Both men are experienced in devising innovative ways to use
the Internet to force their businesses down people's throats.
According to domain-name registration records, Xupiter.com is
owned by a Hungarian company, but sources say that Xupiter's
real owners are the Yomtobians, who reside in Sherman Oaks,
California.
The Yomtobians are well-known spammers who have been accused
of hijacking other peoples' mail servers to pump out solicitations
for porn sites.
The pair is also skilled in setting up stealth websites and
has spent much time in court for deliberately constructing URLs
in a way that encourages people to arrive at one of their websites
accidentally.
Users typically stumble on this scam when they enter a URL that's
slightly incorrect and are whisked off to a gambling or sexually
explicit site rather than the well-known domain they had intended
to visit.
http://www.wired.com/news/infostructure/0,1377,57553,00.html
January 2003
Sneaky Toolbar Hijacks Browsers
By Michelle Delio | Also by this reporter Page 1 of 1
02:00 AM Jan. 30, 2003 PT
It's the most evil thing on the Internet, according to some
of its victims. But it's not a virus, a scam or a raunchy porn
site.
It's a browser toolbar that some swear is doing "drive-by
downloads" -- installing itself without users' permission
-- then taking over their systems and making it impossible to
uninstall.
http://www.wired.com/news/privacy/0,1848,57467,00.html
9-Digit 'Social' Overused as ID
By Joanna Glasner | Also by this reporter Page 1 of 1
02:00 AM Jan. 29, 2003 PT
The Social Security number has come a long way in the nearly
70 years since its inception as an identifier for a government
retirement program. These days, Social Security participants
may be called upon to display the nine-digit numbers for tasks
as routine as punching a timecard, checking out library books,
looking up a test score or eating at the company cafeteria.
Faced with growing pressure from constituents concerned about
the risks of identity theft, lawmakers are contemplating ways
to curtail use of Social Security numbers for purposes other
than taxpayer identification.
http://www.wired.com/news/privacy/0,1848,57395,00.html
Help Wanted: Steal This Database
By Brian McWilliams | Also by this reporter Page 1 of 1
02:00 AM Jan. 06, 2003 PT
Hack-proofing a website is hard enough. But the task becomes
gargantuan when you accidentally publish the administrator's
password on one of your site's most heavily trafficked pages.
Such a security gaffe may have enabled unauthorized visitors
to log in and gain access to files undetected for more than
six months on a server operated by Carmichael Lynch, a public
relations and advertising firm with several big-name clients.
The admin password was inadvertently published on a page that
contained online job postings.
http://www.wired.com/news/infostructure/0,1377,57066,00.html
Hotels.com Sued by Affiliate for Gator Ads
.Advertising January 28, 2003 Hotels.com Sued by Affiliate for
Gator Ads By Brian
Morrissey MetroGuide.com, an operator of travel-related Web
sites, slapped its ...
www.internetnews.com/IAR/article.php/10789_1575901
Internet Worm Unearths New Holes
Attack Reveals Flaws in How Critical Systems Are Connected
Internet Worm Unearths New Holes (TechNews.com)
Jan 2003
The computer bug that ravaged systems throughout the world over
the weekend showed how the increasing use of the Internet by
businesses, banks and local governments has created vulnerabilities
where few ever suspected them.
In just a few hours, the "Sapphire" worm, consisting
of a minute bit of software code, shut down some Bank of America
Corp. ATMs, fouled Continental Airlines' online ticketing system
and essentially blacked out an emergency call center in Seattle,
where computers slowed to a crawl. At the same time, it cut
off access to the Internet for millions of personal computer
users, including most of those in South Korea.
The worm, also known as "Slammer," spread quickly
after it was introduced onto the Internet. Using a well-known
flaw in a Microsoft Corp. database program, the worm overwhelmed
computers with data. Many other systems quickly suffered ancillary
effects as packets of information seeking ways around the vulnerable
machines backed up in the ensuing congestion. Specialists described
the impact as a sort of global traffic jam, like the ones that
occur on Washington area highways when main arteries are shut
down.
The attack also highlights growing weaknesses in the Internet
Age's social compact: While everyone must share what is in effect
a free medium, many companies still do not take the time or
spend the money to apply "security patches" to widely
publicized vulnerabilities, even though their computers might
be used to mount or propel attacks.
It's still too early to say how Sapphire was launched and who
was responsible. The FBI is investigating. But the very design
of the Internet, with a decentralized structure that ties together
telephone wires and cable lines around the world, will hamper
that probe. So will the extraordinary efficiency of the self-replicating
worm, which specialists said sought out gaps in security at
lightning speed.
In the past, viruses, worms and their kin targeted specific
Web sites or e-mail programs. But this new attack was different
because it hobbled systems that were not supposed to be affected.
About 13,000 Bank of America cash machines had to be shut down.
The bank's ATMs sent encrypted information through the Internet,
and when the data slowed to a crawl, it stymied transactions,
according to a source, who said customer financial information
was never in danger of being stolen.
http://www.washingtonpost.com/wp-dyn/articles/
Sneaky Toolbar Hijacks Browsers
By Michelle Delio
02:00 AM Jan. 30, 2003 PT
It's the most evil thing on the Internet, according to some
of its victims. But it's not a virus, a scam or a raunchy porn
site.
It's a browser toolbar that some swear is doing "drive-by
downloads" -- installing itself without users' permission
-- then taking over their systems and making it impossible to
uninstall.
Xupiter is an Internet Explorer toolbar program. Once active
in a system, it periodically changes users' designated homepages
to xupiter.com, redirects all searches to Xupiter's site, and
blocks any attempts to restore the original browser settings.
The program attempts to download updates each time an affected
computer boots up, and has been blamed for causing system crashes.
Several versions of Xupiter also appear to download other programs,
such as gambling games, which later appear in pop-up windows.
Some said that Xupiter has taken over their browsers.
http://www.wired.com/news/infostructure/0,1377,57467,00.html
Search engines get "Gatored"
By Stefanie Olsen
Staff Writer, CNET News.com
January 14, 2003, 11:54 AM PT
The Gator online advertising network is testing a new paid search
product that lets rivals poach on each other's territory in
one of the Net's hottest new marketing venues.
Search Scout, launched in December, triggers a pop-under window
when Gator members search on a site such as Google and Yahoo.
The window lists search results tied to keywords purchased through
competing search services.
A small "info" tag on the results says they originate
from "top search engines." During the test phase,
Gator is using results from paid search kingpin Overture Services,
Terra Lycos and FindWhat.com.
Like previous products from Gator, Search Scout allows advertisers
to reach members of the Gator network when they are visiting
competitors' sites--a feature that has already drawn lawsuits
in the context of banner and pop-up advertising.
http://news.com.com/2100-1023-980572.html
Identity Theft Spurs Congress, States to Action
By Don Oldenburg
Washington Post Staff Writer
Tuesday, January 28, 2003; Page C10
The Federal Trade Commission reported last week that complaints
about identity theft nearly doubled in 2002, topping its consumer
frauds list for the third consecutive year. And the District
now leads the nation in those complaints per capita.
But if the huge response from readers to the prevention checklist
in the Jan. 7 column ("Identity Theft: It Pays to Be Diligent")
is an indication, the findings won't surprise consumers. They
say they're fed up with the lack of protections on their private
information.
Joe Manes wanted to know why the D.C. Department of Motor Vehicles
uses Social Security numbers as driver's license numbers when
we're supposed to keep our SSNs close to the vest?
"The commercial use of the SSN is pervasive in our lives,"
says the Capitol Hill resident. A Virginia reader pointed out
that several of her IDs use her SSN, including her driver's
license and Medicare card. She wonders why.
Advocating for protections against identity theft nationwide,
Sens. Dianne Feinstein (D-Calif.) and Judd Gregg (R-N.H.) yesterday
introduced the Social Security Number Misuse Prevention Act,
which, if passed into law, would restrict public access to SSNs
-- removing them from government checks, marriage licenses,
public records and many other legal documents that currently
use them for identification.
California is trying for a solution to this. A law went into
effect on Jan. 1 giving Californians the right to pay to lock
down their credit reports at the three major bureaus -- Experian,
Equifax and Trans Union. When legitimate access is needed, consumers
can unlock their reports for a specific period and control who
has access.
"If you have been a victim of identity theft, you can freeze
your credit report without charge," explains California
state Sen. Debra Bowen, who introduced the legislation. "If
you haven't filed a police report as a victim, you can still
freeze it but the bureaus are allowed to charge a reasonable
fee" -- depending on the bureau, from $12 per freeze to
$59 to cover a year.
Another provision makes it illegal for businesses to display
SSNs, print them on identification cards or on material mailed
to customers. In December, Bowen introduced legislation to extend
that to public agencies, including colleges.
"The irony is that the Social Security card says right
on it 'not for identification purposes,' " says Bowen.
"If we want to put a stop to identity theft, we need to
quit making it so easy for criminals."
http://www.washingtonpost.com/wp-dyn/articles/
Fairfax I.T.: The Slammer Worm: A Sysadmin's View
By David Heath
January 31 2003
Story Highlights: "It is somewhat intriguing that Microsoft
blithely casts the blame for the Slammer worm on all those sysadmins
who have neglected to apply the latest patches to their SQLServer
systems..."
"But there are a number of things which have been ignored.
Firstly, Microsoft has never offered a specific patch for the
exploit used by this worm..."
More on this story at:
http://www.smh.com.au/articles/
'Slammer' Worm Cripples Internet
By James Maguire
NewsFactor Network
January 27, 2003
Story Highlights: "In what security experts are calling
the worst attack since Code Red, a worm that exploits a vulnerability
in Microsoft's SQL Server database software spread rapidly across
the Internet over the
weekend..."
"Most experts considered the attack thwarted by Sunday
night, though concerns persist about further attacks on Monday.
The worm, known as SQL Slammer, replicates through networked
computers and aggressively scans
the Internet for vulnerable servers..."
More on this story at:
http://www.newsfactor.com/perl/story/20574.html
PCWorld: Virus Forecast for 2003
Dan Verton, Computerworld
Monday, January 27, 2003
Story Highlights: "He's been a virus writer for seven years.
He goes by the handle Melhacker and may have been responsible
for the recent outbreak of the Bugbear worm, the second most
prevalent worm on the Internet last year..."
"He recently claimed to be working on a new virus, Scezda,
that represents a new type of threat. Scezda, as Melhacker described
it, would fall into an emerging category of megaworms that combine
features
from some of this year's most prolific worms and viruses, including
Sircam, Klez and Nimda..."
More on this story at:
http://www.pcworld.com/news/article/0,aid,108961,00.asp
NewsFactor: U.S.: Identity Theft Complaints Skyrocket
By Lisa Gill
www.EcommerceTimes.com,
January 23, 2003
Story Highlights: "Instances of identity theft nearly doubled
in 2002, topping the U.S. Federal Trade Commission's list of
consumer complaints and accounting for 43 percent of the agency's
fraud reports..."
"In fact, identity theft ranked as the number one complaint
for the third year in a row, with 161,819 reported instances
in 2002. Although consumers often fear the Internet will be
used as a tool in identity theft, such a scenario is often the
least likely one..."
More on this story at:
http://www.newsfactor.com/perl/story/20553.html
Cnet: ACLU: You're being watched
By Lisa M. Bowman
Staff Writer, CNET News.com
January 16, 2003, 9:38 AM PT
Story Highlights: "In its new study, "Bigger Monster,
Weaker Chains: The Growth of an American Surveillance Society,"
the American Civil Liberties Union (ACLU) blames the unchecked
use of technological tracking features for an increase in surveillance
by both the government and the private sector..."
"The organization cites several trends that are leading
to an advanced "surveillance society," including video
surveillance, the capturing and marketing of personally identifying
data, new data-gathering technologies that take advantage of
cell phones and other devices, and stepped-up government efforts
to maintain databases containing
information about citizens..."
More on this story at:
http://news.com.com/2100-1023-980964.html?tag=fd_top
MacCenteral: Kerio MailServer 5.5 for Mac OS X filters
viruses
by Peter Cohen
Jan 2003
Story Highlights: "Kerio Technologies Inc. has introduced
Kerio MailServer 5.5 for Mac OS X. The secure corporate messaging
server now features integration with McAfee's Anti-Virus Engine..."
Kerio MailServer offers POP3, IMAP, WebMail and WAP access to
e-mail services. Beside anti-viral protection, the software
also offers secure access capabilities and spam blocking."
More on this story at:
http://maccentral.macworld.com/news/0301/16.kerio.php
Internet.com: Spammer Exposes Customer Data
By Beth Cox
Jan 2003
Story Highlights: "A notorious spammer who pitches pirated
software from Symantec's Norton product line over the Internet
has left vast amounts of customer data exposed for the world
to see..."
"The exposed data includes what item was purchased, customer
names, street addresses, phone numbers and e-mail addresses,
but apparently not credit card numbers..."
More on this story at:
http://www.internetnews.com/IAR/article.php/1569901
NewsFactor: Does ActiveX Deserve Its Bad Rep?
By Joe "Zonker" Brockmeier
NewsFactor Network
January 7, 2003
Story Highlights: "Although the words 'Microsoft' and 'security'
are not exactly synonymous, some security experts say ActiveX
does not deserve its bad reputation..."
"On the other hand, David Perry, global director of education
at Trend Micro , said some ActiveX controls fall into a 'grey
area' between malware and normal software..."
More on this story at:
http://www.newsfactor.com/perl/story/20390.html
The Register: California Disclosure Law Has National
Reach
By Kevin Poulsen, SecurityFocus Online
Jan 2003
Story Highlights: " A new California law requiring companies
to notify their customers of computer security breaches applies
to any online business that counts Californians as customers,
even if the company
isn't based in the Golden State..."
"So warned Scott Pink, deputy chair of the American Bar
Association's Cybersecurity Task Force..."
More on this story at:
http://www.theregister.co.uk/content/55/28760.html
NewsFactor: PC Spies at the Gate
By Lisa Gill
NewsFactor Network
January 2, 2003
Story Highlights: "Use of software that monitors Internet
activity without a user's knowledge -- termed 'spyware' -- is
on the rise..."
"Monitoring groups, such as SpywareInfo, Counterexploitation
and Spy Check, condemn the practice, naming Adware, Alexa, Aureate,
Cydoor, DSSAgent, EverAd, OnFlow, Gator and Webhancer among
the guilty parties..."
More on this story at:
http://www.newsfactor.com/perl/story/20361.html
ABCNews: Home PC Users Faced Spam, Scams, Viruses and
Software Holes
Jan 2003
Story Highlights: "The virus outbreaks of 2002 were less
dramatic than the Code Red and Nimda scares of 2001..."
"But this year's trends are very clear: The new target
is the home user..."
More on this story at:
http://abcnews.go.com/sections/
NewsFactor: New Year Brings New Computer Worm Threat
By Keith Regan
NewsFactor Network
January 2, 2003
Story Highlights: "The first malware of 2003, a variant
of the Yaha worm, is being termed a moderate threat as thousands
of suspected infections are reported around the world..."
"The worm, which can disable a computer's existing security
measures, such as antivirus programs, affects computers running
most versions of Microsoft Windows..."
More on this story at:
http://www.newsfactor.com/perl/story/20350.html
Online Privacy Is Dead - What Now?
Jan 2003
Story Highlights: "The bad news is no secret, but it bears
repeating: If
you have bought anything online in the past several years, your
personal
information, including your home address and credit card number,
is
probably accessible via the Internet -- and available to people
with
less-than-noble intentions..."
More on this story at:
http://www.newsfactor.com/perl/story/20346.html
18 New Privacy Laws Protect California Consumers' Sensitive
Data
Eighteen new privacy laws took effect on January 1, 2003, giving
California consumers, particularly victims of identity theft,
more tools to protect their personal and financial information.
The most important of the new regulations makes it illegal to
possess another person's Social Security number, credit card
number or other personal information with the intent to defraud.
Until now, it had been a crime in California only if such information
was used fraudulently. "Sometimes people were stealing
huge numbers of identities but they weren't actually doing anything
with it, and police didn't have any crime to charge them with,"
said state Sen. Dede Alpert (D-San Diego), who introduced the
bill. "We hope this will be a good piece of legislation
that will help consumers in the long run."
Another new law allows identity-theft victims to freeze their
credit reports for free, essentially blocking anyone from running
a credit check on them. The freeze can be thawed temporarily
if the consumer wants to get credit for a particular purchase.
The goal is to give victims time to clear up their credit histories.
Lawmakers say the new privacy legislation is some of the nation's
strongest and that it further fine-tunes a set of laws California
began enacting in 1998, when it made identity theft a specific
crime. But privacy advocates say more is needed, in particular
from businesses, to combat identity theft. "Part of what
we need to see changed is the attitude of the business community
toward identity theft," said Linda Foley, executive director
of the Identity Theft Resource Center and a victim of identity
theft. "This crime begins in the business community, and
this crime is not going to get under control until we have their
cooperation."
Source:
"New State Laws Battle ID Theft," Lisa Munoz, The
Orange County
Register, 1/01/03.
Judge Rejects Verizon Request to Suspend WA Telephone
Rules
On January 1, 2003, Washington became the first state to restrict
telephone companies from using their customers' calling information
to sell goods and services. However, a federal lawsuit brought
by Verizon
against state regulators could suspend the rules later in January.
On December 20, 2002, U.S. District Judge Barbara Rothstein
declined to suspend the rules until state attorneys could question
one of Verizon's witnesses who said that the privacy rules would
damage the company. The company hopes Rothstein will order an
injunction against the rules. Verizon also has petitioned the
FCC to stop Washington and other states from adopting their
own customer privacy regulations. Washington regulators have
repeatedly said that telecommunication companies do not need
to gather intimate details about customer-calling patterns to
provide good service. The rules adopted by the state Utilities
and Transportation Commission make a distinction between normal
and more intimate types of customer information, while maintaining
that customers retain ownership over all their data. For example,
listing data, a customer's name, telephone number and address
are not considered intimate information. So companies may use
and share this information unless customers order them not to.
But data known as "call detail," which is to whom,
where or when calls are made, are intimate and require companies
to get approval of customers to use or share the information
with affiliated companies. Verizon contends the new rules restrict
the corporation's free-speech rights. The company says it has
the right to use information it gathers about when, where and
how often customers call in order to offer consumers appropriate
goods and services.
Source:
"Privacy Rules May Go on Hold: Tighter Regulations on Phone
Customer
Data Could be Delayed by Verizon Suit," Candace Heckman,
Seattle
Post-Intelligencer, 12/30/02.
http://seattlepi.nwsource.com/local/102010_privacy30.shtml
Toys 'R' Us Settlement Includes Committee to Review
Privacy Policies
Toys 'R' Us settled a lawsuit with customers who accused the
biggest U.S. toy retailer of violating the privacy of visitors
to its Web site by disclosing consumer data to an outside marketing
company. The company will pay up to $900,000 in legal fees to
settle the suit and agreed to appoint a committee to review
its privacy policies as part of the settlement. The class-action
suit had sought hundreds of millions of dollars on behalf of
visitors to the retailer's Web site. As a part of the settlement,
Toys 'R' Us will ask CoreMetrics Inc. to destroy data the outside
Web site usage-tracking company held. CoreMetrics also agreed
to institute policies to protect data collected online and pay
up to $400,000 in legal fees. "We are pleased with this
outcome because it clearly supports our business practices surrounding
the protection of online consumer privacy," CoreMetrics
Chief Executive Scott Kauffman said. CoreMetrics and Toys 'R'
Us did not admit any wrongdoing as part of the settlement. A
hearing to address final court approval of the settlement agreement
will be held on February 21, 2003. Customers filed lawsuits
against the companies in the summer of 2000. The class of plaintiffs
included visitors to the Toys 'R' Us Web site from June 1, 1998
to August 6, 2000.
Sources:
"Agreement Reached in Class Action Litigation," PRNewswire,
1/02/03.
http://www.prnewswire.com/news
"Toys 'R' Us Settles Privacy Suit with Internet Customers,"
Bloomberg,
1/04/03.
Teen Marketing Group Settles with NY AG over Deceptive
Data
Collection
Student Marketing Group Inc. and the Educational Research Center
of America settled a deceptive-trade-practices lawsuit filed
by the New York state attorney general (AG) Eliot Spitzer. Spitzer
filed the suit in August 2002, charging that the firms used
deceptive practices in the collection of student information.
The complaint said that list brokerage Student Marketing Group,
which specializes in data for the child and young-adult markets,
deceived students into divulging their personal information
through its non-profit organization, the Educational Research
Center of America. The research organization has mailed surveys
funded by the company to teachers yearly since 1999. Accompanying
the surveys were cover letters explaining that data collected
would be used "by universities and colleges nationally
in their ongoing efforts to communicate and keep in touch with
the interests and trends among today's high school students"
and by financial aid and student scholarship agencies "to
evaluate and make funding available for students' post-secondary
education," according to Spitzer's office. However, the
data were sold and used to market items including magazines,
music videos, credit cards, clothes, cosmetics and student loans,
a use not mentioned in the cover letter, the AG's office charged.
While the list brokerage and non-profit settled to avoid litigation,
neither admitted to any wrongdoing or violation of law. They
did agree to ensure that future efforts to collect personally
identifiable information include specific disclosures that the
information may be used for non-educational marketing purposes.
Though the AG's office previously said it would seek fines in
the case, none were collected, according to Student Marketing
Group.
Source:
"Student Marketing Group Settles With New York AG,"
Kristen Bremner,
DMNews, 1/08/03.
http://www.dmnews.com/cgi-bin/artprevbot.cgi?article_id=22645
Additional Information & Links
Identity Theft Reference Library at:
http://www.hoffman.bizland.com/idtheft.htm
This site is dedicated to news stories directly related to Idenity
Theft
Two Additional Resources for uptoday information
http://www.privacyexchange.org
http://www.privacy.org
http://www.crime-research.org/eng/
January - December 2003
January - December 2002
January - December 2001
January - December 2000
January 1999 & Eariler
|
